{"id": "ORACLELINUX_ELSA-2020-1372.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 8 : kernel (ELSA-2020-1372)", "description": "From Red Hat Security Advisory 2020:1372 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: powerpc: local user can read vector registers of other\nusers", "published": "2020-04-10T00:00:00", "modified": "2020-04-10T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/135378", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://oss.oracle.com/pipermail/el-errata/2020-April/009788.html"], "cvelist": ["CVE-2019-19527", "CVE-2019-15030", "CVE-2019-15031", "CVE-2019-18660"], "type": "nessus", "lastseen": "2020-04-16T17:32:19", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug-core", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-modules-extra", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python3-perf", "p-cpe:/a:oracle:linux:bpftool", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-core", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-modules", "p-cpe:/a:oracle:linux:kernel-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-debug-modules", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-cross-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel"], "cvelist": ["CVE-2019-19527", "CVE-2019-15030", "CVE-2019-15031", "CVE-2019-18660"], "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss3": {"score": 6.8, "vector": "AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "description": "From Red Hat Security Advisory 2020:1372 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: powerpc: local user can read vector registers of other\nusers", "edition": 1, "enchantments": {"dependencies": {"modified": "2020-04-12T17:31:29", "references": [{"idList": ["CESA-2020:1016"], "type": "centos"}, {"idList": ["USN-4227-1", "USN-4228-1", "USN-4135-2", "USN-4225-2", "USN-4135-1", "USN-4227-2", "USN-4228-2", "USN-4226-1", "USN-4225-1"], "type": "ubuntu"}, {"idList": ["DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2114-1:93D37"], "type": "debian"}, {"idList": ["CVE-2019-19527", "CVE-2019-15030", "CVE-2019-15031", "CVE-2019-18660"], "type": "cve"}, {"idList": ["SMNTC-110996"], "type": "symantec"}, {"idList": ["CFOUNDRY:DF07D4C717AC736D9D7D72B02A5FA2CB", "CFOUNDRY:7D6795462AFD47DE31FD5B40467B68C4"], "type": "cloudfoundry"}, {"idList": ["UBUNTU_USN-4228-1.NASL", "EULEROS_SA-2019-2081.NASL", "SLACKWARE_SSA_2020-008-01.NASL", "REDHAT-RHSA-2020-0740.NASL", "SUSE_SU-2019-3379-1.NASL", "FEDORA_2019-124A241044.NASL", "FEDORA_2019-B86A7BDBA0.NASL", "REDHAT-RHSA-2020-1378.NASL", "EULEROS_SA-2019-2309.NASL", "UBUNTU_USN-4135-1.NASL"], "type": "nessus"}, {"idList": ["OPENSUSE-SU-2019:2675-1", "OPENSUSE-SU-2020:0336-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2173-1"], "type": "suse"}, {"idList": ["RHSA-2020:0174", "RHSA-2020:1016", "RHSA-2020:0740", "RHSA-2020:1475", "RHSA-2020:1378"], "type": "redhat"}, {"idList": ["ELSA-2020-1372", "ELSA-2020-1016"], "type": "oraclelinux"}, {"idList": ["SSA-2020-008-01"], "type": "slackware"}, {"idList": ["OPENVAS:1361412562310852705", "OPENVAS:1361412562310852855", "OPENVAS:1361412562310844298", "OPENVAS:1361412562310844281", "OPENVAS:1361412562310844284", "OPENVAS:1361412562311220192309", "OPENVAS:1361412562310844282", "OPENVAS:1361412562310844182", "OPENVAS:1361412562311220201197", "OPENVAS:1361412562311220192081"], "type": "openvas"}], "rev": 2}, "score": {"modified": "2020-04-12T17:31:29", "rev": 2, "value": 6.5, "vector": "NONE"}}, "hash": "878063066dda0540137e2ed8cecfa1a3c96f77fdbb3b90dc29e0ba461bbbb8eb", "hashmap": [{"hash": "048a4546a7d8f9eb20925e842d7f60bb", "key": "href"}, {"hash": "6eeb1108d5965bb8ca13dcc83eda0da0", "key": "cvss3"}, {"hash": "60acf4751963420390fc8f2cf2f3705f", "key": "pluginID"}, {"hash": "b4a91cf79d82882b23ed84cfb8664129", "key": "references"}, {"hash": "a6e7d96d20bebf3117873596b6c04435", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "4c2881d9755e40713746522bcbda8ed7", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "271e7c282f5432b0261f33c8b5da8527", "key": "published"}, {"hash": "dd2d6c2d1f82de46231d07e6fb47c097", "key": "reporter"}, {"hash": "1ade8a9fbbdd05f6143183c1ae55c4e4", "key": "title"}, {"hash": "f5c4badcbcfe466760445dc7a5c273bc", "key": "cpe"}, {"hash": "271e7c282f5432b0261f33c8b5da8527", "key": "modified"}, {"hash": "e684940a0d09b1ab125b1a35a1dd8ffe", "key": "sourceData"}, {"hash": "f74481c4d3fb2a622ac8c8a438ded811", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/135378", "id": "ORACLELINUX_ELSA-2020-1372.NASL", "lastseen": "2020-04-12T17:31:29", "modified": "2020-04-10T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "135378", "published": "2020-04-10T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2020-April/009788.html"], "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1372 and \n# Oracle Linux Security Advisory ELSA-2020-1372 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135378);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/10\");\n\n script_cve_id(\"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-18660\", \"CVE-2019-19527\");\n script_xref(name:\"RHSA\", value:\"2020:1372\");\n\n script_name(english:\"Oracle Linux 8 : kernel (ELSA-2020-1372)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2020:1372 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: powerpc: local user can read vector registers of other\nusers' processes via a Facility Unavailable exception (CVE-2019-15030)\n\n* kernel: powerpc: local user can read vector registers of other\nusers' processes via an interrupt (CVE-2019-15031)\n\n* kernel: powerpc: incomplete Spectre-RSB mitigation leads to\ninformation exposure (CVE-2019-18660)\n\n* kernel: use-after-free caused by a malicious USB device in the\ndrivers/hid/ usbhid/hiddev.c driver (CVE-2019-19527)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput() (BZ#\n1783959)\n\n* qla2xxx: call dma_free_coherent with correct size in all cases in\nqla24xx_sp_unmap (BZ#1788206)\n\n* qla2xxxx: Firmware update for Gen7 adapter could result in an\nunusable adapter (BZ#1790350)\n\n* s390/sclp: Fix bit checked for has_sipl (BZ#1791408)\n\n* RHEL8.1 - Error output for CPU-MF auxtrace data in perf:\n(BZ#1792198)\n\n* [FJ8.0 Bug]: [kernel]: using 'kexec -e' to reboot A64FX system\ncauses system panic during the boot of the 2nd kernel (BZ#1792200)\n\n* Fixup tlbie vs store ordering issue on POWER9 (BZ#1794058)\n\n* RHEL8.1 - qeth: add safeguards to RX data path (BZ#1794059)\n\n* RHEL8.1 - STC940:ZZ:Fleet:RHEL:LPM failed with no rmc connection\nduring 6th iteration (ibmvnic) (BZ#1794060)\n\n* RHEL8.1 - disable trace-imc feature (perf:) (BZ#1794061)\n\n* [Broadcom RHEL8.2 FEAT]: megaraid_sas driver update request\n(BZ#1795335)\n\n* RHEL8.1 pre-Beta - [ FW940 ] [ zz P9 ] kdump fails when XIVE is\nenabled and dump is trigged from HMC. (BZ#1795337)\n\n* T10 DIF: OOM observed while running I/O (BZ#1795338)\n\n* backport fix for potential deadlock relative to snapshot COW\nthrottling (BZ #1796490)\n\n* Neoverse n1 errata 1542419 'Core may fetch stale instructions from\nmemory and violate ordering' (BZ#1797518)\n\n* [HPE 8.1 Bug] hpsa: bug fix for reset issue (BZ#1797519)\n\n* [HPE 8.0 BUG] System crash when reading /sys/block//mq/0/cpu_list\nfile (BZ# 1797960)\n\n* kernel: T10 CRC not using hardware-accelerated version from\ncrct10dif_pclmul (BZ#1797961)\n\n* [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC.\n(BZ#1797962)\n\n* RHEL 8 - NVMe/FC Fabric Broadcom Autoconnect Script Fails to\nReconnect after Controller Reset (BZ#1798381)\n\n* [RHEL8.2]: Chelsio crypto co-processor Driver (chcr) bugfixes\n(BZ#1798527)\n\n* [RHEL8.1][Snapshot-1]LUN discovery says unrecognized (BZ#1801216)\n\n* 8.2 snap2 kernel incorrectly signed in brew (BZ#1807231)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009788.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-18660\", \"CVE-2019-19527\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2020-1372\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"4.18\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"bpftool-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-abi-whitelists-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-core-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-core-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-cross-headers-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-cross-headers-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-core-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-core-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-modules-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-modules-extra-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-extra-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-doc-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-doc-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-headers-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-headers-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-modules-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-modules-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-modules-extra-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-modules-extra-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-libs-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-libs-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"perf-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"python3-perf-4.18.0-147.8.1.el8_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 8 : kernel (ELSA-2020-1372)", "type": "nessus", "viewCount": 0}, "differentElements": ["sourceData"], "edition": 1, "lastseen": "2020-04-12T17:31:29"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "f5c4badcbcfe466760445dc7a5c273bc"}, {"key": "cvelist", "hash": "4c2881d9755e40713746522bcbda8ed7"}, {"key": "cvss", "hash": "f74481c4d3fb2a622ac8c8a438ded811"}, {"key": "cvss3", "hash": "6eeb1108d5965bb8ca13dcc83eda0da0"}, {"key": "description", "hash": "a6e7d96d20bebf3117873596b6c04435"}, {"key": "href", "hash": "048a4546a7d8f9eb20925e842d7f60bb"}, {"key": "modified", "hash": "271e7c282f5432b0261f33c8b5da8527"}, {"key": "naslFamily", "hash": "e31ed89ab0cbb68ce2c40f17ec1e5483"}, {"key": "pluginID", "hash": "60acf4751963420390fc8f2cf2f3705f"}, {"key": "published", "hash": "271e7c282f5432b0261f33c8b5da8527"}, {"key": "references", "hash": "b4a91cf79d82882b23ed84cfb8664129"}, {"key": "reporter", "hash": "dd2d6c2d1f82de46231d07e6fb47c097"}, {"key": "sourceData", "hash": "160935bcd9642b72495d4e8042ecce68"}, {"key": "title", "hash": "1ade8a9fbbdd05f6143183c1ae55c4e4"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "50f746e76673b5207ef0d5aea0b423641fe0b7eaad56cb45dee67c12b7f297df", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-19527", "CVE-2019-18660", "CVE-2019-15030", "CVE-2019-15031"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-5670", "ELSA-2020-1372", "ELSA-2020-5676", "ELSA-2020-1016", "ELSA-2020-5671"]}, {"type": "redhat", "idList": ["RHSA-2020:1493", "RHSA-2020:1475", "RHSA-2020:1984", "RHSA-2020:1378", "RHSA-2020:0174", "RHSA-2020:1372", "RHSA-2020:0740", "RHSA-2020:1016"]}, {"type": "symantec", "idList": ["SMNTC-110996"]}, {"type": "nessus", "idList": ["FEDORA_2019-B86A7BDBA0.NASL", "ORACLELINUX_ELSA-2020-5671.NASL", "REDHAT-RHSA-2020-1493.NASL", "EULEROS_SA-2019-2309.NASL", "REDHAT-RHSA-2020-0740.NASL", "REDHAT-RHSA-2020-1984.NASL", "UBUNTU_USN-4135-1.NASL", "FEDORA_2019-124A241044.NASL", "EULEROS_SA-2019-2081.NASL", "REDHAT-RHSA-2020-1378.NASL"]}, {"type": "ubuntu", "idList": ["USN-4227-2", "USN-4228-2", "USN-4225-1", "USN-4226-1", "USN-4225-2", "USN-4227-1", "USN-4228-1", "USN-4135-2", "USN-4135-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:7D6795462AFD47DE31FD5B40467B68C4", "CFOUNDRY:DF07D4C717AC736D9D7D72B02A5FA2CB"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844182", "OPENVAS:1361412562311220192309", "OPENVAS:1361412562310852705", "OPENVAS:1361412562310844282", "OPENVAS:1361412562310844281", "OPENVAS:1361412562311220192081", "OPENVAS:1361412562310844298", "OPENVAS:1361412562310844284", "OPENVAS:1361412562311220201197", "OPENVAS:1361412562310852855"]}, {"type": "slackware", "idList": ["SSA-2020-008-01"]}, {"type": "centos", "idList": ["CESA-2020:1016"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2173-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2020:0336-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2068-1:83234"]}], "modified": "2020-04-16T17:32:19", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2020-04-16T17:32:19", "rev": 2}, "vulnersScore": 6.6}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1372 and \n# Oracle Linux Security Advisory ELSA-2020-1372 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135378);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/14\");\n\n script_cve_id(\"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-18660\", \"CVE-2019-19527\");\n script_xref(name:\"RHSA\", value:\"2020:1372\");\n\n script_name(english:\"Oracle Linux 8 : kernel (ELSA-2020-1372)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2020:1372 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: powerpc: local user can read vector registers of other\nusers' processes via a Facility Unavailable exception (CVE-2019-15030)\n\n* kernel: powerpc: local user can read vector registers of other\nusers' processes via an interrupt (CVE-2019-15031)\n\n* kernel: powerpc: incomplete Spectre-RSB mitigation leads to\ninformation exposure (CVE-2019-18660)\n\n* kernel: use-after-free caused by a malicious USB device in the\ndrivers/hid/ usbhid/hiddev.c driver (CVE-2019-19527)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput() (BZ#\n1783959)\n\n* qla2xxx: call dma_free_coherent with correct size in all cases in\nqla24xx_sp_unmap (BZ#1788206)\n\n* qla2xxxx: Firmware update for Gen7 adapter could result in an\nunusable adapter (BZ#1790350)\n\n* s390/sclp: Fix bit checked for has_sipl (BZ#1791408)\n\n* RHEL8.1 - Error output for CPU-MF auxtrace data in perf:\n(BZ#1792198)\n\n* [FJ8.0 Bug]: [kernel]: using 'kexec -e' to reboot A64FX system\ncauses system panic during the boot of the 2nd kernel (BZ#1792200)\n\n* Fixup tlbie vs store ordering issue on POWER9 (BZ#1794058)\n\n* RHEL8.1 - qeth: add safeguards to RX data path (BZ#1794059)\n\n* RHEL8.1 - STC940:ZZ:Fleet:RHEL:LPM failed with no rmc connection\nduring 6th iteration (ibmvnic) (BZ#1794060)\n\n* RHEL8.1 - disable trace-imc feature (perf:) (BZ#1794061)\n\n* [Broadcom RHEL8.2 FEAT]: megaraid_sas driver update request\n(BZ#1795335)\n\n* RHEL8.1 pre-Beta - [ FW940 ] [ zz P9 ] kdump fails when XIVE is\nenabled and dump is trigged from HMC. (BZ#1795337)\n\n* T10 DIF: OOM observed while running I/O (BZ#1795338)\n\n* backport fix for potential deadlock relative to snapshot COW\nthrottling (BZ #1796490)\n\n* Neoverse n1 errata 1542419 'Core may fetch stale instructions from\nmemory and violate ordering' (BZ#1797518)\n\n* [HPE 8.1 Bug] hpsa: bug fix for reset issue (BZ#1797519)\n\n* [HPE 8.0 BUG] System crash when reading /sys/block//mq/0/cpu_list\nfile (BZ# 1797960)\n\n* kernel: T10 CRC not using hardware-accelerated version from\ncrct10dif_pclmul (BZ#1797961)\n\n* [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC.\n(BZ#1797962)\n\n* RHEL 8 - NVMe/FC Fabric Broadcom Autoconnect Script Fails to\nReconnect after Controller Reset (BZ#1798381)\n\n* [RHEL8.2]: Chelsio crypto co-processor Driver (chcr) bugfixes\n(BZ#1798527)\n\n* [RHEL8.1][Snapshot-1]LUN discovery says unrecognized (BZ#1801216)\n\n* 8.2 snap2 kernel incorrectly signed in brew (BZ#1807231)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009788.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-18660\", \"CVE-2019-19527\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2020-1372\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"4.18\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"bpftool-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-abi-whitelists-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-core-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-core-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-cross-headers-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-cross-headers-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-core-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-core-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-modules-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-debug-modules-extra-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-extra-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-doc-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-doc-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-headers-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-headers-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-modules-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-modules-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-modules-extra-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-modules-extra-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-libs-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_exists(release:\"EL8\", rpm:\"kernel-tools-libs-devel-4.18.0\") && rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"perf-4.18.0-147.8.1.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"python3-perf-4.18.0-147.8.1.el8_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "135378", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug-core", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-modules-extra", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python3-perf", "p-cpe:/a:oracle:linux:bpftool", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-core", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-modules", "p-cpe:/a:oracle:linux:kernel-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-debug-modules", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-cross-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel"], "cvss3": {"score": 6.8, "vector": "AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "scheme": null}

{"cve": [{"lastseen": "2020-05-08T11:53:28", "bulletinFamily": "NVD", "description": "In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.", "modified": "2020-03-02T20:15:00", "id": "CVE-2019-19527", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19527", "published": "2019-12-03T16:15:00", "title": "CVE-2019-19527", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-24T12:52:36", "bulletinFamily": "NVD", "description": "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.", "modified": "2020-01-23T14:20:00", "id": "CVE-2019-15031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15031", "published": "2019-09-13T13:15:00", "title": "CVE-2019-15031", "type": "cve", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-03-12T11:37:33", "bulletinFamily": "NVD", "description": "In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.", "modified": "2020-03-11T22:25:00", "id": "CVE-2019-15030", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-15030", "published": "2019-09-13T13:15:00", "title": "CVE-2019-15030", "type": "cve", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-05-08T11:53:25", "bulletinFamily": "NVD", "description": "The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.", "modified": "2020-01-28T19:47:00", "id": "CVE-2019-18660", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18660", "published": "2019-11-27T23:15:00", "title": "CVE-2019-18660", "type": "cve", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2020-05-13T13:46:09", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030)\n\n* kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)\n\n* kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\n* kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput() (BZ#1783959)\n\n* qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap (BZ#1788206)\n\n* qla2xxxx: Firmware update for Gen7 adapter could result in an unusable adapter (BZ#1790350)\n\n* s390/sclp: Fix bit checked for has_sipl (BZ#1791408)\n\n* RHEL8.1 - Error output for CPU-MF auxtrace data in perf: (BZ#1792198)\n\n* [FJ8.0 Bug]: [kernel]: using \"kexec -e\" to reboot A64FX system causes system panic during the boot of the 2nd kernel (BZ#1792200)\n\n* Fixup tlbie vs store ordering issue on POWER9 (BZ#1794058)\n\n* RHEL8.1 - qeth: add safeguards to RX data path (BZ#1794059)\n\n* RHEL8.1 - STC940:ZZ:Fleet:RHEL:LPM failed with no rmc connection during 6th iteration (ibmvnic) (BZ#1794060)\n\n* RHEL8.1 - disable trace-imc feature (perf:) (BZ#1794061)\n\n* [Broadcom RHEL8.2 FEAT]: megaraid_sas driver update request (BZ#1795335)\n\n* RHEL8.1 pre-Beta - [ FW940 ] [ zz P9 ] kdump fails when XIVE is enabled and dump is trigged from HMC. (BZ#1795337)\n\n* T10 DIF: OOM observed while running I/O (BZ#1795338)\n\n* backport fix for potential deadlock relative to snapshot COW throttling (BZ#1796490)\n\n* Neoverse n1 errata 1542419 \"Core may fetch stale instructions from memory and violate ordering\" (BZ#1797518)\n\n* [HPE 8.1 Bug] hpsa: bug fix for reset issue (BZ#1797519)\n\n* [HPE 8.0 BUG] System crash when reading /sys/block/<dm>/mq/0/cpu_list file (BZ#1797960)\n\n* kernel: T10 CRC not using hardware-accelerated version from crct10dif_pclmul (BZ#1797961)\n\n* [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC. (BZ#1797962)\n\n* RHEL 8 - NVMe/FC Fabric Broadcom Autoconnect Script Fails to Reconnect after Controller Reset (BZ#1798381)\n\n* [RHEL8.2]: Chelsio crypto co-processor Driver (chcr) bugfixes (BZ#1798527)\n\n* [RHEL8.1][Snapshot-1]LUN discovery says unrecognized (BZ#1801216)\n\n* 8.2 snap2 kernel incorrectly signed in brew (BZ#1807231)", "modified": "2020-05-13T16:54:36", "published": "2020-04-07T14:57:14", "id": "RHSA-2020:1372", "href": "https://access.redhat.com/errata/RHSA-2020:1372", "type": "redhat", "title": "(RHSA-2020:1372) Moderate: kernel security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-07T09:40:14", "bulletinFamily": "unix", "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the RHEL-8.1.z3 source tree (BZ#1794136)\n\n* [kernel-rt-debug] BUG: MAX_LOCKDEP_CHAINS too low! (BZ#1794199)", "modified": "2020-04-07T13:35:31", "published": "2020-04-07T13:15:23", "id": "RHSA-2020:1378", "href": "https://access.redhat.com/errata/RHSA-2020:1378", "type": "redhat", "title": "(RHSA-2020:1378) Moderate: kernel-rt security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-30T17:36:22", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [Stratus 7.6 Bug] Deadlock on hcd->bandwidth_mutex when usb controller fails during initialization (BZ#1764528)\n\n* RHEL7.7 Snapshot5 - retry when cpu offline races with migration (BZ#1766094)\n\n* Slow console output with ast (Aspeed) graphics driver (BZ#1780147)\n\n* RHEL7.7 - qeth: add safeguards to RX data path (BZ#1792248)\n\n* 'soft lockup' events during unmount of container file system due to bloated dentry cache / memory cgroup slab cache reclaim not available in RHEL7 (BZ#1796358)\n\n* [GSS] Can't access the mount point due to possible blocking of i/o on rbd (BZ#1796435)\n\n* [xfstests]: copy_file_range cause corruption on rhel-7 (BZ#1797967)\n\n* kernel: UAF in cdev_put() when a PTP device is removed while its chardev is open (BZ#1798395)\n\n* [HPE 7.8 Bug] RHEL7.8 kernel may ignore NMI from ilo (BZ#1798397)\n\n* [HPEMC RHEL 7.7 RHEL 7.8 REGRESSION] kernel not populating numa_nod in /sys/devices... for PMEM (BZ#1801697)\n\n* Unable to exclude files from auditing (BZ#1806429)\n\n* DNAT'd packet is not unmangled upon reply on openshift node (BZ#1806446)\n\n* port show-kabi to python3 (BZ#1806929)\n\n* top shows super high loads when tuned profile realtime-virtual-host is applied (BZ#1808029)\n\n* Backport CIFS stale ESTALE handling and dentry revalidation patches (BZ#1811053)\n\n* Observed a memory leak while using dm-multipath (BZ#1812936)\n\n* dm-multipath high load backport incorrect (BZ#1814536)", "modified": "2020-04-30T19:56:26", "published": "2020-04-30T16:36:29", "id": "RHSA-2020:1984", "href": "https://access.redhat.com/errata/RHSA-2020:1984", "type": "redhat", "title": "(RHSA-2020:1984) Moderate: kernel security and bug fix update", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-14T19:40:28", "bulletinFamily": "unix", "description": "Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.\n\nThis major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:\n\nSecurity fix:\n\n* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)\n\nEnhancements and new features:\n\n* Improved code samples for default devfiles\n* Improved naming of default stacks\n* Updated .NET sample (including debugger) to version 3.1\n* Enabled offline devfile registry\n\nFor more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.\n\nThis update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:\n\nCVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531", "modified": "2020-04-14T22:43:09", "published": "2020-04-14T22:30:55", "id": "RHSA-2020:1475", "href": "https://access.redhat.com/errata/RHSA-2020:1475", "type": "redhat", "title": "(RHSA-2020:1475) Moderate: Red Hat CodeReady Workspaces 2.1.0 release", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-16T15:42:34", "bulletinFamily": "unix", "description": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)\n\n* kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)\n\n* kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS (CVE-2019-5108)\n\n* kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)\n\n* kernel: out-of-bounds array access in __xfrm_policy_unlink (CVE-2019-15666)\n\n* kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099)\n\n* kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)\n\n* kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)\n\n* kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c (CVE-2019-20095)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rhel-alt-76z bsd process accounting(acct(2)) does not work (BZ#1763618)", "modified": "2020-04-16T18:02:15", "published": "2020-04-16T17:36:34", "id": "RHSA-2020:1493", "href": "https://access.redhat.com/errata/RHSA-2020:1493", "type": "redhat", "title": "(RHSA-2020:1493) Important: kernel-alt security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-10T21:37:03", "bulletinFamily": "unix", "description": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)\n\n* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)\n\n* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* lpfc: NVMe/FC target test machine rhel-storage-62 crashes on boot when connected to FC switch (BZ#1623205)\n\n* kernel BUG at fs/nfs_common/grace.c:107! (BZ#1637543)\n\n* RHEL-Alt-7.6 - Need a fix for kernel bug cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() (BZ#1711934)\n\n* Backport \"fs/dcache.c: add cond_resched() in shrink_dentry_list()\" (32785c0539b7) [rhel-alt-7.6.z] (BZ#1758861)\n\n* [RHEL-ALT-7.6.z][arm64] iommu/iova: Fix tracking of recently failed iova address (BZ#1780500)", "modified": "2020-03-09T17:39:39", "published": "2020-03-09T17:16:17", "id": "RHSA-2020:0740", "href": "https://access.redhat.com/errata/RHSA-2020:0740", "type": "redhat", "title": "(RHSA-2020:0740) Important: kernel-alt security and bug fix update", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-21T18:03:50", "bulletinFamily": "unix", "description": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* Kernel: speculative bounds check bypass store (CVE-2018-3693)\n\n* kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n* kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)\n\n* kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n* kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\n* kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814)\n\n* kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815)\n\n* kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Kernel panic on job cleanup, related to SyS_getdents64 (BZ#1702057)\n\n* Kernel modules generated incorrectly when system is localized to non-English language (BZ#1705285)\n\n* RHEL-Alt-7.6 - Fixup tlbie vs store ordering issue on POWER9 (BZ#1756270)", "modified": "2020-01-21T20:32:47", "published": "2020-01-21T20:15:25", "id": "RHSA-2020:0174", "href": "https://access.redhat.com/errata/RHSA-2020:0174", "type": "redhat", "title": "(RHSA-2020:0174) Important: kernel-alt security and bug fix update", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-05T23:11:31", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)\n\n* kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission (CVE-2017-17807)\n\n* kernel: denial of service via ioctl call in network tun handling (CVE-2018-7191)\n\n* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\n* kernel: perf_event_open() and execve() race in setuid programs allows a data leak (CVE-2019-3901)\n\n* kernel: brcmfmac frame validation bypass (CVE-2019-9503)\n\n* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service (CVE-2019-12382)\n\n* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)\n\n* kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call (CVE-2019-13648)\n\n* kernel: integer overflow and OOB read in drivers/block/floppy.c (CVE-2019-14283)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746)\n\n* kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\n* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)\n\n* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)\n\n* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)\n\n* kernel: ASLR bypass for setuid binaries due to late install_exec_creds() (CVE-2019-11190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", "modified": "2020-05-05T14:18:41", "published": "2020-03-31T13:08:53", "id": "RHSA-2020:1016", "href": "https://access.redhat.com/errata/RHSA-2020:1016", "type": "redhat", "title": "(RHSA-2020:1016) Moderate: kernel security, bug fix, and enhancement update", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2020-04-09T10:41:52", "bulletinFamily": "unix", "description": "[4.18.0-147.8.1_1.OL8]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]\n- Update x509.genkey [Orabug: 24817676]\n[4.18.0-147.8.1_1]\n- rebuild, due infrastructure issues last kernel build wasn't signed properly [1807231 1807216]\n[4.18.0-147.7.1_1]\n- [hid] hiddev: do cleanup in failure of opening a device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527}\n- [hid] hiddev: avoid opening a disconnected device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527}\n- [nvme] nvmet: fix discover log page when offsets are used (Gopal Tiwari) [1801216 1745836]\n- [netdrv] ibmvnic: Serialize device queries (Steve Best) [1794060 1778037]\n- [netdrv] ibmvnic: Bound waits for device queries (Steve Best) [1794060 1778037]\n- [netdrv] ibmvnic: Terminate waiting device threads after loss of service (Steve Best) [1794060 1778037]\n- [netdrv] ibmvnic: Fix completion structure initialization (Steve Best) [1794060 1778037]\n- [netdrv] ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (Steve Best) [1794060 1778037]\n- [tools] selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (Desnes Augusto Nunes do Rosario) [1794058 1755707]\n- [tools] selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (Desnes Augusto Nunes do Rosario) [1794058 1755707]\n- [powerpc] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (Desnes Augusto Nunes do Rosario) [1794058 1755707]\n- [powerpc] powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (Desnes Augusto Nunes do Rosario) [1794058 1755707]\n- [powerpc] powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions (Desnes Augusto Nunes do Rosario) [1794058 1755707]\n[4.18.0-147.6.1_1]\n- [crypto] crypto: chelsio - count incomplete block in IV (Jonathan Toppins) [1798527 1725813]\n- [crypto] crypto: chelsio - Fix softlockup with heavy I/O (Jonathan Toppins) [1798527 1725813]\n- [crypto] crypto: chelsio - Fix NULL pointer dereference (Jonathan Toppins) [1798527 1725813]\n- [nvme] nvme: Treat discovery subsystems as unique subsystems (Ewan Milne) [1798381 1757525]\n- [mm] mm/page-writeback.c: don't break integrity writeback on ->writepage() error (Christoph von Recklinghausen) [1797962 1782117]\n- [lib] crc-t10dif: crc_t10dif_mutex can be static (Vladis Dronov) [1797961 1769462]\n- [lib] crc-t10dif: Allow current transform to be inspected in sysfs (Vladis Dronov) [1797961 1769462]\n- [lib] crc-t10dif: Pick better transform if one becomes available (Vladis Dronov) [1797961 1769462]\n- [crypto] api - Introduce notifier for new crypto algorithms (Vladis Dronov) [1797961 1769462]\n- [block] blk-mq: make sure that line break can be printed (Ming Lei) [1797960 1741462]\n- [block] blk-mq: avoid sysfs buffer overflow with too many CPU cores (Ming Lei) [1797960 1741462]\n- [scsi] hpsa: update driver version (Joseph Szczypek) [1797519 1761968]\n- [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek) [1797519 1761968]\n- [arm64] arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Handle erratum 1418040 as a superset of erratum 1188873 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: errata: Add workaround for Cortex-A76 erratum #1463225 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Kconfig: Tidy up errata workaround help text (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Apply ARM64_ERRATUM_1188873 to Neoverse-N1 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Add part number for Neoverse N1 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Restrict ARM64_ERRATUM_1188873 mitigation to AArch32 (Mark Salter) [1797518 1757828]\n- [arm64] arm64: arch_timer: avoid unused function warning (Mark Salter) [1797518 1757828]\n- [arm64] arm64: Add workaround for Cortex-A76 erratum 1286807 (Mark Salter) [1797518 1757828]\n- [md] dm snapshot: rework COW throttling to fix deadlock (Mike Snitzer) [1796490 1758605]\n- [md] dm snapshot: introduce account_start_copy() and account_end_copy() (Mike Snitzer) [1796490 1758605]\n- [block] fix memleak of bio integrity data (Ming Lei) [1795338 1779898]\n- [powerpc] xive: Prevent page fault issues in the machine crash handler (Diego Domingos) [1795337 1756116]\n- [scsi] scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (Tomas Henzl) [1795335 1726251]\n- [powerpc] powerpc/perf: Disable trace_imc pmu (Steve Best) [1794061 1785573]\n- [s390] s390/qeth: ensure linear access to packet headers (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: guard against runt packets (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: handle skb allocation error gracefully (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: drop unwanted packets earlier in RX path (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: support per-frame invalidation (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: gather more detailed RX dropped/error statistics (Philipp Rudo) [1794059 1781085]\n- [s390] s390/net: Mark expected switch fall-throughs (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: consolidate skb RX processing in L3 driver (Philipp Rudo) [1794059 1781085]\n- [s390] s390/qeth: remove RX seqno in skb->cb (Philipp Rudo) [1794059 1781085]\n- [powerpc] kvm: ppc: book3s hv: Flush link stack on guest exit to host kernel (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] 64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] fsl: Update Spectre v2 reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] fsl: Add nospectre_v2 command line argument (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] fsl: Fix spectre_v2 mitigations reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] 64: Make meltdown reporting Book3S 64 specific (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [powerpc] 64: Disable the speculation barrier from the command line (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}\n- [firmware] efi/memreserve: Register reservations as 'reserved' in /proc/iomem (Bhupesh Sharma) [1792200 1772730]\n- [firmware] efi/memreserve: deal with memreserve entries in unmapped memory (Bhupesh Sharma) [1792200 1772730]\n- [s390] s390/cpum_sf: save TOD clock base in SDBs for time conversion (Philipp Rudo) [1792198 1743504]\n- [s390] s390/sclp: Fix bit checked for has_sipl (Philipp Rudo) [1791408 1748347]\n- [scsi] qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (Himanshu Madhani) [1790350 1782598]\n- [scsi] qla2xxx: Added support for MPI and PEP regions for ISP28XX (Himanshu Madhani) [1790350 1782598]\n- [scsi] qla2xxx: Correctly retrieve and interpret active flash region (Himanshu Madhani) [1790350 1782598]\n- [powerpc] powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction (Gustavo Duarte) [1788862 1750653] {CVE-2019-15030}\n- [powerpc] powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts (Gustavo Duarte) [1791630 1750653] {CVE-2019-15031}\n- [scsi] scsi: qla2xxx: Fix different size DMA Alloc/Unmap (Himanshu Madhani) [1788206 1753031]\n- [scsi] qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap (Himanshu Madhani) [1788206 1753031]\n- [fs] devpts_pty_kill(): don't bother with d_delete() (Eric Sandeen) [1783959 1772718]\n- [fs] devpts: always delete dcache dentry-s in dput() (Eric Sandeen) [1783959 1772718]", "modified": "2020-04-09T00:00:00", "published": "2020-04-09T00:00:00", "id": "ELSA-2020-1372", "href": "http://linux.oracle.com/errata/ELSA-2020-1372.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T00:47:02", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-118.45.1]\n- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) [Orabug: 31206361] {CVE-2019-19527}\n- HID: hiddev: avoid opening a disconnected device (Hillf Danton) [Orabug: 31206361] {CVE-2019-19527}\n- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: 31208623] {CVE-2019-19532}\n- drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (Murray McAllister) [Orabug: 31224360] {CVE-2017-7261}\n- brcmfmac: add subtype check for event handling in data path (John Donnelly) [Orabug: 31234676] {CVE-2019-9503}", "modified": "2020-05-07T00:00:00", "published": "2020-05-07T00:00:00", "id": "ELSA-2020-5671", "href": "http://linux.oracle.com/errata/ELSA-2020-5671.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-11T19:12:50", "bulletinFamily": "unix", "description": "[4.14.35-1902.302.2]\n- KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] {CVE-2013-1798}\n- KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (Marios Pomonis) [Orabug: 31191092] \n- x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE (John Allen) [Orabug: 31213449] \n- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) [Orabug: 31206359] {CVE-2019-19527}\n- HID: hiddev: avoid opening a disconnected device (Hillf Danton) [Orabug: 31206359] {CVE-2019-19527}\n- net/ethernet/octeon: Add ptp_dbg_group module param in octeon-pow-ethernet (Vijay Kumar) [Orabug: 31198851] \n- net/rds: Fix MR reference counting problem (Ka-Cheong Poon) [Orabug: 31130197] \n- net/rds: Replace struct rds_mr's r_refcount with struct kref (Ka-Cheong Poon) [Orabug: 31130197] \n- rds: Fix use-after-free in rds_ib_free_caches (Hans Westgaard Ry) [Orabug: 31200770] \n- include/linux/relay.h: fix percpu annotation in struct rchan (Luc Van Oostenryck) [Orabug: 31183399] {CVE-2019-19462}\n- uek-rpm: fix dts rpmbuild when using cross-compiler (Tom Saeger) [Orabug: 30896439] \n- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: 30622561] {CVE-2019-19532}\n- net/ethernet/octeon: Set max/min mtu of pow equivalent to Octeon eth device (Vijay Kumar) [Orabug: 31191751] \n- vgacon: Fix a UAF in vgacon_invert_region (Zhang Xiaoxu) [Orabug: 31143946] {CVE-2020-8649} {CVE-2020-8647} {CVE-2020-8647} {CVE-2020-8649} {CVE-2020-8647} {CVE-2020-8649}\n- crypto: ecdh - fix big endian bug in ECC library (Ard Biesheuvel) [Orabug: 31203429] \n- KVM: x86: fix nested guest live migration with PML (Paolo Bonzini) [Orabug: 31202733] \n- KVM: x86: assign two bits to track SPTE kinds (Paolo Bonzini) [Orabug: 31202733] \n- x86/kvm/mmu: introduce guest_mmu (Vitaly Kuznetsov) [Orabug: 31202733] \n- x86/kvm/mmu.c: add kvm_mmu parameter to kvm_mmu_free_roots() (Vitaly Kuznetsov) [Orabug: 31202733] \n- x86/kvm/mmu.c: set get_pdptr hook in kvm_init_shadow_ept_mmu() (Vitaly Kuznetsov) [Orabug: 31202733] \n- x86/kvm/mmu: make vcpu->mmu a pointer to the current MMU (Vitaly Kuznetsov) [Orabug: 31202733] \n- x86/kvm/nVMX: allow bare VMXON state migration (Vitaly Kuznetsov) [Orabug: 31202164] \n- sched/fair: Prevent a division by 0 in scale_rt_capacity() (John Sobecki) [Orabug: 31124463] \n- blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123575] {CVE-2019-19768}\n- blktrace: fix unlocked access to init/start-stop/teardown (Jens Axboe) [Orabug: 31123575] {CVE-2019-19768}\n[4.14.35-1902.302.1]\n- xfs: revert commit c6314bc8055a (Darrick J. Wong) [Orabug: 31180825] \n- vt: selection, push sel_lock up (Jiri Slaby) [Orabug: 30923296] {CVE-2020-8648}\n- vt: selection, push console lock down (Jiri Slaby) [Orabug: 30923296] {CVE-2020-8648}\n- vt: selection, close sel_buffer race (Jiri Slaby) [Orabug: 30923296] {CVE-2020-8648} {CVE-2020-8648}\n- net_sched: fix an OOB access in cls_tcindex (Cong Wang) [Orabug: 31181100] \n- mips64: Fix X.509 certificates parsing (Eric Saint-Etienne) [Orabug: 31178433] \n- efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 30990726] \n- genhd: Fix use after free in __blkdev_get() (Jan Kara) [Orabug: 31161462] \n- blockdev: Fix livelocks on loop device (Jan Kara) [Orabug: 31161462] \n- net: validate untrusted gso packets without csum offload (Willem de Bruijn) [Orabug: 31161828] \n- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136752] {CVE-2020-11494}\n- crypto: user - fix leaking uninitialized memory to userspace (Eric Biggers) [Orabug: 31081816] {CVE-2018-19854}\n- scsi: libsas: stop discovering if oob mode is disconnected (Jason Yan) [Orabug: 30770911] {CVE-2019-19965}\n- dccp: Fix memleak in __feat_register_sp (YueHaibing) [Orabug: 30755059] {CVE-2019-20096}\n- ovl: relax WARN_ON() on rename to self (Amir Goldstein) [Orabug: 30451796] \n- bnx2x: Fix VF's VLAN reconfiguration in reload. (Manish Chopra) \n- bnx2x: Remove configured vlans as part of unload sequence. (Sudarsana Reddy Kalluru) \n- sch_dsmark: fix potential NULL deref in dsmark_init() (Eric Dumazet) [Orabug: 30453287]\n[4.14.35-1902.302.0]\n- mips64:uek-rpm/ol7/config-mips: Enable IP_SET configs (Vijay Kumar) [Orabug: 31123145] \n- IB/ipoib: Avoid race from waking up the transmission queue (Praveen Kumar Kannoju) [Orabug: 31118993] \n- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118690] \n- mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Wen Huang) [Orabug: 31104480] {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816} {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816}\n- arch/mips: Discard the contents of the PCI console if the buffer is full for more than 10 milliseconds (Victor Michel) [Orabug: 31097950] \n- Add in-kernel X.509 certificate on mips64 (Eric Saint-Etienne) [Orabug: 31090468] \n- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067513] {CVE-2020-9383}\n- KVM: X86: Fix NULL deref in vcpu_scan_ioapic (Wanpeng Li) [Orabug: 31004914] \n- rds: Add debugfs for inc/frag cache statistics (Hans Westgaard Ry) [Orabug: 30827415] \n- rds: Add inc/frag cache statistics (Hans Westgaard Ry) [Orabug: 30827415] \n- rds: Control the CPU (de)allocating fragments (Hans Westgaard Ry) [Orabug: 30827415] \n- rds: Change caching strategy for receive buffers (Hans Westgaard Ry) [Orabug: 30827415] \n- rds: Add lockfree stack routines (Hans Westgaard Ry) [Orabug: 30827415]\n[4.14.35-1902.301.2]\n- xfs: ratelimit inode flush on buffered write ENOSPC (Darrick J. Wong) [Orabug: 31056429]", "modified": "2020-05-11T00:00:00", "published": "2020-05-11T00:00:00", "id": "ELSA-2020-5676", "href": "http://linux.oracle.com/errata/ELSA-2020-5676.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-06T20:48:18", "bulletinFamily": "unix", "description": "[4.1.12-124.39.1]\n- qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 (Arun Easi) [Orabug: 30372266] \n- qla2xxx: Fix device discovery when FCP2 device is lost. (Arun Easi) [Orabug: 30372266] \n- brcmfmac: add subtype check for event handling in data path (John Donnelly) [Orabug: 30776354] {CVE-2019-9503}\n- percpu-refcount: fix reference leak during percpu-atomic transition (Douglas Miller) [Orabug: 30867060] \n- blk-mq: Allow timeouts to run while queue is freezing (Gabriel Krisman Bertazi) [Orabug: 30867060] \n- fs/dcache.c: fix spin lockup issue on nlru->lock (Junxiao Bi) [Orabug: 30953290] \n- jbd2: disable CONFIG_JBD2_DEBUG (Junxiao Bi) [Orabug: 31234664] \n- mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (Navid Emamdoost) [Orabug: 31246302] {CVE-2019-19056}\n- drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() (Vladis Dronov) [Orabug: 31262557] {CVE-2017-7346}\n[4.1.12-124.38.5]\n- i40e: Increment the driver version for FW API update (Jack Vogel) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Update FW API version to 1.9 (Piotr Azarewicz) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Changed maximum supported FW API version to 1.8 (Adam Ludkiewicz) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Stop dropping 802.1ad tags - eth proto 0x88a8 (Scott Peterson) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: fix reading LLDP configuration (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Add capability flag for stopping FW LLDP (Krzysztof Galazka) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: refactor FW version checking (Mitch Williams) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: shutdown all IRQs and disable MSI-X when suspended (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: prevent service task from running while we're suspended (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: don't clear suspended state until we finish resuming (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: use newer generic PM support instead of legacy PM callbacks (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: use separate state bit for miscellaneous IRQ setup (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: fix for flow director counters not wrapping as expected (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: relax warning message in case of version mismatch (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: simplify member variable accesses (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Fix link down message when interface is brought up (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n- i40e: Fix unqualified module message while bringing link up (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}\n[4.1.12-124.38.4]\n- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: 31208622] {CVE-2019-19532}\n- qla2xxx: DBG: disable 3D mailbox. (Quinn Tran) [Orabug: 30890687] \n- scsi: qla2xxx: Fix mtcp dump collection failure (Quinn Tran) [Orabug: 30890687] \n- scsi: qla2xxx: Add Serdes support for ISP27XX (Joe Carnuccio) [Orabug: 30890687] \n- vgacon: Fix a UAF in vgacon_invert_region (Zhang Xiaoxu) [Orabug: 31143947] {CVE-2020-8649} {CVE-2020-8647} {CVE-2020-8647} {CVE-2020-8649} {CVE-2020-8649} {CVE-2020-8647}\n- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) [Orabug: 31206360] {CVE-2019-19527}\n- HID: hiddev: avoid opening a disconnected device (Hillf Danton) [Orabug: 31206360] {CVE-2019-19527}\n- USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31233769] {CVE-2019-19523}\n[4.1.12-124.38.3]\n- ipv4: implement support for NOPREFIXROUTE ifa flag for ipv4 address (Paolo Abeni) [Orabug: 30292825] \n- vt: selection, push sel_lock up (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648}\n- vt: selection, push console lock down (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648}\n- vt: selection, close sel_buffer race (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648} {CVE-2020-8648}\n- xfs: stop searching for free slots in an inode chunk when there are none (Carlos Maiolino) [Orabug: 31030659] \n- xfs: fix up xfs_swap_extent_forks inline extent handling (Eric Sandeen) [Orabug: 31032831] \n- xfs: validate sb_logsunit is a multiple of the fs blocksize (Darrick J. Wong) [Orabug: 31034071] \n- mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Wen Huang) [Orabug: 31104481] {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816} {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816}\n[4.1.12-124.38.2]\n- rds: fix an infoleak in rds_inc_info_copy (Kangjie Lu) [Orabug: 30770962] {CVE-2016-5244}\n- xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 30944736] \n- xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30944736] \n- xfs: increase the default parallelism levels of pwork clients (Junxiao Bi) [Orabug: 30944736] \n- xfs: decide if inode needs inactivation (Junxiao Bi) [Orabug: 30944736] \n- xfs: refactor the predicate part of xfs_free_eofblocks (Junxiao Bi) [Orabug: 30944736] \n- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067516] {CVE-2020-9383}\n- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118691] \n- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136753] {CVE-2020-11494}", "modified": "2020-05-06T00:00:00", "published": "2020-05-06T00:00:00", "id": "ELSA-2020-5670", "href": "http://linux.oracle.com/errata/ELSA-2020-5670.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-09T02:43:53", "bulletinFamily": "unix", "description": "[3.10.0-1127.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [Orabug: 24817676]\n[3.10.0-1127]\n- [fs] flexfiles: Dont tie up all the rpciod threads in resends (Benjamin Coddington) [1778963]\n[3.10.0-1126]\n- [scsi] scsi: qla2xxx: Fix unbound NVME response length (Himanshu Madhani) [1788669]\n[3.10.0-1125]\n- [fs] mark struct file that had write access grabbed by open() (Miklos Szeredi) [1679829]\n- [fs] fold __get_file_write_access() into its only caller (Miklos Szeredi) [1679829]\n- [powerpc] get rid of DEBUG_WRITECOUNT (Miklos Szeredi) [1679829]\n- [fs] dont bother with {get, put}_write_access() on non-regular files (Miklos Szeredi) [1679829]\n- [fs] gfs2: Use d_materialise_unique instead of d_splice_alias (2) (Andreas Grunbacher) [1784550]\n- [fs] gfs2: gfs2_create_inode(): dont bother with d_splice_alias() (Andreas Grunbacher) [1784550]\n- [fs] gfs2: bugger off early if O_CREAT open finds a directory (Andreas Grunbacher) [1784550]\n- [fs] libceph: fix PG split vs OSD (re)connect race (Ilya Dryomov) [1785656]\n- [scsi] Fix driver intialization failure for sli4 non nvme (Dick Kennedy) [1783899]\n- [netdrv] hv_netvsc: fix race that may miss tx queue wakeup (Mohammed Gamal) [1781322]\n[3.10.0-1124]\n- [s390] s390: wire up sys_renameat2 (Miklos Szeredi) [1773504]\n- [net] ipvs: do not use random local source address for tunnels (Xin Long) [1786676]\n- [misc] mei: me: add cannon point device ids for 4th device (Jerry Snitselaar) [1745139]\n- [misc] mei: me: add cannon point device ids (Jerry Snitselaar) [1745139]\n- [netdrv] bnxt_en: Support all variants of the 5750X chip family (Jonathan Toppins) [1789345]\n[3.10.0-1123]\n- [mm] mm: prevent get_user_pages() from overflowing page refcount (Aristeu Rozanski) [1705005] {CVE-2019-11487}\n- [mm] mm/hugetlb.c: __get_user_pages ignores certain follow_hugetlb_page errors (Aristeu Rozanski) [1705005] {CVE-2019-11487}\n- [fs] CIFS: avoid using MID 0xFFFF (Leif Sahlberg) [1771255]\n- [net] netfilter: xt_TRACE: add explicitly nf_logger_find_get call (Phil Sutter) [1774444]\n- [wireless] rtlwifi: Fix potential overflow on P2P code (Josef Oskera) [1775236] {CVE-2019-17666}\n[3.10.0-1122]\n- [drm] drm/amd/powerplay: use hardware fan control if no powerplay fan table (Lyude Paul) [1729286]\n- [nvme] nvme-fc: fix double-free scenarios on hw queues (Ewan Milne) [1731286]\n- [x86] kvm: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [1779768]\n- [x86] kvm: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [x86] kvm: x86: Mark expected switch fall-throughs (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [x86] kvm: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [x86] kvm: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [x86] kvm: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [x86] kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Paolo Bonzini) [1779768] {CVE-2019-19338}\n- [s390] s390/qeth: ensure linear access to packet headers (Philipp Rudo) [1782927]\n- [s390] s390/qeth: guard against runt packets (Philipp Rudo) [1782927]\n- [s390] s390/qeth: consolidate skb allocation (Philipp Rudo) [1782927]\n- [s390] s390/qeth: clean up page frag creation (Philipp Rudo) [1782927]\n- [netdrv] i40e: Fix for persistent lldp support (Stefan Assmann) [1782689]\n[3.10.0-1121]\n- [platform] thinkpad_acpi: Dont yell on unsupported brightness interfaces (Lyude Paul) [1305619]\n- [platform] thinkpad-acpi: fix handle locate for video and query of _BCL (Lyude Paul) [1305619]\n- [s390] kernel: avoid cpu yield in SMT environment (Philipp Rudo) [1777876]\n- [scsi] scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (Himanshu Madhani) [1783016]\n- [scsi] scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX (Himanshu Madhani) [1783016]\n- [scsi] scsi: qla2xxx: Correctly retrieve and interpret active flash region (Himanshu Madhani) [1783016]\n- [powerpc] KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel (Gustavo Duarte) [1777710]\n- [powerpc] powerpc/book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1777710]\n- [powerpc] powerpc/64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1777710]\n- [net] openvswitch: fix flow command message size (Paolo Abeni) [1776578]\n- [block] brd: re-enable __GFP_HIGHMEM in brd_insert_page() (Jeff Moyer) [1781298]\n- [block] brd: remove dax support (Jeff Moyer) [1781298]\n- [nvme] nvme: dont access the inlined bio after nvmet request is completed (Ming Lei) [1631120]\n- [fs] epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() (Miklos Szeredi) [1780128]\n- [nvme] nvme: fix NULL pointer dereference in nvme_init_subsystem (Ewan Milne) [1781316]\n- [nvme] nvme-fabrics: allow duplicate connections to the discovery controller (Ewan Milne) [1781316]\n- [scsi] scsi: bnx2fc: timeout calculation invalid for bnx2fc_eh_abort() (Nilesh Javali) [1772966]\n[3.10.0-1120]\n- [md] raid5: need to set STRIPE_HANDLE for batch head (Xiao Ni) [1774330]\n- [drm] drm/radeon: fix si_enable_smc_cac() failed issue (Dave Airlie) [1780026]\n- [block] block: dont change REQ_NR_BITS (Ming Lei) [1779712]\n[3.10.0-1119]\n- [x86] mm: serialize against gup_fast in pmdp_splitting_flush() (Vitaly Kuznetsov) [1674266]\n- [vhost] vsock: split packets to send using multiple buffers (Stefano Garzarella) [1777349]\n- [md] md/raid10: prevent access of uninitialized resync_pages offset (Nigel Croxon) [1767935]\n- [x86] perf/x86: Modify error message in virtualized environment (Michael Petlan) [1759758]\n- [fs] cifs: Fix infinite loop when using hard mount option (Dave Wysochanski) [1770404]\n- [wireless] mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (Stanislaw Gruszka) [1776157] {CVE-2019-14901}\n[3.10.0-1118]\n- [net] ipv6: support more tunnel interfaces for EUI64 link-local generation (Guillaume Nault) [1770686]\n- [net] netfilter: masquerade: dont flush all conntracks if only one address deleted on device (Patrick Talbert) [1771396]\n- [net] netfilter: conntrack: resched in nf_ct_iterate_cleanup (Patrick Talbert) [1771396]\n- [net] ipvs: fix buffer overflow with sync daemon and service (Davide Caratti) [1725440]\n- [net] ipvs: fix rtnl_lock lockups caused by start_sync_thread (Davide Caratti) [1725440]\n- [net] ipvs: Pass ipvs not net to make_receive_sock (Davide Caratti) [1725440]\n- [net] ipvs: Pass ipvs not net to make_send_sock (Davide Caratti) [1725440]\n- [net] ipvs: Pass ipvs not net to start_sync_thread (Davide Caratti) [1725440]\n- [net] ipvs: Pass ipvs not net to ip_vs_genl_new_daemon (Davide Caratti) [1725440]\n- [net] ipvs: add sync_maxlen parameter for the sync daemon (Davide Caratti) [1725440]\n- [net] ipvs: call rtnl_lock early (Davide Caratti) [1725440]\n- [net] netfilter: dont use mutex_lock_interruptible() (Davide Caratti) [1725440]\n- [net] ipvs: fix memory leak in ip_vs_ctl.c (Davide Caratti) [1725440]\n- [wireless] mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Stanislaw Gruszka) [1776206]\n- [scsi] Revert 'qla2xxx: Mark NVMe/FC initiator mode usage as technology preview' (Ewan Milne) [1642968]\n[3.10.0-1117]\n- [x86] x86/speculation: Remove unneeded STIBP code (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/speculation: Fix redundant MDS mitigation message (Waiman Long) [1766540] {CVE-2019-11135}\n- [documentation] x86/speculation: Fix incorrect MDS/TAA mitigation status (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/tsx: Add config options to set tsx=on|off|auto (Waiman Long) [1766540] {CVE-2019-11135}\n- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/tsx: Add 'auto' option to the tsx= cmdline parameter (Waiman Long) [1766540] {CVE-2019-11135}\n- [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766540] {CVE-2019-11135}\n- [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766540] {CVE-2019-11135}\n- [documentation] documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: mmu: Recovery of shattered NX large pages (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [virt] kvm: Add helper function for creating VM worker threads (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [kernel] cpu/speculation: Uninline and export CPU mitigations helpers (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] cpu: Add Tremont to the cpu vulnerability whitelist (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: mmu: Do not release the page inside mmu_set_spte() (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: x86: mmu: Remove unused parameter of __direct_map() (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [virt] kvm: Convert kvm_lock to a mutex (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [x86] kvm: mmu: drop vcpu param in gpte_access (Paolo Bonzini) [1690343] {CVE-2018-12207}\n- [virt] kvm: x86, powerpc: do not allow clearing largepages debugfs entry (Paolo Bonzini) [1690343] {CVE-2018-12207}\n[3.10.0-1116]\n- [netdrv] net/mlx5: Fix auto group size calculation (Alaa Hleihel) [1769309]\n- [mm] x86/io: add interface to reserve io memtype for a resource range. (v1.1) (Dave Airlie) [1739623]\n- [sound] alsa: emux: Fix potential Spectre v1 vulnerabilities (Jaroslav Kysela) [1672561]\n- [s390] s390/smt: Fix s390 SMT reporting (Josh Poimboeuf) [1764184]\n- [mm] mm: swap: clean up swap readahead (Rafael Aquini) [1725396]\n- [mm] mm: do_swap_page: clean up parameter list passing a pointer to struct vm_fault (Rafael Aquini) [1725396]\n- [mm] mm: __handle_mm_fault: introduce explicit barrier after orig_pte dereference (Rafael Aquini) [1725396]\n- [fs] cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (David Howells) [1765975]\n[3.10.0-1115]\n- [scsi] Fix stack tarce when lpfc driver is unloaded (Dick Kennedy) [1774744]\n- [scsi] qla2xxx: Update driver version (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix partial flash write of MBI (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix device connect issues in P2P configuration (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix a NULL pointer dereference (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix double scsi_done for abort path (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference count (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix driver unload hang (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix SRB leak on switch command timeout (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix premature timer expiration (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Uninline qla2x00_init_timer() (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Do command completion on abort timeout (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Dual FCP-NVMe target port support (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Use tabs instead of spaces for indentation (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix N2N link up fail (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix N2N link reset (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix a race condition between aborting and completing a SCSI command (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Really fix qla2xxx_eh_abort() (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Make qla24xx_async_abort_cmd() static (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Reduce the number of forward declarations (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Remove a superfluous forward declaration (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix stuck login session (Himanshu Madhani) [1731581]\n- [scsi] scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (Himanshu Madhani) [1731581]\n- [media] cx24116: fix a buffer overflow when checking userspace params (Jarod Wilson) [1737279] {CVE-2015-9289}\n- [scsi] qedf: Initialize rport while creation of vport (Nilesh Javali) [1760746]\n- [fs] Fix the locking in dcache_readdir() and friends (Ondrej Mosnacek) [1510603]\n- [fs] much milder d_walk() race (Ondrej Mosnacek) [1510603]\n- [fs] libfs.c: new helper - next_positive() (Ondrej Mosnacek) [1510603]\n- [fs] dcache_{readdir, dir_lseek}(): dont bother with nested ->d_lock (Ondrej Mosnacek) [1510603]\n- [security] selinuxfs: dont open-code d_genocide() (Ondrej Mosnacek) [1510603]\n- [fs] fs/dcache: Enable automatic reclaim of excess negative dentries (Waiman Long) [1489573]\n- [fs] fs/dcache: Add sysctl parameter negative-dentry-limit as a soft limit on negative dentries (Waiman Long) [1489573]\n- [fs] fs/dcache: Move percpu count updates out of dcache_lru_lock (Waiman Long) [1489573]\n- [fs] fs/dcache: Dont set DCACHE_REFERENCED on dentries when first put into LRU (Waiman Long) [1489573]\n[3.10.0-1114]\n- [kernel] sched/numa: Fix a possible divide-by-zero (Vladis Dronov) [1765959]\n- [x86] x86/boot/64: Round memory hole size up to next PMD page (Frank Ramsay) [1773762]\n- [x86] x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (Frank Ramsay) [1773762]\n- [kernel] seccomp: Fix tracer exit notifications during fatal signals (Vladis Dronov) [1770484]\n- [x86] x86/ptrace: run seccomp after ptrace (Vladis Dronov) [1770484]\n- [fs] cifs: Fix retry mid list corruption on reconnects (Dave Wysochanski) [1614201]\n- [fs] cifs: add a warning if we try to to dequeue a deleted mid (Dave Wysochanski) [1614201]\n- [fs] cifs: Fix use after free of a mid_q_entry (Dave Wysochanski) [1614201]\n- [fs] Dont log confusing message on reconnect by default (Dave Wysochanski) [1614201]\n- [fs] ceph: mark Fw cap dirty after splice write (Zheng Yan) [1710751]\n- [fs] cifs: Force reval dentry if LOOKUP_REVAL flag is set (Dave Wysochanski) [1771657]\n- [fs] cifs: Force revalidate inode when dentry is stale (Dave Wysochanski) [1771657]\n- [fs] cifs: Gracefully handle QueryInfo errors during open (Dave Wysochanski) [1771657]\n[3.10.0-1113]\n- [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756816] {CVE-2019-0154}\n- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756816] {CVE-2019-0154}\n- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915/cmdparser: Use explicit goto for error paths (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756883] {CVE-2019-0155}\n- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756883] {CVE-2019-0155}\n- [fs] Fix error code in nfs_lookup_verify_inode() (Benjamin Coddington) [1761957]\n- [scsi] scsi: qla2xxx: Initialized mailbox to prevent driver load failure (Himanshu Madhani) [1770307]\n- [powerpc] powerpc/ptrace: run seccomp after ptrace (Vladis Dronov) [1760294]\n- [s390] s390/ptrace: run seccomp after ptrace (Vladis Dronov) [1760294]\n- [s390] s390/seccomp: fix error return for filtered system calls (Vladis Dronov) [1760294]\n- [netdrv] bnxt_en: flow_offload: offload tunnel decap rules via indirect callbacks (Davide Caratti) [1717422]\n- [x86] cpuidle-haltpoll: vcpu hotplug support (Marcelo Tosatti) [1771849]\n- [x86] kvm: x86: skip populating logical dest map if apic is not sw enabled (Bandan Das) [1738496]\n- [x86] kvm: x86: remove unnecessary recalculate_apic_map (Bandan Das) [1738496]\n- [scsi] scsi: bnx2fc: Handle scope bits when array returns BUSY or TSF (Nilesh Javali) [1750577]\n- [scsi] scsi: bnx2fc: remove set but not used variables 'task', 'port', 'orig_task' (Nilesh Javali) [1750577]\n- [scsi] scsi: bnx2fc: remove set but not used variables 'lport', 'host' (Nilesh Javali) [1750577]\n- [scsi] scsi: bnx2fc: remove set but not used variable 'fh' (Nilesh Javali) [1750577]\n- [scsi] scsi: qedi: Remove WARN_ON from clear task context (Nilesh Javali) [1461697]\n- [scsi] scsi: qedi: Remove WARN_ON for untracked cleanup (Nilesh Javali) [1461697]\n[3.10.0-1112]\n- [scsi] scsi: mpt3sas: change allocation option (Tomas Henzl) [1763796]\n- [md] md: improve handling of bio with REQ_PREFLUSH in md_flush_request() (Xiao Ni) [1752061]\n- [kvm] KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [1760668]\n- [net] mac80211: Reject malformed SSID elements (Stanislaw Gruszka) [1748266]\n- [net] cfg80211: wext: avoid copying malformed SSIDs (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: pcie: change qu with jf devices to use qu configuration (Stanislaw Gruszka) [1748266]\n- [net] mac80211: fix txq null pointer dereference (Stanislaw Gruszka) [1748266]\n- [net] nl80211: fix null pointer dereference (Stanislaw Gruszka) [1748266]\n- [net] cfg80211: initialize on-stack chandefs (Stanislaw Gruszka) [1748266]\n- [net] cfg80211: validate SSID/MBSSID element ordering assumption (Stanislaw Gruszka) [1748266]\n- [net] nl80211: validate beacon head (Stanislaw Gruszka) [1748266]\n- [net] mac80211: keep BHs disabled while calling drv_tx_wake_queue() (Stanislaw Gruszka) [1748266]\n- [net] cfg80211: Purge frame registrations on iftype change (Stanislaw Gruszka) [1748266]\n- [wireless] rtw88: pci: Use DMA sync instead of remapping in RX ISR (Stanislaw Gruszka) [1748266]\n- [wireless] rtw88: pci: Rearrange the memory usage for skb in RX ISR (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: fw: dont send GEO_TX_POWER_LIMIT command to FW version 36 (Stanislaw Gruszka) [1748266]\n- [net] nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (Stanislaw Gruszka) [1748266]\n- [net] mac80211: Do not send Layer 2 Update frame before authorization (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: assign directly to iwl_trans->cfg in QuZ detection (Stanislaw Gruszka) [1748266]\n- [wireless] mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Stanislaw Gruszka) [1748266]\n- [net] mac80211: Correctly set noencrypt for PAE frames (Stanislaw Gruszka) [1748266]\n- [net] mac80211: Dont memset RXCB prior to PAE intercept (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: pcie: handle switching killer Qu B0 NICs to C0 (Stanislaw Gruszka) [1748266]\n- [net] Revert 'cfg80211: fix processing world regdomain when non modular' (Stanislaw Gruszka) [1748266]\n- [net] mac80211: fix possible sta leak (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: pcie: fix recognition of QuZ devices (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: pcie: dont switch FW to qnj when ax201 is detected (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: pcie: fix the byte count table format for 22560 devices (Stanislaw Gruszka) [1748266]\n- [wireless] iwlwifi: mvm: Allow multicast data frames only when associated (Stanislaw Gruszka) [1748266]\n- [netdrv] i40e: initialize ITRN registers with correct values (Stefan Assmann) [1630307]\n- [net] tuntap: synchronize through tfiles array instead of tun->numqueues (Eugenio Perez) [1713616]\n- [net] tuntap: fix use after free during release (Eugenio Perez) [1713616]\n- [net] tun: fix use after free for ptr_array (Eugenio Perez) [1713616]\n- [net] tun/tap: sanitize TUNSETSNDBUF input (Eugenio Perez) [1713616]\n- [block] block: Dont merge requests if integrity flags differ (Ming Lei) [1767605]\n- [block] blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue (Ming Lei) [1767605]\n- [x86] x86/atomic: Fix smp_mb__{before,after}_atomic() (Prarit Bhargava) [1769569]\n- [netdrv] qede: fix NULL pointer deref in __qede_remove() (Manish Chopra) [1766574]\n- [fs] xfs: only trace buffer items if they exist (Brian Foster) [1768722]\n- [nvme] nvme: make fabrics command run on a separate request queue (David Milburn) [1769900]\n- [nvme] nvme: Restart request timers in resetting state (David Milburn) [1769900]\n- [nvme] nvme-rdma: fix possible use-after-free in connect timeout (David Milburn) [1769900]\n- [netdrv] i40e: enable X710 support (Stefan Assmann) [1764987]\n[3.10.0-1111]\n- [md] md: support for queue flag QUEUE_FLAG_NO_SG_MERGE (Nigel Croxon) [1767472]\n- [net] ipv4: Return -ENETUNREACH if we cant create route but saddr is valid (Stefano Brivio) [1633140]\n- [net] ipv6: Rewind hlist offset on interrupted /proc/net/if_inet6 read (Stefano Brivio) [1753480]\n- [net] revert '[net] ipv6: Display all addresses in output of /proc/net/if_inet6' (Stefano Brivio) [1753480]\n- [net] sock: fix lockdep annotation in release_sock (Paolo Abeni) [1753150]\n- [mm] mm-vmstat-reduce-zone-lock-holding-time-by-proc-pagetypeinfo-fix (Waiman Long) [1757943]\n- [mm] mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (Waiman Long) [1757943]\n- [mm] mm, vmstat: hide /proc/pagetypeinfo from normal users (Waiman Long) [1757943]\n[3.10.0-1110]\n- [nvme] nvme-pci: Fix controller freeze wait disabling (David Milburn) [1766279]\n- [net] mac80211: fix kfree() on stack memory in ieee80211_crypto_aes_gmac_decrypt() (Stanislaw Gruszka) [1764510]\n- [md] dm rq: fix handling underlying queue busy (Ming Lei) [1767482]\n[3.10.0-1109]\n- [netdrv] net/mlx5e: Initialize on stack link modes bitmap (Alaa Hleihel) [1764272]\n- [netdrv] net/mlx5e: Fix ethtool self test: link speed (Alaa Hleihel) [1764272]\n- [netdrv] net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (Alaa Hleihel) [1764272]\n- [fs] xfs: end sync buffer I/O properly on shutdown error (Brian Foster) [1750602]\n- [fs] xfs: kill __xfs_buf_submit_common() (Brian Foster) [1750602]\n- [fs] xfs: combinesync buffer submission apis (Brian Foster) [1750602]\n- [fs] xfs: lobotomise xfs_trans_read_buf_map() (Brian Foster) [1750602]\n- [fs] cifs: Fix use after free of file info structures (Dave Wysochanski) [1757872]\n- [fs] vfs: Fix EOVERFLOW testing in put_compat_statfs64 (Eric Sandeen) [1758001]\n- [mm] mm, compaction: avoid isolating pinned pages (Rafael Aquini) [1344862]\n- [scsi] scsi: smartpqi: change TMF timeout from 60 to 30 seconds (Don Brace) [1709620]\n- [scsi] scsi: smartpqi: fix LUN reset when fw bkgnd thread is hung (Don Brace) [1709620]\n- [scsi] scsi: smartpqi: add inquiry timeouts (Don Brace) [1709620]\n- [scsi] scsi: smartpqi: increase LUN reset timeout (Don Brace) [1709620]\n- [firmware] x86, efi: never relocate kernel below lowest acceptable address (Kairui Song) [1732737]\n- [powerpc] powerpc: dump kernel log before carrying out fadump or kdump (Desnes Augusto Nunes do Rosario) [1750250]\n- [s390] s390/cpumsf: Check for CPU Measurement sampling (Philipp Rudo) [1765124]\n- [s390] scsi: zfcp: fix reaction on bit error threshold notification (Philipp Rudo) [1765123]\n- [mm] s390/mm: Fix swiotlb for protected virtualization (Philipp Rudo) [1765122]\n[3.10.0-1108]\n- [powerpc] powerpc/pseries: Remove confusing warning message (Gustavo Duarte) [1748306]\n- [powerpc] powerpc/pseries: Call H_BLOCK_REMOVE when supported (Gustavo Duarte) [1748306]\n- [powerpc] powerpc/pseries: Read TLB Block Invalidate Characteristics (Gustavo Duarte) [1748306]\n- [scsi] hpsa: update driver version (Joseph Szczypek) [1761978]\n- [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek) [1761978]\n- [tty] TTY: serial_core, add ->install (Kenneth Yin) [1443152]\n- [scsi] scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (Ewan Milne) [1734685]\n- [fs] scsi: sysfs: Introduce sysfs_{un, }break_active_protection() (Ewan Milne) [1734685]\n[3.10.0-1107]\n- [x86] x86/kdump: Reserve extra memory when SME or SEV is active (Kairui Song) [1724887]\n- [block] block: fix blk_recount_segments (Ming Lei) [1762459]\n- [nvme] nvme-pci: Fix a race in controller removal (Gopal Tiwari) [1761998]\n- [char] hpet: Fix output of hpet_mmap kernel parameter (Prarit Bhargava) [1764790]\n- [tools] perf tools: Apply new CPU topology sysfs attributes (Jiri Olsa) [1640900]\n- [tools] perf header: Rename 'sibling cores' to 'sibling sockets' (Jiri Olsa) [1640900]\n- [tools] perf stat: Support per-die aggregation (Jiri Olsa) [1640900]\n- [tools] perf stat: Support 'percore' event qualifier (Jiri Olsa) [1640900]\n- [tools] perf stat: Factor out aggregate counts printing (Jiri Olsa) [1640900]\n- [tools] perf tools: Add a 'percore' event qualifier (Jiri Olsa) [1640900]\n- [tools] perf header: Add die information in CPU topology (Jiri Olsa) [1640900]\n- [tools] perf cpumap: Retrieve die id information (Jiri Olsa) [1640900]\n- [tools] perf tools: Use sysfs__mountpoint() when reading cpu topology (Jiri Olsa) [1640900]\n- [tools] perf tools: Add numa_topology object (Jiri Olsa) [1640900]\n- [tools] perf header: Fix wrong node write in NUMA_TOPOLOGY feature (Jiri Olsa) [1640900]\n- [tools] perf tools: Add cpu_topology object (Jiri Olsa) [1640900]\n- [tools] perf header: Remove unused 'cpu_nr' field from 'struct cpu_topo' (Jiri Olsa) [1640900]\n- [acpi] ACPICA: Increase total number of possible Owner IDs (Frank Ramsay) [1756339]\n- [fs] SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write (Leif Sahlberg) [1764567]\n- [netdrv] mark the intel igc driver as tech preview (David Arcari) [1721615]\n- [netdrv] igc: Clean up unused shadow_vfta pointer (David Arcari) [1721615]\n- [netdrv] igc: Add Rx checksum support (David Arcari) [1721615]\n- [netdrv] igc: Add set_rx_mode support (David Arcari) [1721615]\n- [netdrv] igc: Add SCTP CRC checksumming functionality (David Arcari) [1721615]\n- [netdrv] igc: Add tx_csum offload functionality (David Arcari) [1721615]\n- [netdrv] igc: Remove unneeded PCI bus defines (David Arcari) [1721615]\n- [netdrv] igc: Add NVM checksum validation (David Arcari) [1721615]\n- [netdrv] igc: Remove useless forward declaration (David Arcari) [1721615]\n- [netdrv] ethernet: Delete unnecessary checks before the macro call 'dev_kfree_skb' (David Arcari) [1721615]\n- [netdrv] igc: Add more SKUs for i225 device (David Arcari) [1721615]\n- [netdrv] igc: Update the MAC reset flow (David Arcari) [1721615]\n- [netdrv] igc: Remove the unused field from a device specification structure (David Arcari) [1721615]\n- [netdrv] igc: Remove the polarity field from a PHY information structure (David Arcari) [1721615]\n- [netdrv] igc: Prefer pcie_capability_read_word() (David Arcari) [1721615]\n- [netdrv] igc: Cleanup the redundant code (David Arcari) [1721615]\n- [netdrv] igc: Add flow control support (David Arcari) [1721615]\n- [netdrv] igc: Remove the obsolete workaround (David Arcari) [1721615]\n- [netdrv] igc: Clean up unused pointers (David Arcari) [1721615]\n- [netdrv] igc: Fix double definitions (David Arcari) [1721615]\n- [netdrv] igb/igc: warn when fatal read failure happens (David Arcari) [1721615]\n- [netdrv] Revert 'mark the intel igc driver as tech preview' (David Arcari) [1721615]\n- [md] dm: Use kzalloc for all structs with embedded biosets/mempools (Mike Snitzer) [1766389]\n[3.10.0-1106]\n- [net] sysfs: Fix mem leak in netdev_register_kobject (Stefano Brivio) [1752690] {CVE-2019-15916}\n- [fs] revert [fs] cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (Dave Wysochanski) [1757872]\n- [fs] revert [fs] cifs: add spinlock for the openFileList to cifsInodeInfo (Dave Wysochanski) [1757872]\n- [fs] revert [fs] cifs: add more spinlocks to pretect against races (Dave Wysochanski) [1757872]\n- [fs] fix inode leaks on d_splice_alias() failure exits (Miklos Szeredi) [1749390]\n- [mm] percpu: remove spurious lock dependency between percpu and sched (Vladis Dronov) [1744633]\n- [mm] percpu: stop printing kernel addresses (Vladis Dronov) [1744633]\n- [mm] percpu: use chunk scan_hint to skip some scanning (Vladis Dronov) [1744633]\n- [mm] percpu: convert chunk hints to be based on pcpu_block_md (Vladis Dronov) [1744633]\n- [mm] percpu: make pcpu_block_md generic (Vladis Dronov) [1744633]\n- [mm] percpu: use block scan_hint to only scan forward (Vladis Dronov) [1744633]\n- [mm] percpu: remember largest area skipped during allocation (Vladis Dronov) [1744633]\n- [mm] percpu: add block level scan_hint (Vladis Dronov) [1744633]\n- [mm] percpu: set PCPU_BITMAP_BLOCK_SIZE to PAGE_SIZE (Vladis Dronov) [1744633]\n- [mm] percpu: relegate chunks unusable when failing small allocations (Vladis Dronov) [1744633]\n- [mm] percpu: manage chunks based on contig_bits instead of free_bytes (Vladis Dronov) [1744633]\n- [mm] percpu: introduce helper to determine if two regions overlap (Vladis Dronov) [1744633]\n- [mm] percpu: do not search past bitmap when allocating an area (Vladis Dronov) [1744633]\n- [mm] percpu: update free path with correct new free region (Vladis Dronov) [1744633]\n- [mm] mm/percpu: add checks for the return value of memblock_alloc*() (Vladis Dronov) [1744633]\n- [mm] percpu: km: no need to consider pcpu_group_offsets (Vladis Dronov) [1744633]\n- [mm] percpu: use nr_groups as check condition (Vladis Dronov) [1744633]\n- [mm] percpu: stop leaking bitmap metadata blocks (Vladis Dronov) [1744633]\n- [fs] /proc/meminfo: add percpu populated pages count (Vladis Dronov) [1744633]\n- [mm] mm: Allow to kill tasks doing pcpu_alloc() and waiting for pcpu_balance_workfn() (Vladis Dronov) [1744633]\n- [mm] percpu: include linux/sched.h for cond_resched() (Vladis Dronov) [1744633]\n- [mm] percpu: add a schedule point in pcpu_balance_workfn() (Vladis Dronov) [1744633]\n- [mm] percpu: fix iteration to prevent skipping over block (Vladis Dronov) [1744633]\n- [mm] percpu: fix starting offset for chunk statistics traversal (Vladis Dronov) [1744633]\n- [mm] percpu: update header to contain bitmap allocator explanation (Vladis Dronov) [1744633]\n- [mm] percpu: update pcpu_find_block_fit to use an iterator (Vladis Dronov) [1744633]\n- [mm] percpu: use metadata blocks to update the chunk contig hint (Vladis Dronov) [1744633]\n- [mm] percpu: update free path to take advantage of contig hints (Vladis Dronov) [1744633]\n- [mm] percpu: update alloc path to only scan if contig hints are broken (Vladis Dronov) [1744633]\n- [mm] percpu: keep track of the best offset for contig hints (Vladis Dronov) [1744633]\n- [mm] percpu: skip chunks if the alloc does not fit in the contig hint (Vladis Dronov) [1744633]\n- [mm] percpu: add first_bit to keep track of the first free in the bitmap (Vladis Dronov) [1744633]\n- [mm] percpu: introduce bitmap metadata blocks (Vladis Dronov) [1744633]\n- [mm] percpu: replace area map allocator with bitmap (Vladis Dronov) [1744633]\n- [mm] percpu: generalize bitmap (un)populated iterators (Vladis Dronov) [1744633]\n- [mm] percpu: increase minimum percpu allocation size and align first regions (Vladis Dronov) [1744633]\n- [mm] percpu: introduce nr_empty_pop_pages to help empty page accounting (Vladis Dronov) [1744633]\n- [mm] percpu: change the number of pages marked in the first_chunk pop bitmap (Vladis Dronov) [1744633]\n- [mm] percpu: combine percpu address checks (Vladis Dronov) [1744633]\n- [mm] percpu: modify base_addr to be region specific (Vladis Dronov) [1744633]\n- [mm] percpu: setup_first_chunk rename schunk/dchunk to chunk (Vladis Dronov) [1744633]\n- [mm] percpu: end chunk area maps page aligned for the populated bitmap (Vladis Dronov) [1744633]\n- [mm] percpu: unify allocation of schunk and dchunk (Vladis Dronov) [1744633]\n- [mm] percpu: setup_first_chunk remove dyn_size and consolidate logic (Vladis Dronov) [1744633]\n- [mm] percpu: remove has_reserved from pcpu_chunk (Vladis Dronov) [1744633]\n- [mm] percpu: introduce start_offset to pcpu_chunk (Vladis Dronov) [1744633]\n- [mm] percpu: setup_first_chunk enforce dynamic region must exist (Vladis Dronov) [1744633]\n- [mm] percpu: update the header comment and pcpu_build_alloc_info comments (Vladis Dronov) [1744633]\n- [mm] percpu: expose pcpu_nr_empty_pop_pages in pcpu_stats (Vladis Dronov) [1744633]\n- [mm] percpu: change the format for percpu_stats output (Vladis Dronov) [1744633]\n- [mm] percpu: pcpu-stats change void buffer to int buffer (Vladis Dronov) [1744633]\n- [mm] percpu: fix static checker warnings in pcpu_destroy_chunk (Vladis Dronov) [1744633]\n- [mm] percpu: fix early calls for spinlock in pcpu_stats (Vladis Dronov) [1744633]\n- [mm] percpu: resolve err may not be initialized in pcpu_alloc (Vladis Dronov) [1744633]\n- [mm] percpu: add tracepoint support for percpu memory (Vladis Dronov) [1744633]\n- [mm] percpu: expose statistics about percpu memory via debugfs (Vladis Dronov) [1744633]\n- [mm] percpu: migrate percpu data structures to internal header (Vladis Dronov) [1744633]\n- [mm] percpu: add missing lockdep_assert_held to func pcpu_free_area (Vladis Dronov) [1744633]\n- [mm] percpu: ensure the requested alignment is power of two (Vladis Dronov) [1744633]\n- [mm] tree wide: use kvfree() than conditional kfree()/vfree() (Vladis Dronov) [1744633]\n- [mm] mm/percpu: use offset_in_page macro (Vladis Dronov) [1744633]\n- [mm] percpu: clean up of schunk->mapassignment in pcpu_setup_first_chunk (Vladis Dronov) [1744633]\n- [mm] mm/percpu.c: fix panic triggered by BUG_ON() falsely (Vladis Dronov) [1744633]\n- [mm] mm/percpu.c: fix potential memory leakage for pcpu_embed_first_chunk() (Vladis Dronov) [1744633]\n- [mm] mm/percpu.c: correct max_distance calculation for pcpu_embed_first_chunk() (Vladis Dronov) [1744633]\n- [mm] mm: percpu: use pr_fmt to prefix output (Vladis Dronov) [1744633]\n(Vladis Dronov) [1744633]\n- [mm] mm: coalesce split strings (Vladis Dronov) [1744633]\n- [mm] mm: convert pr_warning to pr_warn (Vladis Dronov) [1744633]\n- [mm] percpu: use *pbto print bitmaps including cpumasks and nodemasks (Vladis Dronov) [1744633]\n- [mm] percpu: off by one in BUG_ON() (Vladis Dronov) [1744633]\n- [mm] mm/percpu.c: use memblock apis for early memory allocations (Vladis Dronov) [1744633]\n- [mm] percpu: use VMALLOC_TOTAL instead of VMALLOC_END - VMALLOC_START (Vladis Dronov) [1744633]\n- [mm] percpu: fix bootmem error handling in pcpu_page_first_chunk() (Vladis Dronov) [1744633]\n[3.10.0-1105]\n- [nvme] nvme: Treat discovery subsystems as unique subsystems (Ewan Milne) [1731579]\n- [scsi] scsi: core: Log SCSI command age with errors (Ewan Milne) [1751716]\n- [security] selinux: fix context string corruption in convert_context() (Ondrej Mosnacek) [1759803]\n- [usb] xhci: Prevent deadlock when xhci adapter breaks during init (Torez Smith) [1710090]\n- [scsi] scsi: core: add new RDAC LENOVO/DE_Series device (Ewan Milne) [1699439]\n- [wireless] Correct strange error in Makefiles for building modules in separate directories (Neil Horman) [1753927]\n- [md] dm snapshot: rework COW throttling to fix deadlock (Mike Snitzer) [1758603]\n- [md] dm snapshot: introduce account_start_copy() and account_end_copy() (Mike Snitzer) [1758603]\n- [drm] i915: Stop reconfiguring our shmemfs mountpoint (Vladis Dronov) [1759980]\n- [kernel] perf/core: Fix perf_event_open() vs. execve() race (Jiri Olsa) [1701620] {CVE-2019-3901}\n[3.10.0-1104]\n- [md] raid5: dont set STRIPE_HANDLE to stripe which is in batch list (Nigel Croxon) [1631765 1750287]\n- [kernel] alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Vladis Dronov) [1760639]\n- [kernel] alarmtimer: Remove unused but set variable (Vladis Dronov) [1760639]\n- [x86] efi/x86: do not clean dummy variable in kexec path (Bhupesh Sharma) [1707669]\n- [cpuidle] cpuidle-haltpoll: return -ENODEV on modinit failure (Marcelo Tosatti) [1756843]\n- [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp (David Arcari) [1730884]\n- [infiniband] RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (Selvin Xavier) [1629037]\n- [infiniband] RDMA/bnxt_re: Increase depth of control path command queue (Selvin Xavier) [1629037]\n- [x86] x86/efi/pti: In __load_cr3(), EFI PGD has no shadow (Lenny Szubowicz) [1750767]\n- [char] hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable (Prarit Bhargava) [1660800]", "modified": "2020-04-06T00:00:00", "published": "2020-04-06T00:00:00", "id": "ELSA-2020-1016", "href": "http://linux.oracle.com/errata/ELSA-2020-1016.html", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "symantec": [{"lastseen": "2019-11-28T13:28:45", "bulletinFamily": "software", "description": "### Description\n\nLinux kernel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Linux kernel versions through 5.3.13 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 2.0.0 \n * Linux kernel 2.0.1 \n * Linux kernel 2.0.10 \n * Linux kernel 2.0.11 \n * Linux kernel 2.0.12 \n * Linux kernel 2.0.13 \n * Linux kernel 2.0.14 \n * Linux kernel 2.0.15 \n * Linux kernel 2.0.16 \n * Linux kernel 2.0.17 \n * Linux kernel 2.0.18 \n * Linux kernel 2.0.19 \n * Linux kernel 2.0.2 \n * Linux kernel 2.0.20 \n * Linux kernel 2.0.21 \n * Linux kernel 2.0.22 \n * Linux kernel 2.0.23 \n * Linux kernel 2.0.24 \n * Linux kernel 2.0.25 \n * Linux kernel 2.0.26 \n * Linux kernel 2.0.27 \n * Linux kernel 2.0.28 \n * Linux kernel 2.0.29 \n * Linux kernel 2.0.3 \n * Linux kernel 2.0.30 \n * Linux kernel 2.0.31 \n * Linux kernel 2.0.32 \n * Linux kernel 2.0.33 \n * Linux kernel 2.0.34 \n * Linux kernel 2.0.35 \n * Linux kernel 2.0.36 \n * Linux kernel 2.0.37 \n * Linux kernel 2.0.38 \n * Linux kernel 2.0.39 \n * Linux kernel 2.0.4 \n * Linux kernel 2.0.40 \n * Linux kernel 2.0.5 \n * Linux kernel 2.0.6 \n * Linux kernel 2.0.7 \n * Linux kernel 2.0.8 \n * Linux kernel 2.0.9 \n * Linux kernel 2.1.0 \n * Linux kernel 2.1.132 \n * Linux kernel 2.1.89 \n * Linux kernel 2.2.0 \n * Linux kernel 2.2.1 \n * Linux kernel 2.2.10 \n * Linux kernel 2.2.11 \n * Linux kernel 2.2.12 \n * Linux kernel 2.2.13 \n * Linux kernel 2.2.14 \n * Linux kernel 2.2.15 \n * Linux kernel 2.2.16 \n * Linux kernel 2.2.17 \n * Linux kernel 2.2.18 \n * Linux kernel 2.2.19 \n * Linux kernel 2.2.2 \n * Linux kernel 2.2.20 \n * Linux kernel 2.2.21 \n * Linux kernel 2.2.22 \n * Linux kernel 2.2.23 \n * Linux kernel 2.2.24 \n * Linux kernel 2.2.25 \n * Linux kernel 2.2.26 \n * Linux kernel 2.2.3 \n * Linux kernel 2.2.4 \n * Linux kernel 2.2.5 \n * Linux kernel 2.2.6 \n * Linux kernel 2.2.7 \n * Linux kernel 2.2.8 \n * Linux kernel 2.2.9 \n * Linux kernel 2.3.0 \n * Linux kernel 2.3.1 \n * Linux kernel 2.3.10 \n * Linux kernel 2.3.11 \n * Linux kernel 2.3.12 \n * Linux kernel 2.3.13 \n * Linux kernel 2.3.14 \n * Linux kernel 2.3.15 \n * Linux kernel 2.3.16 \n * Linux kernel 2.3.17 \n * Linux kernel 2.3.18 \n * Linux kernel 2.3.19 \n * Linux kernel 2.3.2 \n * Linux kernel 2.3.20 \n * Linux kernel 2.3.21 \n * Linux kernel 2.3.22 \n * Linux kernel 2.3.23 \n * Linux kernel 2.3.24 \n * Linux kernel 2.3.25 \n * Linux kernel 2.3.26 \n * Linux kernel 2.3.27 \n * Linux kernel 2.3.28 \n * Linux kernel 2.3.29 \n * Linux kernel 2.3.3 \n * Linux kernel 2.3.30 \n * Linux kernel 2.3.31 \n * Linux kernel 2.3.32 \n * Linux kernel 2.3.33 \n * Linux kernel 2.3.34 \n * Linux kernel 2.3.35 \n * Linux kernel 2.3.36 \n * Linux kernel 2.3.37 \n * Linux kernel 2.3.38 \n * Linux kernel 2.3.39 \n * Linux kernel 2.3.4 \n * Linux kernel 2.3.40 \n * Linux kernel 2.3.41 \n * Linux kernel 2.3.42 \n * Linux kernel 2.3.43 \n * Linux kernel 2.3.44 \n * Linux kernel 2.3.45 \n * Linux kernel 2.3.46 \n * Linux kernel 2.3.47 \n * Linux kernel 2.3.48 \n * Linux kernel 2.3.49 \n * Linux kernel 2.3.5 \n * Linux kernel 2.3.50 \n * Linux kernel 2.3.51 \n * Linux kernel 2.3.6 \n * Linux kernel 2.3.7 \n * Linux kernel 2.3.8 \n * Linux kernel 2.3.9 \n * Linux kernel 2.3.99 \n * Linux kernel 2.4.0 \n * Linux kernel 2.4.1 \n * Linux kernel 2.4.2 \n * Linux kernel 2.4.3 \n * Linux kernel 2.4.4 \n * Linux kernel 2.4.5 \n * Linux kernel 2.4.6 \n * Linux kernel 2.4.7 \n * Linux kernel 2.4.8 \n * Linux kernel 2.4.9 \n * Linux kernel 2.5.0 .0 \n * Linux kernel 2.5.1 \n * Linux kernel 2.5.10 \n * Linux kernel 2.5.11 \n * Linux kernel 2.5.12 \n * Linux kernel 2.5.13 \n * Linux kernel 2.5.14 \n * Linux kernel 2.5.15 \n * Linux kernel 2.5.16 \n * Linux kernel 2.5.17 \n * Linux kernel 2.5.18 \n * Linux kernel 2.5.19 \n * Linux kernel 2.5.2 \n * Linux kernel 2.5.20 \n * Linux kernel 2.5.21 \n * Linux kernel 2.5.22 \n * Linux kernel 2.5.23 \n * Linux kernel 2.5.24 \n * Linux kernel 2.5.25 \n * Linux kernel 2.5.26 \n * Linux kernel 2.5.27 \n * Linux kernel 2.5.28 \n * Linux kernel 2.5.29 \n * Linux kernel 2.5.3 \n * Linux kernel 2.5.30 \n * Linux kernel 2.5.31 \n * Linux kernel 2.5.32 \n * Linux kernel 2.5.33 \n * Linux kernel 2.5.34 \n * Linux kernel 2.5.35 \n * Linux kernel 2.5.36 \n * Linux kernel 2.5.37 \n * Linux kernel 2.5.38 \n * Linux kernel 2.5.39 \n * Linux kernel 2.5.4 \n * Linux kernel 2.5.40 \n * Linux kernel 2.5.41 \n * Linux kernel 2.5.42 \n * Linux kernel 2.5.43 \n * Linux kernel 2.5.44 \n * Linux kernel 2.5.45 \n * Linux kernel 2.5.46 \n * Linux kernel 2.5.47 \n * Linux kernel 2.5.48 \n * Linux kernel 2.5.49 \n * Linux kernel 2.5.5 \n * Linux kernel 2.5.50 \n * Linux kernel 2.5.51 \n * Linux kernel 2.5.52 \n * Linux kernel 2.5.53 \n * Linux kernel 2.5.54 \n * Linux kernel 2.5.55 \n * Linux kernel 2.5.56 \n * Linux kernel 2.5.57 \n * Linux kernel 2.5.58 \n * Linux kernel 2.5.59 \n * Linux kernel 2.5.6 \n * Linux kernel 2.5.60 \n * Linux kernel 2.5.61 \n * Linux kernel 2.5.62 \n * Linux kernel 2.5.63 \n * Linux kernel 2.5.64 \n * Linux kernel 2.5.65 \n * Linux kernel 2.5.66 \n * Linux kernel 2.5.67 \n * Linux kernel 2.5.68 \n * Linux kernel 2.5.69 \n * Linux kernel 2.5.7 \n * Linux kernel 2.5.8 \n * Linux kernel 2.5.9 \n * Linux kernel 2.6 \n * Linux kernel 2.6.0 \n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0-rc4-git1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.102 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.15 \n * Linux kernel 4.15.0 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.4 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.7 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.7 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3.3 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n * Linux kernel 5.1-rc1 \n * Linux kernel 5.1-rc5 \n * Linux kernel 5.1-rc6 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n * Linux kernel 5.3 \n * Linux kernel 5.3.1 \n * Linux kernel 5.3.10 \n * Linux kernel 5.3.11 \n * Linux kernel 5.3.12 \n * Linux kernel 5.3.13 \n * Linux kernel 5.3.2 \n * Linux kernel 5.3.4 \n * Linux kernel 5.3.5 \n * Linux kernel 5.3.6 \n * Linux kernel 5.3.7 \n * Linux kernel 5.3.8 \n * Linux kernel 5.3.9 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nAllow only trusted individuals to have user accounts and local access to the resources.\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\nUpdates are available. Please see the references for more information.\n", "modified": "2019-11-27T00:00:00", "published": "2019-11-27T00:00:00", "id": "SMNTC-110996", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110996", "title": "Linux Kernel CVE-2019-18660 Side Channel Attack Information Disclosure Vulnerability", "type": "symantec", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2019-09-20T14:38:40", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-09-20T00:00:00", "published": "2019-09-19T00:00:00", "id": "OPENVAS:1361412562310844182", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844182", "title": "Ubuntu Update for linux USN-4135-1", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844182\");\n script_version(\"2019-09-20T05:25:28+0000\");\n script_cve_id(\"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 05:25:28 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-19 02:03:10 +0000 (Thu, 19 Sep 2019)\");\n script_name(\"Ubuntu Update for linux USN-4135-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4135-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-September/005122.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4135-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Peter Pi discovered a buffer overflow in the virtio network backend\n(vhost_net) implementation in the Linux kernel. An attacker in a guest may\nbe able to use this to cause a denial of service (host OS crash) or\npossibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not\nproperly handle Facility Unavailable exceptions in some situations. A local\nattacker could use this to expose sensitive information. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not\nproperly handle exceptions on interrupts in some situations. A local\nattacker could use this to expose sensitive information. (CVE-2019-15031)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1025-oracle\", ver:\"4.15.0-1025.28\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1044-gcp\", ver:\"4.15.0-1044.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1044-gke\", ver:\"4.15.0-1044.46\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1046-kvm\", ver:\"4.15.0-1046.46\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1047-raspi2\", ver:\"4.15.0-1047.51\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1050-aws\", ver:\"4.15.0-1050.52\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1056-oem\", ver:\"4.15.0-1056.65\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1064-snapdragon\", ver:\"4.15.0-1064.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-generic\", ver:\"4.15.0-64.73\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-generic-lpae\", ver:\"4.15.0-64.73\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-lowlatency\", ver:\"4.15.0-64.73\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1017-gke\", ver:\"5.0.0-1017.17~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1020-azure\", ver:\"5.0.0-1020.21~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-generic\", ver:\"5.0.0-29.31~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-generic-lpae\", ver:\"5.0.0-29.31~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-lowlatency\", ver:\"5.0.0-29.31~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1050.49\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.0.0.1020.30\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1044.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.0.0.29.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.0.0.29.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1044.47\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1044.47\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1017.7\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1046.46\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.0.0.29.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1056.60\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1025.28\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1047.45\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1064.67\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.0.0.29.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.64.66\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.0.0.29.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1016-aws\", ver:\"5.0.0-1016.18\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1017-gcp\", ver:\"5.0.0-1017.17\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1017-kvm\", ver:\"5.0.0-1017.18\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1017-raspi2\", ver:\"5.0.0-1017.17\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1020-azure\", ver:\"5.0.0-1020.21\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1021-snapdragon\", ver:\"5.0.0-1021.22\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-generic\", ver:\"5.0.0-29.31\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-generic-lpae\", ver:\"5.0.0-29.31\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-29-lowlatency\", ver:\"5.0.0-29.31\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.0.0.1016.17\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.0.0.1020.19\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.0.0.1017.43\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.0.0.29.30\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.0.0.29.30\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.0.0.1017.43\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.0.0.1017.17\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.0.0.29.30\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.0.0.1017.14\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.0.0.1021.14\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.0.0.29.30\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1025-oracle\", ver:\"4.15.0-1025.28~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1044-gcp\", ver:\"4.15.0-1044.46\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1050-aws\", ver:\"4.15.0-1050.52~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1059-azure\", ver:\"4.15.0-1059.64\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-generic\", ver:\"4.15.0-64.73~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-generic-lpae\", ver:\"4.15.0-64.73~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-64-lowlatency\", ver:\"4.15.0-64.73~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1058-kvm\", ver:\"4.4.0-1058.65\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1094-aws\", ver:\"4.4.0-1094.105\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1122-raspi2\", ver:\"4.4.0-1122.131\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1126-snapdragon\", ver:\"4.4.0-1126.132\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-generic\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-generic-lpae\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-lowlatency\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-powerpc-e500mc\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-powerpc-smp\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-powerpc64-emb\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-164-powerpc64-smp\", ver:\"4.4.0-164.192\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1094.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1050.50\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1059.62\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1044.58\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.64.84\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.64.84\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1044.58\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1058.58\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.64.84\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.64.84\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1025.18\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1122.122\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1126.118\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.164.172\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.64.84\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:39:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192309", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2309)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2309\");\n script_version(\"2020-01-23T12:46:29+0000\");\n script_cve_id(\"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15098\", \"CVE-2019-15099\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15918\", \"CVE-2019-15922\", \"CVE-2019-15923\", \"CVE-2019-15924\", \"CVE-2019-15926\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:46:29 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:46:29 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2309)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.3\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2309\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2309\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2309 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)\n\nAn issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)\n\nAn issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)\n\nAn issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)\n\nAn issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)\n\nAn issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15923)\n\nAn issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.(CVE-2019-15918)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15922)\n\nAn issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\nAn issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924)\n\nA buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.(CVE-2019-14835)\n\nIn the Linux kernel through 5.2.14 on the powerpc ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.3.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.3.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h463.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2020-03-30T17:00:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-26T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192081", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192081", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2081)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2081\");\n script_version(\"2020-03-26T11:51:34+0000\");\n script_cve_id(\"CVE-2019-13648\", \"CVE-2019-14284\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15117\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15918\", \"CVE-2019-15922\", \"CVE-2019-15923\", \"CVE-2019-15924\", \"CVE-2019-15926\");\n script_tag(name:\"cvss_base\", value:\"9.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 11:51:34 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:33:29 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2081)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2081\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2081\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2081 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)\n\nAn issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)\n\nAn issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)\n\nAn issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)\n\nAn issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)\n\nAn issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)\n\nIn the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.(CVE-2019-15030)\n\nIn the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.(CVE-2019-15031)\n\nAn out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privilege ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h453.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2020-01-14T14:49:22", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-13T00:00:00", "published": "2020-01-08T00:00:00", "id": "OPENVAS:1361412562310844281", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844281", "title": "Ubuntu Update for linux USN-4228-1", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844281\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14901\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-18660\", \"CVE-2019-19052\", \"CVE-2019-19524\", \"CVE-2019-19534\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-08 11:15:27 +0000 (Wed, 08 Jan 2020)\");\n script_name(\"Ubuntu Update for linux USN-4228-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4228-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005255.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4228-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a heap-based buffer overflow existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell\nLibertas WLAN Driver for the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC architecture\nsystems in some situations. A local attacker could use this to expose\nsensitive information. (CVE-2019-18660)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in\nthe Linux kernel did not properly deallocate memory in certain failure\nconditions. A physically proximate attacker could use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the driver for memoryless force-feedback input\ndevices in the Linux kernel contained a use-after-free vulnerability. A\nphysically proximate attacker could possibly use this to cause a denial of\nservice (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the PEAK-System Technique USB driver in the Linux\nkernel did not properly sanitize memory before sending it to the device. A\nphysically proximate attacker could use this to expose sensitive\ninformation (kernel memory). (CVE-2019-19534)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1064-kvm\", ver:\"4.4.0-1064.71\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1100-aws\", ver:\"4.4.0-1100.111\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1127-raspi2\", ver:\"4.4.0-1127.136\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1131-snapdragon\", ver:\"4.4.0-1131.139\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-generic\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-generic-lpae\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-lowlatency\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-powerpc-e500mc\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-powerpc-smp\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-powerpc64-emb\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-171-powerpc64-smp\", ver:\"4.4.0-171.200\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1100.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1064.64\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1127.127\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1131.123\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.171.179\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-14T14:49:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-13T00:00:00", "published": "2020-01-08T00:00:00", "id": "OPENVAS:1361412562310844284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844284", "title": "Ubuntu Update for linux USN-4225-1", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844284\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14901\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16231\", \"CVE-2019-18660\", \"CVE-2019-19044\", \"CVE-2019-19045\", \"CVE-2019-19047\", \"CVE-2019-19051\", \"CVE-2019-19052\", \"CVE-2019-19055\", \"CVE-2019-19072\", \"CVE-2019-19524\", \"CVE-2019-19529\", \"CVE-2019-19534\", \"CVE-2019-19807\", \"CVE-2019-18813\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-08 11:16:46 +0000 (Wed, 08 Jan 2020)\");\n script_name(\"Ubuntu Update for linux USN-4225-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4225-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005252.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4225-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a heap-based buffer overflow existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell\nLibertas WLAN Driver for the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux\nkernel did not properly check for errors in some situations, leading to a\nNULL pointer dereference. A local attacker could use this to cause a denial\nof service. (CVE-2019-16231)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC architecture\nsystems in some situations. A local attacker could use this to expose\nsensitive information. (CVE-2019-18660)\n\nIt was discovered that the Broadcom V3D DRI driver in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19044)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux\nkernel did not properly deallocate memory in certain failure conditions. A\nlocal attacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19045)\n\nIt was discovered that the Mellanox Technologies ConnectX driver in the\nLinux kernel did not properly deallocate memory in certain failure\nconditions. A local attacker could use this to cause a denial of service\n(kernel memory exhaustion). (CVE-2019-19047)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did\nnot properly deallocate memory in certain situations. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19051)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in\nthe Linux kernel did not properly deallocate memory in certain failure\nconditions. A physically proximate attacker could use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the netlink-based 802.11 configuration interface in\nthe Linux kernel did not deallocate memory in certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19055)\n\nIt was discovered t ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1008-oracle\", ver:\"5.3.0-1008.9\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1009-aws\", ver:\"5.3.0-1009.10\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1009-azure\", ver:\"5.3.0-1009.10\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1009-kvm\", ver:\"5.3.0-1009.10\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1011-gcp\", ver:\"5.3.0-1011.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1015-raspi2\", ver:\"5.3.0-1015.17\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-generic\", ver:\"5.3.0-26.28\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-generic-lpae\", ver:\"5.3.0-26.28\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-lowlatency\", ver:\"5.3.0-26.28\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-snapdragon\", ver:\"5.3.0-26.28\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1009.11\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.3.0.1009.27\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1011.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.26.30\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.26.30\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.3.0.1011.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.3.0.1009.11\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.26.30\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.3.0.1008.9\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1015.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.26.30\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.26.30\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1009-azure\", ver:\"5.3.0-1009.10~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1010-gcp\", ver:\"5.3.0-1010.11~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure-edge\", ver:\"5.3.0.1009.9\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp-edge\", ver:\"5.3.0.1010.10\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-14T14:49:42", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-13T00:00:00", "published": "2020-01-08T00:00:00", "id": "OPENVAS:1361412562310844282", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844282", "title": "Ubuntu Update for linux USN-4227-1", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844282\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14901\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16231\", \"CVE-2019-16233\", \"CVE-2019-18660\", \"CVE-2019-19045\", \"CVE-2019-19052\", \"CVE-2019-19083\", \"CVE-2019-19524\", \"CVE-2019-19529\", \"CVE-2019-19534\", \"CVE-2019-19807\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-08 11:15:44 +0000 (Wed, 08 Jan 2020)\");\n script_name(\"Ubuntu Update for linux USN-4227-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4227-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005254.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4227-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a heap-based buffer overflow existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell\nLibertas WLAN Driver for the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux\nkernel did not properly check for errors in some situations, leading to a\nNULL pointer dereference. A local attacker could use this to cause a denial\nof service. (CVE-2019-16231)\n\nIt was discovered that the QLogic Fibre Channel driver in the Linux kernel\ndid not properly check for error, leading to a NULL pointer dereference. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2019-16233)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC architecture\nsystems in some situations. A local attacker could use this to expose\nsensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux\nkernel did not properly deallocate memory in certain failure conditions. A\nlocal attacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19045)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in\nthe Linux kernel did not properly deallocate memory in certain failure\nconditions. A physically proximate attacker could use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the AMD Display Engine Driver in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A local\nattack could use this to cause a denial of service (memory exhaustion).\n(CVE-2019-19083)\n\nIt was discovered that the driver for memoryless force-feedback input\ndevices in the Linux kernel contained a use-after-free vulnerability. A\nphysically proximate attacker could possibly use this to cause a denial of\nservice (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux\nkernel contained a use-after-free vulnerability on device disconnect. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly exec ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1031-oracle\", ver:\"4.15.0-1031.34\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1050-gke\", ver:\"4.15.0-1050.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1052-kvm\", ver:\"4.15.0-1052.52\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1053-raspi2\", ver:\"4.15.0-1053.57\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1057-aws\", ver:\"4.15.0-1057.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-oem\", ver:\"4.15.0-1066.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1070-snapdragon\", ver:\"4.15.0-1070.77\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-generic\", ver:\"4.15.0-74.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-generic-lpae\", ver:\"4.15.0-74.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-lowlatency\", ver:\"4.15.0-74.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1057.58\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1057.58\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1050.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1050.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1052.52\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1066.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1031.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1031.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1053.51\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1070.73\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.74.76\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1031-oracle\", ver:\"4.15.0-1031.34~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1052-gcp\", ver:\"4.15.0-1052.56\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1057-aws\", ver:\"4.15.0-1057.59~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-azure\", ver:\"4.15.0-1066.71\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-generic\", ver:\"4.15.0-74.83~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-generic-lpae\", ver:\"4.15.0-74.83~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-74-lowlatency\", ver:\"4.15.0-74.83~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1057.57\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1066.69\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure-edge\", ver:\"4.15.0.1066.69\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1052.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.74.94\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.74.94\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1052.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.74.94\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.74.94\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1031.24\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.74.94\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-23T16:32:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-23T00:00:00", "published": "2020-01-19T00:00:00", "id": "OPENVAS:1361412562310844298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844298", "title": "Ubuntu Update for linux-hwe USN-4225-2", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844298\");\n script_version(\"2020-01-23T07:59:05+0000\");\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14901\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16231\", \"CVE-2019-18660\", \"CVE-2019-19045\", \"CVE-2019-19051\", \"CVE-2019-19052\", \"CVE-2019-19055\", \"CVE-2019-19072\", \"CVE-2019-19524\", \"CVE-2019-19529\", \"CVE-2019-19534\", \"CVE-2019-18813\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 07:59:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-19 04:00:59 +0000 (Sun, 19 Jan 2020)\");\n script_name(\"Ubuntu Update for linux-hwe USN-4225-2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4225-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005277.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the USN-4225-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS.\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell\nLibertas WLAN Driver for the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux\nkernel did not properly check for errors in some situations, leading to a\nNULL pointer dereference. A local attacker could use this to cause a denial\nof service. (CVE-2019-16231)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC architecture\nsystems in some situations. A local attacker could use this to expose\nsensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux\nkernel did not properly deallocate memory in certain failure conditions. A\nlocal attacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19045)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did\nnot properly deallocate memory in certain situations. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19051)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in\nthe Linux kernel did not properly deallocate memory in certain failure\nconditions. A physically proximate attacker could use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the netlink-based 802.11 configuration interface in\nthe Linux kernel did not deallocate memory in certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19055)\n\nIt was discovered that the event tracing subsystem of the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19072)\n\nIt was discovered that the driver for memoryless force-feedback input\ndevices in the Linux ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux-hwe' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-generic\", ver:\"5.3.0-26.28~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-generic-lpae\", ver:\"5.3.0-26.28~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-26-lowlatency\", ver:\"5.3.0-26.28~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.26.95\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.26.95\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.26.95\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.26.95\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.26.95\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:53:51", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-09-25T00:00:00", "id": "OPENVAS:1361412562310852705", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852705", "title": "openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2173-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852705\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-18551\", \"CVE-2018-20976\", \"CVE-2018-21008\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15098\", \"CVE-2019-15117\", \"CVE-2019-15118\", \"CVE-2019-15211\", \"CVE-2019-15212\", \"CVE-2019-15214\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15222\", \"CVE-2019-15239\", \"CVE-2019-15290\", \"CVE-2019-15292\", \"CVE-2019-15538\", \"CVE-2019-15666\", \"CVE-2019-15902\", \"CVE-2019-15917\", \"CVE-2019-15919\", \"CVE-2019-15920\", \"CVE-2019-15921\", \"CVE-2019-15924\", \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-9456\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-25 02:00:54 +0000 (Wed, 25 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2173-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2173-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux Kernel'\n package(s) announced via the openSUSE-SU-2019:2173-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.0 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-18551: There was an out of bounds write in the function\n i2c_smbus_xfer_emulated (bnc#1146163).\n\n - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super\n failure (bnc#1146285).\n\n - CVE-2018-21008: A use-after-free can be caused by the function\n rsi_mac80211_detach in the file\n drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).\n\n - CVE-2019-14814: A heap overflow in mwifiex_set_uap_rates() function of\n Marvell was fixed. (bnc#1146512).\n\n - CVE-2019-14815: A heap overflow in mwifiex_set_wmm_params() function of\n Marvell Wifi Driver was fixed. (bnc#1146514).\n\n - CVE-2019-14816: A heap overflow in mwifiex_update_vs_ie() function of\n Marvell Wifi Driver was fixed. (bnc#1146516).\n\n - CVE-2019-14835: A vhost/vhost_net kernel buffer overflow could lead to\n guest to host kernel escape during live migration (bnc#1150112).\n\n - CVE-2019-15030: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via a Facility\n Unavailable exception. To exploit the venerability, a local user starts\n a transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process\n because of a missing arch/powerpc/kernel/process.c check (bnc#1149713).\n\n - CVE-2019-15031: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via an\n interrupt. To exploit the venerability, a local user starts a\n transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process,\n because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c\n (bnc#1149713).\n\n - CVE-2019-15090: In the qedi_dbg_* family of functions, there was an\n out-of-bounds read (bnc#1146399).\n\n - CVE-2019-15098: drivers/net/wireless/ath/ath6kl/usb.c had a NULL pointer\n dereference via an incomplete address in an endpoint descriptor\n (bnc#1146378).\n\n - CVE-2019-15117: parse_audio_mixer_unit in sound/usb/mixer.c in the Linux\n kernel mishandled a short descriptor, leading to out-of-bounds memory\n access (bnc#1145920).\n\n - CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux\n kernel mishandled recursion, leading to kernel stack exhaustion\n (bnc#1145922).\n\n - CVE-2019-1 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp150.12.73.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-14T16:51:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-13T00:00:00", "published": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201197", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1197)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1197\");\n script_version(\"2020-03-13T07:12:58+0000\");\n script_cve_id(\"CVE-2019-0136\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15098\", \"CVE-2019-15099\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15504\", \"CVE-2019-15918\", \"CVE-2019-15922\", \"CVE-2019-15923\", \"CVE-2019-15924\", \"CVE-2019-15926\", \"CVE-2019-16089\", \"CVE-2019-16233\", \"CVE-2019-16234\", \"CVE-2019-16714\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-18806\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18813\", \"CVE-2019-18885\", \"CVE-2019-19066\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:12:58 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:12:58 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1197)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1197\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1197\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1197 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.\n\nSecurity Fix(es):An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)\n\nAn issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)\n\nAn issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)\n\nAn issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)\n\nAn issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)\n\nAn issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15923)\n\nAn issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.(CVE-2019-15918)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15922)\n\nAn issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\nAn issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924)\n\nA buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during m ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:27:33", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852855", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852855", "title": "openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2181-1)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852855\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-18551\", \"CVE-2018-20976\", \"CVE-2018-21008\", \"CVE-2019-14814\",\n \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14835\", \"CVE-2019-15030\",\n \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15098\", \"CVE-2019-15099\",\n \"CVE-2019-15117\", \"CVE-2019-15118\", \"CVE-2019-15211\", \"CVE-2019-15212\",\n \"CVE-2019-15214\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\",\n \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\",\n \"CVE-2019-15222\", \"CVE-2019-15239\", \"CVE-2019-15290\", \"CVE-2019-15292\",\n \"CVE-2019-15538\", \"CVE-2019-15666\", \"CVE-2019-15902\", \"CVE-2019-15917\",\n \"CVE-2019-15919\", \"CVE-2019-15920\", \"CVE-2019-15921\", \"CVE-2019-15924\",\n \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-9456\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:36:26 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2181-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2181-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux Kernel'\n package(s) announced via the openSUSE-SU-2019:2181-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-18551: There was an out of bounds write in the function\n i2c_smbus_xfer_emulated (bnc#1146163).\n\n - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super\n failure (bnc#1146285).\n\n - CVE-2018-21008: A use-after-free can be caused by the function\n rsi_mac80211_detach in the file\n drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).\n\n - CVE-2019-14814, CVE-2019-14815, CVE-2019-14816: Fix three heap-based\n buffer overflows in marvell wifi chip driver kernel, that allowed local\n users to cause a denial of service (system crash) or possibly execute\n arbitrary code. (bnc#1146516 bnc#1146512 bnc#1146514)\n\n - CVE-2019-14835: A buffer overflow flaw was found in the way Linux\n kernel's vhost functionality that translates virtqueue buffers to IOVs,\n logged the buffer descriptors during migration. A privileged guest user\n able to pass descriptors with invalid length to the host when migration\n is underway, could use this flaw to increase their privileges on the\n host (bnc#1150112).\n\n - CVE-2019-15030: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via a Facility\n Unavailable exception. To exploit the venerability, a local user starts\n a transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process\n because of a missing arch/powerpc/kernel/process.c check (bnc#1149713).\n\n - CVE-2019-15031: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via an\n interrupt. To exploit the venerability, a local user starts a\n transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process,\n because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c\n (bnc#1149713).\n\n - CVE-2019-15090: In the qedi_dbg_* family of functions, there was an\n out-of-bounds read (bnc#1146399).\n\n - CVE-2019-15098: drivers/net/wireless/ath/ath6kl/usb.c in the Linux\n kernel had a NULL pointer dereference via an incomplete address in an\n endpoint descriptor (bnc#1146378 1146543).\n\n - CVE-2019-15099: drivers/net/wireless/ath/ath10k/usb.c in the Linux\n kernel had a NULL pointer dereference via an incomplete address in an\n endpoint ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.16.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2020-05-01T03:10:11", "bulletinFamily": "scanner", "description": "Peter Pi discovered a buffer overflow in the virtio network backend\n(vhost_net) implementation in the Linux kernel. An attacker in a guest\nmay be able to use this to cause a denial of service (host OS crash)\nor possibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did\nnot properly handle Facility Unavailable exceptions in some\nsituations. A local attacker could use this to expose sensitive\ninformation. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did\nnot properly handle exceptions on interrupts in some situations. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-15031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-05-02T00:00:00", "id": "UBUNTU_USN-4135-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129049", "published": "2019-09-19T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, (USN-4135-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4135-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129049);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\");\n script_xref(name:\"USN\", value:\"4135-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, (USN-4135-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Peter Pi discovered a buffer overflow in the virtio network backend\n(vhost_net) implementation in the Linux kernel. An attacker in a guest\nmay be able to use this to cause a denial of service (host OS crash)\nor possibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did\nnot properly handle Facility Unavailable exceptions in some\nsituations. A local attacker could use this to expose sensitive\ninformation. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did\nnot properly handle exceptions on interrupts in some situations. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-15031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4135-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-4.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4135-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1025-oracle\", pkgver:\"4.15.0-1025.28~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1044-gcp\", pkgver:\"4.15.0-1044.46\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1050-aws\", pkgver:\"4.15.0-1050.52~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1059-azure\", pkgver:\"4.15.0-1059.64\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-64-generic\", pkgver:\"4.15.0-64.73~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-64-generic-lpae\", pkgver:\"4.15.0-64.73~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-64-lowlatency\", pkgver:\"4.15.0-64.73~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1058-kvm\", pkgver:\"4.4.0-1058.65\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1094-aws\", pkgver:\"4.4.0-1094.105\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1122-raspi2\", pkgver:\"4.4.0-1122.131\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1126-snapdragon\", pkgver:\"4.4.0-1126.132\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-164-generic\", pkgver:\"4.4.0-164.192\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-164-generic-lpae\", pkgver:\"4.4.0-164.192\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-164-lowlatency\", pkgver:\"4.4.0-164.192\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1094.98\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1050.50\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1059.62\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1044.58\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.164.172\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.64.84\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.164.172\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.64.84\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1044.58\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1058.58\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.164.172\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.64.84\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.64.84\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1025.18\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1122.122\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1126.118\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.164.172\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual-hwe-16.04\", pkgver:\"4.15.0.64.84\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1025-oracle\", pkgver:\"4.15.0-1025.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1044-gcp\", pkgver:\"4.15.0-1044.70\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1044-gke\", pkgver:\"4.15.0-1044.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1046-kvm\", pkgver:\"4.15.0-1046.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1047-raspi2\", pkgver:\"4.15.0-1047.51\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1050-aws\", pkgver:\"4.15.0-1050.52\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1056-oem\", pkgver:\"4.15.0-1056.65\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1064-snapdragon\", pkgver:\"4.15.0-1064.71\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-64-generic\", pkgver:\"4.15.0-64.73\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-64-generic-lpae\", pkgver:\"4.15.0-64.73\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-64-lowlatency\", pkgver:\"4.15.0-64.73\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1017-gke\", pkgver:\"5.0.0-1017.17~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1020-azure\", pkgver:\"5.0.0-1020.21~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-29-generic\", pkgver:\"5.0.0-29.31~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-29-generic-lpae\", pkgver:\"5.0.0-29.31~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-29-lowlatency\", pkgver:\"5.0.0-29.31~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1050.49\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1020.30\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1044.70\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.64.66\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.29.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.64.66\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.29.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1044.47\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-4.15\", pkgver:\"4.15.0.1044.47\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1017.7\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.15.0.1046.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.64.66\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.29.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.1056.60\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1025.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.15.0.1047.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.15.0.1064.67\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.29.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.15.0.64.66\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.29.86\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1016-aws\", pkgver:\"5.0.0-1016.18\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1017-gcp\", pkgver:\"5.0.0-1017.17\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1017-kvm\", pkgver:\"5.0.0-1017.18\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1017-raspi2\", pkgver:\"5.0.0-1017.17\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1020-azure\", pkgver:\"5.0.0-1020.21\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1021-snapdragon\", pkgver:\"5.0.0-1021.22\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-29-generic\", pkgver:\"5.0.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-29-generic-lpae\", pkgver:\"5.0.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-29-lowlatency\", pkgver:\"5.0.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1016.17\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1020.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1017.43\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.29.30\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.29.30\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1017.43\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1017.17\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.29.30\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1017.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.0.0.1021.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.29.30\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-azure / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-23T02:48:09", "bulletinFamily": "scanner", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1378 advisory.\n\n - kernel: use-after-free caused by a malicious USB device\n in the drivers/hid/usbhid/hiddev.c driver\n (CVE-2019-19527)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application", "modified": "2020-04-07T00:00:00", "id": "REDHAT-RHSA-2020-1378.NASL", "href": "https://www.tenable.com/plugins/nessus/135246", "published": "2020-04-07T00:00:00", "title": "RHEL 8 : kernel-rt (RHSA-2020:1378)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1378. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135246);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/21\");\n\n script_cve_id(\"CVE-2019-19527\");\n script_xref(name:\"RHSA\", value:\"2020:1378\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2020:1378)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1378 advisory.\n\n - kernel: use-after-free caused by a malicious USB device\n in the drivers/hid/usbhid/hiddev.c driver\n (CVE-2019-19527)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1794199\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19527\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::nfv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::realtime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2019-19527');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:1378');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'reference':'kernel-rt-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-core-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-core-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-devel-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-kvm-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-modules-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-devel-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-kvm-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-modules-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'},\n {'reference':'kernel-rt-modules-extra-4.18.0-147.8.1.rt24.101.el8_1', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_spec_vers_cmp) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;\n }\n else\n {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-03T04:57:57", "bulletinFamily": "scanner", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1984 advisory.\n\n - kernel: powerpc: incomplete Spectre-RSB mitigation leads\n to information exposure (CVE-2019-18660)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application", "modified": "2020-04-30T00:00:00", "id": "REDHAT-RHSA-2020-1984.NASL", "href": "https://www.tenable.com/plugins/nessus/136188", "published": "2020-04-30T00:00:00", "title": "RHEL 7 : kernel (RHSA-2020:1984)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1984. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136188);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/01\");\n\n script_cve_id(\"CVE-2019-18660\");\n script_xref(name:\"RHSA\", value:\"2020:1984\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2020:1984)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1984 advisory.\n\n - kernel: powerpc: incomplete Spectre-RSB mitigation leads\n to information exposure (CVE-2019-18660)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1777825\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18660\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(200);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6::computenode\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7::computenode\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7::server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.7', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2019-18660');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:1984');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'reference':'bpftool-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'bpftool-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-abi-whitelists-3.10.0-1062.21.1.el7', 'sp':'7', 'release':'7'},\n {'reference':'kernel-debug-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-debug-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-debug-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-debug-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-headers-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-headers-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-kdump-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-kdump-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-tools-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-tools-libs-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'perf-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'perf-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'},\n {'reference':'python-perf-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'s390x', 'release':'7'},\n {'reference':'python-perf-3.10.0-1062.21.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_spec_vers_cmp) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;\n }\n else\n {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-15T20:08:50", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek\n[3.8.13-118.45.1.el7uek]\n- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) \n[Orabug: 31206361] {CVE-2019-19527}\n- HID: hiddev: avoid opening a disconnected device (Hillf Danton) \n[Orabug: 31206361] {CVE-2019-19527}\n- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: \n31208623] {CVE-2019-19532}\n- drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() \n(Murray McAllister) [Orabug: 31224360] {CVE-2017-7261}\n- brcmfmac: add subtype check for event handling in data path (John \nDonnelly) [Orabug: 31234676] {CVE-2019-9503}", "modified": "2020-05-11T00:00:00", "id": "ORACLELINUX_ELSA-2020-5671.NASL", "href": "https://www.tenable.com/plugins/nessus/136448", "published": "2020-05-11T00:00:00", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5671)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5671.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136448);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/13\");\n\n script_cve_id(\"CVE-2017-7261\", \"CVE-2019-19527\", \"CVE-2019-19532\", \"CVE-2019-9503\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[3.8.13-118.45.1.el7uek]\n- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) \n[Orabug: 31206361] {CVE-2019-19527}\n- HID: hiddev: avoid opening a disconnected device (Hillf Danton) \n[Orabug: 31206361] {CVE-2019-19527}\n- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: \n31208623] {CVE-2019-19532}\n- drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() \n(Murray McAllister) [Orabug: 31224360] {CVE-2017-7261}\n- brcmfmac: add subtype check for event handling in data path (John \nDonnelly) [Orabug: 31234676] {CVE-2019-9503}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-May/009899.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-May/009900.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.45.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.45.1.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-7261\", \"CVE-2019-19527\", \"CVE-2019-19532\", \"CVE-2019-9503\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2020-5671\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"3.8\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-118.45.1.el6uek-0.4.5-3.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-118.45.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-118.45.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-118.45.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-118.45.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-118.45.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-118.45.1.el6uek\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-118.45.1.el7uek-0.4.5-3.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-118.45.1.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-118.45.1.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-118.45.1.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-118.45.1.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-118.45.1.el7uek\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-118.45.1.el7uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-03T01:36:21", "bulletinFamily": "scanner", "description": "According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):An issue was discovered in\n the Linux kernel before 5.1.8. There is a double-free\n caused by a malicious USB device in the\n drivers/usb/misc/rio500.c driver.(CVE-2019-15212)An\n issue was discovered in the Linux kernel before 5.2.3.\n There is a use-after-free caused by a malicious USB\n device in the drivers/media/usb/dvb-usb/dvb-usb-init.c\n driver.(CVE-2019-15213)An issue was discovered in the\n Linux kernel before 5.2.6. There is a use-after-free\n caused by a malicious USB device in the\n drivers/media/usb/cpia2/cpia2_usb.c\n driver.(CVE-2019-15215)An issue was discovered in the\n Linux kernel before 5.0.14. There is a NULL pointer\n dereference caused by a malicious USB device in the\n drivers/usb/misc/yurex.c driver.(CVE-2019-15216)An\n issue was discovered in the Linux kernel before 5.2.3.\n There is a NULL pointer dereference caused by a\n malicious USB device in the\n drivers/media/usb/zr364xx/zr364xx.c\n driver.(CVE-2019-15217)An issue was discovered in\n drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before\n 5.1.12. In the qedi_dbg_* family of functions, there is\n an out-of-bounds read.(CVE-2019-15090)In the Linux\n kernel through 5.2.14 on the powerpc platform, a local\n user can read vector registers of other users", "modified": "2019-09-30T00:00:00", "id": "EULEROS_SA-2019-2081.NASL", "href": "https://www.tenable.com/plugins/nessus/129440", "published": "2019-09-30T00:00:00", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2081)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129440);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/01\");\n\n script_cve_id(\n \"CVE-2019-13648\",\n \"CVE-2019-14284\",\n \"CVE-2019-14821\",\n \"CVE-2019-14835\",\n \"CVE-2019-15030\",\n \"CVE-2019-15031\",\n \"CVE-2019-15090\",\n \"CVE-2019-15117\",\n \"CVE-2019-15212\",\n \"CVE-2019-15213\",\n \"CVE-2019-15215\",\n \"CVE-2019-15216\",\n \"CVE-2019-15217\",\n \"CVE-2019-15918\",\n \"CVE-2019-15922\",\n \"CVE-2019-15923\",\n \"CVE-2019-15924\",\n \"CVE-2019-15926\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2081)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):An issue was discovered in\n the Linux kernel before 5.1.8. There is a double-free\n caused by a malicious USB device in the\n drivers/usb/misc/rio500.c driver.(CVE-2019-15212)An\n issue was discovered in the Linux kernel before 5.2.3.\n There is a use-after-free caused by a malicious USB\n device in the drivers/media/usb/dvb-usb/dvb-usb-init.c\n driver.(CVE-2019-15213)An issue was discovered in the\n Linux kernel before 5.2.6. There is a use-after-free\n caused by a malicious USB device in the\n drivers/media/usb/cpia2/cpia2_usb.c\n driver.(CVE-2019-15215)An issue was discovered in the\n Linux kernel before 5.0.14. There is a NULL pointer\n dereference caused by a malicious USB device in the\n drivers/usb/misc/yurex.c driver.(CVE-2019-15216)An\n issue was discovered in the Linux kernel before 5.2.3.\n There is a NULL pointer dereference caused by a\n malicious USB device in the\n drivers/media/usb/zr364xx/zr364xx.c\n driver.(CVE-2019-15217)An issue was discovered in\n drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before\n 5.1.12. In the qedi_dbg_* family of functions, there is\n an out-of-bounds read.(CVE-2019-15090)In the Linux\n kernel through 5.2.14 on the powerpc platform, a local\n user can read vector registers of other users'\n processes via a Facility Unavailable exception. To\n exploit the venerability, a local user starts a\n transaction (via the hardware transactional memory\n instruction tbegin) and then accesses vector registers.\n At some point, the vector registers will be corrupted\n with the values from a different local Linux process\n because of a missing arch/powerpc/kernel/process.c\n check.(CVE-2019-15030)In the Linux kernel through\n 5.2.14 on the powerpc platform, a local user can read\n vector registers of other users' processes via an\n interrupt. To exploit the venerability, a local user\n starts a transaction (via the hardware transactional\n memory instruction tbegin) and then accesses vector\n registers. At some point, the vector registers will be\n corrupted with the values from a different local Linux\n process, because MSR_TM_ACTIVE is misused in\n arch/powerpc/kernel/process.c.(CVE-2019-15031)An\n out-of-bounds access issue was found in the Linux\n kernel, all versions through 5.3, in the way Linux\n kernel's KVM hypervisor implements the Coalesced MMIO\n write operation. It operates on an MMIO ring buffer\n 'struct kvm_coalesced_mmio' object, wherein write\n indices 'ring-i1/4zfirst' and 'ring-i1/4zlast' value could\n be supplied by a host user-space process. An\n unprivileged host user or process with access to\n '/dev/kvm' device could use this flaw to crash the host\n kernel, resulting in a denial of service or potentially\n escalating privileges on the system.(CVE-2019-14821)A\n buffer overflow flaw was found, in versions from 2.6.34\n to 5.2.x, in the way Linux kernel's vhost functionality\n that translates virtqueue buffers to IOVs, logged the\n buffer descriptors during migration. A privileged guest\n user able to pass descriptors with invalid length to\n the host when migration is underway, could use this\n flaw to increase their privileges on the\n host.(CVE-2019-14835)An issue was discovered in the\n Linux kernel before 5.0.9. There is a NULL pointer\n dereference for a pf data structure if alloc_disk fails\n in drivers/block/paride/pf.c.(CVE-2019-15922)An issue\n was discovered in the Linux kernel before 5.0.10.\n SMB2_negotiate in fs/cifs/smb2pdu.c has an\n out-of-bounds read because data structures are\n incompletely updated after a change from smb30 to\n smb21.(CVE-2019-15918)An issue was discovered in the\n Linux kernel before 5.0.9. There is a NULL pointer\n dereference for a cd data structure if alloc_disk fails\n in drivers/block/paride/pf.c.(CVE-2019-15923)An issue\n was discovered in the Linux kernel before 5.0.11.\n fm10k_init_module in drivers\n et/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer\n dereference because there is no -ENOMEM upon an\n alloc_workqueue failure.(CVE-2019-15924)An issue was\n discovered in the Linux kernel before 5.2.3. Out of\n bounds access exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and\n ath6kl_wmi_cac_event_rx in the file\n driverset/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)par\n se_audio_mixer_unit in sound/usb/mixer.c in the Linux\n kernel through 5.2.9 mishandles a short descriptor,\n leading to out-of-bounds memory\n access.(CVE-2019-15117)In the Linux kernel before\n 5.2.3, drivers/block/floppy.c allows a denial of\n service by setup_format_params division-by-zero. Two\n consecutive ioctls can trigger the bug: the first one\n should set the drive geometry with .sect and .rate\n values that make F_SECT_PER_TRACK be zero. Next, the\n floppy format operation should be called. It can be\n triggered by an unprivileged local user even when a\n floppy disk has not been inserted. NOTE: QEMU creates\n the floppy device by default.(CVE-2019-14284)In the\n Linux kernel through 5.2.1 on the powerpc platform,\n when hardware transactional memory is disabled, a local\n user can cause a denial of service (TM Bad Thing\n exception and system crash) via a sigreturn() system\n call that sends a crafted signal frame. This affects\n arch/powerpc/kernel/signal_32.c and\n arch/powerpc/kernel/signal_64.c.(CVE-2019-13648)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2081\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06ead936\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bpftool-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h453.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2020-05-01T00:01:04", "bulletinFamily": "scanner", "description": "The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2020-05-02T00:00:00", "id": "FEDORA_2019-124A241044.NASL", "href": "https://www.tenable.com/plugins/nessus/131787", "published": "2019-12-09T00:00:00", "title": "Fedora 30 : kernel (2019-124a241044)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-124a241044.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131787);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n script_xref(name:\"FEDORA\", value:\"2019-124a241044\");\n\n script_name(english:\"Fedora 30 : kernel (2019-124a241044)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-124a241044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18660\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-124a241044\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.3.14-200.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-01T00:11:19", "bulletinFamily": "scanner", "description": "The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2020-05-02T00:00:00", "id": "FEDORA_2019-B86A7BDBA0.NASL", "href": "https://www.tenable.com/plugins/nessus/131742", "published": "2019-12-06T00:00:00", "title": "Fedora 31 : kernel (2019-b86a7bdba0)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b86a7bdba0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131742);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n script_xref(name:\"FEDORA\", value:\"2019-b86a7bdba0\");\n\n script_name(english:\"Fedora 31 : kernel (2019-b86a7bdba0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b86a7bdba0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18660\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-b86a7bdba0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"kernel-5.3.14-300.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-03T01:36:54", "bulletinFamily": "scanner", "description": "According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. There is a use-after-free caused by a malicious\n USB device in the\n drivers/media/usb/dvb-usb/dvb-usb-init.c\n driver.(CVE-2019-15213)\n\n - An issue was discovered in the Linux kernel before\n 5.2.6. There is a use-after-free caused by a malicious\n USB device in the drivers/media/usb/cpia2/cpia2_usb.c\n driver.(CVE-2019-15215)\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. There is a NULL pointer dereference caused by a\n malicious USB device in the\n drivers/media/usb/zr364xx/zr364xx.c\n driver.(CVE-2019-15217)\n\n - An issue was discovered in the Linux kernel before\n 5.1.8. There is a double-free caused by a malicious USB\n device in the drivers/usb/misc/rio500.c\n driver.(CVE-2019-15212)\n\n - An issue was discovered in the Linux kernel before\n 5.0.14. There is a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/yurex.c\n driver.(CVE-2019-15216)\n\n - An issue was discovered in drivers/scsi/qedi/qedi_dbg.c\n in the Linux kernel before 5.1.12. In the qedi_dbg_*\n family of functions, there is an out-of-bounds\n read.(CVE-2019-15090)\n\n - An issue was discovered in the Linux kernel before\n 5.0.9. There is a NULL pointer dereference for a cd\n data structure if alloc_disk fails in\n drivers/block/paride/pf.c.(CVE-2019-15923)\n\n - An issue was discovered in the Linux kernel before\n 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an\n out-of-bounds read because data structures are\n incompletely updated after a change from smb30 to\n smb21.(CVE-2019-15918)\n\n - An issue was discovered in the Linux kernel before\n 5.0.9. There is a NULL pointer dereference for a pf\n data structure if alloc_disk fails in\n drivers/block/paride/pf.c.(CVE-2019-15922)\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. Out of bounds access exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and\n ath6kl_wmi_cac_event_rx in the file\n drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\n - An issue was discovered in the Linux kernel before\n 5.0.11. fm10k_init_module in\n drivers/net/ethernet/intel/fm10k/fm10k_main.c has a\n NULL pointer dereference because there is no -ENOMEM\n upon an alloc_workqueue failure.(CVE-2019-15924)\n\n - A buffer overflow flaw was found, in versions from\n 2.6.34 to 5.2.x, in the way Linux kernel", "modified": "2020-05-02T00:00:00", "id": "EULEROS_SA-2019-2309.NASL", "href": "https://www.tenable.com/plugins/nessus/131474", "published": "2019-12-03T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.3.0 : kernel (EulerOS-SA-2019-2309)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131474);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/10\");\n\n script_cve_id(\n \"CVE-2019-14814\",\n \"CVE-2019-14815\",\n \"CVE-2019-14816\",\n \"CVE-2019-14835\",\n \"CVE-2019-15030\",\n \"CVE-2019-15031\",\n \"CVE-2019-15090\",\n \"CVE-2019-15098\",\n \"CVE-2019-15099\",\n \"CVE-2019-15212\",\n \"CVE-2019-15213\",\n \"CVE-2019-15215\",\n \"CVE-2019-15216\",\n \"CVE-2019-15217\",\n \"CVE-2019-15918\",\n \"CVE-2019-15922\",\n \"CVE-2019-15923\",\n \"CVE-2019-15924\",\n \"CVE-2019-15926\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.3.0 : kernel (EulerOS-SA-2019-2309)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. There is a use-after-free caused by a malicious\n USB device in the\n drivers/media/usb/dvb-usb/dvb-usb-init.c\n driver.(CVE-2019-15213)\n\n - An issue was discovered in the Linux kernel before\n 5.2.6. There is a use-after-free caused by a malicious\n USB device in the drivers/media/usb/cpia2/cpia2_usb.c\n driver.(CVE-2019-15215)\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. There is a NULL pointer dereference caused by a\n malicious USB device in the\n drivers/media/usb/zr364xx/zr364xx.c\n driver.(CVE-2019-15217)\n\n - An issue was discovered in the Linux kernel before\n 5.1.8. There is a double-free caused by a malicious USB\n device in the drivers/usb/misc/rio500.c\n driver.(CVE-2019-15212)\n\n - An issue was discovered in the Linux kernel before\n 5.0.14. There is a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/yurex.c\n driver.(CVE-2019-15216)\n\n - An issue was discovered in drivers/scsi/qedi/qedi_dbg.c\n in the Linux kernel before 5.1.12. In the qedi_dbg_*\n family of functions, there is an out-of-bounds\n read.(CVE-2019-15090)\n\n - An issue was discovered in the Linux kernel before\n 5.0.9. There is a NULL pointer dereference for a cd\n data structure if alloc_disk fails in\n drivers/block/paride/pf.c.(CVE-2019-15923)\n\n - An issue was discovered in the Linux kernel before\n 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an\n out-of-bounds read because data structures are\n incompletely updated after a change from smb30 to\n smb21.(CVE-2019-15918)\n\n - An issue was discovered in the Linux kernel before\n 5.0.9. There is a NULL pointer dereference for a pf\n data structure if alloc_disk fails in\n drivers/block/paride/pf.c.(CVE-2019-15922)\n\n - An issue was discovered in the Linux kernel before\n 5.2.3. Out of bounds access exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and\n ath6kl_wmi_cac_event_rx in the file\n drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\n - An issue was discovered in the Linux kernel before\n 5.0.11. fm10k_init_module in\n drivers/net/ethernet/intel/fm10k/fm10k_main.c has a\n NULL pointer dereference because there is no -ENOMEM\n upon an alloc_workqueue failure.(CVE-2019-15924)\n\n - A buffer overflow flaw was found, in versions from\n 2.6.34 to 5.2.x, in the way Linux kernel's vhost\n functionality that translates virtqueue buffers to\n IOVs, logged the buffer descriptors during migration. A\n privileged guest user able to pass descriptors with\n invalid length to the host when migration is underway,\n could use this flaw to increase their privileges on the\n host.(CVE-2019-14835)\n\n - In the Linux kernel through 5.2.14 on the powerpc\n platform, a local user can read vector registers of\n other users' processes via an interrupt. To exploit the\n venerability, a local user starts a transaction (via\n the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the\n vector registers will be corrupted with the values from\n a different local Linux process, because MSR_TM_ACTIVE\n is misused in\n arch/powerpc/kernel/process.c.(CVE-2019-15031)\n\n - In the Linux kernel through 5.2.14 on the powerpc\n platform, a local user can read vector registers of\n other users' processes via a Facility Unavailable\n exception. To exploit the venerability, a local user\n starts a transaction (via the hardware transactional\n memory instruction tbegin) and then accesses vector\n registers. At some point, the vector registers will be\n corrupted with the values from a different local Linux\n process because of a missing\n arch/powerpc/kernel/process.c check.(CVE-2019-15030)\n\n - There is heap-based buffer overflow in kernel, all\n versions up to, excluding 5.3, in the marvell wifi chip\n driver in Linux kernel, that allows local users to\n cause a denial of service(system crash) or possibly\n execute arbitrary code.(CVE-2019-14816)\n\n - ** RESERVED ** This candidate has been reserved by an\n organization or individual that will use it when\n announcing a new security problem. When the candidate\n has been publicized, the details for this candidate\n will be provided.(CVE-2019-14815)\n\n - There is heap-based buffer overflow in Linux kernel,\n all versions up to, excluding 5.3, in the marvell wifi\n chip driver in Linux kernel, that allows local users to\n cause a denial of service(system crash) or possibly\n execute arbitrary code.(CVE-2019-14814)\n\n - drivers/net/wireless/ath/ath10k/usb.c in the Linux\n kernel through 5.2.8 has a NULL pointer dereference via\n an incomplete address in an endpoint\n descriptor.(CVE-2019-15099)\n\n - drivers/net/wireless/ath/ath6kl/usb.c in the Linux\n kernel through 5.2.9 has a NULL pointer dereference via\n an incomplete address in an endpoint\n descriptor.(CVE-2019-15098)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2309\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?03aaa4ef\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.3.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.3.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.3.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"kernel-tools-libs-devel-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h463.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2020-04-23T02:48:18", "bulletinFamily": "scanner", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1493 advisory.\n\n - kernel: heap-based buffer overflow in\n mwifiex_process_country_ie() function in\n drivers/net/wireless/marvell/mwifiex/sta_ioctl.c\n (CVE-2019-14895)\n\n - kernel: heap overflow in marvell/mwifiex/tdls.c\n (CVE-2019-14901)\n\n - kernel: powerpc: local user can read vector registers of\n other users", "modified": "2020-04-16T00:00:00", "id": "REDHAT-RHSA-2020-1493.NASL", "href": "https://www.tenable.com/plugins/nessus/135685", "published": "2020-04-16T00:00:00", "title": "RHEL 7 : kernel-alt (RHSA-2020:1493)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1493. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135685);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/21\");\n\n script_cve_id(\n \"CVE-2019-5108\",\n \"CVE-2019-14895\",\n \"CVE-2019-14901\",\n \"CVE-2019-15031\",\n \"CVE-2019-15099\",\n \"CVE-2019-15666\",\n \"CVE-2019-19922\",\n \"CVE-2019-20054\",\n \"CVE-2019-20095\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1493\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2020:1493)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1493 advisory.\n\n - kernel: heap-based buffer overflow in\n mwifiex_process_country_ie() function in\n drivers/net/wireless/marvell/mwifiex/sta_ioctl.c\n (CVE-2019-14895)\n\n - kernel: heap overflow in marvell/mwifiex/tdls.c\n (CVE-2019-14901)\n\n - kernel: powerpc: local user can read vector registers of\n other users' processes via an interrupt (CVE-2019-15031)\n\n - kernel: a NULL pointer dereference in\n drivers/net/wireless/ath/ath10k/usb.c leads to a crash\n (CVE-2019-15099)\n\n - kernel: out-of-bounds array access in\n __xfrm_policy_unlink (CVE-2019-15666)\n\n - kernel: when cpu.cfs_quota_us is used allows attackers\n to cause a denial of service against non-cpu-bound\n applications (CVE-2019-19922)\n\n - kernel: Null pointer dereference in drop_sysctl_table()\n in fs/proc/proc_sysctl.c (CVE-2019-20054)\n\n - kernel: memory leak in mwifiex_tm_cmd in\n drivers/net/wireless/marvell/mwifiex/cfg80211.c\n (CVE-2019-20095)\n\n - kernel: triggering AP to send IAPP location updates for\n stations before the required authentication process has\n completed can lead to DoS (CVE-2019-5108)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/119.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/772.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1493\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19922\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20054\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-5108\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14901\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 122, 200, 400, 440, 772);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2019-5108', 'CVE-2019-14895', 'CVE-2019-14901', 'CVE-2019-15031', 'CVE-2019-15099', 'CVE-2019-15666', 'CVE-2019-19922', 'CVE-2019-20054', 'CVE-2019-20095');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:1493');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'reference':'kernel-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-abi-whitelists-4.14.0-115.19.1.el7a', 'release':'7'},\n {'reference':'kernel-debug-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-debug-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-debug-devel-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-debug-devel-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-devel-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-devel-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-headers-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-headers-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-kdump-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-kdump-devel-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'kernel-tools-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-tools-libs-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'kernel-tools-libs-devel-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'perf-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'perf-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'},\n {'reference':'python-perf-4.14.0-115.19.1.el7a', 'cpu':'aarch64', 'release':'7'},\n {'reference':'python-perf-4.14.0-115.19.1.el7a', 'cpu':'s390x', 'release':'7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_spec_vers_cmp) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;\n }\n else\n {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-01T03:11:38", "bulletinFamily": "scanner", "description": "It was discovered that a heap-based buffer overflow existed in the\nMarvell WiFi-Ex Driver for the Linux kernel. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the\nMarvell Libertas WLAN Driver for the Linux kernel. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-14896,\nCVE-2019-14897)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC\narchitecture systems in some situations. A local attacker could use\nthis to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver\nin the Linux kernel did not properly deallocate memory in certain\nfailure conditions. A physically proximate attacker could use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the driver for memoryless force-feedback input\ndevices in the Linux kernel contained a use-after-free vulnerability.\nA physically proximate attacker could possibly use this to cause a\ndenial of service (system crash) or execute arbitrary code.\n(CVE-2019-19524)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux\nkernel did not properly sanitize memory before sending it to the\ndevice. A physically proximate attacker could use this to expose\nsensitive information (kernel memory). (CVE-2019-19534).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2020-05-02T00:00:00", "id": "UBUNTU_USN-4228-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132692", "published": "2020-01-07T00:00:00", "title": "Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon (USN-4228-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4228-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132692);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/09\");\n\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-18660\", \"CVE-2019-19052\", \"CVE-2019-19524\", \"CVE-2019-19534\");\n script_xref(name:\"USN\", value:\"4228-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon (USN-4228-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a heap-based buffer overflow existed in the\nMarvell WiFi-Ex Driver for the Linux kernel. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the\nMarvell Libertas WLAN Driver for the Linux kernel. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-14896,\nCVE-2019-14897)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly\nperform Spectre_RSB mitigations to all processors for PowerPC\narchitecture systems in some situations. A local attacker could use\nthis to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver\nin the Linux kernel did not properly deallocate memory in certain\nfailure conditions. A physically proximate attacker could use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the driver for memoryless force-feedback input\ndevices in the Linux kernel contained a use-after-free vulnerability.\nA physically proximate attacker could possibly use this to cause a\ndenial of service (system crash) or execute arbitrary code.\n(CVE-2019-19524)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux\nkernel did not properly sanitize memory before sending it to the\ndevice. A physically proximate attacker could use this to expose\nsensitive information (kernel memory). (CVE-2019-19534).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4228-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-18660\", \"CVE-2019-19052\", \"CVE-2019-19524\", \"CVE-2019-19534\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4228-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1064-kvm\", pkgver:\"4.4.0-1064.71\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1100-aws\", pkgver:\"4.4.0-1100.111\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1127-raspi2\", pkgver:\"4.4.0-1127.136\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1131-snapdragon\", pkgver:\"4.4.0-1131.139\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-171-generic\", pkgver:\"4.4.0-171.200\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-171-generic-lpae\", pkgver:\"4.4.0-171.200\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-171-lowlatency\", pkgver:\"4.4.0-171.200\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1100.104\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.171.179\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.171.179\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1064.64\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.171.179\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1127.127\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1131.123\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.171.179\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-09-19T13:58:54", "bulletinFamily": "unix", "description": "Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)", "modified": "2019-09-18T00:00:00", "published": "2019-09-18T00:00:00", "id": "USN-4135-2", "href": "https://usn.ubuntu.com/4135-2/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-09-19T13:59:24", "bulletinFamily": "unix", "description": "Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)", "modified": "2019-09-18T00:00:00", "published": "2019-09-18T00:00:00", "id": "USN-4135-1", "href": "https://usn.ubuntu.com/4135-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T08:46:55", "bulletinFamily": "unix", "description": "It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4228-1", "href": "https://usn.ubuntu.com/4228-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T00:46:02", "bulletinFamily": "unix", "description": "USN-4228-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM.\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4228-2", "href": "https://usn.ubuntu.com/4228-2/", "title": "Linux kernel (Xenial HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T00:44:12", "bulletinFamily": "unix", "description": "USN-4227-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM.\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nIt was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service (memory exhaustion). (CVE-2019-19083)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nTristan Madani discovered that the ALSA timer implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19807)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4227-2", "href": "https://usn.ubuntu.com/4227-2/", "title": "Linux kernel (Azure) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T08:38:15", "bulletinFamily": "unix", "description": "It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Broadcom V3D DRI driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19044)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that the Mellanox Technologies ConnectX driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19047)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19051)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the netlink-based 802.11 configuration interface in the Linux kernel did not deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19055)\n\nIt was discovered that the event tracing subsystem of the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19072)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nTristan Madani discovered that the ALSA timer implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19807)\n\nIt was discovered that the DesignWare USB3 controller driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2019-18813)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4225-1", "href": "https://usn.ubuntu.com/4225-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T08:45:01", "bulletinFamily": "unix", "description": "It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nIt was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service (memory exhaustion). (CVE-2019-19083)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nTristan Madani discovered that the ALSA timer implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19807)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4227-1", "href": "https://usn.ubuntu.com/4227-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-19T04:40:27", "bulletinFamily": "unix", "description": "USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS.\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19051)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the netlink-based 802.11 configuration interface in the Linux kernel did not deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19055)\n\nIt was discovered that the event tracing subsystem of the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19072)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nIt was discovered that the DesignWare USB3 controller driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2019-18813)", "modified": "2020-01-18T00:00:00", "published": "2020-01-18T00:00:00", "id": "USN-4225-2", "href": "https://usn.ubuntu.com/4225-2/", "title": "Linux kernel (HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-07T08:39:04", "bulletinFamily": "unix", "description": "Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. (CVE-2019-10220)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nIt was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)\n\nNicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-17133)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that the VirtualBox guest driver implementation in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19048)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the netlink-based 802.11 configuration interface in the Linux kernel did not deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19055)\n\nIt was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060)\n\nIt was discovered that the Intel OPA Gen1 Infiniband Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19065)\n\nIt was discovered that the AMD Audio CoProcessor Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker with the ability to load modules could use this to cause a denial of service (memory exhaustion). (CVE-2019-19067)\n\nIt was discovered that the event tracing subsystem of the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19072)\n\nIt was discovered that the Cascoda CA8210 SPI 802.15.4 wireless controller driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19075)\n\nIt was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service (memory exhaustion). (CVE-2019-19083)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the NXP PN533 NFC USB driver in the Linux kernel did not properly free resources after a late probe error, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19526)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that multiple USB HID device drivers in the Linux kernel did not properly validate device metadata on attachment, leading to out-of- bounds writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19532)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nIt was discovered that in some situations the fair scheduler in the Linux kernel did not permit a process to use its full quota time slice. A local attacker could use this to cause a denial of service. (CVE-2019-19922)\n\nIt was discovered that the binder IPC implementation in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2214)\n\nNicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-17075)\n\nIt was discovered that the DesignWare USB3 controller driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2019-18813)", "modified": "2020-01-07T00:00:00", "published": "2020-01-07T00:00:00", "id": "USN-4226-1", "href": "https://usn.ubuntu.com/4226-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2019-10-01T00:30:07", "bulletinFamily": "software", "description": "# \n\n## Severity\n\nHigh\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n\n## Description\n\nPeter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)\n\nCVEs contained in this USN include: CVE-2019-14835, CVE-2019-15030, CVE-2019-15031\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is high unless otherwise noted._\n\n * Cloud Foundry BOSH xenial-stemcells are vulnerable, including: \n * 456.x versions prior to 456.25\n * 315.x versions prior to 315.97\n * 250.x versions prior to 250.110\n * 170.x versions prior to 170.133\n * 97.x versions prior to 97.159\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells: \n * Upgrade 456.x versions to 456.25\n * Upgrade 315.x versions to 315.97\n * Upgrade 250.x versions to 250.110\n * Upgrade 170.x versions to 170.133\n * Upgrade 97.x versions to 97.159\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells/#ubuntu-xenial>).\n\n## References\n\n * [USN-4135-1](<https://usn.ubuntu.com/4135-1>)\n * [CVE-2019-14835](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14835>)\n * [CVE-2019-15030](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15030>)\n * [CVE-2019-15031](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15031>)\n", "modified": "2019-09-30T00:00:00", "published": "2019-09-30T00:00:00", "id": "CFOUNDRY:DF07D4C717AC736D9D7D72B02A5FA2CB", "href": "https://www.cloudfoundry.org/blog/usn-4135-1/", "title": "USN-4135-1: Linux kernel vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-06T06:43:17", "bulletinFamily": "software", "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n\n## Description\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)\n\nIt was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)\n\nIt was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231)\n\nIt was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)\n\nAnthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660)\n\nIt was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19045)\n\nIt was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. A physically proximate attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19052)\n\nIt was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attack could use this to cause a denial of service (memory exhaustion). (CVE-2019-19083)\n\nIt was discovered that the driver for memoryless force-feedback input devices in the Linux kernel contained a use-after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524)\n\nIt was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529)\n\nIt was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534)\n\nTristan Madani discovered that the ALSA timer implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19807)\n\nCVEs contained in this USN include: CVE-2019-19083, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-18660, CVE-2019-19052, CVE-2019-19524, CVE-2019-19534, CVE-2019-16231, CVE-2019-16233, CVE-2019-19045, CVE-2019-19529, CVE-2019-19807.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Xenial Stemcells \n * 97.x versions prior to 97.226\n * 315.x versions prior to 315.163\n * 456.x versions prior to 456.93\n * 170.x versions prior to 170.198\n * 250.x versions prior to 250.178\n * 621.x versions prior to 621.50\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Xenial Stemcells \n * Upgrade 97.x versions to 97.226 or greater\n * Upgrade 315.x versions to 315.163 or greater\n * Upgrade 456.x versions to 456.93 or greater\n * Upgrade 170.x versions to 170.198 or greater\n * Upgrade 250.x versions to 250.178 or greater\n * Upgrade 621.x versions to 621.50 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n\n## References\n\n * [USN Notice](<https://usn.ubuntu.com/4227-1/>)\n * [CVE-2019-19083](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19083>)\n * [CVE-2019-14895](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14895>)\n * [CVE-2019-14896](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14896>)\n * [CVE-2019-14897](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14897>)\n * [CVE-2019-14901](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14901>)\n * [CVE-2019-18660](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18660>)\n * [CVE-2019-19052](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19052>)\n * [CVE-2019-19524](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19524>)\n * [CVE-2019-19534](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19534>)\n * [CVE-2019-16231](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16231>)\n * [CVE-2019-16233](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16233>)\n * [CVE-2019-19045](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19045>)\n * [CVE-2019-19529](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19529>)\n * [CVE-2019-19807](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19807>)\n\n## History\n\n2020-01-07: Initial vulnerability report published.\n", "modified": "2020-02-05T00:00:00", "published": "2020-02-05T00:00:00", "id": "CFOUNDRY:7D6795462AFD47DE31FD5B40467B68C4", "href": "https://www.cloudfoundry.org/blog/usn-4227-1/", "title": "USN-4227-1: Linux kernel vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2020-01-14T02:53:40", "bulletinFamily": "unix", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/linux-4.4.208/*: Upgraded.\n IPV6_MULTIPLE_TABLES n -&gt; y\n +IPV6_SUBTREES y\n These updates fix various bugs and security issues.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n Fixed in 4.4.203:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19524\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15917\n Fixed in 4.4.204:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18660\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15291\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18683\n Fixed in 4.4.206:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12614\n Fixed in 4.4.207:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19227\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19062\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19338\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19332\n Fixed in 4.4.208:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19057\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19063\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-generic-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-generic-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-headers-4.4.208_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-huge-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-huge-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-modules-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-modules-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-source-4.4.208_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-generic-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-headers-4.4.208-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-huge-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-modules-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-source-4.4.208-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 packages:\nef3ab53561656d90c19389bed7f883ea kernel-generic-4.4.208-i586-1.txz\nce33ac504adf47d140c3d9ffbf7589b2 kernel-generic-smp-4.4.208_smp-i686-1.txz\n2fb222e279ceacf6e3af294a1cce54e9 kernel-headers-4.4.208_smp-x86-1.txz\nc237d6708a9d59080deb5a6659d1acf1 kernel-huge-4.4.208-i586-1.txz\n29018038f4e0510dfa7e9cdfe69c994a kernel-huge-smp-4.4.208_smp-i686-1.txz\n6518395d78e7c7b323bd964dd3b9ed13 kernel-modules-4.4.208-i586-1.txz\n440885e37ee410473bf1c9a6b028dd8b kernel-modules-smp-4.4.208_smp-i686-1.txz\n969021b83f0cb73d7b745b3d77bdbee0 kernel-source-4.4.208_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\nd6edb0754c752aaf8fcbd8d4d5bfc30a kernel-generic-4.4.208-x86_64-1.txz\n10255231f7085336046b49e829bf972c kernel-headers-4.4.208-x86-1.txz\n369fa14fb7f59f1e903402be3ad685e7 kernel-huge-4.4.208-x86_64-1.txz\nb8c8261fbb6bed66c3ded3aa36e206df kernel-modules-4.4.208-x86_64-1.txz\n83f37ca83c19fe8d1a785c93cc1ad6f5 kernel-source-4.4.208-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.208-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.208 | bash\n\nPlease note that &quot;uniprocessor&quot; has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run &quot;uname -a&quot;. If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.208-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.208 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run &quot;lilo&quot; as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "modified": "2020-01-08T14:45:25", "published": "2020-01-08T14:45:25", "id": "SSA-2020-008-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204", "title": "Slackware 14.2 kernel", "type": "slackware", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2020-05-06T02:42:45", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2020:1016\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)\n\n* kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission (CVE-2017-17807)\n\n* kernel: denial of service via ioctl call in network tun handling (CVE-2018-7191)\n\n* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\n* kernel: perf_event_open() and execve() race in setuid programs allows a data leak (CVE-2019-3901)\n\n* kernel: brcmfmac frame validation bypass (CVE-2019-9503)\n\n* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service (CVE-2019-12382)\n\n* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)\n\n* kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call (CVE-2019-13648)\n\n* kernel: integer overflow and OOB read in drivers/block/floppy.c (CVE-2019-14283)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746)\n\n* kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\n* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)\n\n* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)\n\n* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)\n\n* kernel: ASLR bypass for setuid binaries due to late install_exec_creds() (CVE-2019-11190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2020-April/012401.html\n\n**Affected packages:**\nbpftool\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\n", "modified": "2020-04-08T17:30:30", "published": "2020-04-08T17:30:30", "id": "CESA-2020:1016", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2020-April/012401.html", "title": "bpftool, kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2019-09-25T02:26:41", "bulletinFamily": "unix", "description": "The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-18551: There was an out of bounds write in the function\n i2c_smbus_xfer_emulated (bnc#1146163).\n - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super\n failure (bnc#1146285).\n - CVE-2018-21008: A use-after-free can be caused by the function\n rsi_mac80211_detach in the file\n drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).\n - CVE-2019-14814, CVE-2019-14815, CVE-2019-14816: Fix three heap-based\n buffer overflows in marvell wifi chip driver kernel, that allowed local\n users to cause a denial of service (system crash) or possibly execute\n arbitrary code. (bnc#1146516 bnc#1146512 bnc#1146514)\n - CVE-2019-14835: A buffer overflow flaw was found in the way Linux\n kernel's vhost functionality that translates virtqueue buffers to IOVs,\n logged the buffer descriptors during migration. A privileged guest user\n able to pass descriptors with invalid length to the host when migration\n is underway, could use this flaw to increase their privileges on the\n host (bnc#1150112).\n - CVE-2019-15030: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via a Facility\n Unavailable exception. To exploit the venerability, a local user starts\n a transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process\n because of a missing arch/powerpc/kernel/process.c check (bnc#1149713).\n - CVE-2019-15031: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via an\n interrupt. To exploit the venerability, a local user starts a\n transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process,\n because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c\n (bnc#1149713).\n - CVE-2019-15090: In the qedi_dbg_* family of functions, there was an\n out-of-bounds read (bnc#1146399).\n - CVE-2019-15098: drivers/net/wireless/ath/ath6kl/usb.c in the Linux\n kernel had a NULL pointer dereference via an incomplete address in an\n endpoint descriptor (bnc#1146378 1146543).\n - CVE-2019-15099: drivers/net/wireless/ath/ath10k/usb.c in the Linux\n kernel had a NULL pointer dereference via an incomplete address in an\n endpoint descriptor (bnc#1146368).\n - CVE-2019-15117: parse_audio_mixer_unit in sound/usb/mixer.c in the Linux\n kernel mishandled a short descriptor, leading to out-of-bounds memory\n access (bnc#1145920).\n - CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux\n kernel mishandled recursion, leading to kernel stack exhaustion\n (bnc#1145922).\n - CVE-2019-15211: There was a use-after-free caused by a malicious USB\n device in the drivers/media/v4l2-core/v4l2-dev.c driver because\n drivers/media/radio/radio-raremono.c did not properly allocate memory\n (bnc#1146519).\n - CVE-2019-15212: There was a double-free caused by a malicious USB device\n in the drivers/usb/misc/rio500.c driver (bnc#1146391).\n - CVE-2019-15214: There was a use-after-free in the sound subsystem\n because card disconnection causes certain data structures to be deleted\n too early. This is related to sound/core/init.c and sound/core/info.c\n (bnc#1146550).\n - CVE-2019-15215: There was a use-after-free caused by a malicious USB\n device in the drivers/media/usb/cpia2/cpia2_usb.c driver (bnc#1146425).\n - CVE-2019-15216: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/yurex.c driver\n (bnc#1146361).\n - CVE-2019-15217: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver\n (bnc#1146547).\n - CVE-2019-15218: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/media/usb/siano/smsusb.c driver\n (bnc#1146413).\n - CVE-2019-15219: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver\n (bnc#1146524).\n - CVE-2019-15220: There was a use-after-free caused by a malicious USB\n device in the drivers/net/wireless/intersil/p54/p54usb.c driver\n (bnc#1146526).\n - CVE-2019-15221: There was a NULL pointer dereference caused by a\n malicious USB device in the sound/usb/line6/pcm.c driver (bnc#1146529).\n - CVE-2019-15222: There was a NULL pointer dereference caused by a\n malicious USB device in the sound/usb/helper.c (motu_microbookii) driver\n (bnc#1146531).\n - CVE-2019-15239: In the Linux kernel, a certain net/ipv4/tcp_output.c\n change, which was properly incorporated into 4.16.12, was incorrectly\n backported to the earlier longterm kernels, introducing a new\n vulnerability that was potentially more severe than the issue that was\n intended to be fixed by backporting. Specifically, by adding to a write\n queue between disconnection and re-connection, a local attacker can\n trigger multiple use-after-free conditions. This can result in a kernel\n crash, or potentially in privilege escalation. (for example) Linux\n distributions that use 4.9.x longterm kernels or 4.14.x longterm kernels\n (bnc#1146589)\n - CVE-2019-15290: There was a NULL pointer dereference caused by a\n malicious USB device in the ath6kl_usb_alloc_urb_from_pipe function in\n the drivers/net/wireless/ath/ath6kl/usb.c driver (bnc#1146378 1146543).\n - CVE-2019-15292: There was a use-after-free in atalk_proc_exit, related\n to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and\n net/appletalk/sysctl_net_atalk.c (bnc#1146678).\n - CVE-2019-15538: XFS partially wedges when a chgrp fails on account of\n being out of disk quota. xfs_setattr_nonsize is failing to unlock the\n ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a\n local DoS attack vector, but it might result as well in remote DoS if\n the XFS filesystem is exported for instance via NFS (bnc#1148093).\n - CVE-2019-15666: There was an out-of-bounds array access in\n __xfrm_policy_unlink, which will cause denial of service, because\n verify_newpolicy_info in net/xfrm/xfrm_user.c mishandled directory\n validation (bnc#1148394).\n - CVE-2019-15902: Misuse of the upstream &quot;x86/ptrace: Fix possible\n spectre-v1 in ptrace_get_debugreg()&quot; commit reintroduced the Spectre\n vulnerability that it aimed to eliminate. This occurred because the\n backport process depends on cherry picking specific commits, and because\n two (correctly ordered) code lines were swapped (bnc#1149376).\n - CVE-2019-15917: There was a use-after-free issue when\n hci_uart_register_dev() fails in hci_uart_set_proto() in\n drivers/bluetooth/hci_ldisc.c (bnc#1149539).\n - CVE-2019-15919: SMB2_write in fs/cifs/smb2pdu.c had a use-after-free\n (bnc#1149552).\n - CVE-2019-15920: An issue was discovered in the Linux kernel SMB2_read in\n fs/cifs/smb2pdu.c had a use-after-free. NOTE: this was not fixed\n correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory\n leak (bnc#1149626).\n - CVE-2019-15921: There was a memory leak issue when idr_alloc() fails in\n genl_register_family() in net/netlink/genetlink.c (bnc#1149602).\n - CVE-2019-15924: fm10k_init_module in\n drivers/net/ethernet/intel/fm10k/fm10k_main.c had a NULL pointer\n dereference because there is no -ENOMEM upon an alloc_workqueue failure\n (bnc#1149612).\n - CVE-2019-15926: Out of bounds access exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the\n file drivers/net/wireless/ath/ath6kl/wmi.c (bnc#1149527).\n - CVE-2019-15927: An out-of-bounds access exists in the function\n build_audio_procunit in the file sound/usb/mixer.c (bnc#1149522).\n - CVE-2019-9456: In the USB monitor driver there is a possible OOB write\n due to a missing bounds check. This could lead to local escalation of\n privilege with System execution privileges needed. User interaction is\n not needed for exploitation (bnc#1150025).\n\n The following non-security bugs were fixed:\n\n - ACPICA: Increase total number of possible Owner IDs (bsc#1148859).\n - ACPI: fix false-positive -Wuninitialized warning (bsc#1051510).\n - Add missing structs and defines from recent SMB3.1.1 documentation\n (bsc#1144333).\n - Add new flag on SMB3.1.1 read (bsc#1144333).\n - address lock imbalance warnings in smbdirect.c (bsc#1144333).\n - Add some missing debug fields in server and tcon structs (bsc#1144333).\n - add some missing definitions (bsc#1144333).\n - Add some qedf commits to blacklist file (bsc#1149976)\n - Add vers=3.0.2 as a valid option for SMBv3.0.2 (bsc#1144333).\n - ALSA: firewire: fix a memory leak bug (bsc#1051510).\n - ALSA: hda - Add a generic reboot_notify (bsc#1051510).\n - ALSA: hda - Apply workaround for another AMD chip 1022:1487\n (bsc#1051510).\n - ALSA: hda/ca0132 - Add new SBZ quirk (bsc#1051510).\n - ALSA: hda - Do not override global PCM hw info flag (bsc#1051510).\n - ALSA: hda - Fix a memory leak bug (bsc#1051510).\n - ALSA: hda - Fixes inverted Conexant GPIO mic mute led (bsc#1051510).\n - ALSA: hda - Fix potential endless loop at applying quirks (bsc#1051510).\n - ALSA: hda: kabi workaround for generic parser flag (bsc#1051510).\n - ALSA: hda - Let all conexant codec enter D3 when rebooting (bsc#1051510).\n - ALSA: hda/realtek - Add quirk for HP Envy x360 (bsc#1051510).\n - ALSA: hda/realtek - Add quirk for HP Pavilion 15 (bsc#1051510).\n - ALSA: hda/realtek - Enable internal speaker &amp; headset mic of ASUS\n UX431FL (bsc#1051510).\n - ALSA: hda/realtek - Fix overridden device-specific initialization\n (bsc#1051510).\n - ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre\n (bsc#1051510).\n - ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457)\n (bsc#1051510).\n - ALSA: hiface: fix multiple memory leak bugs (bsc#1051510).\n - ALSA: line6: Fix memory leak at line6_init_pcm() error path\n (bsc#1051510).\n - ALSA: seq: Fix potential concurrent access to the deleted pool\n (bsc#1051510).\n - ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604\n (bsc#1051510).\n - ALSA: usb-audio: Check mixer unit bitmap yet more strictly (bsc#1051510).\n - ALSA: usb-audio: fix a memory leak bug (bsc#1111666).\n - ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate()\n (bsc#1051510).\n - arm64: fix undefined reference to 'printk' (bsc#1148219).\n - arm64/kernel: enable A53 erratum #8434319 handling at runtime\n (bsc#1148219).\n - arm64/kernel: rename\n module_emit_adrp_veneer-&gt;module_emit_veneer_for_adrp (bsc#1148219).\n - arm64: module: do not BUG when exceeding preallocated PLT count\n (bsc#1148219).\n - arm64: PCI: Preserve firmware configuration when desired (SLE-9332).\n - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks\n (bsc#1051510).\n - ASoC: Fail card instantiation if DAI format setup fails (bsc#1051510).\n - ata: libahci: do not complain in case of deferred probe (bsc#1051510).\n - ath10k: Change the warning message string (bsc#1051510).\n - ath10k: Drop WARN_ON()s that always trigger during system resume\n (bsc#1111666).\n - batman-adv: fix uninit-value in batadv_netlink_get_ifindex()\n (bsc#1051510).\n - batman-adv: Only read OGM2 tvlv_len after buffer len check (bsc#1051510).\n - batman-adv: Only read OGM tvlv_len after buffer len check (bsc#1051510).\n - bcache: fix possible memory leak in bch_cached_dev_run() (git fixes).\n - bcache: Revert &quot;bcache: use sysfs_match_string() instead of\n __sysfs_match_string()&quot; (git fixes).\n - bio: fix improper use of smp_mb__before_atomic() (git fixes).\n - blk-mq: backport fixes for blk_mq_complete_e_request_sync()\n (bsc#1145661).\n - blk-mq: Fix spelling in a source code comment (git fixes).\n - blk-mq: introduce blk_mq_complete_request_sync() (bsc#1145661).\n - blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait\n (bsc#1141543).\n - block, documentation: Fix wbt_lat_usec documentation (git fixes).\n - Bluetooth: btqca: Add a short delay before downloading the NVM\n (bsc#1051510).\n - bnx2x: Disable multi-cos feature (bsc#1136498 jsc#SLE-4699).\n - bnx2x: Prevent ptp_task to be rescheduled indefinitely\n (networking-stable-19_07_25).\n - bnxt_en: Fix to include flow direction in L2 key (bsc#1104745\n FATE#325918).\n - bnxt_en: Fix VNIC clearing logic for 57500 chips (bsc#1104745\n FATE#325918).\n - bnxt_en: Improve RX doorbell sequence (bsc#1104745 FATE#325918).\n - bnxt_en: Use correct src_fid to determine direction of the flow\n (bsc#1104745 FATE#325918).\n - bonding: validate ip header before check IPPROTO_IGMP\n (networking-stable-19_07_25).\n - bpf: sockmap, only create entry if ulp is not already enabled\n (bsc#1109837).\n - bpf: sockmap, sock_map_delete needs to use xchg (bsc#1109837).\n - bpf: sockmap, synchronize_rcu before free'ing map (bsc#1109837).\n - btrfs: add a helper to retrive extent inline ref type (bsc#1149325).\n - btrfs: add cleanup_ref_head_accounting helper (bsc#1050911).\n - btrfs: add missing inode version, ctime and mtime updates when punching\n hole (bsc#1140487).\n - btrfs: add one more sanity check for shared ref type (bsc#1149325).\n - btrfs: clean up pending block groups when transaction commit aborts\n (bsc#1050911).\n - btrfs: convert to use btrfs_get_extent_inline_ref_type (bsc#1149325).\n - btrfs: do not abort transaction at btrfs_update_root() after failure to\n COW path (bsc#1150933).\n - btrfs: fix assertion failure during fsync and use of stale transaction\n (bsc#1150562).\n - btrfs: fix data loss after inode eviction, renaming it, and fsync it\n (bsc#1145941).\n - btrfs: Fix delalloc inodes invalidation during transaction abort\n (bsc#1050911).\n - btrfs: fix fsync not persisting dentry deletions due to inode evictions\n (bsc#1145942).\n - btrfs: fix incremental send failure after deduplication (bsc#1145940).\n - btrfs: fix pinned underflow after transaction aborted (bsc#1050911).\n - btrfs: fix race between send and deduplication that lead to failures and\n crashes (bsc#1145059).\n - btrfs: fix race leading to fs corruption after transaction abort\n (bsc#1145937).\n - btrfs: handle delayed ref head accounting cleanup in abort (bsc#1050911).\n - btrfs: prevent send failures and crashes due to concurrent relocation\n (bsc#1145059).\n - btrfs: remove BUG() in add_data_reference (bsc#1149325).\n - btrfs: remove BUG() in btrfs_extent_inline_ref_size (bsc#1149325).\n - btrfs: remove BUG() in print_extent_item (bsc#1149325).\n - btrfs: remove BUG_ON in __add_tree_block (bsc#1149325).\n - btrfs: Split btrfs_del_delalloc_inode into 2 functions (bsc#1050911).\n - btrfs: start readahead also in seed devices (bsc#1144886).\n - btrfs: track running balance in a simpler way (bsc#1145059).\n - caif-hsi: fix possible deadlock in cfhsi_exit_module()\n (networking-stable-19_07_25).\n - can: m_can: implement errata &quot;Needless activation of MRAF irq&quot;\n (bsc#1051510).\n - can: mcp251x: add support for mcp25625 (bsc#1051510).\n - can: peak_usb: fix potential double kfree_skb() (bsc#1051510).\n - can: peak_usb: force the string buffer NULL-terminated (bsc#1051510).\n - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices (bsc#1051510).\n - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (bsc#1051510).\n - can: rcar_canfd: fix possible IRQ storm on high load (bsc#1051510).\n - can: sja1000: force the string buffer NULL-terminated (bsc#1051510).\n - carl9170: fix misuse of device driver API (bsc#1142635).\n - ceph: add btime field to ceph_inode_info (bsc#1148133 bsc#1136682).\n - ceph: add ceph.snap.btime vxattr (bsc#1148133 bsc#1148570).\n - ceph: add change_attr field to ceph_inode_info (bsc#1148133 bsc#1136682).\n - ceph: always get rstat from auth mds (bsc#1146346).\n - ceph: carry snapshot creation time with inodes (bsc#1148133 bsc#1148570).\n - ceph: clean up ceph.dir.pin vxattr name sizeof() (bsc#1146346).\n - ceph: clear page dirty before invalidate page (bsc#1148133).\n - ceph: decode feature bits in session message (bsc#1146346).\n - ceph: do not blindly unregister session that is in opening state\n (bsc#1148133).\n - ceph: do not try fill file_lock on unsuccessful GETFILELOCK reply\n (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in\n __ceph_build_xattrs_blob() (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()\n (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in fill_inode()\n (bsc#1148133).\n - ceph: fix &quot;ceph.dir.rctime&quot; vxattr value (bsc#1148133 bsc#1135219).\n - ceph: fix decode_locker to use ceph_decode_entity_addr (bsc#1148133\n bsc#1136682).\n - ceph: fix improper use of smp_mb__before_atomic() (bsc#1148133).\n - ceph: fix infinite loop in get_quota_realm() (bsc#1148133).\n - ceph: fix listxattr vxattr buffer length calculation (bsc#1148133\n bsc#1148570).\n - ceph: handle btime in cap messages (bsc#1148133 bsc#1136682).\n - ceph: handle change_attr in cap messages (bsc#1148133 bsc#1136682).\n - ceph: have MDS map decoding use entity_addr_t decoder (bsc#1148133\n bsc#1136682).\n - ceph: hold i_ceph_lock when removing caps for freeing inode\n (bsc#1148133).\n - ceph: increment change_attribute on local changes (bsc#1148133\n bsc#1136682).\n - ceph: initialize superblock s_time_gran to 1 (bsc#1148133).\n - ceph: remove request from waiting list before unregister (bsc#1148133).\n - ceph: remove unused vxattr length helpers (bsc#1148133 bsc#1148570).\n - ceph: silence a checker warning in mdsc_show() (bsc#1148133).\n - ceph: support cephfs' own feature bits (bsc#1146346).\n - ceph: support getting ceph.dir.pin vxattr (bsc#1146346).\n - ceph: support versioned reply (bsc#1146346).\n - ceph: use bit flags to define vxattr attributes (bsc#1146346).\n - cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED\n (bsc#1144333).\n - cifs: add a new SMB2_close_flags function (bsc#1144333).\n - cifs: add a smb2_compound_op and change QUERY_INFO to use it\n (bsc#1144333).\n - cifs: add a timeout argument to wait_for_free_credits (bsc#1144333).\n - cifs: add a warning if we try to to dequeue a deleted mid (bsc#1144333).\n - cifs: add compound_send_recv() (bsc#1144333).\n - cifs: add credits from unmatched responses/messages (bsc#1144333).\n - cifs: add debug output to show nocase mount option (bsc#1144333).\n - cifs: Add DFS cache routines (bsc#1144333).\n - cifs: Add direct I/O functions to file_operations (bsc#1144333).\n - cifs: add fiemap support (bsc#1144333).\n - cifs: add iface info to struct cifs_ses (bsc#1144333).\n - cifs: add IOCTL for QUERY_INFO passthrough to userspace (bsc#1144333).\n - cifs: add lease tracking to the cached root fid (bsc#1144333).\n - cifs: Add minor debug message during negprot (bsc#1144333).\n - cifs: add missing debug entries for kconfig options (bsc#1051510,\n bsc#1144333).\n - cifs: add missing GCM module dependency (bsc#1144333).\n - cifs: add missing support for ACLs in SMB 3.11 (bsc#1051510,\n bsc#1144333).\n - cifs: add ONCE flag for cifs_dbg type (bsc#1144333).\n - cifs: add pdu_size to the TCP_Server_Info structure (bsc#1144333).\n - cifs: add resp_buf_size to the mid_q_entry structure (bsc#1144333).\n - cifs: address trivial coverity warning (bsc#1144333).\n - cifs: add server argument to the dump_detail method (bsc#1144333).\n - cifs: add server-&gt;vals-&gt;header_preamble_size (bsc#1144333).\n - cifs: add SFM mapping for 0x01-0x1F (bsc#1144333).\n - cifs: add sha512 secmech (bsc#1051510, bsc#1144333).\n - cifs: Adds information-level logging function (bsc#1144333).\n - cifs: add SMB2_close_init()/SMB2_close_free() (bsc#1144333).\n - cifs: add SMB2_ioctl_init/free helpers to be used with compounding\n (bsc#1144333).\n - cifs: add SMB2_query_info_[init|free]() (bsc#1144333).\n - cifs: Add smb2_send_recv (bsc#1144333).\n - cifs: add spinlock for the openFileList to cifsInodeInfo (bsc#1144333).\n - cifs: add .splice_write (bsc#1144333).\n - cifs: Add support for direct I/O read (bsc#1144333).\n - cifs: Add support for direct I/O write (bsc#1144333).\n - cifs: Add support for direct pages in rdata (bsc#1144333).\n - cifs: Add support for direct pages in wdata (bsc#1144333).\n - cifs: Add support for failover in cifs_mount() (bsc#1144333).\n - cifs: Add support for failover in cifs_reconnect() (bsc#1144333).\n - cifs: Add support for failover in cifs_reconnect_tcon() (bsc#1144333).\n - cifs: Add support for failover in smb2_reconnect() (bsc#1144333).\n - cifs: Add support for FSCTL passthrough that write data to the server\n (bsc#1144333).\n - cifs: add support for ioctl on directories (bsc#1144333).\n - cifs: Add support for reading attributes on SMB2+ (bsc#1051510,\n bsc#1144333).\n - cifs: add support for SEEK_DATA and SEEK_HOLE (bsc#1144333).\n - cifs: Add support for writing attributes on SMB2+ (bsc#1051510,\n bsc#1144333).\n - cifs: Adjust MTU credits before reopening a file (bsc#1144333).\n - cifs: Allocate memory for all iovs in smb2_ioctl (bsc#1144333).\n - cifs: Allocate validate negotiation request through kmalloc\n (bsc#1144333).\n - cifs: allow calling SMB2_xxx_free(NULL) (bsc#1144333).\n - cifs: allow disabling less secure legacy dialects (bsc#1144333).\n - cifs: allow guest mounts to work for smb3.11 (bsc#1051510, bsc#1144333).\n - cifs: always add credits back for unsolicited PDUs (bsc#1144333).\n - cifs: Always reset read error to -EIO if no response (bsc#1144333).\n - cifs: Always resolve hostname before reconnecting (bsc#1051510,\n bsc#1144333).\n - cifs: a smb2_validate_and_copy_iov failure does not mean the handle is\n invalid (bsc#1144333).\n - cifs: auto disable 'serverino' in dfs mounts (bsc#1144333).\n - cifs: avoid a kmalloc in smb2_send_recv/SendReceive2 for the common case\n (bsc#1144333).\n - cifs: Avoid returning EBUSY to upper layer VFS (bsc#1144333).\n - cifs: cache FILE_ALL_INFO for the shared root handle (bsc#1144333).\n - cifs: Calculate the correct request length based on page offset and tail\n size (bsc#1144333).\n - cifs: Call MID callback before destroying transport (bsc#1144333).\n - cifs: change mkdir to use a compound (bsc#1144333).\n - cifs: change smb2_get_data_area_len to take a smb2_sync_hdr as argument\n (bsc#1144333).\n - cifs: Change SMB2_open to return an iov for the error parameter\n (bsc#1144333).\n - cifs: change SMB2_OP_RENAME and SMB2_OP_HARDLINK to use compounding\n (bsc#1144333).\n - cifs: change SMB2_OP_SET_EOF to use compounding (bsc#1144333).\n - cifs: change SMB2_OP_SET_INFO to use compounding (bsc#1144333).\n - cifs: change smb2_query_eas to use the compound query-info helper\n (bsc#1144333).\n - cifs: change unlink to use a compound (bsc#1144333).\n - cifs: change validate_buf to validate_iov (bsc#1144333).\n - cifs: change wait_for_free_request() to take flags as argument\n (bsc#1144333).\n - cifs: check CIFS_MOUNT_NO_DFS when trying to reuse existing sb\n (bsc#1144333).\n - cifs: Check for reconnects before sending async requests (bsc#1144333).\n - cifs: Check for reconnects before sending compound requests\n (bsc#1144333).\n - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902, bsc#1144333).\n - cifs: Check for timeout on Negotiate stage (bsc#1091171, bsc#1144333).\n - cifs: check if SMB2 PDU size has been padded and suppress the warning\n (bsc#1144333).\n - cifs: check kmalloc before use (bsc#1051510, bsc#1144333).\n - cifs: check kzalloc return (bsc#1144333).\n - cifs: check MaxPathNameComponentLength != 0 before using it\n (bsc#1085536, bsc#1144333).\n - cifs: check ntwrk_buf_start for NULL before dereferencing it\n (bsc#1144333).\n - cifs: check rsp for NULL before dereferencing in SMB2_open (bsc#1085536,\n bsc#1144333).\n - cifs: cifs_read_allocate_pages: do not iterate through whole page array\n on ENOMEM (bsc#1144333).\n - cifs: clean up indentation, replace spaces with tab (bsc#1144333).\n - cifs: cleanup smb2ops.c and normalize strings (bsc#1144333).\n - cifs: complete PDU definitions for interface queries (bsc#1144333).\n - cifs: connect to servername instead of IP for IPC$ share (bsc#1051510,\n bsc#1144333).\n - cifs: Count SMB3 credits for malformed pending responses (bsc#1144333).\n - cifs: create a define for how many iovs we need for an SMB2_open()\n (bsc#1144333).\n - cifs: create a define for the max number of iov we need for a SMB2\n set_info (bsc#1144333).\n - cifs: create a helper function for compound query_info (bsc#1144333).\n - cifs: create helpers for SMB2_set_info_init/free() (bsc#1144333).\n - cifs: create SMB2_open_init()/SMB2_open_free() helpers (bsc#1144333).\n - cifs: Display SMB2 error codes in the hex format (bsc#1144333).\n - cifs: document tcon/ses/server refcount dance (bsc#1144333).\n - cifs: do not allow creating sockets except with SMB1 posix exensions\n (bsc#1102097, bsc#1144333).\n - cifs: Do not assume one credit for async responses (bsc#1144333).\n - cifs: do not attempt cifs operation on smb2+ rename error (bsc#1144333).\n - cifs: Do not consider -ENODATA as stat failure for reads (bsc#1144333).\n - cifs: Do not count -ENODATA as failure for query directory (bsc#1051510,\n bsc#1144333).\n - cifs: do not dereference smb_file_target before null check (bsc#1051510,\n bsc#1144333).\n - cifs: Do not hide EINTR after sending network packets (bsc#1051510,\n bsc#1144333).\n - cifs: Do not log credits when unmounting a share (bsc#1144333).\n - cifs: do not log STATUS_NOT_FOUND errors for DFS (bsc#1051510,\n bsc#1144333).\n - cifs: Do not match port on SMBDirect transport (bsc#1144333).\n - cifs: Do not modify mid entry after submitting I/O in cifs_call_async\n (bsc#1051510, bsc#1144333).\n - cifs: Do not reconnect TCP session in add_credits() (bsc#1051510,\n bsc#1144333).\n - cifs: Do not reset lease state to NONE on lease break (bsc#1051510,\n bsc#1144333).\n - cifs: do not return atime less than mtime (bsc#1144333).\n - cifs: do not send invalid input buffer on QUERY_INFO requests\n (bsc#1144333).\n - cifs: Do not set credits to 1 if the server didn't grant anything\n (bsc#1144333).\n - cifs: do not show domain= in mount output when domain is empty\n (bsc#1144333).\n - cifs: Do not skip SMB2 message IDs on send failures (bsc#1144333).\n - cifs: do not use __constant_cpu_to_le32() (bsc#1144333).\n - cifs: dump every session iface info (bsc#1144333).\n - cifs: dump IPC tcon in debug proc file (bsc#1071306, bsc#1144333).\n - cifs: fallback to older infolevels on findfirst queryinfo retry\n (bsc#1144333).\n - cifs: Find and reopen a file before get MTU credits in writepages\n (bsc#1144333).\n - cifs: fix a buffer leak in smb2_query_symlink (bsc#1144333).\n - cifs: fix a credits leak for compund commands (bsc#1144333).\n - cifs: Fix a debug message (bsc#1144333).\n - cifs: Fix adjustment of credits for MTU requests (bsc#1051510,\n bsc#1144333).\n - cifs: Fix an issue with re-sending rdata when transport returning\n -EAGAIN (bsc#1144333).\n - cifs: Fix an issue with re-sending wdata when transport returning\n -EAGAIN (bsc#1144333).\n - cifs: Fix a race condition with cifs_echo_request (bsc#1144333).\n - cifs: Fix a tiny potential memory leak (bsc#1144333).\n - cifs: Fix autonegotiate security settings mismatch (bsc#1087092,\n bsc#1144333).\n - cifs: fix bi-directional fsctl passthrough calls (bsc#1144333).\n - cifs: fix build break when CONFIG_CIFS_DEBUG2 enabled (bsc#1144333).\n - cifs: fix build errors for SMB_DIRECT (bsc#1144333).\n - cifs: Fix check for matching with existing mount (bsc#1144333).\n - cifs: fix circular locking dependency (bsc#1064701, bsc#1144333).\n - cifs: fix computation for MAX_SMB2_HDR_SIZE (bsc#1144333).\n - cifs: fix confusing warning message on reconnect (bsc#1144333).\n - cifs: fix crash in cifs_dfs_do_automount (bsc#1144333).\n - cifs: fix crash in smb2_compound_op()/smb2_set_next_command()\n (bsc#1144333).\n - cifs: fix crash querying symlinks stored as reparse-points (bsc#1144333).\n - cifs: Fix credit calculation for encrypted reads with errors\n (bsc#1051510, bsc#1144333).\n - cifs: Fix credit calculations in compound mid callback (bsc#1144333).\n - cifs: Fix credit computation for compounded requests (bsc#1144333).\n - cifs: Fix credits calculation for cancelled requests (bsc#1144333).\n - cifs: Fix credits calculations for reads with errors (bsc#1051510,\n bsc#1144333).\n - cifs: fix credits leak for SMB1 oplock breaks (bsc#1144333).\n - cifs: fix deadlock in cached root handling (bsc#1144333).\n - cifs: Fix DFS cache refresher for DFS links (bsc#1144333).\n - cifs: fix encryption in SMB3.1.1 (bsc#1144333).\n - cifs: Fix encryption/signing (bsc#1144333).\n - cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock\n problem (bsc#1051510, bsc#1144333).\n - cifs: Fix error paths in writeback code (bsc#1144333).\n - cifs: fix GlobalMid_Lock bug in cifs_reconnect (bsc#1144333).\n - cifs: fix handle leak in smb2_query_symlink() (bsc#1144333).\n - cifs: fix incorrect handling of smb2_set_sparse() return in\n smb3_simple_falloc (bsc#1144333).\n - cifs: Fix infinite loop when using hard mount option (bsc#1091171,\n bsc#1144333).\n - cifs: Fix invalid check in __cifs_calc_signature() (bsc#1144333).\n - cifs: Fix kernel oops when traceSMB is enabled (bsc#1144333).\n - cifs: fix kref underflow in close_shroot() (bsc#1144333).\n - cifs: Fix leaking locked VFS cache pages in writeback retry\n (bsc#1144333).\n - cifs: Fix lease buffer length error (bsc#1144333).\n - cifs: fix memory leak and remove dead code (bsc#1144333).\n - cifs: fix memory leak in SMB2_open() (bsc#1112894, bsc#1144333).\n - cifs: fix memory leak in SMB2_read (bsc#1144333).\n - cifs: Fix memory leak in smb2_set_ea() (bsc#1051510, bsc#1144333).\n - cifs: fix memory leak of an allocated cifs_ntsd structure (bsc#1144333).\n - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case\n (bsc#1144333).\n - cifs: Fix missing put_xid in cifs_file_strict_mmap (bsc#1087092,\n bsc#1144333).\n - cifs: Fix module dependency (bsc#1144333).\n - cifs: Fix mounts if the client is low on credits (bsc#1144333).\n - cifs: fix NULL deref in SMB2_read (bsc#1085539, bsc#1144333).\n - cifs: Fix NULL pointer dereference of devname (bnc#1129519).\n - cifs: Fix NULL pointer deref on SMB2_tcon() failure (bsc#1071009,\n bsc#1144333).\n - cifs: Fix NULL ptr deref (bsc#1144333).\n - cifs: fix page reference leak with readv/writev (bsc#1144333).\n - cifs: fix panic in smb2_reconnect (bsc#1144333).\n - cifs: fix parsing of symbolic link error response (bsc#1144333).\n - cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542,\n bsc#1144333).\n - cifs: Fix possible hang during async MTU reads and writes (bsc#1051510,\n bsc#1144333).\n - cifs: Fix possible oops and memory leaks in async IO (bsc#1144333).\n - cifs: Fix potential OOB access of lock element array (bsc#1051510,\n bsc#1144333).\n - cifs: Fix read after write for files with read caching (bsc#1051510,\n bsc#1144333).\n - cifs: fix return value for cifs_listxattr (bsc#1051510, bsc#1144333).\n - cifs: fix rmmod regression in cifs.ko caused by force_sig changes\n (bsc#1144333).\n - cifs: Fix separator when building path from dentry (bsc#1051510,\n bsc#1144333).\n - cifs: fix sha512 check in cifs_crypto_secmech_release (bsc#1051510,\n bsc#1144333).\n - cifs: fix signed/unsigned mismatch on aio_read patch (bsc#1144333).\n - cifs: Fix signing for SMB2/3 (bsc#1144333).\n - cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting\n (bsc#1144333).\n - cifs: Fix slab-out-of-bounds when tracing SMB tcon (bsc#1144333).\n - cifs: fix SMB1 breakage (bsc#1144333).\n - cifs: fix smb3_zero_range for Azure (bsc#1144333).\n - cifs: fix smb3_zero_range so it can expand the file-size when required\n (bsc#1144333).\n - cifs: fix sparse warning on previous patch in a few printks\n (bsc#1144333).\n - cifs: fix spelling mistake, EACCESS -&gt; EACCES (bsc#1144333).\n - cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf()\n (bsc#1051510, bsc#1144333).\n - cifs: fix strcat buffer overflow and reduce raciness in\n smb21_set_oplock_level() (bsc#1144333).\n - cifs: Fix to use kmem_cache_free() instead of kfree() (bsc#1144333).\n - cifs: Fix trace command logging for SMB2 reads and writes (bsc#1144333).\n - cifs: fix typo in cifs_dbg (bsc#1144333).\n - cifs: fix typo in debug message with struct field ia_valid (bsc#1144333).\n - cifs: fix uninitialized ptr deref in smb2 signing (bsc#1144333).\n - cifs: Fix use-after-free in SMB2_read (bsc#1144333).\n - cifs: Fix use-after-free in SMB2_write (bsc#1144333).\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903, bsc#1144333).\n - cifs: fix use-after-free of the lease keys (bsc#1144333).\n - cifs: Fix validation of signed data in smb2 (bsc#1144333).\n - cifs: Fix validation of signed data in smb3+ (bsc#1144333).\n - cifs: fix wrapping bugs in num_entries() (bsc#1051510, bsc#1144333).\n - cifs: flush before set-info if we have writeable handles (bsc#1144333).\n - cifs: For SMB2 security informaion query, check for minimum sized\n security descriptor instead of sizeof FileAllInformation class\n (bsc#1051510, bsc#1144333).\n - cifs: handle large EA requests more gracefully in smb2+ (bsc#1144333).\n - cifs: handle netapp error codes (bsc#1136261).\n - cifs: hide unused functions (bsc#1051510, bsc#1144333).\n - cifs: implement v3.11 preauth integrity (bsc#1051510, bsc#1144333).\n - cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure\n cifs) (bsc#1144333).\n - cifs: integer overflow in in SMB2_ioctl() (bsc#1051510, bsc#1144333).\n - cifs: Introduce helper function to get page offset and length in\n smb_rqst (bsc#1144333).\n - cifs: Introduce offset for the 1st page in data transfer structures\n (bsc#1144333).\n - cifs: invalidate cache when we truncate a file (bsc#1051510,\n bsc#1144333).\n - cifs: keep FileInfo handle live during oplock break (bsc#1106284,\n bsc#1131565, bsc#1144333).\n - cifs: limit amount of data we request for xattrs to CIFSMaxBufSize\n (bsc#1144333).\n - cifs: Limit memory used by lock request calls to a page (bsc#1144333).\n - cifs_lookup(): cifs_get_inode_...() never returns 0 with *inode left\n NULL (bsc#1144333).\n - cifs_lookup(): switch to d_splice_alias() (bsc#1144333).\n - cifs: make arrays static const, reduces object code size (bsc#1144333).\n - cifs: Make devname param optional in cifs_compose_mount_options()\n (bsc#1144333).\n - cifs: make IPC a regular tcon (bsc#1071306, bsc#1144333).\n - cifs: make minor clarifications to module params for cifs.ko\n (bsc#1144333).\n - cifs: make mknod() an smb_version_op (bsc#1144333).\n - cifs: make 'nodfs' mount opt a superblock flag (bsc#1051510,\n bsc#1144333).\n - cifs: make rmdir() use compounding (bsc#1144333).\n - cifs: make smb_send_rqst take an array of requests (bsc#1144333).\n - cifs: Make sure all data pages are signed correctly (bsc#1144333).\n - cifs: Make use of DFS cache to get new DFS referrals (bsc#1144333).\n - cifs: Mask off signals when sending SMB packets (bsc#1144333).\n - cifs: minor clarification in comments (bsc#1144333).\n - cifs: Minor Kconfig clarification (bsc#1144333).\n - cifs: minor updates to module description for cifs.ko (bsc#1144333).\n - cifs: Move credit processing to mid callbacks for SMB3 (bsc#1144333).\n - cifs: move default port definitions to cifsglob.h (bsc#1144333).\n - cifs: move large array from stack to heap (bsc#1144333).\n - cifs: Move open file handling to writepages (bsc#1144333).\n - cifs: Move unlocking pages from wdata_send_pages() (bsc#1144333).\n - cifs: OFD locks do not conflict with eachothers (bsc#1051510,\n bsc#1144333).\n - cifs: Only free DFS target list if we actually got one (bsc#1144333).\n - cifs: Only send SMB2_NEGOTIATE command on new TCP connections\n (bsc#1144333).\n - cifs: only wake the thread for the very last PDU in a compound\n (bsc#1144333).\n - cifs: parse and store info on iface queries (bsc#1144333).\n - cifs: pass flags down into wait_for_free_credits() (bsc#1144333).\n - cifs: Pass page offset for calculating signature (bsc#1144333).\n - cifs: Pass page offset for encrypting (bsc#1144333).\n - cifs: pass page offsets on SMB1 read/write (bsc#1144333).\n - cifs: prevent integer overflow in nxt_dir_entry() (bsc#1051510,\n bsc#1144333).\n - cifs: prevent starvation in wait_for_free_credits for multi-credit\n requests (bsc#1144333).\n - cifs: print CIFSMaxBufSize as part of /proc/fs/cifs/DebugData\n (bsc#1144333).\n - cifs: Print message when attempting a mount (bsc#1144333).\n - cifs: Properly handle auto disabling of serverino option (bsc#1144333).\n - cifs: protect against server returning invalid file system block size\n (bsc#1144333).\n - cifs: prototype declaration and definition for smb 2 - 3 and cifsacl\n mount options (bsc#1051510, bsc#1144333).\n - cifs: prototype declaration and definition to set acl for smb 2 - 3 and\n cifsacl mount options (bsc#1051510, bsc#1144333).\n - cifs: push rfc1002 generation down the stack (bsc#1144333).\n - cifs: read overflow in is_valid_oplock_break() (bsc#1144333).\n - cifs: Reconnect expired SMB sessions (bnc#1060662).\n - cifs: refactor and clean up arguments in the reparse point parsing\n (bsc#1144333).\n - cifs: refactor crypto shash/sdesc allocation&amp;free (bsc#1051510,\n bsc#1144333).\n - cifs: Refactor out cifs_mount() (bsc#1144333).\n - cifs: release auth_key.response for reconnect (bsc#1085536, bsc#1144333).\n - cifs: release cifs root_cred after exit_cifs (bsc#1085536, bsc#1144333).\n - cifs: remove coverity warning in calc_lanman_hash (bsc#1144333).\n - cifs: Remove custom credit adjustments for SMB2 async IO (bsc#1144333).\n - cifs: remove header_preamble_size where it is always 0 (bsc#1144333).\n - cifs: remove redundant duplicated assignment of pointer 'node'\n (bsc#1144333).\n - cifs: remove rfc1002 hardcoded constants from\n cifs_discard_remaining_data() (bsc#1144333).\n - cifs: remove rfc1002 header from all SMB2 response structures\n (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_close_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_create_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_echo_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_flush_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_ioctl_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_lease_ack (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_lock_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_logoff_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_negotiate_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_oplock_break we get from server\n (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_query_directory_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_query_info_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2 read/write requests (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_sess_setup_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_set_info_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_tree_connect_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_tree_disconnect_req (bsc#1144333).\n - cifs: remove set but not used variable 'cifs_sb' (bsc#1144333).\n - cifs: remove set but not used variable 'sep' (bsc#1144333).\n - cifs: remove set but not used variable 'server' (bsc#1144333).\n - cifs: remove set but not used variable 'smb_buf' (bsc#1144333).\n - cifs: remove small_smb2_init (bsc#1144333).\n - cifs: remove smb2_send_recv() (bsc#1144333).\n - cifs: remove struct smb2_hdr (bsc#1144333).\n - cifs: remove struct smb2_oplock_break_rsp (bsc#1144333).\n - cifs: remove the is_falloc argument to SMB2_set_eof (bsc#1144333).\n - cifs: remove unused stats (bsc#1144333).\n - cifs: remove unused value pointed out by Coverity (bsc#1144333).\n - cifs: remove unused variable from SMB2_read (bsc#1144333).\n - cifs: rename and clarify CIFS_ASYNC_OP and CIFS_NO_RESP (bsc#1144333).\n - cifs: Reopen file before get SMB2 MTU credits for async IO (bsc#1144333).\n - cifs: replace a 4 with server-&gt;vals-&gt;header_preamble_size (bsc#1144333).\n - cifs: replace snprintf with scnprintf (bsc#1144333).\n - cifs: Respect reconnect in MTU credits calculations (bsc#1144333).\n - cifs: Respect reconnect in non-MTU credits calculations (bsc#1144333).\n - cifs: Respect SMB2 hdr preamble size in read responses (bsc#1144333).\n - cifs: return correct errors when pinning memory failed for direct I/O\n (bsc#1144333).\n - cifs: Return -EAGAIN instead of -ENOTSOCK (bsc#1144333).\n - cifs: return -ENODATA when deleting an xattr that does not exist\n (bsc#1144333).\n - cifs: Return error code when getting file handle for writeback\n (bsc#1144333).\n - cifs: return error on invalid value written to cifsFYI (bsc#1144333).\n - cifs: Save TTL value when parsing DFS referrals (bsc#1144333).\n - cifs: Select all required crypto modules (bsc#1085536, bsc#1144333).\n - cifs: set mapping error when page writeback fails in writepage or\n launder_pages (bsc#1144333).\n - cifs: set oparms.create_options rather than or'ing in\n CREATE_OPEN_BACKUP_INTENT (bsc#1144333).\n - cifs: Set reconnect instance to one initially (bsc#1144333).\n - cifs: set *resp_buf_type to NO_BUFFER on error (bsc#1144333).\n - cifs: Show locallease in /proc/mounts for cifs shares mounted with\n locallease feature (bsc#1144333).\n - cifs: show 'soft' in the mount options for hard mounts (bsc#1144333).\n - cifs: show the w bit for writeable /proc/fs/cifs/* files (bsc#1144333).\n - cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734,\n bsc#1144333).\n - cifs: Silence uninitialized variable warning (bsc#1144333).\n - cifs: simple stats should always be enabled (bsc#1144333).\n - cifs: simplify code by removing CONFIG_CIFS_ACL ifdef (bsc#1144333). -\n Update config files.\n - cifs: simplify how we handle credits in compound_send_recv()\n (bsc#1144333).\n - cifs: Skip any trailing backslashes from UNC (bsc#1144333).\n - cifs: smb2 commands can not be negative, remove confusing check\n (bsc#1144333).\n - cifs: smb2ops: Fix listxattr() when there are no EAs (bsc#1051510,\n bsc#1144333).\n - cifs: smb2ops: Fix NULL check in smb2_query_symlink (bsc#1144333).\n - cifs: smb2pdu: Fix potential NULL pointer dereference (bsc#1144333).\n - cifs: smbd: Add parameter rdata to smb2_new_read_req (bsc#1144333).\n - cifs: smbd: Add rdma mount option (bsc#1144333).\n - cifs: smbd: Add SMB Direct debug counters (bsc#1144333).\n - cifs: smbd: Add SMB Direct protocol initial values and constants\n (bsc#1144333).\n - cifs: smbd: Avoid allocating iov on the stack (bsc#1144333).\n - cifs: smbd: avoid reconnect lockup (bsc#1144333).\n - cifs: smbd: Check for iov length on sending the last iov (bsc#1144333).\n - cifs: smbd: depend on INFINIBAND_ADDR_TRANS (bsc#1144333).\n - cifs: smbd: Disable signing on SMB direct transport (bsc#1144333).\n - cifs: smbd: disconnect transport on RDMA errors (bsc#1144333).\n - cifs: smbd: Do not call ib_dereg_mr on invalidated memory registration\n (bsc#1144333).\n - cifs: smbd: Do not destroy transport on RDMA disconnect (bsc#1144333).\n - cifs: smbd: Do not use RDMA read/write when signing is used\n (bsc#1144333).\n - cifs: smbd: Dump SMB packet when configured (bsc#1144333).\n - cifs: smbd: Enable signing with smbdirect (bsc#1144333).\n - cifs: smbd: Establish SMB Direct connection (bsc#1144333).\n - cifs: smbd: export protocol initial values (bsc#1144333).\n - cifs: smbd: fix spelling mistake: faield and legnth (bsc#1144333).\n - cifs: smbd: Fix the definition for SMB2_CHANNEL_RDMA_V1_INVALIDATE\n (bsc#1144333).\n - cifs: smbd: Implement function to create a SMB Direct connection\n (bsc#1144333).\n - cifs: smbd: Implement function to destroy a SMB Direct connection\n (bsc#1144333).\n - cifs: smbd: Implement function to receive data via RDMA receive\n (bsc#1144333).\n - cifs: smbd: Implement function to reconnect to a SMB Direct transport\n (bsc#1144333).\n - cifs: smbd: Implement function to send data via RDMA send (bsc#1144333).\n - cifs: smbd: Implement RDMA memory registration (bsc#1144333).\n - cifs: smbd: Indicate to retry on transport sending failure (bsc#1144333).\n - cifs: smbd: Read correct returned data length for RDMA write (SMB read)\n I/O (bsc#1144333).\n - cifs: smbd: Retry on memory registration failure (bsc#1144333).\n - cifs: smbd: Return EINTR when interrupted (bsc#1144333).\n - cifs: smbd: Set SMB Direct maximum read or write size for I/O\n (bsc#1144333).\n - cifs: smbd: _smbd_get_connection() can be static (bsc#1144333).\n - cifs: smbd: Support page offset in memory registration (bsc#1144333).\n - cifs: smbd: Support page offset in RDMA recv (bsc#1144333).\n - cifs: smbd: Support page offset in RDMA send (bsc#1144333).\n - cifs: smbd: take an array of reqeusts when sending upper layer data\n (bsc#1144333).\n - cifs: smbd: Upper layer connects to SMBDirect session (bsc#1144333).\n - cifs: smbd: Upper layer destroys SMB Direct session on shutdown or\n umount (bsc#1144333).\n - cifs: smbd: Upper layer performs SMB read via RDMA write through memory\n registration (bsc#1144333).\n - cifs: smbd: Upper layer performs SMB write via RDMA read through memory\n registration (bsc#1144333).\n - cifs: smbd: Upper layer receives data via RDMA receive (bsc#1144333).\n - cifs: smbd: Upper layer reconnects to SMB Direct session (bsc#1144333).\n - cifs: smbd: Upper layer sends data via RDMA send (bsc#1144333).\n - cifs:smbd Use the correct DMA direction when sending data (bsc#1144333).\n - cifs:smbd When reconnecting to server, call smbd_destroy() after all\n MIDs have been called (bsc#1144333).\n - cifs: smbd: work around gcc -Wmaybe-uninitialized warning (bsc#1144333).\n - cifs: start DFS cache refresher in cifs_mount() (bsc#1144333).\n - cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510,\n bsc#1144333).\n - cifs: suppress some implicit-fallthrough warnings (bsc#1144333).\n - cifs: track writepages in vfs operation counters (bsc#1144333).\n - cifs: Try to acquire credits at once for compound requests (bsc#1144333).\n - cifs: update calc_size to take a server argument (bsc#1144333).\n - cifs: update init_sg, crypt_message to take an array of rqst\n (bsc#1144333).\n - cifs: update internal module number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number for cifs.ko to 2.12\n (bsc#1144333).\n - cifs: update internal module version number for cifs.ko to 2.14\n (bsc#1144333).\n - cifs: update module internal version number (bsc#1144333).\n - cifs: update multiplex loop to handle compounded responses (bsc#1144333).\n - cifs: update receive_encrypted_standard to handle compounded responses\n (bsc#1144333).\n - cifs: update smb2_calc_size to use smb2_sync_hdr instead of smb2_hdr\n (bsc#1144333).\n - cifs: update smb2_check_message to handle PDUs without a 4 byte length\n header (bsc#1144333).\n - cifs: update smb2_queryfs() to use compounding (bsc#1144333).\n - cifs: update __smb_send_rqst() to take an array of requests\n (bsc#1144333).\n - cifs: use a compound for setting an xattr (bsc#1144333).\n - cifs: use a refcount to protect open/closing the cached file handle\n (bsc#1144333).\n - cifs: use correct format characters (bsc#1144333).\n - cifs: Use correct packet length in SMB2_TRANSFORM header (bsc#1144333).\n - cifs: Use GFP_ATOMIC when a lock is held in cifs_mount() (bsc#1144333).\n - cifs: Use kmemdup in SMB2_ioctl_init() (bsc#1144333).\n - cifs: Use kmemdup rather than duplicating its implementation in\n smb311_posix_mkdir() (bsc#1144333).\n - cifs: Use kzfree() to free password (bsc#1144333).\n - cifs: Use offset when reading pages (bsc#1144333).\n - cifs: Use smb 2 - 3 and cifsacl mount options getacl functions\n (bsc#1051510, bsc#1144333).\n - cifs: Use smb 2 - 3 and cifsacl mount options setacl function\n (bsc#1051510, bsc#1144333).\n - cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl\n (bsc#1071306, bsc#1144333).\n - cifs: use the correct length when pinning memory for direct I/O for\n write (bsc#1144333).\n - cifs: Use ULL suffix for 64-bit constant (bsc#1051510, bsc#1144333).\n - cifs: wait_for_free_credits() make it possible to wait for &gt;=1 credits\n (bsc#1144333).\n - cifs: we can not use small padding iovs together with encryption\n (bsc#1144333).\n - cifs: When sending data on socket, pass the correct page offset\n (bsc#1144333).\n - cifs: zero-range does not require the file is sparse (bsc#1144333).\n - cifs: zero sensitive data when freeing (bsc#1087092, bsc#1144333).\n - Cleanup some minor endian issues in smb3 rdma (bsc#1144333).\n - clk: add clk_bulk_get accessories (bsc#1144813).\n - clk: bcm2835: remove pllb (jsc#SLE-7294).\n - clk: bcm283x: add driver interfacing with Raspberry Pi's firmware\n (jsc#SLE-7294).\n - clk: bulk: silently error out on EPROBE_DEFER (bsc#1144718,bsc#1144813).\n - clk: Export clk_bulk_prepare() (bsc#1144813).\n - clk: raspberrypi: register platform device for raspberrypi-cpufreq\n (jsc#SLE-7294).\n - clk: renesas: cpg-mssr: Fix reset control race condition (bsc#1051510).\n - clk: rockchip: Add 1.6GHz PLL rate for rk3399 (bsc#1144718,bsc#1144813).\n - clk: rockchip: assign correct id for pclk_ddr and hclk_sd in rk3399\n (bsc#1144718,bsc#1144813).\n - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling (bsc#1051510).\n - config: arm64: Remove CONFIG_ARM64_MODULE_CMODEL_LARGE Option removed by\n patches in bsc#1148219\n - coredump: split pipe command whitespace before expanding template\n (bsc#1051510).\n - cpufreq: add driver for Raspberry Pi (jsc#SLE-7294).\n - cpufreq: dt: Try freeing static OPPs only if we have added them\n (jsc#SLE-7294).\n - cpu/speculation: Warn on unsupported mitigations= parameter\n (bsc#1114279).\n - crypto: ccp - Add support for valid authsize values less than 16\n (bsc#1051510).\n - crypto: ccp - Fix oops by properly managing allocated structures\n (bsc#1051510).\n - crypto: ccp - Ignore tag length when decrypting GCM ciphertext\n (bsc#1051510).\n - crypto: ccp - Ignore unconfigured CCP device on suspend/resume\n (bnc#1145934).\n - crypto: ccp - Validate buffer lengths for copy operations (bsc#1051510).\n - crypto: virtio - Read crypto services and algorithm masks (jsc#SLE-5844\n jsc#SLE-6331 FATE#327377 bsc#1145446 LTC#175307).\n - crypto: virtio - Register an algo only if it's supported (jsc#SLE-5844\n jsc#SLE-6331 FATE#327377 bsc#1145446 LTC#175307).\n - cx82310_eth: fix a memory leak bug (bsc#1051510).\n - dax: dax_layout_busy_page() should not unmap cow pages (bsc#1148698).\n - devres: always use dev_name() in devm_ioremap_resource() (git fixes).\n - dfs_cache: fix a wrong use of kfree in flush_cache_ent() (bsc#1144333).\n - dmaengine: rcar-dmac: Reject zero-length slave DMA requests\n (bsc#1051510).\n - dm btree: fix order of block initialization in btree_split_beneath (git\n fixes).\n - dm bufio: fix deadlock with loop device (git fixes).\n - dm cache metadata: Fix loading discard bitset (git fixes).\n - dm crypt: do not overallocate the integrity tag space (git fixes).\n - dm crypt: fix parsing of extended IV arguments (git fixes).\n - dm delay: fix a crash when invalid device is specified (git fixes).\n - dm: fix to_sector() for 32bit (git fixes).\n - dm integrity: change memcmp to strncmp in dm_integrity_ctr (git fixes).\n - dm integrity: correctly calculate the size of metadata area (git fixes).\n - dm integrity: fix a crash due to BUG_ON in __journal_read_write() (git\n fixes).\n - dm integrity: fix deadlock with overlapping I/O (git fixes).\n - dm integrity: limit the rate of error messages (git fixes).\n - dm kcopyd: always complete failed jobs (git fixes).\n - dm log writes: make sure super sector log updates are written in order\n (git fixes).\n - dm raid: add missing cleanup in raid_ctr() (git fixes).\n - dm: revert 8f50e358153d (&quot;dm: limit the max bio size as BIO_MAX_PAGES *\n PAGE_SIZE&quot;) (git fixes).\n - dm space map metadata: fix missing store of apply_bops() return value\n (git fixes).\n - dm table: fix invalid memory accesses with too high sector number (git\n fixes).\n - dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum\n errors (git fixes).\n - dm thin: fix bug where bio that overwrites thin block ignores FUA (git\n fixes).\n - dm thin: fix passdown_double_checking_shared_status() (git fixes).\n - dm zoned: fix potential NULL dereference in dmz_do_reclaim() (git fixes).\n - dm zoned: Fix zone report handling (git fixes).\n - dm zoned: fix zone state management race (git fixes).\n - dm zoned: improve error handling in i/o map code (git fixes).\n - dm zoned: improve error handling in reclaim (git fixes).\n - dm zoned: properly handle backing device failure (git fixes).\n - dm zoned: Silence a static checker warning (git fixes).\n - Documentation: Update Documentation for iommu.passthrough (bsc#1136039).\n - Do not log confusing message on reconnect by default (bsc#1129664,\n bsc#1144333).\n - Do not log expected error on DFS referral request (bsc#1051510,\n bsc#1144333).\n - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl\n (bsc#1051510).\n - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings\n (bsc#1051510).\n - drm/amd/display: Fix dc_create failure handling and 666 color depths\n (bsc#1111666).\n - drm/amd/display: Increase size of audios array (bsc#1111666).\n - drm/amd/display: num of sw i2c/aux engines less than num of connectors\n (bsc#1145946).\n - drm/amd/display: Only enable audio if speaker allocation exists\n (bsc#1111666).\n - drm/amd/display: Remove redundant non-zero and overflow check\n (bsc#1145946).\n - drm/amd/display: use encoder's engine id to find matched free audio\n device (bsc#1111666).\n - drm/amd/display: Wait for backlight programming completion in set\n backlight level (bsc#1111666).\n - drm/amdgpu: Add APTX quirk for Dell Latitude 5495 (bsc#1142635)\n - drm/amdgpu: added support 2nd UVD instance (bsc#1143331).\n - drm/amdgpu:change VEGA booting with firmware loaded by PSP (bsc#1143331).\n - drm/amdgpu: fix a potential information leaking bug (bsc#1111666).\n - drm/amdgpu/psp: move psp version specific function pointers to\n (bsc#1135642)\n - drm/bridge: lvds-encoder: Fix build error while CONFIG_DRM_KMS_HELPER=m\n (bsc#1111666).\n - drm/crc-debugfs: Also sprinkle irqrestore over early exits (bsc#1051510).\n - drm/edid: parse CEA blocks embedded in DisplayID (bsc#1111666).\n - drm/etnaviv: add missing failure path to destroy suballoc (bsc#1135642)\n - drm/exynos: fix missing decrement of retry counter (bsc#1111666).\n - drm/i915: Do not deballoon unused ggtt drm_mm_node in linux guest\n (bsc#1142635)\n - drm/i915: Fix GEN8_MCR_SELECTOR programming (bsc#1111666).\n - drm/i915: Fix HW readout for crtc_clock in HDMI mode (bsc#1111666).\n - drm/i915: Fix the TBT AUX power well enabling (bsc#1111666).\n - drm/i915: Fix wrong escape clock divisor init for GLK (bsc#1051510).\n - drm/i915: Fix wrong escape clock divisor init for GLK (bsc#1142635)\n - drm/i915/gvt: fix incorrect cache entry for guest page mapping\n (bsc#1111666).\n - drm/i915/perf: ensure we keep a reference on the driver (bsc#1051510).\n - drm/i915/perf: ensure we keep a reference on the driver (bsc#1142635)\n - drm/i915/perf: fix ICL perf register offsets (bsc#1111666).\n - drm/i915: Restore relaxed padding (OCL_OOB_SUPPRES_ENABLE) for skl+\n (bsc#1142635)\n - drm/i915/userptr: Acquire the page lock around set_page_dirty()\n (bsc#1051510).\n - drm/imx: notify drm core before sending event during crtc disable\n (bsc#1135642)\n - drm/imx: only send event on crtc disable if kept disabled (bsc#1135642)\n - drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver\n (bsc#1135642)\n - drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()\n (bsc#1135642)\n - drm/mediatek: clear num_pipes when unbind driver (bsc#1135642)\n - drm/mediatek: fix unbind functions (bsc#1135642)\n - drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto (bsc#1111666).\n - drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto (bsc#1142635)\n - drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1135642)\n - drm/mediatek: use correct device to import PRIME buffers (bsc#1111666).\n - drm/mediatek: use correct device to import PRIME buffers (bsc#1142635)\n - drm: msm: Fix add_gpu_components (bsc#1051510).\n - drm/msm/mdp5: Fix mdp5_cfg_init error return (bsc#1142635)\n - drm/nouveau: Do not retry infinitely when receiving no data on i2c\n (bsc#1142635)\n - drm/nouveau: fix memory leak in nouveau_conn_reset() (bsc#1051510).\n - drm/rockchip: Suspend DP late (bsc#1051510).\n - drm/rockchip: Suspend DP late (bsc#1142635)\n - drm: silence variable 'conn' set but not used (bsc#1051510).\n - drm/udl: introduce a macro to convert dev to udl. (bsc#1113722)\n - drm/udl: move to embedding drm device inside udl device. (bsc#1113722)\n - drm/vmwgfx: fix a warning due to missing dma_parms (bsc#1135642)\n - drm/vmwgfx: fix memory leak when too many retries have occurred\n (bsc#1051510).\n - drm/vmwgfx: Use the backdoor port if the HB port is not available\n (bsc#1135642)\n - Drop an ASoC fix that was reverted in 4.14.y stable\n - EDAC/amd64: Add Family 17h Model 30h PCI IDs (bsc#1112178).\n - EDAC, amd64: Add Family 17h, models 10h-2fh support (bsc#1112178).\n - EDAC/amd64: Adjust printed chip select sizes when interleaved\n (bsc#1131489).\n - EDAC/amd64: Cache secondary Chip Select registers (bsc#1131489).\n - EDAC/amd64: Decode syndrome before translating address (bsc#1131489).\n - EDAC/amd64: Find Chip Select memory size using Address Mask\n (bsc#1131489).\n - EDAC/amd64: Initialize DIMM info for systems with more than two channels\n (bsc#1131489).\n - EDAC/amd64: Recognize DRAM device type ECC capability (bsc#1131489).\n - EDAC/amd64: Recognize x16 symbol size (bsc#1131489).\n - EDAC/amd64: Set maximum channel layer size depending on family\n (bsc#1131489).\n - EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1131489).\n - EDAC/amd64: Support more than two controllers for chip selects handling\n (bsc#1131489).\n - EDAC/amd64: Support more than two Unified Memory Controllers\n (bsc#1131489).\n - EDAC/amd64: Use a macro for iterating over Unified Memory Controllers\n (bsc#1131489).\n - ehea: Fix a copy-paste err in ehea_init_port_res (bsc#1051510).\n - ext4: use jbd2_inode dirty range scoping (bsc#1148616).\n - firmware: raspberrypi: register clk device (jsc#SLE-7294).\n - Fixed <a rel=\"nofollow\" href=\"https://bugzilla.kernel.org/show_bug.cgi?id=202935\">https://bugzilla.kernel.org/show_bug.cgi?id=202935</a> allow write on\n the same file (bsc#1144333).\n - Fix encryption labels and lengths for SMB3.1.1 (bsc#1085536,\n bsc#1144333).\n - fix incorrect error code mapping for OBJECTID_NOT_FOUND (bsc#1144333).\n - Fix match_server check to allow for auto dialect negotiate (bsc#1144333).\n - Fix SMB3.1.1 guest authentication to Samba (bsc#1085536, bsc#1144333).\n - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y (bsc#1051510,\n bsc#1144333).\n - fix struct ufs_req removal of unused field (git-fixes).\n - Fix warning messages when mounting to older servers (bsc#1144333).\n - fs/cifs/cifsacl.c Fixes typo in a comment (bsc#1144333).\n - fs: cifs: cifsssmb: Change return type of convert_ace_to_cifs_ace\n (bsc#1144333).\n - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bsc#1144333).\n - fs: cifs: Drop unlikely before IS_ERR(_OR_NULL) (bsc#1144333).\n - fs/cifs: fix uninitialised variable warnings (bsc#1144333).\n - fs: cifs: Kconfig: pedantic formatting (bsc#1144333).\n - fs: cifs: Replace _free_xid call in cifs_root_iget function\n (bsc#1144333).\n - fs/cifs: require sha512 (bsc#1051510, bsc#1144333).\n - fs/cifs: Simplify ib_post_(send|recv|srq_recv)() calls (bsc#1144333).\n - fs/cifs/smb2pdu.c: fix buffer free in SMB2_ioctl_free (bsc#1144333).\n - fs/cifs: suppress a string overflow warning (bsc#1144333).\n - fs/*/Kconfig: drop links to 404-compliant <a rel=\"nofollow\" href=\"http://acl.bestbits.at\">http://acl.bestbits.at</a>\n (bsc#1144333).\n - fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()\n (bsc#1051510).\n - fs/xfs: Fix return code of xfs_break_leased_layouts() (bsc#1148031).\n - fs: xfs: xfs_log: Do not use KM_MAYFAIL at xfs_log_reserve()\n (bsc#1148033).\n - ftrace: Check for empty hash and comment the race with registering\n probes (bsc#1149418).\n - ftrace: Check for successful allocation of hash (bsc#1149424).\n - ftrace: Fix NULL pointer dereference in t_probe_next() (bsc#1149413).\n - gpio: Fix build error of function redefinition (bsc#1051510).\n - gpio: gpio-omap: add check for off wake capable gpios (bsc#1051510).\n - gpiolib: fix incorrect IRQ requesting of an active-low lineevent\n (bsc#1051510).\n - gpiolib: never report open-drain/source lines as 'input' to user-space\n (bsc#1051510).\n - gpio: mxs: Get rid of external API call (bsc#1051510).\n - gpio: pxa: handle corner case of unprobed device (bsc#1051510).\n - gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM (bsc#1142635)\n - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT (bsc#1051510).\n - HID: Add quirk for HP X1200 PIXART OEM mouse (bsc#1051510).\n - HID: cp2112: prevent sleeping function called from invalid context\n (bsc#1051510).\n - HID: hiddev: avoid opening a disconnected device (bsc#1051510).\n - HID: hiddev: do cleanup in failure of opening a device (bsc#1051510).\n - HID: holtek: test for sanity of intfdata (bsc#1051510).\n - HID: sony: Fix race condition between rumble and device remove\n (bsc#1051510).\n - HID: wacom: Correct distance scale for 2nd-gen Intuos devices\n (bsc#1142635).\n - HID: wacom: correct misreported EKR ring values (bsc#1142635).\n - HID: wacom: fix bit shift for Cintiq Companion 2 (bsc#1051510).\n - hwmon: (nct7802) Fix wrong detection of in4 presence (bsc#1051510).\n - i2c: emev2: avoid race when unregistering slave client (bsc#1051510).\n - i2c: piix4: Fix port selection for AMD Family 16h Model 30h\n (bsc#1051510).\n - i2c: qup: fixed releasing dma without flush operation completion\n (bsc#1051510).\n - ia64: Get rid of iommu_pass_through (bsc#1136039).\n - IB/mlx5: Fix MR registration flow to use UMR properly (bsc#1093205\n bsc#1145678).\n - ibmveth: Convert multicast list size for little-endian system\n (bsc#1061843).\n - ibmvnic: Do not process reset during or after device removal\n (bsc#1149652 ltc#179635).\n - ibmvnic: Unmap DMA address of TX descriptor buffers after use\n (bsc#1146351 ltc#180726).\n - igmp: fix memory leak in igmpv3_del_delrec()\n (networking-stable-19_07_25).\n - iio: adc: max9611: Fix misuse of GENMASK macro (bsc#1051510).\n - iio: adc: max9611: Fix temperature reading in probe (bsc#1051510).\n - Improve security, move default dialect to SMB3 from old CIFS\n (bsc#1051510, bsc#1144333).\n - include/linux/bitops.h: sanitize rotate primitives (git fixes).\n - Input: iforce - add sanity checks (bsc#1051510).\n - Input: kbtab - sanity check for endpoint type (bsc#1051510).\n - Input: synaptics - enable RMI mode for HP Spectre X360 (bsc#1051510).\n - intel_th: pci: Add support for another Lewisburg PCH (bsc#1051510).\n - intel_th: pci: Add Tiger Lake support (bsc#1051510).\n - iommu: Add helpers to set/get default domain type (bsc#1136039).\n - iommu/amd: Add support for X2APIC IOMMU interrupts (bsc#1145010).\n - iommu/amd: Fix race in increase_address_space() (bsc#1150860).\n - iommu/amd: Flush old domains in kdump kernel (bsc#1150861).\n - iommu/amd: Move iommu_init_pci() to .init section (bsc#1149105).\n - iommu/amd: Request passthrough mode from IOMMU core (bsc#1136039).\n - iommu: Disable passthrough mode when SME is active (bsc#1136039).\n - iommu/dma: Handle SG length overflow better (bsc#1146084).\n - iommu/iova: Remove stale cached32_node (bsc#1145018).\n - iommu: Print default domain type on boot (bsc#1136039).\n - iommu: Remember when default domain type was set on kernel command line\n (bsc#1136039).\n - iommu: Set default domain type at runtime (bsc#1136039).\n - iommu: Use Functions to set default domain type in\n iommu_set_def_domain_type() (bsc#1136039).\n - iommu/vt-d: Request passthrough mode from IOMMU core (bsc#1136039).\n - ipip: validate header length in ipip_tunnel_xmit (git-fixes).\n - ipv4: do not set IPv6 only flags to IPv4 addresses\n (networking-stable-19_07_25).\n - irqchip/gic-v2m: Add support for Amazon Graviton variant of GICv3+GICv2m\n (SLE-9332).\n - irqchip/gic-v3-its: fix build warnings (bsc#1144880).\n - ISDN: hfcsusb: checking idx of ep configuration (bsc#1051510).\n - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the\n stack (bsc#1051510).\n - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in\n start_isoc_chain() (bsc#1051510).\n - iversion: add a routine to update a raw value with a larger one\n (bsc#1148133).\n - iwlwifi: dbg: split iwl_fw_error_dump to two functions (bsc#1119086).\n - iwlwifi: do not unmap as page memory that was mapped as single\n (bsc#1051510).\n - iwlwifi: fix bad dma handling in page_mem dumping flow (bsc#1120902).\n - iwlwifi: fw: use helper to determine whether to dump paging\n (bsc#1106434). Patch needed to be adjusted, because our tree does not\n have the global variable IWL_FW_ERROR_DUMP_PAGING\n - iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT on version &lt; 41\n (bsc#1142635).\n - iwlwifi: mvm: fix an out-of-bound access (bsc#1051510).\n - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support\n (bsc#1142635).\n - iwlwifi: pcie: do not service an interrupt that was masked (bsc#1142635).\n - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X\n (bsc#1142635).\n - ixgbe: fix possible deadlock in ixgbe_service_task() (bsc#1113994\n FATE#326315 FATE#326317).\n - jbd2: flush_descriptor(): Do not decrease buffer head's ref count\n (bsc#1143843).\n - jbd2: introduce jbd2_inode dirty range scoping (bsc#1148616).\n - kABI: Fix kABI for 'struct amd_iommu' (bsc#1145010).\n - kABI: Fix kABI for x86 pci-dma code (bsc#1136039).\n - kabi/severities: Exclude drivers/crypto/ccp/*\n - kabi/severities: match SLE15 entry ordering.\n - kasan: remove redundant initialization of variable 'real_size' (git\n fixes).\n - kconfig/[mn]conf: handle backspace (^H) key (bsc#1051510).\n - keys: Fix missing null pointer check in request_key_auth_describe()\n (bsc#1051510).\n - kvm: Fix leak vCPU's VMCS value into other pCPU (bsc#1145388).\n - kvm: LAPIC: Fix pending interrupt in IRR blocked by software disable\n LAPIC (bsc#1145408).\n - kvm: nVMX: allow setting the VMFUNC controls MSR (bsc#1145389).\n - kvm: nVMX: do not use dangling shadow VMCS after guest reset\n (bsc#1145390).\n - kvm: nVMX: Remove unnecessary sync_roots from handle_invept\n (bsc#1145391).\n - kvm: nVMX: Use adjusted pin controls for vmcs02 (bsc#1145392).\n - kvm: PPC: Book3S HV: Fix CR0 setting in TM emulation (bsc#1061840).\n - kvm: s390: add debug logging for cpu model subfunctions (jsc#SLE-6240\n FATE#327380).\n - kvm: s390: add deflate conversion facilty to cpu model (jsc#SLE-6240\n FATE#327380).\n - kvm: s390: add enhanced sort facilty to cpu model (jsc#SLE-6240\n FATE#327380).\n - kvm: s390: add MSA9 to cpumodel (jsc#SLE-6240 FATE#327380).\n - kvm: s390: add vector BCD enhancements facility to cpumodel\n (jsc#SLE-6240 FATE#327380).\n - kvm: s390: add vector enhancements facility 2 to cpumodel (jsc#SLE-6240\n FATE#327380).\n - kvm: s390: enable MSA9 keywrapping functions depending on cpu model\n (jsc#SLE-6240 FATE#327380).\n - kvm: s390: implement subfunction processor calls (jsc#SLE-6240\n FATE#327380).\n - kvm: s390: provide query function for instructions returning 32 byte\n (jsc#SLE-6240 FATE#327380).\n - kvm: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value\n (bsc#1145393).\n - kvm: VMX: check CPUID before allowing read/write of IA32_XSS\n (bsc#1145394).\n - kvm: VMX: Fix handling of #MC that occurs during VM-Entry (bsc#1145395).\n - kvm: x86: degrade WARN to pr_warn_ratelimited (bsc#1145409).\n - kvm: x86: Do not update RIP or do single-step on faulting emulation\n (bsc#1149104).\n - kvm: x86: fix backward migration with async_PF (bsc#1146074).\n - kvm/x86: Move MSR_IA32_ARCH_CAPABILITIES to array emulated_msrs\n (bsc#1134881 bsc#1134882).\n - kvm: X86: Reduce the overhead when lapic_timer_advance is disabled\n (bsc#1149083).\n - kvm: x86: Unconditionally enable irqs in guest context (bsc#1145396).\n - kvm: x86/vPMU: refine kvm_pmu err msg when event creation failed\n (bsc#1145397).\n - lan78xx: Fix memory leaks (bsc#1051510).\n - libata: add SG safety checks in SFF pio transfers (bsc#1051510).\n - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests\n (bsc#1051510).\n - libceph: add ceph_decode_entity_addr (bsc#1148133 bsc#1136682).\n - libceph: ADDR2 support for monmap (bsc#1148133 bsc#1136682).\n - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer\n (bsc#1148133).\n - libceph: correctly decode ADDR2 addresses in incremental OSD maps\n (bsc#1148133 bsc#1136682).\n - libceph: fix PG split vs OSD (re)connect race (bsc#1148133).\n - libceph: fix sa_family just after reading address (bsc#1148133\n bsc#1136682).\n - libceph: fix unaligned accesses in ceph_entity_addr handling\n (bsc#1136682).\n - libceph: fix watch_item_t decoding to use ceph_decode_entity_addr\n (bsc#1148133 bsc#1136682).\n - libceph: make ceph_pr_addr take an struct ceph_entity_addr pointer\n (bsc#1136682).\n - libceph: rename ceph_encode_addr to ceph_encode_banner_addr (bsc#1148133\n bsc#1136682).\n - libceph: switch osdmap decoding to use ceph_decode_entity_addr\n (bsc#1148133 bsc#1136682).\n - libceph: turn on CEPH_FEATURE_MSG_ADDR2 (bsc#1148133 bsc#1136682).\n - libceph: use TYPE_LEGACY for entity addrs instead of TYPE_NONE\n (bsc#1148133 bsc#1136682).\n - libnvdimm/pfn: Store correct value of npfns in namespace superblock\n (bsc#1146381 ltc#180720).\n - liquidio: add cleanup in octeon_setup_iq() (bsc#1051510).\n - loop: set PF_MEMALLOC_NOIO for the worker thread (git fixes).\n - lpfc: fix 12.4.0.0 GPF at boot (bsc#1148308).\n - mac80211: Correctly set noencrypt for PAE frames (bsc#1111666).\n - mac80211: Do not memset RXCB prior to PAE intercept (bsc#1111666).\n - mac80211: do not warn about CW params when not using them (bsc#1051510).\n - mac80211: do not WARN on short WMM parameters from AP (bsc#1051510).\n - mac80211: fix possible memory leak in ieee80211_assign_beacon\n (bsc#1142635).\n - mac80211: fix possible sta leak (bsc#1051510).\n - mac80211_hwsim: Fix possible null-pointer dereferences in\n hwsim_dump_radio_nl() (bsc#1111666).\n - md: add mddev-&gt;pers to avoid potential NULL pointer dereference (git\n fixes).\n - md/raid: raid5 preserve the writeback action after the parity check (git\n fixes).\n - media: au0828: fix null dereference in error path (bsc#1051510).\n - media: pvrusb2: use a different format for warnings (bsc#1051510).\n - mfd: arizona: Fix undefined behavior (bsc#1051510).\n - mfd: core: Set fwnode for created devices (bsc#1051510).\n - mfd: hi655x-pmic: Fix missing return value check for\n devm_regmap_init_mmio_clk (bsc#1051510).\n - mfd: intel-lpss: Add Intel Comet Lake PCI IDs (jsc#SLE-4875).\n - mlxsw: spectrum: Fix error path in mlxsw_sp_module_init() (bsc#1112374).\n - mm: add filemap_fdatawait_range_keep_errors() (bsc#1148616).\n - mmc: cavium: Add the missing dma unmap when the dma has finished\n (bsc#1051510).\n - mmc: cavium: Set the correct dma max segment size for mmc_host\n (bsc#1051510).\n - mmc: core: Fix init of SD cards reporting an invalid VDD range\n (bsc#1051510).\n - mmc: dw_mmc: Fix occasional hang after tuning on eMMC (bsc#1051510).\n - mmc: sdhci-of-at91: add quirk for broken HS200 (bsc#1051510).\n - mmc: sdhci-pci: Add support for Intel CML (jsc#SLE-4875).\n - mmc: sdhci-pci: Add support for Intel ICP (jsc#SLE-4875).\n - mmc: sdhci-pci: Fix BYT OCP setting (bsc#1051510).\n - mm: do not stall register_shrinker() (bsc#1104902, VM Performance).\n - mm/hmm: fix bad subpage pointer in try_to_unmap_one (bsc#1148202, HMM,\n VM Functionality).\n - mm/hotplug: fix offline undo_isolate_page_range() (bsc#1148196, VM\n Functionality).\n - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node\n (bsc#1148379, VM Functionality).\n - mm/memcontrol.c: fix use after free in mem_cgroup_iter() (bsc#1149224,\n VM Functionality).\n - mm/memory.c: recheck page table entry with page table lock held\n (bsc#1148363, VM Functionality).\n - mm/migrate.c: initialize pud_entry in migrate_vma() (bsc#1148198, HMM,\n VM Functionality).\n - mm/mlock.c: change count_mm_mlocked_page_nr return type (bsc#1148527, VM\n Functionality).\n - mm/mlock.c: mlockall error for flag MCL_ONFAULT (bsc#1148527, VM\n Functionality).\n - mm: move MAP_SYNC to asm-generic/mman-common.h (bsc#1148297).\n - mm/page_alloc.c: fix calculation of pgdat-&gt;nr_zones (bsc#1148192, VM\n Functionality).\n - mm: page_mapped: do not assume compound page is huge or THP\n (bsc#1148574, VM Functionality).\n - mm, page_owner: handle THP splits correctly (bsc#1149197, VM Debugging\n Functionality).\n - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() (bsc#1118689).\n - mm/vmscan.c: fix trying to reclaim unevictable LRU page (bsc#1149214, VM\n Functionality).\n - mm, vmscan: do not special-case slab reclaim when watermarks are boosted\n (git fixes (mm/vmscan)).\n - move a few externs to smbdirect.h to eliminate warning (bsc#1144333).\n - mpls: fix warning with multi-label encap (bsc#1051510).\n - nbd: replace kill_bdev() with __invalidate_device() again (git fixes).\n - Negotiate and save preferred compression algorithms (bsc#1144333).\n - net: bcmgenet: use promisc for unsupported filters\n (networking-stable-19_07_25).\n - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query\n (networking-stable-19_07_25).\n - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report\n handling (networking-stable-19_07_25).\n - net: bridge: stp: do not cache eth dest pointer before skb pull\n (networking-stable-19_07_25).\n - net: dsa: mv88e6xxx: wait after reset deactivation\n (networking-stable-19_07_25).\n - net: ena: add ethtool function for changing io queue sizes (bsc#1139020\n bsc#1139021).\n - net: ena: add good checksum counter (bsc#1139020 bsc#1139021).\n - net: ena: add handling of llq max tx burst size (bsc#1139020\n bsc#1139021).\n - net: ena: add MAX_QUEUES_EXT get feature admin command (bsc#1139020\n bsc#1139021).\n - net: ena: add newline at the end of pr_err prints (bsc#1139020\n bsc#1139021).\n - net: ena: add support for changing max_header_size in LLQ mode\n (bsc#1139020 bsc#1139021).\n - net: ena: allow automatic fallback to polling mode (bsc#1139020\n bsc#1139021).\n - net: ena: allow queue allocation backoff when low on memory (bsc#1139020\n bsc#1139021).\n - net: ena: arrange ena_probe() function variables in reverse christmas\n tree (bsc#1139020 bsc#1139021).\n - net: ena: enable negotiating larger Rx ring size (bsc#1139020\n bsc#1139021).\n - net: ena: ethtool: add extra properties retrieval via get_priv_flags\n (bsc#1139020 bsc#1139021).\n - net: ena: Fix bug where ring allocation backoff stopped too late\n (bsc#1139020 bsc#1139021).\n - net: ena: fix ena_com_fill_hash_function() implementation (bsc#1139020\n bsc#1139021).\n - net: ena: fix: Free napi resources when ena_up() fails (bsc#1139020\n bsc#1139021).\n - net: ena: fix incorrect test of supported hash function (bsc#1139020\n bsc#1139021).\n - net: ena: fix: set freed objects to NULL to avoid failing future\n allocations (bsc#1139020 bsc#1139021).\n - net: ena: fix swapped parameters when calling\n ena_com_indirect_table_fill_entry (bsc#1139020 bsc#1139021).\n - net: ena: gcc 8: fix compilation warning (bsc#1139020 bsc#1139021).\n - net: ena: improve latency by disabling adaptive interrupt moderation by\n default (bsc#1139020 bsc#1139021).\n - net: ena: make ethtool show correct current and max queue sizes\n (bsc#1139020 bsc#1139021).\n - net: ena: optimise calculations for CQ doorbell (bsc#1139020\n bsc#1139021).\n - net: ena: remove inline keyword from functions in *.c (bsc#1139020\n bsc#1139021).\n - net: ena: replace free_tx/rx_ids union with single free_ids field in\n ena_ring (bsc#1139020 bsc#1139021).\n - net: ena: update driver version from 2.0.3 to 2.1.0 (bsc#1139020\n bsc#1139021).\n - net: ena: use dev_info_once instead of static variable (bsc#1139020\n bsc#1139021).\n - net: fix bpf_xdp_adjust_head regression for generic-XDP (bsc#1109837).\n - net: Fix netdev_WARN_ONCE macro (git-fixes).\n - net: hns3: add a check to pointer in error_detected and slot_reset\n (bsc#1104353 FATE#326415).\n - net: hns3: add all IMP return code (bsc#1104353 FATE#326415).\n - net: hns3: add aRFS support for PF (bsc#1104353 FATE#326415).\n - net: hns3: add Asym Pause support to fix autoneg problem (bsc#1104353\n FATE#326415).\n - net: hns3: add check to number of buffer descriptors (bsc#1104353\n FATE#326415).\n - net: hns3: add default value for tc_size and tc_offset (bsc#1104353\n FATE#326415).\n - net: hns3: add exception handling when enable NIC HW error interrupts\n (bsc#1104353 FATE#326415).\n - net: hns3: add handling of two bits in MAC tunnel interrupts\n (bsc#1104353 FATE#326415).\n - net: hns3: add handshake with hardware while doing reset (bsc#1104353\n FATE#326415).\n - net: hns3: Add missing newline at end of file (bsc#1104353 FATE#326415).\n - net: hns3: add opcode about query and clear RAS &amp; MSI-X to special\n opcode (bsc#1104353 FATE#326415).\n - net: hns3: add recovery for the H/W errors occurred before the HNS dev\n initialization (bsc#1104353 FATE#326415).\n - net: hns3: add some error checking in hclge_tm module (bsc#1104353\n FATE#326415).\n - net: hns3: add support for dump firmware statistics by debugfs\n (bsc#1104353 FATE#326415).\n - net: hns3: adjust hns3_uninit_phy()'s location in the\n hns3_client_uninit() (bsc#1104353 FATE#326415).\n - net: hns3: bitwise operator should use unsigned type (bsc#1104353\n FATE#326415).\n - net: hns3: change SSU's buffer allocation according to UM (bsc#1104353\n FATE#326415).\n - net: hns3: check msg_data before memcpy in hclgevf_send_mbx_msg\n (bsc#1104353 FATE#326415).\n - net: hns3: clear restting state when initializing HW device\n (bsc#1104353 FATE#326415).\n - net: hns3: code optimizaition of hclge_handle_hw_ras_error()\n (bsc#1104353 FATE#326415).\n - net: hns3: delay and separate enabling of NIC and ROCE HW errors\n (bsc#1104353 FATE#326415).\n - net: hns3: delay ring buffer clearing during reset (bsc#1104353\n FATE#326415).\n - net: hns3: delay setting of reset level for hw errors until slot_reset\n is called (bsc#1104353 FATE#326415).\n - net: hns3: delete the redundant user NIC codes (bsc#1104353\n FATE#326415).\n - net: hns3: do not configure new VLAN ID into VF VLAN table when it's\n full (bsc#1104353 FATE#326415).\n - net: hns3: enable broadcast promisc mode when initializing VF\n (bsc#1104353 FATE#326415).\n - net: hns3: enable DCB when TC num is one and pfc_en is non-zero\n (bsc#1104353 FATE#326415).\n - net: hns3: extract handling of mpf/pf msi-x errors into functions\n (bsc#1104353 FATE#326415).\n - net: hns3: fix a memory leak issue for\n hclge_map_unmap_ring_to_vf_vector (bsc#1104353 FATE#326415).\n - net: hns3: fix a statistics issue about l3l4 checksum error\n (bsc#1104353 FATE#326415).\n - net: hns3: fix avoid unnecessary resetting for the H/W errors which do\n not require reset (bsc#1104353 FATE#326415).\n - net: hns3: fix a -Wformat-nonliteral compile warning (bsc#1104353\n FATE#326415).\n - net: hns3: fix compile warning without CONFIG_RFS_ACCEL (bsc#1104353\n FATE#326415).\n - net: hns3: fix dereference of ae_dev before it is null checked\n (bsc#1104353 FATE#326415).\n - net: hns3: fixes wrong place enabling ROCE HW error when loading\n (bsc#1104353 FATE#326415).\n - net: hns3: fix flow control configure issue for fibre port (bsc#1104353\n FATE#326415).\n - net: hns3: fix for dereferencing before null checking (bsc#1104353\n FATE#326415).\n - net: hns3: fix for skb leak when doing selftest (bsc#1104353\n FATE#326415).\n - net: hns3: fix __QUEUE_STATE_STACK_XOFF not cleared issue (bsc#1104353\n FATE#326415).\n - net: hns3: fix race conditions between reset and module loading &amp;\n unloading (bsc#1104353 FATE#326415).\n - net: hns3: fix some coding style issues (bsc#1104353 FATE#326415).\n - net: hns3: fix VLAN filter restore issue after reset (bsc#1104353\n FATE#326415).\n - net: hns3: fix wrong size of mailbox responding data (bsc#1104353\n FATE#326415).\n - net: hns3: free irq when exit from abnormal branch (bsc#1104353\n FATE#326415).\n - net: hns3: handle empty unknown interrupt (bsc#1104353 FATE#326415).\n - net: hns3: initialize CPU reverse mapping (bsc#1104353 FATE#326415).\n - net: hns3: log detail error info of ROCEE ECC and AXI errors\n (bsc#1104353 FATE#326415).\n - net: hns3: make HW GRO handling compliant with SW GRO (bsc#1104353\n FATE#326415).\n - net: hns3: modify handling of out of memory in hclge_err.c (bsc#1104353\n FATE#326415).\n - net: hns3: modify hclge_init_client_instance() (bsc#1104353\n FATE#326415).\n - net: hns3: modify hclgevf_init_client_instance() (bsc#1104353\n FATE#326415).\n - net: hns3: optimize the CSQ cmd error handling (bsc#1104353\n FATE#326415).\n - net: hns3: process H/W errors occurred before HNS dev initialization\n (bsc#1104353 FATE#326415).\n - net: hns3: refactor hns3_get_new_int_gl function (bsc#1104353\n FATE#326415).\n - net: hns3: refactor PF/VF RSS hash key configuration (bsc#1104353\n FATE#326415).\n - net: hns3: refine the flow director handle (bsc#1104353 FATE#326415).\n - net: hns3: remove override_pci_need_reset (bsc#1104353 FATE#326415).\n - net: hns3: remove redundant core reset (bsc#1104353 FATE#326415).\n - net: hns3: remove RXD_VLD check in hns3_handle_bdinfo (bsc#1104353\n FATE#326415).\n - net: hns3: remove setting bit of reset_requests when handling mac\n tunnel interrupts (bsc#1104353 FATE#326415).\n - net: hns3: remove unused linkmode definition (bsc#1104353 FATE#326415).\n - net: hns3: remove VF VLAN filter entry inexistent warning print\n (bsc#1104353 FATE#326415).\n - net: hns3: replace numa_node_id with numa_mem_id for buffer reusing\n (bsc#1104353 FATE#326415).\n - net: hns3: re-schedule reset task while VF reset fail (bsc#1104353\n FATE#326415).\n - net: hns3: set default value for param &quot;type&quot; in\n hclgevf_bind_ring_to_vector (bsc#1104353 FATE#326415).\n - net: hns3: set maximum length to resp_data_len for exceptional case\n (bsc#1104353 FATE#326415).\n - net: hns3: set ops to null when unregister ad_dev (bsc#1104353\n FATE#326415).\n - net: hns3: set the port shaper according to MAC speed (bsc#1104353\n FATE#326415).\n - net: hns3: small changes for magic numbers (bsc#1104353 FATE#326415).\n - net: hns3: some changes of MSI-X bits in PPU(RCB) (bsc#1104353\n FATE#326415).\n - net: hns3: some modifications to simplify and optimize code\n (bsc#1104353 FATE#326415).\n - net: hns3: some variable modification (bsc#1104353 FATE#326415).\n - net: hns3: stop schedule reset service while unloading driver\n (bsc#1104353 FATE#326415).\n - net: hns3: sync VLAN filter entries when kill VLAN ID failed\n (bsc#1104353 FATE#326415).\n - net: hns3: trigger VF reset if a VF has an over_8bd_nfe_err\n (bsc#1104353 FATE#326415).\n - net: hns3: typo in the name of a constant (bsc#1104353 FATE#326415).\n - net: hns3: use HCLGE_STATE_NIC_REGISTERED to indicate PF NIC client has\n registered (bsc#1104353 FATE#326415).\n - net: hns3: use HCLGE_STATE_ROCE_REGISTERED to indicate PF ROCE client\n has registered (bsc#1104353 FATE#326415).\n - net: hns3: use HCLGEVF_STATE_NIC_REGISTERED to indicate VF NIC client\n has registered (bsc#1104353 FATE#326415).\n - net: hns3: use macros instead of magic numbers (bsc#1104353\n FATE#326415).\n - net: hns: add support for vlan TSO (bsc#1104353 FATE#326415).\n - net/ibmvnic: Fix missing { in __ibmvnic_reset (bsc#1149652 ltc#179635).\n - net/ibmvnic: free reset work of removed device from queue (bsc#1149652\n ltc#179635).\n - net: Introduce netdev_*_once functions (networking-stable-19_07_25).\n - net: make skb_dst_force return true when dst is refcounted\n (networking-stable-19_07_25).\n - net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bsc#1145678).\n - net/mlx5e: always initialize frag-&gt;last_in_page (bsc#1103990\n FATE#326006).\n - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn\n (networking-stable-19_07_25).\n - net/mlx5: Fix modify_cq_in alignment (bsc#1103990 FATE#326006).\n - net: mvpp2: Do not check for 3 consecutive Idle frames for 10G links\n (bsc#1119113 FATE#326472).\n - net: neigh: fix multiple neigh timer scheduling\n (networking-stable-19_07_25).\n - net: openvswitch: fix csum updates for MPLS actions\n (networking-stable-19_07_25).\n - net: phylink: Fix flow control for fixed-link (bsc#1119113 FATE#326472).\n - netrom: fix a memory leak in nr_rx_frame() (networking-stable-19_07_25).\n - netrom: hold sock when setting skb-&gt;destructor\n (networking-stable-19_07_25).\n - net_sched: unset TCQ_F_CAN_BYPASS when adding filters\n (networking-stable-19_07_25).\n - net: sched: verify that q!=NULL before setting q-&gt;flags (git-fixes).\n - net: usb: pegasus: fix improper read if get_registers() fail\n (bsc#1051510).\n - NFS: Cleanup if nfs_match_client is interrupted (bsc#1134291).\n - NFS: Fix a double unlock from nfs_match,get_client (bsc#1134291).\n - NFS: Fix the inode request accounting when pages have subrequests\n (bsc#1140012).\n - NFS: make nfs_match_client killable (bsc#1134291).\n - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header\n (git fixes).\n - {nl,mac}80211: fix interface combinations on crypto controlled devices\n (bsc#1111666).\n - nvme: cancel request synchronously (bsc#1145661).\n - nvme: change locking for the per-subsystem controller list (bsc#1142541).\n - nvme-core: Fix extra device_put() call on error path (bsc#1142541).\n - nvme-fc: fix module unloads while lports still pending (bsc#1150033).\n - nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN (bsc#1146938).\n - nvme-multipath: fix ana log nsid lookup when nsid is not found\n (bsc#1141554).\n - nvme-multipath: relax ANA state check (bsc#1123105).\n - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns\n (bsc#1120876).\n - nvme: Return BLK_STS_TARGET if the DNR bit is set (bsc#1142076).\n - objtool: Add rewind_stack_do_exit() to the noreturn list (bsc#1145302).\n - objtool: Support GCC 9 cold subfunction naming scheme (bsc#1145300).\n - octeon_mgmt: Fix MIX registers configuration on MTU setup (bsc#1051510).\n - PCI: al: Add Amazon Annapurna Labs PCIe host controller driver\n (SLE-9332).\n - PCI: PM/ACPI: Refresh all stale power state data in pci_pm_complete()\n (bsc#1149106).\n - PCI: Restore Resizable BAR size bits correctly for 1MB BARs\n (bsc#1143841).\n - phy: qcom-qusb2: Fix crash if nvmem cell not specified (bsc#1051510).\n - phy: renesas: rcar-gen2: Fix memory leak at error paths (bsc#1051510).\n - PM / devfreq: rk3399_dmc: do not print error when get supply and clk\n defer (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: fix spelling mistakes\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: Pass ODT and auto power down parameters to\n TF-A (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: remove unneeded semicolon\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: remove wait for dcf irq event\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rockchip-dfi: Move GRF definitions to a common place\n (bsc#1144718,bsc#1144813).\n - PM / OPP: OF: Use pr_debug() instead of pr_err() while adding OPP table\n (jsc#SLE-7294).\n - powerpc/64s: Include cpu header (bsc#1065729).\n - powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107).\n - powerpc: Allow flush_(inval_)dcache_range to work across ranges &gt;4GB\n (bsc#1146575 ltc#180764).\n - powerpc/book3s/64: check for NULL pointer in pgd_alloc() (FATE#322447,\n bsc#1078248, git-fixes).\n - powerpc: dump kernel log before carrying out fadump or kdump\n (bsc#1149940 ltc#179958).\n - powerpc/fadump: use kstrtoint to handle sysfs store (bsc#1146376).\n - powerpc/fadump: when fadump is supported register the fadump sysfs files\n (bsc#1146352).\n - powerpc/fsl: Add nospectre_v2 command line argument (bsc#1131107).\n - powerpc/fsl: Update Spectre v2 reporting (bsc#1131107).\n - powerpc/lib: Fix feature fixup test of external branch (bsc#1065729).\n - powerpc/mm: Handle page table allocation failures (bsc#1065729).\n - powerpc/nvdimm: Pick nearby online node if the device node is not\n online (bsc#1142685 ltc#179509 FATE#327775).\n - powerpc/perf: Add constraints for power9 l2/l3 bus events (bsc#1056686).\n - powerpc/perf: Add mem access events to sysfs (FATE#326869, bsc#1124370).\n - powerpc/perf: Cleanup cache_sel bits comment (bsc#1056686).\n - powerpc/perf: Fix thresholding counter data for unknown type\n (bsc#1056686).\n - powerpc/perf: Remove PM_BR_CMPL_ALT from power9 event list (bsc#1047238,\n bsc#1056686).\n - powerpc/perf: Remove PM_BR_CMPL_ALT from power9 event list\n (fate#321438, bsc#1047238, bsc#1056686).\n - powerpc/perf: Update perf_regs structure to include SIER (bsc#1056686).\n - powerpc/powernv: Flush console before platform error reboot (bsc#1149940\n ltc#179958).\n - powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in\n interrupt handler (bsc#1065729).\n - powerpc/powernv: Return for invalid IMC domain (bsc1054914,\n fate#322448, git-fixes).\n - powerpc/powernv: Return for invalid IMC domain (bsc1054914, git-fixes).\n - powerpc/powernv: Use kernel crash path for machine checks (bsc#1149940\n ltc#179958).\n - powerpc/pseries: add missing cpumask.h include file (bsc#1065729).\n - powerpc/pseries: correctly track irq state in default idle (bsc#1150727\n ltc#178925).\n - powerpc/pseries, ps3: panic flush kernel messages before halting system\n (bsc#1149940 ltc#179958).\n - powerpc/rtas: use device model APIs and serialization during LPM\n (bsc#1144123 ltc#178840).\n - powerpc/security: Show powerpc_security_features in debugfs\n (bsc#1131107).\n - powerpc/xive: Fix dump of XIVE interrupt under pseries (bsc#1142019).\n - powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()\n (FATE#322438, bsc#1085030, bsc#1145189, LTC#179762).\n - powerpc/xmon: Add a dump of all XIVE interrupts (bsc#1142019).\n - powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL\n (bsc#1142019).\n - qede: fix write to free'd pointer error and double free of ptp\n (bsc#1051510).\n - qla2xxx: kABI fixes for v10.01.00.18-k (bcs#1082635 bcs#1141340\n bcs#1143706).\n - raid5-cache: Need to do start() part job after adding journal device\n (git fixes).\n - RDMA/hns: Add mtr support for mixed multihop addressing (bsc#1104427\n FATE#326416).\n - RDMA/hns: Bugfix for calculating qp buffer size (bsc#1104427\n FATE#326416).\n - RDMA/hns: Bugfix for filling the sge of srq (bsc#1104427 FATE#326416).\n - RDMA/hns: Do not stuck in endless timeout loop (bsc#1104427\n FATE#326416).\n - RDMA/hns: Fix an error code in hns_roce_set_user_sq_size() (bsc#1104427\n FATE#326416).\n - RDMA/hns: fix inverted logic of readl read and shift (bsc#1104427\n FATE#326416).\n - RDMA/hns: Fixs hw access invalid dma memory error (bsc#1104427\n FATE#326416).\n - RDMA/hns: Fixup qp release bug (bsc#1104427 FATE#326416).\n - RDMA/hns: Modify ba page size for cqe (bsc#1104427 FATE#326416).\n - RDMA/hns: Remove set but not used variable 'fclr_write_fail_flag'\n (bsc#1104427 FATE#326416).\n - RDMA/hns: Remove unnecessary print message in aeq (bsc#1104427\n FATE#326416).\n - RDMA/hns: Replace magic numbers with #defines (bsc#1104427 FATE#326416).\n - RDMA/hns: reset function when removing module (bsc#1104427 FATE#326416).\n - RDMA/hns: Set reset flag when hw resetting (bsc#1104427 FATE#326416).\n - RDMA/hns: Use %pK format pointer print (bsc#1104427 FATE#326416).\n - refresh: soc: fsl: guts: Add definition for LX2160A (fate#326572).\n - regulator: qcom_spmi: Fix math of spmi_regulator_set_voltage_time_sel\n (bsc#1051510).\n - Remove ifdef since SMB3 (and later) now STRONGLY preferred (bsc#1051510,\n bsc#1144333).\n - Remove qla2xxx-specific symbols kABI workarounds. In SLE15\n 1d5e8aad6de2285a00b4e1f2c5ea64a41e74bb7b adds kABI whitelists for\n drivers/scsi/qla2xxx/* because these symbols are internal to the driver.\n This entry was dropped from 15 SP1 during a kabi/severities cleanup and\n we grew a few needless kABI hacks to fix these symbols. Remove them\n again since the commit is cherry-picked on SP1.\n - Replace lpfc patch with upstream version\n - Revert &quot;Bluetooth: validate BLE connection interval updates&quot;\n (bsc#1051510).\n - Revert &quot;cfg80211: fix processing world regdomain when non modular&quot;\n (bsc#1051510).\n - Revert &quot;dm bufio: fix deadlock with loop device&quot; (git fixes).\n - Revert i915 userptr page lock patch (bsc#1145051) This patch potentially\n causes a deadlock between kcompactd, as reported on 5.3-rc3. Revert it\n until a proper fix is found.\n - Revert &quot;net: ena: ethtool: add extra properties retrieval via\n get_priv_flags&quot; (bsc#1139020 bsc#1139021).\n - Revert\n patches.suse/0001-blk-wbt-Avoid-lock-contention-and-thundering-herd-is.patc\n h (bsc#1141543) As we see stalls / crashes recently with the relevant\n code path, revert this patch tentatively.\n - Revert &quot;scsi: ncr5380: Increase register polling limit&quot; (git-fixes).\n - Revert &quot;scsi: prefix header search paths with $(srctree)/ (bsc#1136346&quot;\n This reverts commit 5f679430713da59f5367aa9499e544e6187ac17c. Reverting\n this commit fixes build for me.\n - Revert &quot;scsi: ufs: disable vccq if it's not needed by UFS device&quot;\n (git-fixes).\n - rpm/kernel-binary.spec.in: Enable missing modules check.\n - rpmsg: added MODULE_ALIAS for rpmsg_char (bsc#1051510).\n - rpmsg: smd: do not use mananged resources for endpoints and channels\n (bsc#1051510).\n - rpmsg: smd: fix memory leak on channel create (bsc#1051510).\n - rsi: improve kernel thread handling to fix kernel panic (bsc#1051510).\n - rslib: Fix decoding of shortened codes (bsc#1051510).\n - rslib: Fix handling of of caller provided syndrome (bsc#1051510).\n - rtc: pcf8523: do not return invalid date when battery is low\n (bsc#1051510).\n - rtc: pcf8563: Clear event flags and disable interrupts before requesting\n irq (bsc#1051510).\n - rtc: pcf8563: Fix interrupt trigger method (bsc#1051510).\n - rxrpc: Fix send on a connected, but unbound socket\n (networking-stable-19_07_25).\n - s390/cio: fix ccw_device_start_timeout API (bsc#1142109 LTC#179339).\n - s390/dasd: fix endless loop after read unit address configuration\n (bsc#1144912 LTC#179907).\n - s390/qeth: avoid control IO completion stalls (bsc#1142109 LTC#179339).\n - s390/qeth: cancel cmd on early error (bsc#1142109 LTC#179339).\n - s390/qeth: fix request-side race during cmd IO timeout (bsc#1142109\n LTC#179339).\n - s390/qeth: release cmd buffer in error paths (bsc#1142109 LTC#179339).\n - s390/qeth: simplify reply object handling (bsc#1142109 LTC#179339).\n - samples, bpf: fix to change the buffer size for read() (bsc#1051510).\n - samples: mei: use /dev/mei0 instead of /dev/mei (bsc#1051510).\n - sched/fair: Do not free p-&gt;numa_faults with concurrent readers\n (bsc#1144920).\n - sched/fair: Use RCU accessors consistently for -&gt;numa_group\n (bsc#1144920).\n - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture\n (bsc#1051510).\n - scripts/decode_stacktrace: only strip base path when a prefix of the\n path (bsc#1051510).\n - scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE\n (bsc#1051510).\n - scripts/gdb: fix lx-version string output (bsc#1051510).\n - scripts/git_sort/git_sort.py:\n - scsi: aacraid: Fix missing break in switch statement (git-fixes).\n - scsi: aacraid: Fix performance issue on logical drives (git-fixes).\n - scsi: aic94xx: fix an error code in aic94xx_init() (git-fixes).\n - scsi: aic94xx: fix module loading (git-fixes).\n - scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event\n (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: bfa_fcs_lport: Mark expected switch fall-throughs\n (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: bfa_fcs_rport: Mark expected switch fall-throughs\n (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: bfa_ioc: Mark expected switch fall-throughs (bsc#1136496\n jsc#SLE-4698).\n - scsi: bfa: clean up a couple of indentation issues (bsc#1136496\n jsc#SLE-4698).\n - scsi: bfa: convert to strlcpy/strlcat (git-fixes).\n - scsi: bfa: fix calls to dma_set_mask_and_coherent() (bsc#1136496\n jsc#SLE-4698).\n - scsi: bfa: no need to check return value of debugfs_create functions\n (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: remove ScsiResult macro (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: Remove unused functions (bsc#1136496 jsc#SLE-4698).\n - scsi: bfa: use dma_set_mask_and_coherent (bsc#1136496 jsc#SLE-4698).\n - scsi: bnx2fc: Do not allow both a cleanup completion and abort\n completion for the same request (bsc#1144582).\n - scsi: bnx2fc: fix bnx2fc_cmd refcount imbalance in send_rec\n (bsc#1144582).\n - scsi: bnx2fc: fix bnx2fc_cmd refcount imbalance in send_srr\n (bsc#1144582).\n - scsi: bnx2fc: fix incorrect cast to u64 on shift operation (git-fixes).\n - scsi: bnx2fc: Fix NULL dereference in error handling (git-fixes).\n - scsi: bnx2fc: Limit the IO size according to the FW capability\n (bsc#1144582).\n - scsi: bnx2fc: Only put reference to io_req in bnx2fc_abts_cleanup if\n cleanup times out (bsc#1144582).\n - scsi: bnx2fc: Redo setting source FCoE MAC (bsc#1144582).\n - scsi: bnx2fc: Separate out completion flags and variables for abort and\n cleanup (bsc#1144582).\n - scsi: bnx2fc: Update the driver version to 2.12.10 (bsc#1144582).\n - scsi: core: Fix race on creating sense cache (git-fixes).\n - scsi: core: set result when the command cannot be dispatched (git-fixes).\n - scsi: core: Synchronize request queue PM status only on successful\n resume (git-fixes).\n - scsi: cxgb4i: fix incorrect spelling &quot;reveive&quot; -&gt; &quot;receive&quot; (bsc#1136346\n jsc#SLE-4682).\n - scsi: cxgb4i: get pf number from lldi-&gt;pf (bsc#1136346 jsc#SLE-4682).\n - scsi: cxgb4i: validate tcp sequence number only if chip version &lt;= T5\n (bsc#1136346 jsc#SLE-4682).\n - scsi: cxlflash: Mark expected switch fall-throughs (bsc#1148868).\n - scsi: cxlflash: Prevent deadlock when adapter probe fails (git-fixes).\n - scsi: esp_scsi: Track residual for PIO transfers (git-fixes) Also,\n mitigate kABI changes.\n - scsi: fas216: fix sense buffer initialization (git-fixes).\n - scsi: hisi_sas: Add support for DIX feature for v3 hw (bsc#1137322\n bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: change queue depth from 512 to 4096 (bsc#1137322\n bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Change SERDES_CFG init value to increase reliability of\n HiLink (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Disable stash for v3 hw (bsc#1137322 bsc#1137323\n bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Fix losing directly attached disk when hot-plug\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Ignore the error code between phy down to phy up\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Issue internal abort on all relevant queues (bsc#1137322\n bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: kabi fixes (bsc#1137322 bsc#1137323 bsc#1138099\n bsc#1138100).\n - scsi: hisi_sas: print PHY RX errors count for later revision of v3 hw\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Reduce HISI_SAS_SGE_PAGE_CNT in size (bsc#1137322\n bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Reject setting programmed minimum linkrate &gt; 1.5G\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: send primitive NOTIFY to SSP situation only (bsc#1137322\n bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: hisi_sas: Use pci_irq_get_affinity() for v3 hw as experimental\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: isci: initialize shost fully before calling scsi_add_host()\n (git-fixes).\n - scsi: libfc: fix null pointer dereference on a null lport (git-fixes).\n - scsi: libsas: delete sas port if expander discover failed (git-fixes).\n - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached\n (git-fixes).\n - scsi: libsas: kABI protect struct sas_task_slow (bsc#1137322 bsc#1137323\n bsc#1138099 bsc#1138100).\n - scsi: libsas: only clear phy-&gt;in_shutdown after shutdown event done\n (bsc#1137322 bsc#1137323 bsc#1138099 bsc#1138100).\n - scsi: lpfc: add check for loss of ndlp when sending RRQ (bsc#1148308).\n - scsi: lpfc: Add first and second level hardware revisions to sysfs\n (bsc#1146215).\n - scsi: lpfc: Add MDS driver loopback diagnostics support (bsc#1146215).\n - scsi: lpfc: Add NVMe sequence level error recovery support (bsc#1146215).\n - scsi: lpfc: Add simple unlikely optimizations to reduce NVME latency\n (bsc#1146215).\n - scsi: lpfc: Avoid unused function warnings (bsc#1148308).\n - scsi: lpfc: change snprintf to scnprintf for possible overflow\n (bsc#1146215).\n - scsi: lpfc: Convert timers to use timer_setup() (bsc#1148308).\n - scsi: lpfc: correct rcu unlock issue in lpfc_nvme_info_show\n (bsc#1148308).\n - scsi: lpfc: Default fdmi_on to on (bsc#1148308).\n - scsi: lpfc: Fix ADISC reception terminating login state if a NVME\n (bsc#1146215).\n - scsi: lpfc: Fix BlockGuard enablement on FCoE adapters (bsc#1146215).\n - scsi: lpfc: Fix coverity warnings (bsc#1146215).\n - scsi: lpfc: Fix crash due to port reset racing vs adapter error\n (bsc#1146215).\n - scsi: lpfc: Fix crash on driver unload in wq free (bsc#1146215).\n - scsi: lpfc: Fix crash when cpu count is 1 and null irq affinity mask\n (bsc#1146215).\n - scsi: lpfc: Fix deadlock on host_lock during cable pulls (bsc#1146215).\n - scsi: lpfc: Fix devices that do not return after devloss followed by\n (bsc#1146215).\n - scsi: lpfc: Fix discovery when target has no GID_FT information\n (bsc#1146215).\n - scsi: lpfc: Fix ELS field alignments (bsc#1146215).\n - scsi: lpfc: Fix error in remote port address change (bsc#1146215).\n - scsi: lpfc: Fix failure to clear non-zero eq_delay after io rate\n (bsc#1146215).\n - scsi: lpfc: Fix FLOGI handling across multiple link up/down\n (bsc#1146215).\n - scsi: lpfc: Fix hang when downloading fw on port enabled for nvme\n (bsc#1146215).\n - scsi: lpfc: Fix irq raising in lpfc_sli_hba_down (bsc#1146215).\n - scsi: lpfc: Fix issuing init_vpi mbox on SLI-3 card (bsc#1146215).\n - scsi: lpfc: Fix leak of ELS completions on adapter reset (bsc#1146215).\n - scsi: lpfc: Fix loss of remote port after devloss due to lack of RPIs\n (bsc#1146215).\n - scsi: lpfc: Fix Max Frame Size value shown in fdmishow output\n (bsc#1146215).\n - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs\n (bsc#1146215).\n - scsi: lpfc: Fix nvme first burst module parameter description\n (bsc#1146215).\n - scsi: lpfc: Fix nvme sg_seg_cnt display if HBA does not support NVME\n (bsc#1146215).\n - scsi: lpfc: Fix nvme target mode ABTSing a received ABTS (bsc#1146215).\n - scsi: lpfc: Fix Oops in nvme_register with target logout/login\n (bsc#1146215).\n - scsi: lpfc: Fix oops when fewer hdwqs than cpus (bsc#1146215).\n - scsi: lpfc: Fix PLOGI failure with high remoteport count (bsc#1146215).\n - scsi: lpfc: Fix port relogin failure due to GID_FT interaction\n (bsc#1146215).\n - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport\n (bsc#1146215).\n - scsi: lpfc: Fix reported physical link speed on a disabled trunked\n (bsc#1146215).\n - scsi: lpfc: Fix reset recovery paths that are not recovering\n (bsc#1144375).\n - scsi: lpfc: Fix sg_seg_cnt for HBAs that do not support NVME\n (bsc#1146215).\n - scsi: lpfc: Fix sli4 adapter initialization with MSI (bsc#1146215).\n - scsi: lpfc: Fix too many sg segments spamming in kernel log\n (bsc#1146215).\n - scsi: lpfc: Fix upcall to bsg done in non-success cases (bsc#1146215).\n - scsi: lpfc: Limit xri count for kdump environment (bsc#1146215).\n - scsi: lpfc: lpfc_sli: Mark expected switch fall-throughs (bsc#1148308).\n - scsi: lpfc: Make some symbols static (bsc#1148308).\n - scsi: lpfc: Merge per-protocol WQ/CQ pairs into single per-cpu pair\n (bsc#1146215).\n - scsi: lpfc: Migrate to %px and %pf in kernel print calls (bsc#1146215).\n - scsi: lpfc: no need to check return value of debugfs_create functions\n (bsc#1148308).\n - scsi: lpfc: nvme: avoid hang / use-after-free when destroying localport\n (bsc#1148308).\n - scsi: lpfc: nvmet: avoid hang / use-after-free when destroying\n targetport (bsc#1148308).\n - scsi: lpfc: remove a bogus pci_dma_sync_single_for_device call\n (bsc#1148308).\n - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n - scsi: lpfc: remove NULL check before some freeing functions\n (bsc#1146215).\n - scsi: lpfc: remove null check on nvmebuf (bsc#1148308).\n - scsi: lpfc: remove ScsiResult macro (bsc#1148308).\n - scsi: lpfc: Remove set but not used variable 'psli' (bsc#1148308).\n - scsi: lpfc: Remove set but not used variables 'fc_hdr' and\n 'hw_page_size' (bsc#1148308).\n - scsi: lpfc: Remove set but not used variables 'qp' (bsc#1148308).\n - scsi: lpfc: Remove set but not used variables 'tgtp' (bsc#1148308).\n - scsi: lpfc: Resolve checker warning for lpfc_new_io_buf() (bsc#1144375).\n - scsi: lpfc: resolve lockdep warnings (bsc#1148308).\n - scsi: lpfc: Support dynamic unbounded SGL lists on G7 hardware\n (bsc#1146215).\n - scsi: lpfc: Update lpfc version to 12.4.0.0 (bsc#1146215).\n - scsi: lpfc: Use dma_zalloc_coherent (bsc#1148308).\n - scsi: lpfc: use sg helper to iterate over scatterlist (bsc#1148308).\n - scsi: mac_scsi: Fix pseudo DMA implementation, take 2 (git-fixes).\n - scsi: mac_scsi: Increase PIO/PDMA transfer length threshold (git-fixes).\n - scsi: megaraid: fix out-of-bound array accesses (git-fixes).\n - scsi: megaraid_sas: Fix calculation of target ID (git-fixes).\n - scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (bsc#1143962).\n - scsi: megaraid_sas: Release Mutex lock before OCR in case of DCMD\n timeout (bsc#1143962).\n - scsi: NCR5380: Always re-enable reselection interrupt (git-fixes).\n - scsi: pmcraid: do not allocate a dma coherent buffer for sense data\n (bsc#1135990 jsc#SLE-4709).\n - scsi: pmcraid: simplify pmcraid_cancel_all a bit (bsc#1135990\n jsc#SLE-4709).\n - scsi: pmcraid: use generic DMA API (bsc#1135990 jsc#SLE-4709).\n - scsi: pmcraid: use sg helper to iterate over scatterlist (bsc#1135990\n jsc#SLE-4709).\n - scsi: prefix header search paths with $(srctree)/ (bsc#1136346\n jsc#SLE-4682).\n - scsi: qedf: Add debug information for unsolicited processing\n (bsc#1149976).\n - scsi: qedf: Add shutdown callback handler (bsc#1149976).\n - scsi: qedf: Add support for 20 Gbps speed (bsc#1149976).\n - scsi: qedf: Check both the FCF and fabric ID before servicing clear\n virtual link (bsc#1149976).\n - scsi: qedf: Check for link state before processing LL2 packets and send\n fipvlan retries (bsc#1149976).\n - scsi: qedf: Check for module unloading bit before processing link update\n AEN (bsc#1149976).\n - scsi: qedf: Decrease the LL2 MTU size to 2500 (bsc#1149976).\n - scsi: qedf: Fix race betwen fipvlan request and response path\n (bsc#1149976).\n - scsi: qedf: Initiator fails to re-login to switch after link down\n (bsc#1149976).\n - scsi: qedf: Print message during bailout conditions (bsc#1149976).\n - scsi: qedf: remove memset/memcpy to nfunc and use func instead\n (git-fixes).\n - scsi: qedf: remove set but not used variables (bsc#1149976).\n - scsi: qedf: Stop sending fipvlan request on unload (bsc#1149976).\n - scsi: qedf: Update module description string (bsc#1149976).\n - scsi: qedf: Update the driver version to 8.37.25.20 (bsc#1149976).\n - scsi: qedf: Update the version to 8.42.3.0 (bsc#1149976).\n - scsi: qedf: Use discovery list to traverse rports (bsc#1149976).\n - scsi: qedi: remove declaration of nvm_image from stack (git-fixes).\n - scsi: qla2xxx: Add cleanup for PCI EEH recovery (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Add cleanup for PCI EEH recovery (bsc#1129424).\n - scsi: qla2xxx: Allow NVMe IO to resume with short cable pull\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return\n value (bsc#1143706).\n - scsi: qla2xxx: Avoid that Coverity complains about dereferencing a NULL\n rport pointer (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in\n tcm_qla2xxx_close_session() (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Avoid that qla2x00_mem_free() crashes if called twice\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory\n (git-fixes).\n - scsi: qla2xxx: Change abort wait_loop from msleep to wait_event_timeout\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Change a stack variable into a static const variable\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Change data_dsd into an array (bsc#1143706).\n - scsi: qla2xxx: Change the return type of qla24xx_read_flash_data()\n (bsc#1143706).\n - scsi: qla2xxx: Change the return type of qla2x00_update_ms_fdmi_iocb()\n into void (bsc#1143706).\n - scsi: qla2xxx: Check secondary image if reading the primary image fails\n (bsc#1143706).\n - scsi: qla2xxx: Check the PCI info string output buffer size\n (bsc#1143706).\n - scsi: qla2xxx: Check the size of firmware data structures at compile\n time (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Cleanup fcport memory to prevent leak (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Cleanup redundant qla2x00_abort_all_cmds during unload\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: cleanup trace buffer initialization (bsc#1134476).\n - scsi: qla2xxx: Complain if a command is released that is owned by the\n firmware (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Complain if a mailbox command times out (bsc#1143706).\n - scsi: qla2xxx: Complain if a soft reset fails (bsc#1143706).\n - scsi: qla2xxx: Complain if parsing the version string fails\n (bsc#1143706).\n - scsi: qla2xxx: Complain if sp-&gt;done() is not called from the completion\n path (bsc#1143706).\n - scsi: qla2xxx: Complain if waiting for pending commands times out\n (bsc#1143706).\n - scsi: qla2xxx: Complain loudly about reference count underflow\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Correct error handling during initialization failures\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Declare fourth qla2x00_set_model_info() argument const\n (bsc#1143706).\n - scsi: qla2xxx: Declare local symbols static (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Declare qla24xx_build_scsi_crc_2_iocbs() static\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Declare qla2x00_find_new_loop_id() static (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Declare qla_tgt_cmd.cdb const (bsc#1143706).\n - scsi: qla2xxx: Declare the fourth ql_dump_buffer() argument const\n (bsc#1143706).\n - scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Do not corrupt vha-&gt;plogi_ack_list (bsc#1143706).\n - scsi: qla2xxx: Enable type checking for the SRB free and done callback\n functions (bsc#1143706).\n - scsi: qla2xxx: Fix abort timeout race condition (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix a format specifier (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix a format specifier (git-fixes).\n - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() (git-fixes).\n - scsi: qla2xxx: Fix a NULL pointer dereference (bsc#1143706).\n - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix a race condition between aborting and completing a\n SCSI command (bsc#1143706).\n - scsi: qla2xxx: Fix a small typo in qla_bsg.c (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix comment alignment in qla_bsg.c (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix device staying in blocked state (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix device staying in blocked state (git-fixes).\n - scsi: qla2xxx: Fix different size DMA Alloc/Unmap (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix DMA unmap leak (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix driver reload for ISP82xx (bsc#1143706).\n - scsi: qla2xxx: Fix driver unload when FC-NVMe LUNs are connected\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() (git-fixes).\n - scsi: qla2xxx: Fix flash read for Qlogic ISPs (bsc#1143706).\n - scsi: qla2xxx: Fix formatting of pointer types (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix fw dump corruption (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix hang in fcport delete path (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix hardirq-unsafe locking (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix hardlockup in abort command during driver remove\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix kernel crash after disconnecting NVMe devices\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix message indicating vectors used by driver\n (bsc#1143706).\n - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix NVME cmd and LS cmd timeout race condition\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix NVMe port discovery after a short device port loss\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix possible fcport null-pointer dereferences\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix premature timer expiration (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() (bsc#1143706).\n - scsi: qla2xxx: Fix race conditions in the code for aborting SCSI\n commands (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix session lookup in qlt_abort_work() (bsc#1143706).\n - scsi: qla2xxx: fix spelling mistake &quot;alredy&quot; -&gt; &quot;already&quot; (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Fix stale session (bsc#1143706).\n - scsi: qla2xxx: Fix stuck login session (bsc#1143706).\n - scsi: qla2xxx: Fix use-after-free issues in qla2xxx_qpair_sp_free_dma()\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Further limit FLASH region write access from SysFS\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Improve Linux kernel coding style conformance\n (bsc#1143706).\n - scsi: qla2xxx: Include the &lt;asm/unaligned.h&gt; header file from qla_dsd.h\n (bsc#1143706).\n - scsi: qla2xxx: Increase the max_sgl_segments to 1024 (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Increase the size of the mailbox arrays from 4 to 8\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function\n (bsc#1143706).\n - scsi: qla2xxx: Insert spaces where required (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Introduce qla2x00_els_dcmd2_free() (bsc#1143706).\n - scsi: qla2xxx: Introduce qla2xxx_get_next_handle() (bsc#1143706).\n - scsi: qla2xxx: Introduce the be_id_t and le_id_t data types for FC\n src/dst IDs (bsc#1143706).\n - scsi: qla2xxx: Introduce the dsd32 and dsd64 data structures\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (bsc#1143706).\n - scsi: qla2xxx: Leave a blank line after declarations (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Let the compiler check the type of the SCSI command\n context pointer (bsc#1143706).\n - scsi: qla2xxx: Log the status code if a firmware command fails\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Make it explicit that ELS pass-through IOCBs use little\n endian (bsc#1143706).\n - scsi: qla2xxx: Make qla24xx_async_abort_cmd() static (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference\n count (bsc#1143706).\n - scsi: qla2xxx: Make qla2x00_mem_free() easier to verify (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Make qla2x00_process_response_queue() easier to read\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Make qlt_handle_abts_completion() more robust\n (bsc#1143706).\n - scsi: qla2xxx: Make sure that aborted commands are freed (bsc#1143706).\n - scsi: qla2xxx: Modify NVMe include directives (bsc#1143706).\n - scsi: qla2xxx: move IO flush to the front of NVME rport unregistration\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move qla2x00_clear_loop_id() from qla_inline.h into\n qla_init.c (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move qla2x00_is_reserved_id() from qla_inline.h into\n qla_init.c (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move qla2x00_set_fcport_state() from a .h into a .c file\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move qla2x00_set_reserved_loop_ids() definition\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move the &lt;linux/io-64-nonatomic-lo-hi.h&gt; include\n directive (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Move the port_state_str definition from a .h to a .c file\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: on session delete, return nvme cmd (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Pass little-endian values to the firmware (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha-&gt;eft (bsc#1134476).\n - scsi: qla2xxx: Really fix qla2xxx_eh_abort() (bsc#1143706).\n - scsi: qla2xxx: Reduce the number of casts in GID list code (bsc#1143706).\n - scsi: qla2xxx: Reduce the number of forward declarations (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Reduce the scope of three local variables in\n qla2xxx_queuecommand() (bsc#1143706).\n - scsi: qla2xxx: Reject EH_{abort|device_reset|target_request}\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove a comment that refers to the SCSI host lock\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove an include directive from qla_mr.c (bsc#1143706).\n - scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove a superfluous forward declaration (bsc#1143706).\n - scsi: qla2xxx: Remove a superfluous pointer check (bsc#1143706).\n - scsi: qla2xxx: Remove dead code (bsc#1143706).\n - scsi: qla2xxx: remove double assignment in qla2x00_update_fcport\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove qla_tgt_cmd.data_work and\n qla_tgt_cmd.data_work_free (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove qla_tgt_cmd.released (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Remove superfluous sts_entry_* casts (bsc#1143706).\n - scsi: qla2xxx: Remove the fcport test from qla_nvme_abort_work()\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove two superfluous casts (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Remove two superfluous if-tests (bsc#1143706).\n - scsi: qla2xxx: Remove two superfluous tests (bsc#1143706).\n - scsi: qla2xxx: Remove unnecessary locking from the target code\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Remove unnecessary null check (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Remove unreachable code from qla83xx_idc_lock()\n (bsc#1143706).\n - scsi: qla2xxx: Remove useless set memory to zero use memset()\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Replace vmalloc + memset with vzalloc (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Report invalid mailbox status codes (bsc#1143706).\n - scsi: qla2xxx: Report the firmware status code if a mailbox command\n fails (bsc#1143706).\n - scsi: qla2xxx: Reset the FCF_ASYNC_{SENT|ACTIVE} flags (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Retry fabric Scan on IOCB queue full (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Rework key encoding in qlt_find_host_by_d_id()\n (bsc#1143706).\n - scsi: qla2xxx: Set the qpair in SRB to NULL when SRB is released\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Set the responder mode if appropriate for ELS\n pass-through IOCBs (bsc#1143706).\n - scsi: qla2xxx: Set the SCSI command result before calling the command\n done (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Silence Successful ELS IOCB message (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Simplify a debug statement (bsc#1143706).\n - scsi: qla2xxx: Simplify qla24xx_abort_sp_done() (bsc#1143706).\n - scsi: qla2xxx: Simplify qla24xx_async_abort_cmd() (bsc#1143706).\n - scsi: qla2xxx: Simplify qlt_lport_dump() (bsc#1143706).\n - scsi: qla2xxx: Simplify qlt_send_term_imm_notif() (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Skip FW dump on LOOP initialization error (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Suppress a Coveritiy complaint about integer overflow\n (bsc#1143706).\n - scsi: qla2xxx: Suppress multiple Coverity complaint about out-of-bounds\n accesses (bsc#1143706).\n - scsi: qla2xxx: target: Fix offline port handling and host reset handling\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Uninline qla2x00_init_timer() (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Unregister chrdev if module initialization fails\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Unregister chrdev if module initialization fails\n (git-fixes).\n - scsi: qla2xxx: Unregister resources in the opposite order of the\n registration order (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Update driver version to 10.01.00.16-k (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Update driver version to 10.01.00.18-k (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Update driver version to 10.01.00.19-k (bsc#1143706).\n - scsi: qla2xxx: Update two source code comments (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Update two source code comments (git-fixes).\n - scsi: qla2xxx: Use an on-stack completion in qla24xx_control_vp()\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use ARRAY_SIZE() in the definition of QLA_LAST_SPEED\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use common update-firmware-options routine for ISP27xx+\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use Correct index for Q-Pair array (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use get/put_unaligned where appropriate (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use __le64 instead of uint32_t[2] for sending DMA\n addresses to firmware (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use memcpy() and strlcpy() instead of strcpy() and\n strncpy() (bsc#1143706).\n - scsi: qla2xxx: Use mutex protection during qla2x00_sysfs_read_fw_dump()\n (bsc#1082635 bsc#1141340 bsc#1143706).\n - scsi: qla2xxx: Use strlcpy() instead of strncpy() (bsc#1143706).\n - scsi: qla2xxx: Use tabs instead of spaces for indentation (bsc#1143706).\n - scsi: qla2xxx: Use tabs to indent code (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: qla2xxx: Verify locking assumptions at runtime (bsc#1143706).\n - scsi: qla4xxx: avoid freeing unallocated dma memory (git-fixes).\n - scsi: raid_attrs: fix unused variable warning (git-fixes).\n - scsi: sas: Convert timers to use timer_setup() (bsc#1137322 bsc#1137323\n bsc#1138099 bsc#1138100).\n - scsi: scsi_dh_alua: Fix possible null-ptr-deref (git-fixes).\n - scsi: scsi_transport_fc: nvme: display FC-NVMe port roles (bsc#1082635\n bsc#1141340 bsc#1143706).\n - scsi: sd: Defer spinning up drive while SANITIZE is in progress\n (git-fixes).\n - scsi: sd: Fix a race between closing an sd device and sd I/O (git-fixes).\n - scsi: sd: Fix cache_type_store() (git-fixes).\n - scsi: sd: Optimal I/O size should be a multiple of physical block size\n (git-fixes).\n - scsi: sd: Quiesce warning if device does not report optimal I/O size\n (git-fixes).\n - scsi: sd: use mempool for discard special page (git-fixes).\n - scsi: sd_zbc: Fix potential memory leak (git-fixes).\n - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous()\n (git-fixes).\n - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power\n management enabled (git-fixes).\n - scsi: target: iscsi: cxgbit: add missing spin_lock_init() (bsc#1136349\n jsc#SLE-4685).\n - scsi: tcm_qla2xxx: Minimize #include directives (bsc#1082635 bsc#1141340\n bsc#1143706).\n - scsi: ufs: Avoid runtime suspend possibly being blocked forever\n (git-fixes).\n - scsi: ufs: Check that space was properly alloced in copy_query_response\n (git-fixes).\n - scsi: ufs: Fix NULL pointer dereference in ufshcd_config_vreg_hpm()\n (git-fixes).\n - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value (git-fixes).\n - scsi: ufs: fix wrong command type of UTRD for UFSHCI v2.1 (git-fixes).\n - scsi: use dma_get_cache_alignment() as minimum DMA alignment (git-fixes).\n - scsi: virtio_scsi: do not send sc payload with tmfs (git-fixes).\n - sdhci-fujitsu: add support for setting the CMD_DAT_DELAY attribute\n (bsc#1145256).\n - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of\n force_sig (bsc#1144333).\n - sis900: fix TX completion (bsc#1051510).\n - sky2: Disable MSI on ASUS P6T (bsc#1142496).\n - smb2: fix missing files in root share directory listing (bsc#1112907,\n bsc#1144333).\n - smb2: fix typo in definition of a few error flags (bsc#1144333).\n - smb2: fix uninitialized variable bug in smb2_ioctl_query_info\n (bsc#1144333).\n - SMB3.1.1: Add GCM crypto to the encrypt and decrypt functions\n (bsc#1144333).\n - SMB3.1.1 dialect is no longer experimental (bsc#1051510, bsc#1144333).\n - SMB311: Fix reconnect (bsc#1051510, bsc#1144333).\n - SMB311: Improve checking of negotiate security contexts (bsc#1051510,\n bsc#1144333).\n - smb3.11: replace a 4 with server-&gt;vals-&gt;header_preamble_size\n (bsc#1144333).\n - smb3: add additional ftrace entry points for entry/exit to cifs.ko\n (bsc#1144333).\n - smb3: add credits we receive from oplock/break PDUs (bsc#1144333).\n - smb3: add debug for unexpected mid cancellation (bsc#1144333).\n - smb3: Add debug message later in smb2/smb3 reconnect path (bsc#1144333).\n - smb3: add define for id for posix create context and corresponding\n struct (bsc#1144333).\n - smb3: Add defines for new negotiate contexts (bsc#1144333).\n - smb3: add dynamic trace point for query_info_enter/done (bsc#1144333).\n - smb3: add dynamic trace point for smb3_cmd_enter (bsc#1144333).\n - smb3: add dynamic tracepoint for timeout waiting for credits\n (bsc#1144333).\n - smb3: add dynamic tracepoints for simple fallocate and zero range\n (bsc#1144333).\n - smb3: Add dynamic trace points for various compounded smb3 ops\n (bsc#1144333).\n - smb3: Add ftrace tracepoints for improved SMB3 debugging (bsc#1144333).\n - smb3: Add handling for different FSCTL access flags (bsc#1144333).\n - smb3: add missing read completion trace point (bsc#1144333).\n - smb3: add module alias for smb3 to cifs.ko (bsc#1144333).\n - smb3: add new mount option to retrieve mode from special ACE\n (bsc#1144333).\n - smb3: Add posix create context for smb3.11 posix mounts (bsc#1144333).\n - smb3: Add protocol structs for change notify support (bsc#1144333).\n - smb3: add reconnect tracepoints (bsc#1144333).\n - smb3: Add SMB3.1.1 GCM to negotiated crypto algorigthms (bsc#1144333).\n - smb3: add smb3.1.1 to default dialect list (bsc#1144333).\n - smb3: Add support for multidialect negotiate (SMB2.1 and later)\n (bsc#1051510, bsc#1144333).\n - smb3: add support for posix negotiate context (bsc#1144333).\n - smb3: add support for statfs for smb3.1.1 posix extensions (bsc#1144333).\n - smb3: add tracepoint for sending lease break responses to server\n (bsc#1144333).\n - smb3: add tracepoint for session expired or deleted (bsc#1144333).\n - smb3: add tracepoint for slow responses (bsc#1144333).\n - smb3: add trace point for tree connection (bsc#1144333).\n - smb3: add tracepoints for query dir (bsc#1144333).\n - smb3: Add tracepoints for read, write and query_dir enter (bsc#1144333).\n - smb3: add tracepoints for smb2/smb3 open (bsc#1144333).\n - smb3: add tracepoint to catch cases where credit refund of failed op\n overlaps reconnect (bsc#1144333).\n - smb3: add way to control slow response threshold for logging and stats\n (bsc#1144333).\n - smb3: allow more detailed protocol info on open files for debugging\n (bsc#1144333).\n - smb3: Allow persistent handle timeout to be configurable on mount\n (bsc#1144333).\n - smb3: allow posix mount option to enable new SMB311 protocol extensions\n (bsc#1144333).\n - smb3: allow previous versions to be mounted with snapshot= mount parm\n (bsc#1144333).\n - smb3: Allow query of symlinks stored as reparse points (bsc#1144333).\n - smb3: Allow SMB3 FSCTL queries to be sent to server from tools\n (bsc#1144333).\n - smb3: allow stats which track session and share reconnects to be reset\n (bsc#1051510, bsc#1144333).\n - smb3: Backup intent flag missing for directory opens with backupuid\n mounts (bsc#1051510, bsc#1144333).\n - smb3: Backup intent flag missing from compounded ops (bsc#1144333).\n - smb3: check for and properly advertise directory lease support\n (bsc#1051510, bsc#1144333).\n - smb3 - clean up debug output displaying network interfaces (bsc#1144333).\n - smb3: Cleanup license mess (bsc#1144333).\n - smb3: Clean up query symlink when reparse point (bsc#1144333).\n - smb3: create smb3 equivalent alias for cifs pseudo-xattrs (bsc#1144333).\n - smb3: directory sync should not return an error (bsc#1051510,\n bsc#1144333).\n - smb3: display bytes_read and bytes_written in smb3 stats (bsc#1144333).\n - smb3: display security information in /proc/fs/cifs/DebugData more\n accurately (bsc#1144333).\n - smb3: display session id in debug data (bsc#1144333).\n - smb3: display stats counters for number of slow commands (bsc#1144333).\n - smb3: display volume serial number for shares in /proc/fs/cifs/DebugData\n (bsc#1144333).\n - smb3: do not allow insecure cifs mounts when using smb3 (bsc#1144333).\n - smb3: do not attempt cifs operation in smb3 query info error path\n (bsc#1051510, bsc#1144333).\n - smb3: do not display confusing message on mount to Azure servers\n (bsc#1144333).\n - smb3: do not display empty interface list (bsc#1144333).\n - smb3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bsc#1085536,\n bsc#1144333).\n - smb3: do not request leases in symlink creation and query (bsc#1051510,\n bsc#1144333).\n - smb3: do not send compression info by default (bsc#1144333).\n - smb3: Do not send SMB3 SET_INFO if nothing changed (bsc#1051510,\n bsc#1144333).\n - smb3: enumerating snapshots was leaving part of the data off end\n (bsc#1051510, bsc#1144333).\n - smb3: fill in statfs fsid and correct namelen (bsc#1112905, bsc#1144333).\n - smb3: Fix 3.11 encryption to Windows and handle encrypted smb3 tcon\n (bsc#1051510, bsc#1144333).\n - smb3: fix bytes_read statistics (bsc#1144333).\n - smb3: fix corrupt path in subdirs on smb311 with posix (bsc#1144333).\n - smb3: Fix deadlock in validate negotiate hits reconnect (bsc#1144333).\n - smb3: Fix endian warning (bsc#1144333, bsc#1137884).\n - smb3: Fix enumerating snapshots to Azure (bsc#1144333).\n - smb3: fix large reads on encrypted connections (bsc#1144333).\n - smb3: fix lease break problem introduced by compounding (bsc#1144333).\n - smb3: Fix length checking of SMB3.11 negotiate request (bsc#1051510,\n bsc#1144333).\n - smb3: fix minor debug output for CONFIG_CIFS_STATS (bsc#1144333).\n - smb3: Fix mode on mkdir on smb311 mounts (bsc#1144333).\n - smb3: Fix potential memory leak when processing compound chain\n (bsc#1144333).\n - smb3: fix redundant opens on root (bsc#1144333).\n - smb3: fix reset of bytes read and written stats (bsc#1112906,\n bsc#1144333).\n - smb3: Fix rmdir compounding regression to strict servers (bsc#1144333).\n - smb3: Fix root directory when server returns inode number of zero\n (bsc#1051510, bsc#1144333).\n - smb3: Fix SMB3.1.1 guest mounts to Samba (bsc#1051510, bsc#1144333).\n - smb3: fix various xid leaks (bsc#1051510, bsc#1144333).\n - smb3: for kerberos mounts display the credential uid used (bsc#1144333).\n - smb3: handle new statx fields (bsc#1085536, bsc#1144333).\n - smb3: if max_credits is specified then display it in /proc/mounts\n (bsc#1144333).\n - smb3: if server does not support posix do not allow posix mount option\n (bsc#1144333).\n - smb3: improve dynamic tracing of open and posix mkdir (bsc#1144333).\n - smb3: increase initial number of credits requested to allow write\n (bsc#1144333).\n - smb3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL\n (bsc#1144333).\n - smb3: Log at least once if tree connect fails during reconnect\n (bsc#1144333).\n - smb3: make default i/o size for smb3 mounts larger (bsc#1144333).\n - smb3: minor cleanup of compound_send_recv (bsc#1144333).\n - smb3: minor debugging clarifications in rfc1001 len processing\n (bsc#1144333).\n - smb3: minor missing defines relating to reparse points (bsc#1144333).\n - smb3: missing defines and structs for reparse point handling\n (bsc#1144333).\n - smb3: note that smb3.11 posix extensions mount option is experimental\n (bsc#1144333).\n - smb3: Number of requests sent should be displayed for SMB3 not just CIFS\n (bsc#1144333).\n - smb3: on kerberos mount if server does not specify auth type use krb5\n (bsc#1051510, bsc#1144333).\n - smb3: on reconnect set PreviousSessionId field (bsc#1112899,\n bsc#1144333).\n - smb3: optimize open to not send query file internal info (bsc#1144333).\n - smb3: passthru query info does not check for SMB3 FSCTL passthru\n (bsc#1144333).\n - smb3: print tree id in debugdata in proc to be able to help logging\n (bsc#1144333).\n - smb3: query inode number on open via create context (bsc#1144333).\n - smb3: remove noisy warning message on mount (bsc#1129664, bsc#1144333).\n - smb3: remove per-session operations from per-tree connection stats\n (bsc#1144333).\n - smb3: rename encryption_required to smb3_encryption_required\n (bsc#1144333).\n - smb3: request more credits on normal (non-large read/write) ops\n (bsc#1144333).\n - smb3: request more credits on tree connect (bsc#1144333).\n - smb3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write\n (bsc#1144333).\n - smb3: send backup intent on compounded query info (bsc#1144333).\n - smb3: send CAP_DFS capability during session setup (bsc#1144333).\n - smb3: Send netname context during negotiate protocol (bsc#1144333).\n - smb3: show number of current open files in /proc/fs/cifs/Stats\n (bsc#1144333).\n - smb3: simplify code by removing CONFIG_CIFS_SMB311 (bsc#1051510,\n bsc#1144333).\n - smb3: smbdirect no longer experimental (bsc#1144333).\n - smb3: snapshot mounts are read-only and make sure info is displayable\n about the mount (bsc#1144333).\n - smb3: track the instance of each session for debugging (bsc#1144333).\n - smb3: Track total time spent on roundtrips for each SMB3 command\n (bsc#1144333).\n - smb3: trivial cleanup to smb2ops.c (bsc#1144333).\n - smb3: update comment to clarify enumerating snapshots (bsc#1144333).\n - smb3: update default requested iosize to 4MB from 1MB for recent\n dialects (bsc#1144333).\n - smb3: Update POSIX negotiate context with POSIX ctxt GUID (bsc#1144333).\n - smb3: Validate negotiate request must always be signed (bsc#1064597,\n bsc#1144333).\n - smb3: Warn user if trying to sign connection that authenticated as guest\n (bsc#1085536, bsc#1144333).\n - smbd: Make upper layer decide when to destroy the transport\n (bsc#1144333).\n - SMB: fix leak of validate negotiate info response buffer (bsc#1064597,\n bsc#1144333).\n - SMB: fix validate negotiate info uninitialised memory use (bsc#1064597,\n bsc#1144333).\n - SMB: Validate negotiate (to protect against downgrade) even if signing\n off (bsc#1085536, bsc#1144333).\n - smpboot: Place the __percpu annotation correctly (git fixes).\n - soc: rockchip: power-domain: Add a sanity check on pd-&gt;num_clks\n (bsc#1144718,bsc#1144813).\n - soc: rockchip: power-domain: use clk_bulk APIs (bsc#1144718,bsc#1144813).\n - soc: rockchip: power-domain: Use of_clk_get_parent_count() instead of\n open coding (bsc#1144718,bsc#1144813).\n - sound: fix a memory leak bug (bsc#1051510).\n - spi: bcm2835aux: fix corruptions for longer spi transfers (bsc#1051510).\n - spi: bcm2835aux: remove dangerous uncontrolled read of fifo\n (bsc#1051510).\n - spi: bcm2835aux: unifying code between polling and interrupt driven code\n (bsc#1051510).\n - st21nfca_connectivity_event_received: null check the allocation\n (bsc#1051510).\n - staging: comedi: dt3000: Fix rounding up of timer divisor (bsc#1051510).\n - staging: comedi: dt3000: Fix signed integer overflow 'divider * base'\n (bsc#1051510).\n - staging: fsl-dpaa2/ethsw: fix memory leak of switchdev_work\n (bsc#1111666).\n - st_nci_hci_connectivity_event_received: null check the allocation\n (bsc#1051510).\n - supported.conf: Add missing modules (bsc#1066369).\n - supported.conf: Remove duplicate drivers/ata/libahci_platform\n - supported.conf: Remove duplicate entries\n - supported.conf: Sort alphabetically, align comments.\n - tcp: Reset bytes_acked and bytes_received when disconnecting\n (networking-stable-19_07_25).\n - test_firmware: fix a memory leak bug (bsc#1051510).\n - tools: bpftool: close prog FD before exit on showing a single program\n (bsc#1109837).\n - tools: bpftool: fix error message (prog -&gt; object) (bsc#1109837).\n - tpm: Fix off-by-one when reading binary_bios_measurements (bsc#1082555).\n - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations\n (bsc#1082555).\n - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete\n (bsc#1082555).\n - tpm: Unify the send callback behaviour (bsc#1082555).\n - tpm: vtpm_proxy: Suppress error logging when in closed state\n (bsc#1082555).\n - Tree connect for SMB3.1.1 must be signed for non-encrypted shares\n (bsc#1051510, bsc#1144333).\n - treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 231\n (bsc#1144333).\n - tun: mark small packets as owned by the tap sock (bsc#1109837).\n - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length\n (bsc#1148617).\n - Update config files. (bsc#1145687) Add the following kernel config to\n ARM64: CONFIG_ACPI_PCI_SLOT=y CONFIG_HOTPLUG_PCI_ACPI=y\n - Update config files. - cifs: add CONFIG_CIFS_DEBUG_KEYS to dump\n encryption keys (bsc#1144333).\n - Update config files. - cifs: allow disabling insecure dialects in the\n config (bsc#1144333).\n - Update config files. - cifs: smbd: Introduce kernel config option\n CONFIG_CIFS_SMB_DIRECT (bsc#1144333).\n - update internal version number for cifs.ko (bsc#1144333).\n - Update patches.fixes/0001-docs-Fix-conf.py-for-Sphinx-2.0.patch\n (bsc#1135642). Fix patch header.\n - Update patches.fixes/MD-fix-invalid-stored-role-for-a-disk-try2.patch\n (bsc#1143765).\n - Update\n patches.fixes/tracing-Fix-bad-use-of-igrab-in-trace_uprobe.c.patch\n (bsc#1120046, bsc#1146141).\n - Update\n patches.suse/ceph-remove-request-from-waiting-list-before-unregister.patch\n (bsc#1148133 bsc#1138539).\n - Update session and share information displayed for debugging SMB2/SMB3\n (bsc#1144333).\n - Update version of cifs module (bsc#1144333).\n - usb: cdc-acm: make sure a refcount is taken early enough (bsc#1142635).\n - usb: CDC: fix sanity checks in CDC union parser (bsc#1142635).\n - usb: cdc-wdm: fix race between write and disconnect due to flag abuse\n (bsc#1051510).\n - usb: chipidea: udc: do not do hardware access if gadget has stopped\n (bsc#1051510).\n - usb: core: Fix races in character device registration and deregistraion\n (bsc#1051510).\n - usb: gadget: composite: Clear &quot;suspended&quot; on reset/disconnect\n (bsc#1051510).\n - usb: gadget: udc: renesas_usb3: Fix sysfs interface of &quot;role&quot;\n (bsc#1142635).\n - usb: host: fotg2: restart hcd after port reset (bsc#1051510).\n - usb: host: ohci: fix a race condition between shutdown and irq\n (bsc#1051510).\n - usb: host: xhci-rcar: Fix timeout in xhci_suspend() (bsc#1051510).\n - usb: host: xhci: rcar: Fix typo in compatible string matching\n (bsc#1051510).\n - usb: iowarrior: fix deadlock on disconnect (bsc#1051510).\n - usb: serial: option: add D-Link DWM-222 device ID (bsc#1051510).\n - usb: serial: option: Add Motorola modem UARTs (bsc#1051510).\n - usb: serial: option: Add support for ZTE MF871A (bsc#1051510).\n - usb: serial: option: add the BroadMobi BM818 card (bsc#1051510).\n - usb-storage: Add new JMS567 revision to unusual_devs (bsc#1051510).\n - usb: storage: ums-realtek: Update module parameter description for\n auto_delink_en (bsc#1051510).\n - usb: storage: ums-realtek: Whitelist auto-delink support (bsc#1051510).\n - usb: typec: tcpm: free log buf memory when remove debug file\n (bsc#1111666).\n - usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests\n (bsc#1111666).\n - usb: typec: tcpm: remove tcpm dir if no children (bsc#1111666).\n - usb: usbfs: fix double-free of usb memory upon submiturb error\n (bsc#1051510).\n - usb: yurex: Fix use-after-free in yurex_delete (bsc#1051510).\n - vfs: fix page locking deadlocks when deduping files (bsc#1148619).\n - virtio/s390: fix race on airq_areas (bsc#1145357).\n - VMCI: Release resource if the work is already queued (bsc#1051510).\n - vrf: make sure skb-&gt;data contains ip header to make routing\n (networking-stable-19_07_25).\n - watchdog: bcm2835_wdt: Fix module autoload (bsc#1051510).\n - watchdog: core: fix null pointer dereference when releasing cdev\n (bsc#1051510).\n - watchdog: f71808e_wdt: fix F81866 bit operation (bsc#1051510).\n - watchdog: fix compile time error of pretimeout governors (bsc#1051510).\n - wimax/i2400m: fix a memory leak bug (bsc#1051510).\n - x86/asm: Remove dead __GNUC__ conditionals (bsc#1112178).\n - x86/boot: Fix memory leak in default_get_smp_config() (bsc#1114279).\n - x86/dma: Get rid of iommu_pass_through (bsc#1136039).\n - x86/entry/64/compat: Fix stack switching for XEN PV (bsc#1108382).\n - x86/microcode: Fix the microcode load on CPU hotplug for real\n (bsc#1114279).\n - x86/mm: Check for pfn instead of page in vmalloc_sync_one()\n (bsc#1118689).\n - x86/mm: Sync also unmappings in vmalloc_sync_all() (bsc#1118689).\n - x86/resctrl: Prevent NULL pointer dereference when local MBM is disabled\n (bsc#1112178).\n - x86/speculation: Allow guests to use SSBD even if host does not\n (bsc#1114279).\n - x86/speculation/mds: Apply more accurate check on hypervisor platform\n (bsc#1114279).\n - x86/unwind: Add hardcoded ORC entry for NULL (bsc#1114279).\n - x86/unwind: Handle NULL pointer calls better in frame unwinder\n (bsc#1114279).\n - xdp: unpin xdp umem pages in error path (bsc#1109837).\n - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()\n (bsc#1065600).\n - xfrm: Fix bucket count reported to userspace (bsc#1143300).\n - xfrm: Fix error return code in xfrm_output_one() (bsc#1143300).\n - xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force\n clears the dst_entry (bsc#1143300).\n - xfrm: Fix NULL pointer dereference when skb_dst_force clears the\n dst_entry (bsc#1143300).\n - xfs: do not crash on null attr fork xfs_bmapi_read (bsc#1148035).\n - xfs: do not trip over uninitialized buffer on extent read of corrupted\n inode (bsc#1149053).\n - xfs: dump transaction usage details on log reservation overrun\n (bsc#1145235).\n - xfs: eliminate duplicate icreate tx reservation functions (bsc#1145235).\n - xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to\n EDQUOT (bsc#1148032).\n - xfs: fix semicolon.cocci warnings (bsc#1145235).\n - xfs: fix up agi unlinked list reservations (bsc#1145235).\n - xfs: include an allocfree res for inobt modifications (bsc#1145235).\n - xfs: include inobt buffers in ifree tx log reservation (bsc#1145235).\n - xfs: print transaction log reservation on overrun (bsc#1145235).\n - xfs: refactor inode chunk alloc/free tx reservation (bsc#1145235).\n - xfs: refactor xlog_cil_insert_items() to facilitate transaction dump\n (bsc#1145235).\n - xfs: remove more ondisk directory corruption asserts (bsc#1148034).\n - xfs: separate shutdown from ticket reservation print helper\n (bsc#1145235).\n - xfs: truncate transaction does not modify the inobt (bsc#1145235).\n\n", "modified": "2019-09-25T00:11:14", "published": "2019-09-25T00:11:14", "id": "OPENSUSE-SU-2019:2181-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-09-24T18:27:44", "bulletinFamily": "unix", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-18551: There was an out of bounds write in the function\n i2c_smbus_xfer_emulated (bnc#1146163).\n - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super\n failure (bnc#1146285).\n - CVE-2018-21008: A use-after-free can be caused by the function\n rsi_mac80211_detach in the file\n drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591).\n - CVE-2019-14814: A heap overflow in mwifiex_set_uap_rates() function of\n Marvell was fixed. (bnc#1146512).\n - CVE-2019-14815: A heap overflow in mwifiex_set_wmm_params() function of\n Marvell Wifi Driver was fixed. (bnc#1146514).\n - CVE-2019-14816: A heap overflow in mwifiex_update_vs_ie() function of\n Marvell Wifi Driver was fixed. (bnc#1146516).\n - CVE-2019-14835: A vhost/vhost_net kernel buffer overflow could lead to\n guest to host kernel escape during live migration (bnc#1150112).\n - CVE-2019-15030: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via a Facility\n Unavailable exception. To exploit the venerability, a local user starts\n a transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process\n because of a missing arch/powerpc/kernel/process.c check (bnc#1149713).\n - CVE-2019-15031: In the Linux kernel on the powerpc platform, a local\n user can read vector registers of other users' processes via an\n interrupt. To exploit the venerability, a local user starts a\n transaction (via the hardware transactional memory instruction tbegin)\n and then accesses vector registers. At some point, the vector registers\n will be corrupted with the values from a different local Linux process,\n because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c\n (bnc#1149713).\n - CVE-2019-15090: In the qedi_dbg_* family of functions, there was an\n out-of-bounds read (bnc#1146399).\n - CVE-2019-15098: drivers/net/wireless/ath/ath6kl/usb.c had a NULL pointer\n dereference via an incomplete address in an endpoint descriptor\n (bnc#1146378).\n - CVE-2019-15117: parse_audio_mixer_unit in sound/usb/mixer.c in the Linux\n kernel mishandled a short descriptor, leading to out-of-bounds memory\n access (bnc#1145920).\n - CVE-2019-15118: check_input_term in sound/usb/mixer.c in the Linux\n kernel mishandled recursion, leading to kernel stack exhaustion\n (bnc#1145922).\n - CVE-2019-15211: There was a use-after-free caused by a malicious USB\n device in the drivers/media/v4l2-core/v4l2-dev.c driver because\n drivers/media/radio/radio-raremono.c did not properly allocate memory\n (bnc#1146519).\n - CVE-2019-15212: There was a double-free caused by a malicious USB device\n in the drivers/usb/misc/rio500.c driver (bnc#1146391).\n - CVE-2019-15214: There was a use-after-free in the sound subsystem\n because card disconnection causes certain data structures to be deleted\n too early. This is related to sound/core/init.c and sound/core/info.c\n (bnc#1146550).\n - CVE-2019-15215: There was a use-after-free caused by a malicious USB\n device in the drivers/media/usb/cpia2/cpia2_usb.c driver (bnc#1146425).\n - CVE-2019-15216: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/yurex.c driver\n (bnc#1146361).\n - CVE-2019-15217: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver\n (bnc#1146547).\n - CVE-2019-15218: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/media/usb/siano/smsusb.c driver\n (bnc#1146413).\n - CVE-2019-15219: There was a NULL pointer dereference caused by a\n malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver\n (bnc#1146524).\n - CVE-2019-15220: There was a use-after-free caused by a malicious USB\n device in the drivers/net/wireless/intersil/p54/p54usb.c driver\n (bnc#1146526).\n - CVE-2019-15221: There was a NULL pointer dereference caused by a\n malicious USB device in the sound/usb/line6/pcm.c driver (bnc#1146529).\n - CVE-2019-15222: There was a NULL pointer dereference caused by a\n malicious USB device in the sound/usb/helper.c (motu_microbookii) driver\n (bnc#1146531).\n - CVE-2019-15239: In the Linux kernel, a certain net/ipv4/tcp_output.c\n change, which was properly incorporated into 4.16.12, was incorrectly\n backported to the earlier longterm kernels, introducing a new\n vulnerability that was potentially more severe than the issue that was\n intended to be fixed by backporting. Specifically, by adding to a write\n queue between disconnection and re-connection, a local attacker can\n trigger multiple use-after-free conditions. This can result in a kernel\n crash, or potentially in privilege escalation. (bnc#1146589)\n - CVE-2019-15290: There was a NULL pointer dereference caused by a\n malicious USB device in the ath6kl_usb_alloc_urb_from_pipe function in\n the drivers/net/wireless/ath/ath6kl/usb.c driver (bnc#1146378\n bnc#1146543).\n - CVE-2019-15292: There was a use-after-free in atalk_proc_exit, related\n to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and\n net/appletalk/sysctl_net_atalk.c (bnc#1146678).\n - CVE-2019-15538: XFS partially wedges when a chgrp fails on account of\n being out of disk quota. xfs_setattr_nonsize is failing to unlock the\n ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a\n local DoS attack vector, but it might result as well in remote DoS if\n the XFS filesystem is exported for instance via NFS (bnc#1148093).\n - CVE-2019-15666: There was an out-of-bounds array access in\n __xfrm_policy_unlink, which will cause denial of service, because\n verify_newpolicy_info in net/xfrm/xfrm_user.c mishandled directory\n validation (bnc#1148394).\n - CVE-2019-15902: Misuse of the upstream &quot;x86/ptrace: Fix possible\n spectre-v1 in ptrace_get_debugreg()&quot; commit reintroduced the Spectre\n vulnerability that it aimed to eliminate. This occurred because the\n backport process depends on cherry picking specific commits, and because\n two (correctly ordered) code lines were swapped (bnc#1149376).\n - CVE-2019-15917: There was a use-after-free issue when\n hci_uart_register_dev() fails in hci_uart_set_proto() in\n drivers/bluetooth/hci_ldisc.c (bnc#1149539).\n - CVE-2019-15919: SMB2_write in fs/cifs/smb2pdu.c had a use-after-free\n (bnc#1149552).\n - CVE-2019-15920: An issue was discovered in the Linux kernel SMB2_read in\n fs/cifs/smb2pdu.c had a use-after-free. NOTE: this was not fixed\n correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory\n leak (bnc#1149626).\n - CVE-2019-15921: There was a memory leak issue when idr_alloc() fails in\n genl_register_family() in net/netlink/genetlink.c (bnc#1149602).\n - CVE-2019-15924: The fm10k_init_module in\n drivers/net/ethernet/intel/fm10k/fm10k_main.c had a NULL pointer\n dereference because there is no -ENOMEM upon an alloc_workqueue failure\n (bnc#1149612).\n - CVE-2019-15926: Out of bounds access exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the\n file drivers/net/wireless/ath/ath6kl/wmi.c (bnc#1149527).\n - CVE-2019-15927: An out-of-bounds access exists in the function\n build_audio_procunit in the file sound/usb/mixer.c (bnc#1149522).\n - CVE-2019-9456: In USB monitor driver there is a possible OOB write due\n to a missing bounds check. This could lead to local escalation of\n privilege with System execution privileges needed. User interaction is\n not needed for exploitation (bnc#1150025).\n\n The following non-security bugs were fixed:\n\n - ACPICA: Increase total number of possible Owner IDs (bsc#1148859).\n - ACPI: fix false-positive -Wuninitialized warning (bsc#1051510).\n - Add missing structs and defines from recent SMB3.1.1 documentation\n (bsc#1144333).\n - Add new flag on SMB3.1.1 read (bsc#1144333).\n - address lock imbalance warnings in smbdirect.c (bsc#1144333).\n - Add some missing debug fields in server and tcon structs (bsc#1144333).\n - add some missing definitions (bsc#1144333).\n - Add some qedf commits to blacklist file (bsc#1149976)\n - Add vers=3.0.2 as a valid option for SMBv3.0.2 (bsc#1144333).\n - ALSA: firewire: fix a memory leak bug (bsc#1051510).\n - ALSA: hda - Add a generic reboot_notify (bsc#1051510).\n - ALSA: hda - Apply workaround for another AMD chip 1022:1487\n (bsc#1051510).\n - ALSA: hda - Do not override global PCM hw info flag (bsc#1051510).\n - ALSA: hda - Fix a memory leak bug (bsc#1051510).\n - ALSA: hda - Fix potential endless loop at applying quirks (bsc#1051510).\n - ALSA: hda: kabi workaround for generic parser flag (bsc#1051510).\n - ALSA: hda - Let all conexant codec enter D3 when rebooting (bsc#1051510).\n - ALSA: hda/realtek - Fix overridden device-specific initialization\n (bsc#1051510).\n - ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre\n (bsc#1051510).\n - ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457)\n (bsc#1051510).\n - ALSA: hiface: fix multiple memory leak bugs (bsc#1051510).\n - ALSA: line6: Fix memory leak at line6_init_pcm() error path\n (bsc#1051510).\n - ALSA: seq: Fix potential concurrent access to the deleted pool\n (bsc#1051510).\n - ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks\n (bsc#1051510).\n - ASoC: Fail card instantiation if DAI format setup fails (bsc#1051510).\n - batman-adv: fix uninit-value in batadv_netlink_get_ifindex()\n (bsc#1051510).\n - batman-adv: Only read OGM2 tvlv_len after buffer len check (bsc#1051510).\n - batman-adv: Only read OGM tvlv_len after buffer len check (bsc#1051510).\n - bcache: fix possible memory leak in bch_cached_dev_run() (git fixes).\n - bio: fix improper use of smp_mb__before_atomic() (git fixes).\n - blk-mq: backport fixes for blk_mq_complete_e_request_sync()\n (bsc#1145661).\n - blk-mq: Fix spelling in a source code comment (git fixes).\n - blk-mq: introduce blk_mq_complete_request_sync() (bsc#1145661).\n - blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait\n (bsc#1141543).\n - blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait\n (bsc#1141543).\n - block, documentation: Fix wbt_lat_usec documentation (git fixes).\n - Bluetooth: btqca: Add a short delay before downloading the NVM\n (bsc#1051510).\n - bnx2x: Prevent ptp_task to be rescheduled indefinitely\n (networking-stable-19_07_25).\n - bonding: validate ip header before check IPPROTO_IGMP\n (networking-stable-19_07_25).\n - Btrfs: add a helper to retrive extent inline ref type (bsc#1149325).\n - btrfs: add cleanup_ref_head_accounting helper (bsc#1050911).\n - Btrfs: add missing inode version, ctime and mtime updates when punching\n hole (bsc#1140487).\n - Btrfs: add one more sanity check for shared ref type (bsc#1149325).\n - btrfs: clean up pending block groups when transaction commit aborts\n (bsc#1050911).\n - Btrfs: convert to use btrfs_get_extent_inline_ref_type (bsc#1149325).\n - Btrfs: do not abort transaction at btrfs_update_root() after failure to\n COW path (bsc#1150933).\n - Btrfs: fix assertion failure during fsync and use of stale transaction\n (bsc#1150562).\n - Btrfs: fix data loss after inode eviction, renaming it, and fsync it\n (bsc#1145941).\n - btrfs: Fix delalloc inodes invalidation during transaction abort\n (bsc#1050911).\n - Btrfs: fix fsync not persisting dentry deletions due to inode evictions\n (bsc#1145942).\n - Btrfs: fix incremental send failure after deduplication (bsc#1145940).\n - btrfs: fix pinned underflow after transaction aborted (bsc#1050911).\n - Btrfs: fix race between send and deduplication that lead to failures and\n crashes (bsc#1145059).\n - Btrfs: fix race leading to fs corruption after transaction abort\n (bsc#1145937).\n - btrfs: handle delayed ref head accounting cleanup in abort (bsc#1050911).\n - Btrfs: prevent send failures and crashes due to concurrent relocation\n (bsc#1145059).\n - Btrfs: remove BUG() in add_data_reference (bsc#1149325).\n - Btrfs: remove BUG() in btrfs_extent_inline_ref_size (bsc#1149325).\n - Btrfs: remove BUG() in print_extent_item (bsc#1149325).\n - Btrfs: remove BUG_ON in __add_tree_block (bsc#1149325).\n - btrfs: Split btrfs_del_delalloc_inode into 2 functions (bsc#1050911).\n - btrfs: start readahead also in seed devices (bsc#1144886).\n - btrfs: track running balance in a simpler way (bsc#1145059).\n - caif-hsi: fix possible deadlock in cfhsi_exit_module()\n (networking-stable-19_07_25).\n - can: m_can: implement errata &quot;Needless activation of MRAF irq&quot;\n (bsc#1051510).\n - can: mcp251x: add support for mcp25625 (bsc#1051510).\n - can: peak_usb: fix potential double kfree_skb() (bsc#1051510).\n - can: peak_usb: force the string buffer NULL-terminated (bsc#1051510).\n - can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices (bsc#1051510).\n - can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (bsc#1051510).\n - can: rcar_canfd: fix possible IRQ storm on high load (bsc#1051510).\n - can: sja1000: force the string buffer NULL-terminated (bsc#1051510).\n - carl9170: fix misuse of device driver API (bsc#1142635).\n - ceph: always get rstat from auth mds (bsc#1146346).\n - ceph: clean up ceph.dir.pin vxattr name sizeof() (bsc#1146346).\n - ceph: decode feature bits in session message (bsc#1146346).\n - ceph: do not blindly unregister session that is in opening state\n (bsc#1148133).\n - ceph: do not try fill file_lock on unsuccessful GETFILELOCK reply\n (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in\n __ceph_build_xattrs_blob() (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()\n (bsc#1148133).\n - ceph: fix buffer free while holding i_ceph_lock in fill_inode()\n (bsc#1148133).\n - ceph: fix &quot;ceph.dir.rctime&quot; vxattr value (bsc#1148133 bsc#1135219).\n - ceph: fix improper use of smp_mb__before_atomic() (bsc#1148133).\n - ceph: hold i_ceph_lock when removing caps for freeing inode\n (bsc#1148133).\n - ceph: remove request from waiting list before unregister (bsc#1148133).\n - ceph: silence a checker warning in mdsc_show() (bsc#1148133).\n - ceph: support cephfs' own feature bits (bsc#1146346).\n - ceph: support getting ceph.dir.pin vxattr (bsc#1146346).\n - ceph: support versioned reply (bsc#1146346).\n - ceph: use bit flags to define vxattr attributes (bsc#1146346).\n - cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED\n (bsc#1144333).\n - cifs: add a new SMB2_close_flags function (bsc#1144333).\n - cifs: add a smb2_compound_op and change QUERY_INFO to use it\n (bsc#1144333).\n - cifs: add a timeout argument to wait_for_free_credits (bsc#1144333).\n - cifs: add a warning if we try to to dequeue a deleted mid (bsc#1144333).\n - cifs: add compound_send_recv() (bsc#1144333).\n - cifs: add credits from unmatched responses/messages (bsc#1144333).\n - cifs: add debug output to show nocase mount option (bsc#1144333).\n - cifs: Add DFS cache routines (bsc#1144333).\n - cifs: Add direct I/O functions to file_operations (bsc#1144333).\n - cifs: add fiemap support (bsc#1144333).\n - cifs: add iface info to struct cifs_ses (bsc#1144333).\n - cifs: add IOCTL for QUERY_INFO passthrough to userspace (bsc#1144333).\n - cifs: add lease tracking to the cached root fid (bsc#1144333).\n - cifs: Add minor debug message during negprot (bsc#1144333).\n - cifs: add missing debug entries for kconfig options (bsc#1051510,\n bsc#1144333).\n - cifs: add missing GCM module dependency (bsc#1144333).\n - cifs: add missing support for ACLs in SMB 3.11 (bsc#1051510,\n bsc#1144333).\n - cifs: add ONCE flag for cifs_dbg type (bsc#1144333).\n - cifs: add pdu_size to the TCP_Server_Info structure (bsc#1144333).\n - cifs: add resp_buf_size to the mid_q_entry structure (bsc#1144333).\n - cifs: address trivial coverity warning (bsc#1144333).\n - cifs: add server argument to the dump_detail method (bsc#1144333).\n - cifs: add server-&gt;vals-&gt;header_preamble_size (bsc#1144333).\n - cifs: add SFM mapping for 0x01-0x1F (bsc#1144333).\n - cifs: add sha512 secmech (bsc#1051510, bsc#1144333).\n - cifs: Adds information-level logging function (bsc#1144333).\n - cifs: add SMB2_close_init()/SMB2_close_free() (bsc#1144333).\n - cifs: add SMB2_ioctl_init/free helpers to be used with compounding\n (bsc#1144333).\n - cifs: add SMB2_query_info_[init|free]() (bsc#1144333).\n - cifs: Add smb2_send_recv (bsc#1144333).\n - cifs: add spinlock for the openFileList to cifsInodeInfo (bsc#1144333).\n - cifs: add .splice_write (bsc#1144333).\n - cifs: Add support for direct I/O read (bsc#1144333).\n - cifs: Add support for direct I/O write (bsc#1144333).\n - cifs: Add support for direct pages in rdata (bsc#1144333).\n - cifs: Add support for direct pages in wdata (bsc#1144333).\n - cifs: Add support for failover in cifs_mount() (bsc#1144333).\n - cifs: Add support for failover in cifs_reconnect() (bsc#1144333).\n - cifs: Add support for failover in cifs_reconnect_tcon() (bsc#1144333).\n - cifs: Add support for failover in smb2_reconnect() (bsc#1144333).\n - cifs: Add support for FSCTL passthrough that write data to the server\n (bsc#1144333).\n - cifs: add support for ioctl on directories (bsc#1144333).\n - cifs: Add support for reading attributes on SMB2+ (bsc#1051510,\n bsc#1144333).\n - cifs: add support for SEEK_DATA and SEEK_HOLE (bsc#1144333).\n - cifs: Add support for writing attributes on SMB2+ (bsc#1051510,\n bsc#1144333).\n - cifs: Adjust MTU credits before reopening a file (bsc#1144333).\n - cifs: Allocate memory for all iovs in smb2_ioctl (bsc#1144333).\n - cifs: Allocate validate negotiation request through kmalloc\n (bsc#1144333).\n - cifs: allow calling SMB2_xxx_free(NULL) (bsc#1144333).\n - cifs: allow disabling less secure legacy dialects (bsc#1144333).\n - cifs: allow guest mounts to work for smb3.11 (bsc#1051510, bsc#1144333).\n - cifs: always add credits back for unsolicited PDUs (bsc#1144333).\n - cifs: Always reset read error to -EIO if no response (bsc#1144333).\n - cifs: Always resolve hostname before reconnecting (bsc#1051510,\n bsc#1144333).\n - cifs: a smb2_validate_and_copy_iov failure does not mean the handle is\n invalid (bsc#1144333).\n - cifs: auto disable 'serverino' in dfs mounts (bsc#1144333).\n - cifs: avoid a kmalloc in smb2_send_recv/SendReceive2 for the common case\n (bsc#1144333).\n - cifs: Avoid returning EBUSY to upper layer VFS (bsc#1144333).\n - cifs: cache FILE_ALL_INFO for the shared root handle (bsc#1144333).\n - cifs: Calculate the correct request length based on page offset and tail\n size (bsc#1144333).\n - cifs: Call MID callback before destroying transport (bsc#1144333).\n - cifs: change mkdir to use a compound (bsc#1144333).\n - cifs: change smb2_get_data_area_len to take a smb2_sync_hdr as argument\n (bsc#1144333).\n - cifs: Change SMB2_open to return an iov for the error parameter\n (bsc#1144333).\n - cifs: change SMB2_OP_RENAME and SMB2_OP_HARDLINK to use compounding\n (bsc#1144333).\n - cifs: change SMB2_OP_SET_EOF to use compounding (bsc#1144333).\n - cifs: change SMB2_OP_SET_INFO to use compounding (bsc#1144333).\n - cifs: change smb2_query_eas to use the compound query-info helper\n (bsc#1144333).\n - cifs: change unlink to use a compound (bsc#1144333).\n - cifs: change validate_buf to validate_iov (bsc#1144333).\n - cifs: change wait_for_free_request() to take flags as argument\n (bsc#1144333).\n - cifs: check CIFS_MOUNT_NO_DFS when trying to reuse existing sb\n (bsc#1144333).\n - cifs: Check for reconnects before sending async requests (bsc#1144333).\n - cifs: Check for reconnects before sending compound requests\n (bsc#1144333).\n - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902, bsc#1144333).\n - cifs: Check for timeout on Negotiate stage (bsc#1091171, bsc#1144333).\n - cifs: check if SMB2 PDU size has been padded and suppress the warning\n (bsc#1144333).\n - cifs: check kmalloc before use (bsc#1051510, bsc#1144333).\n - cifs: check kzalloc return (bsc#1144333).\n - cifs: check MaxPathNameComponentLength != 0 before using it\n (bsc#1085536, bsc#1144333).\n - cifs: check ntwrk_buf_start for NULL before dereferencing it\n (bsc#1144333).\n - cifs: check rsp for NULL before dereferencing in SMB2_open (bsc#1085536,\n bsc#1144333).\n - cifs: cifs_read_allocate_pages: do not iterate through whole page array\n on ENOMEM (bsc#1144333).\n - cifs: clean up indentation, replace spaces with tab (bsc#1144333).\n - cifs: cleanup smb2ops.c and normalize strings (bsc#1144333).\n - cifs: complete PDU definitions for interface queries (bsc#1144333).\n - cifs: connect to servername instead of IP for IPC$ share (bsc#1051510,\n bsc#1144333).\n - cifs: Count SMB3 credits for malformed pending responses (bsc#1144333).\n - cifs: create a define for how many iovs we need for an SMB2_open()\n (bsc#1144333).\n - cifs: create a define for the max number of iov we need for a SMB2\n set_info (bsc#1144333).\n - cifs: create a helper function for compound query_info (bsc#1144333).\n - cifs: create helpers for SMB2_set_info_init/free() (bsc#1144333).\n - cifs: create SMB2_open_init()/SMB2_open_free() helpers (bsc#1144333).\n - cifs: Display SMB2 error codes in the hex format (bsc#1144333).\n - cifs: document tcon/ses/server refcount dance (bsc#1144333).\n - cifs: do not allow creating sockets except with SMB1 posix exensions\n (bsc#1102097, bsc#1144333).\n - cifs: Do not assume one credit for async responses (bsc#1144333).\n - cifs: do not attempt cifs operation on smb2+ rename error (bsc#1144333).\n - cifs: Do not consider -ENODATA as stat failure for reads (bsc#1144333).\n - cifs: Do not count -ENODATA as failure for query directory (bsc#1051510,\n bsc#1144333).\n - cifs: do not dereference smb_file_target before null check (bsc#1051510,\n bsc#1144333).\n - cifs: Do not hide EINTR after sending network packets (bsc#1051510,\n bsc#1144333).\n - cifs: Do not log credits when unmounting a share (bsc#1144333).\n - cifs: do not log STATUS_NOT_FOUND errors for DFS (bsc#1051510,\n bsc#1144333).\n - cifs: Do not match port on SMBDirect transport (bsc#1144333).\n - cifs: Do not modify mid entry after submitting I/O in cifs_call_async\n (bsc#1051510, bsc#1144333).\n - cifs: Do not reconnect TCP session in add_credits() (bsc#1051510,\n bsc#1144333).\n - cifs: Do not reset lease state to NONE on lease break (bsc#1051510,\n bsc#1144333).\n - cifs: do not return atime less than mtime (bsc#1144333).\n - cifs: do not send invalid input buffer on QUERY_INFO requests\n (bsc#1144333).\n - cifs: Do not set credits to 1 if the server didn't grant anything\n (bsc#1144333).\n - cifs: do not show domain= in mount output when domain is empty\n (bsc#1144333).\n - cifs: Do not skip SMB2 message IDs on send failures (bsc#1144333).\n - cifs: do not use __constant_cpu_to_le32() (bsc#1144333).\n - cifs: dump every session iface info (bsc#1144333).\n - cifs: dump IPC tcon in debug proc file (bsc#1071306, bsc#1144333).\n - cifs: fallback to older infolevels on findfirst queryinfo retry\n (bsc#1144333).\n - cifs: Find and reopen a file before get MTU credits in writepages\n (bsc#1144333).\n - cifs: fix a buffer leak in smb2_query_symlink (bsc#1144333).\n - cifs: fix a credits leak for compund commands (bsc#1144333).\n - cifs: Fix a debug message (bsc#1144333).\n - cifs: Fix adjustment of credits for MTU requests (bsc#1051510,\n bsc#1144333).\n - cifs: Fix an issue with re-sending rdata when transport returning\n -EAGAIN (bsc#1144333).\n - cifs: Fix an issue with re-sending wdata when transport returning\n -EAGAIN (bsc#1144333).\n - cifs: Fix a race condition with cifs_echo_request (bsc#1144333).\n - cifs: Fix a tiny potential memory leak (bsc#1144333).\n - cifs: Fix autonegotiate security settings mismatch (bsc#1087092,\n bsc#1144333).\n - cifs: fix bi-directional fsctl passthrough calls (bsc#1144333).\n - cifs: fix build break when CONFIG_CIFS_DEBUG2 enabled (bsc#1144333).\n - cifs: fix build errors for SMB_DIRECT (bsc#1144333).\n - cifs: Fix check for matching with existing mount (bsc#1144333).\n - cifs: fix circular locking dependency (bsc#1064701, bsc#1144333).\n - cifs: fix computation for MAX_SMB2_HDR_SIZE (bsc#1144333).\n - cifs: fix confusing warning message on reconnect (bsc#1144333).\n - cifs: fix crash in cifs_dfs_do_automount (bsc#1144333).\n - cifs: fix crash in smb2_compound_op()/smb2_set_next_command()\n (bsc#1144333).\n - cifs: fix crash querying symlinks stored as reparse-points (bsc#1144333).\n - cifs: Fix credit calculation for encrypted reads with errors\n (bsc#1051510, bsc#1144333).\n - cifs: Fix credit calculations in compound mid callback (bsc#1144333).\n - cifs: Fix credit computation for compounded requests (bsc#1144333).\n - cifs: Fix credits calculation for cancelled requests (bsc#1144333).\n - cifs: Fix credits calculations for reads with errors (bsc#1051510,\n bsc#1144333).\n - cifs: fix credits leak for SMB1 oplock breaks (bsc#1144333).\n - cifs: fix deadlock in cached root handling (bsc#1144333).\n - cifs: Fix DFS cache refresher for DFS links (bsc#1144333).\n - cifs: fix encryption in SMB3.1.1 (bsc#1144333).\n - cifs: Fix encryption/signing (bsc#1144333).\n - cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock\n problem (bsc#1051510, bsc#1144333).\n - cifs: Fix error paths in writeback code (bsc#1144333).\n - cifs: fix GlobalMid_Lock bug in cifs_reconnect (bsc#1144333).\n - cifs: fix handle leak in smb2_query_symlink() (bsc#1144333).\n - cifs: fix incorrect handling of smb2_set_sparse() return in\n smb3_simple_falloc (bsc#1144333).\n - cifs: Fix infinite loop when using hard mount option (bsc#1091171,\n bsc#1144333).\n - cifs: Fix invalid check in __cifs_calc_signature() (bsc#1144333).\n - cifs: Fix kernel oops when traceSMB is enabled (bsc#1144333).\n - cifs: fix kref underflow in close_shroot() (bsc#1144333).\n - cifs: Fix leaking locked VFS cache pages in writeback retry\n (bsc#1144333).\n - cifs: Fix lease buffer length error (bsc#1144333).\n - cifs: fix memory leak and remove dead code (bsc#1144333).\n - cifs: fix memory leak in SMB2_open() (bsc#1112894, bsc#1144333).\n - cifs: fix memory leak in SMB2_read (bsc#1144333).\n - cifs: Fix memory leak in smb2_set_ea() (bsc#1051510, bsc#1144333).\n - cifs: fix memory leak of an allocated cifs_ntsd structure (bsc#1144333).\n - cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case\n (bsc#1144333).\n - cifs: Fix missing put_xid in cifs_file_strict_mmap (bsc#1087092,\n bsc#1144333).\n - cifs: Fix module dependency (bsc#1144333).\n - cifs: Fix mounts if the client is low on credits (bsc#1144333).\n - cifs: fix NULL deref in SMB2_read (bsc#1085539, bsc#1144333).\n - cifs: Fix NULL pointer dereference of devname (bnc#1129519).\n - cifs: Fix NULL pointer deref on SMB2_tcon() failure (bsc#1071009,\n bsc#1144333).\n - cifs: Fix NULL ptr deref (bsc#1144333).\n - cifs: fix page reference leak with readv/writev (bsc#1144333).\n - cifs: fix panic in smb2_reconnect (bsc#1144333).\n - cifs: fix parsing of symbolic link error response (bsc#1144333).\n - cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542,\n bsc#1144333).\n - cifs: Fix possible hang during async MTU reads and writes (bsc#1051510,\n bsc#1144333).\n - cifs: Fix possible oops and memory leaks in async IO (bsc#1144333).\n - cifs: Fix potential OOB access of lock element array (bsc#1051510,\n bsc#1144333).\n - cifs: Fix read after write for files with read caching (bsc#1051510,\n bsc#1144333).\n - cifs: fix return value for cifs_listxattr (bsc#1051510, bsc#1144333).\n - cifs: fix rmmod regression in cifs.ko caused by force_sig changes\n (bsc#1144333).\n - cifs: Fix separator when building path from dentry (bsc#1051510,\n bsc#1144333).\n - cifs: fix sha512 check in cifs_crypto_secmech_release (bsc#1051510,\n bsc#1144333).\n - cifs: fix signed/unsigned mismatch on aio_read patch (bsc#1144333).\n - cifs: Fix signing for SMB2/3 (bsc#1144333).\n - cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting\n (bsc#1144333).\n - cifs: Fix slab-out-of-bounds when tracing SMB tcon (bsc#1144333).\n - cifs: fix SMB1 breakage (bsc#1144333).\n - cifs: fix smb3_zero_range for Azure (bsc#1144333).\n - cifs: fix smb3_zero_range so it can expand the file-size when required\n (bsc#1144333).\n - cifs: fix sparse warning on previous patch in a few printks\n (bsc#1144333).\n - cifs: fix spelling mistake, EACCESS -&gt; EACCES (bsc#1144333).\n - cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf()\n (bsc#1051510, bsc#1144333).\n - cifs: fix strcat buffer overflow and reduce raciness in\n smb21_set_oplock_level() (bsc#1144333).\n - cifs: Fix to use kmem_cache_free() instead of kfree() (bsc#1144333).\n - cifs: Fix trace command logging for SMB2 reads and writes (bsc#1144333).\n - cifs: fix typo in cifs_dbg (bsc#1144333).\n - cifs: fix typo in debug message with struct field ia_valid (bsc#1144333).\n - cifs: fix uninitialized ptr deref in smb2 signing (bsc#1144333).\n - cifs: Fix use-after-free in SMB2_read (bsc#1144333).\n - cifs: Fix use-after-free in SMB2_write (bsc#1144333).\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903, bsc#1144333).\n - cifs: fix use-after-free of the lease keys (bsc#1144333).\n - cifs: Fix validation of signed data in smb2 (bsc#1144333).\n - cifs: Fix validation of signed data in smb3+ (bsc#1144333).\n - cifs: fix wrapping bugs in num_entries() (bsc#1051510, bsc#1144333).\n - cifs: flush before set-info if we have writeable handles (bsc#1144333).\n - cifs: For SMB2 security informaion query, check for minimum sized\n security descriptor instead of sizeof FileAllInformation class\n (bsc#1051510, bsc#1144333).\n - cifs: handle large EA requests more gracefully in smb2+ (bsc#1144333).\n - cifs: handle netapp error codes (bsc#1136261).\n - cifs: hide unused functions (bsc#1051510, bsc#1144333).\n - cifs: hide unused functions (bsc#1051510, bsc#1144333).\n - cifs: implement v3.11 preauth integrity (bsc#1051510, bsc#1144333).\n - cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure\n cifs) (bsc#1144333).\n - cifs: integer overflow in in SMB2_ioctl() (bsc#1051510, bsc#1144333).\n - cifs: Introduce helper function to get page offset and length in\n smb_rqst (bsc#1144333).\n - cifs: Introduce offset for the 1st page in data transfer structures\n (bsc#1144333).\n - cifs: invalidate cache when we truncate a file (bsc#1051510,\n bsc#1144333).\n - cifs: keep FileInfo handle live during oplock break (bsc#1106284,\n bsc#1131565, bsc#1144333).\n - cifs: limit amount of data we request for xattrs to CIFSMaxBufSize\n (bsc#1144333).\n - cifs: Limit memory used by lock request calls to a page (bsc#1144333).\n - cifs_lookup(): cifs_get_inode_...() never returns 0 with *inode left\n NULL (bsc#1144333).\n - cifs_lookup(): switch to d_splice_alias() (bsc#1144333).\n - cifs: make arrays static const, reduces object code size (bsc#1144333).\n - cifs: Make devname param optional in cifs_compose_mount_options()\n (bsc#1144333).\n - cifs: make IPC a regular tcon (bsc#1071306, bsc#1144333).\n - cifs: make minor clarifications to module params for cifs.ko\n (bsc#1144333).\n - cifs: make mknod() an smb_version_op (bsc#1144333).\n - cifs: make 'nodfs' mount opt a superblock flag (bsc#1051510,\n bsc#1144333).\n - cifs: make rmdir() use compounding (bsc#1144333).\n - cifs: make smb_send_rqst take an array of requests (bsc#1144333).\n - cifs: Make sure all data pages are signed correctly (bsc#1144333).\n - cifs: Make use of DFS cache to get new DFS referrals (bsc#1144333).\n - cifs: Mask off signals when sending SMB packets (bsc#1144333).\n - cifs: minor clarification in comments (bsc#1144333).\n - cifs: Minor Kconfig clarification (bsc#1144333).\n - cifs: minor updates to module description for cifs.ko (bsc#1144333).\n - cifs: Move credit processing to mid callbacks for SMB3 (bsc#1144333).\n - cifs: move default port definitions to cifsglob.h (bsc#1144333).\n - cifs: move large array from stack to heap (bsc#1144333).\n - cifs: Move open file handling to writepages (bsc#1144333).\n - cifs: Move unlocking pages from wdata_send_pages() (bsc#1144333).\n - cifs: OFD locks do not conflict with eachothers (bsc#1051510,\n bsc#1144333).\n - cifs: Only free DFS target list if we actually got one (bsc#1144333).\n - cifs: Only send SMB2_NEGOTIATE command on new TCP connections\n (bsc#1144333).\n - cifs: only wake the thread for the very last PDU in a compound\n (bsc#1144333).\n - cifs: parse and store info on iface queries (bsc#1144333).\n - cifs: pass flags down into wait_for_free_credits() (bsc#1144333).\n - cifs: Pass page offset for calculating signature (bsc#1144333).\n - cifs: Pass page offset for encrypting (bsc#1144333).\n - cifs: pass page offsets on SMB1 read/write (bsc#1144333).\n - cifs: prevent integer overflow in nxt_dir_entry() (bsc#1051510,\n bsc#1144333).\n - cifs: prevent starvation in wait_for_free_credits for multi-credit\n requests (bsc#1144333).\n - cifs: print CIFSMaxBufSize as part of /proc/fs/cifs/DebugData\n (bsc#1144333).\n - cifs: Print message when attempting a mount (bsc#1144333).\n - cifs: Properly handle auto disabling of serverino option (bsc#1144333).\n - cifs: protect against server returning invalid file system block size\n (bsc#1144333).\n - cifs: prototype declaration and definition for smb 2 - 3 and cifsacl\n mount options (bsc#1051510, bsc#1144333).\n - cifs: prototype declaration and definition to set acl for smb 2 - 3 and\n cifsacl mount options (bsc#1051510, bsc#1144333).\n - cifs: push rfc1002 generation down the stack (bsc#1144333).\n - cifs: read overflow in is_valid_oplock_break() (bsc#1144333).\n - cifs: Reconnect expired SMB sessions (bnc#1060662).\n - cifs: refactor and clean up arguments in the reparse point parsing\n (bsc#1144333).\n - cifs: refactor crypto shash/sdesc allocation&amp;free (bsc#1051510,\n bsc#1144333).\n - cifs: Refactor out cifs_mount() (bsc#1144333).\n - cifs: release auth_key.response for reconnect (bsc#1085536, bsc#1144333).\n - cifs: release cifs root_cred after exit_cifs (bsc#1085536, bsc#1144333).\n - cifs: remove coverity warning in calc_lanman_hash (bsc#1144333).\n - cifs: Remove custom credit adjustments for SMB2 async IO (bsc#1144333).\n - cifs: remove header_preamble_size where it is always 0 (bsc#1144333).\n - cifs: remove redundant duplicated assignment of pointer 'node'\n (bsc#1144333).\n - cifs: remove rfc1002 hardcoded constants from\n cifs_discard_remaining_data() (bsc#1144333).\n - cifs: remove rfc1002 header from all SMB2 response structures\n (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_close_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_create_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_echo_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_flush_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_ioctl_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_lease_ack (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_lock_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_logoff_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_negotiate_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_oplock_break we get from server\n (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_query_directory_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_query_info_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2 read/write requests (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_sess_setup_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_set_info_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_tree_connect_req (bsc#1144333).\n - cifs: remove rfc1002 header from smb2_tree_disconnect_req (bsc#1144333).\n - cifs: remove set but not used variable 'cifs_sb' (bsc#1144333).\n - cifs: remove set but not used variable 'sep' (bsc#1144333).\n - cifs: remove set but not used variable 'server' (bsc#1144333).\n - cifs: remove set but not used variable 'smb_buf' (bsc#1144333).\n - cifs: remove small_smb2_init (bsc#1144333).\n - cifs: remove smb2_send_recv() (bsc#1144333).\n - cifs: remove struct smb2_hdr (bsc#1144333).\n - cifs: remove struct smb2_oplock_break_rsp (bsc#1144333).\n - cifs: remove the is_falloc argument to SMB2_set_eof (bsc#1144333).\n - cifs: remove unused stats (bsc#1144333).\n - cifs: remove unused value pointed out by Coverity (bsc#1144333).\n - cifs: remove unused variable from SMB2_read (bsc#1144333).\n - cifs: rename and clarify CIFS_ASYNC_OP and CIFS_NO_RESP (bsc#1144333).\n - cifs: Reopen file before get SMB2 MTU credits for async IO (bsc#1144333).\n - cifs: replace a 4 with server-&gt;vals-&gt;header_preamble_size (bsc#1144333).\n - cifs: replace snprintf with scnprintf (bsc#1144333).\n - cifs: Respect reconnect in MTU credits calculations (bsc#1144333).\n - cifs: Respect reconnect in non-MTU credits calculations (bsc#1144333).\n - cifs: Respect SMB2 hdr preamble size in read responses (bsc#1144333).\n - cifs: return correct errors when pinning memory failed for direct I/O\n (bsc#1144333).\n - cifs: Return -EAGAIN instead of -ENOTSOCK (bsc#1144333).\n - cifs: return -ENODATA when deleting an xattr that does not exist\n (bsc#1144333).\n - cifs: Return error code when getting file handle for writeback\n (bsc#1144333).\n - cifs: return error on invalid value written to cifsFYI (bsc#1144333).\n - cifs: Save TTL value when parsing DFS referrals (bsc#1144333).\n - cifs: Select all required crypto modules (bsc#1085536, bsc#1144333).\n - cifs: set mapping error when page writeback fails in writepage or\n launder_pages (bsc#1144333).\n - cifs: set oparms.create_options rather than or'ing in\n CREATE_OPEN_BACKUP_INTENT (bsc#1144333).\n - cifs: Set reconnect instance to one initially (bsc#1144333).\n - cifs: set *resp_buf_type to NO_BUFFER on error (bsc#1144333).\n - cifs: Show locallease in /proc/mounts for cifs shares mounted with\n locallease feature (bsc#1144333).\n - cifs: show 'soft' in the mount options for hard mounts (bsc#1144333).\n - cifs: show the w bit for writeable /proc/fs/cifs/* files (bsc#1144333).\n - cifs: silence compiler warnings showing up with gcc-8.0.0 (bsc#1090734,\n bsc#1144333).\n - cifs: Silence uninitialized variable warning (bsc#1144333).\n - cifs: simple stats should always be enabled (bsc#1144333).\n - cifs: simplify code by removing CONFIG_CIFS_ACL ifdef (bsc#1144333). -\n Update config files.\n - cifs: simplify how we handle credits in compound_send_recv()\n (bsc#1144333).\n - cifs: Skip any trailing backslashes from UNC (bsc#1144333).\n - cifs: smb2 commands can not be negative, remove confusing check\n (bsc#1144333).\n - cifs: smb2ops: Fix listxattr() when there are no EAs (bsc#1051510,\n bsc#1144333).\n - cifs: smb2ops: Fix NULL check in smb2_query_symlink (bsc#1144333).\n - cifs: smb2pdu: Fix potential NULL pointer dereference (bsc#1144333).\n - cifs: SMBD: Add parameter rdata to smb2_new_read_req (bsc#1144333).\n - cifs: SMBD: Add rdma mount option (bsc#1144333).\n - cifs: SMBD: Add SMB Direct debug counters (bsc#1144333).\n - cifs: SMBD: Add SMB Direct protocol initial values and constants\n (bsc#1144333).\n - cifs: smbd: Avoid allocating iov on the stack (bsc#1144333).\n - cifs: smbd: avoid reconnect lockup (bsc#1144333).\n - cifs: smbd: Check for iov length on sending the last iov (bsc#1144333).\n - cifs: smbd: depend on INFINIBAND_ADDR_TRANS (bsc#1144333).\n - cifs: SMBD: Disable signing on SMB direct transport (bsc#1144333).\n - cifs: smbd: disconnect transport on RDMA errors (bsc#1144333).\n - cifs: SMBD: Do not call ib_dereg_mr on invalidated memory registration\n (bsc#1144333).\n - cifs: smbd: Do not destroy transport on RDMA disconnect (bsc#1144333).\n - cifs: smbd: Do not use RDMA read/write when signing is used\n (bsc#1144333).\n - cifs: smbd: Dump SMB packet when configured (bsc#1144333).\n - cifs: smbd: Enable signing with smbdirect (bsc#1144333).\n - cifs: SMBD: Establish SMB Direct connection (bsc#1144333).\n - cifs: SMBD: export protocol initial values (bsc#1144333).\n - cifs: SMBD: fix spelling mistake: faield and legnth (bsc#1144333).\n - cifs: SMBD: Fix the definition for SMB2_CHANNEL_RDMA_V1_INVALIDATE\n (bsc#1144333).\n - cifs: SMBD: Implement function to create a SMB Direct connection\n (bsc#1144333).\n - cifs: SMBD: Implement function to destroy a SMB Direct connection\n (bsc#1144333).\n - cifs: SMBD: Implement function to receive data via RDMA receive\n (bsc#1144333).\n - cifs: SMBD: Implement function to reconnect to a SMB Direct transport\n (bsc#1144333).\n - cifs: SMBD: Implement function to send data via RDMA send (bsc#1144333).\n - cifs: SMBD: Implement RDMA memory registration (bsc#1144333).\n - cifs: smbd: Indicate to retry on transport sending failure (bsc#1144333).\n - cifs: SMBD: Read correct returned data length for RDMA write (SMB read)\n I/O (bsc#1144333).\n - cifs: smbd: Retry on memory registration failure (bsc#1144333).\n - cifs: smbd: Return EINTR when interrupted (bsc#1144333).\n - cifs: SMBD: Set SMB Direct maximum read or write size for I/O\n (bsc#1144333).\n - cifs: SMBD: _smbd_get_connection() can be static (bsc#1144333).\n - cifs: SMBD: Support page offset in memory registration (bsc#1144333).\n - cifs: SMBD: Support page offset in RDMA recv (bsc#1144333).\n - cifs: SMBD: Support page offset in RDMA send (bsc#1144333).\n - cifs: smbd: take an array of reqeusts when sending upper layer data\n (bsc#1144333).\n - cifs: SMBD: Upper layer connects to SMBDirect session (bsc#1144333).\n - cifs: SMBD: Upper layer destroys SMB Direct session on shutdown or\n umount (bsc#1144333).\n - cifs: SMBD: Upper layer performs SMB read via RDMA write through memory\n registration (bsc#1144333).\n - cifs: SMBD: Upper layer performs SMB write via RDMA read through memory\n registration (bsc#1144333).\n - cifs: SMBD: Upper layer receives data via RDMA receive (bsc#1144333).\n - cifs: SMBD: Upper layer reconnects to SMB Direct session (bsc#1144333).\n - cifs: SMBD: Upper layer sends data via RDMA send (bsc#1144333).\n - cifs:smbd Use the correct DMA direction when sending data (bsc#1144333).\n - cifs:smbd When reconnecting to server, call smbd_destroy() after all\n MIDs have been called (bsc#1144333).\n - cifs: SMBD: work around gcc -Wmaybe-uninitialized warning (bsc#1144333).\n - cifs: start DFS cache refresher in cifs_mount() (bsc#1144333).\n - cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510,\n bsc#1144333).\n - cifs: suppress some implicit-fallthrough warnings (bsc#1144333).\n - cifs: track writepages in vfs operation counters (bsc#1144333).\n - cifs: Try to acquire credits at once for compound requests (bsc#1144333).\n - cifs: update calc_size to take a server argument (bsc#1144333).\n - cifs: update init_sg, crypt_message to take an array of rqst\n (bsc#1144333).\n - cifs: update internal module number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number (bsc#1144333).\n - cifs: update internal module version number for cifs.ko to 2.12\n (bsc#1144333).\n - cifs: update internal module version number for cifs.ko to 2.12\n (bsc#1144333).\n - cifs: update internal module version number for cifs.ko to 2.14\n (bsc#1144333).\n - cifs: update module internal version number (bsc#1144333).\n - cifs: update multiplex loop to handle compounded responses (bsc#1144333).\n - cifs: update receive_encrypted_standard to handle compounded responses\n (bsc#1144333).\n - cifs: update smb2_calc_size to use smb2_sync_hdr instead of smb2_hdr\n (bsc#1144333).\n - cifs: update smb2_check_message to handle PDUs without a 4 byte length\n header (bsc#1144333).\n - cifs: update smb2_queryfs() to use compounding (bsc#1144333).\n - cifs: update __smb_send_rqst() to take an array of requests\n (bsc#1144333).\n - cifs: use a compound for setting an xattr (bsc#1144333).\n - cifs: use a refcount to protect open/closing the cached file handle\n (bsc#1144333).\n - cifs: use correct format characters (bsc#1144333).\n - cifs: Use correct packet length in SMB2_TRANSFORM header (bsc#1144333).\n - cifs: Use GFP_ATOMIC when a lock is held in cifs_mount() (bsc#1144333).\n - cifs: Use kmemdup in SMB2_ioctl_init() (bsc#1144333).\n - cifs: Use kmemdup rather than duplicating its implementation in\n smb311_posix_mkdir() (bsc#1144333).\n - cifs: Use kzfree() to free password (bsc#1144333).\n - cifs: Use offset when reading pages (bsc#1144333).\n - cifs: Use smb 2 - 3 and cifsacl mount options getacl functions\n (bsc#1051510, bsc#1144333).\n - cifs: Use smb 2 - 3 and cifsacl mount options setacl function\n (bsc#1051510, bsc#1144333).\n - cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl\n (bsc#1071306, bsc#1144333).\n - cifs: use the correct length when pinning memory for direct I/O for\n write (bsc#1144333).\n - cifs: Use ULL suffix for 64-bit constant (bsc#1051510, bsc#1144333).\n - cifs: wait_for_free_credits() make it possible to wait for &gt;=1 credits\n (bsc#1144333).\n - cifs: we can not use small padding iovs together with encryption\n (bsc#1144333).\n - cifs: When sending data on socket, pass the correct page offset\n (bsc#1144333).\n - cifs: zero-range does not require the file is sparse (bsc#1144333).\n - cifs: zero sensitive data when freeing (bsc#1087092, bsc#1144333).\n - Cleanup some minor endian issues in smb3 rdma (bsc#1144333).\n - clk: add clk_bulk_get accessories (bsc#1144813).\n - clk: bcm2835: remove pllb (jsc#SLE-7294).\n - clk: bcm283x: add driver interfacing with Raspberry Pi's firmware\n (jsc#SLE-7294).\n - clk: bulk: silently error out on EPROBE_DEFER (bsc#1144718,bsc#1144813).\n - clk: Export clk_bulk_prepare() (bsc#1144813).\n - clk: raspberrypi: register platform device for raspberrypi-cpufreq\n (jsc#SLE-7294).\n - clk: renesas: cpg-mssr: Fix reset control race condition (bsc#1051510).\n - clk: rockchip: Add 1.6GHz PLL rate for rk3399 (bsc#1144718,bsc#1144813).\n - clk: rockchip: assign correct id for pclk_ddr and hclk_sd in rk3399\n (bsc#1144718,bsc#1144813).\n - compat_ioctl: pppoe: fix PPPOEIOCSFWD handling (bsc#1051510).\n - coredump: split pipe command whitespace before expanding template\n (bsc#1051510).\n - cpufreq: add driver for Raspberry Pi (jsc#SLE-7294).\n - cpufreq: dt: Try freeing static OPPs only if we have added them\n (jsc#SLE-7294).\n - cpu/speculation: Warn on unsupported mitigations= parameter\n (bsc#1114279).\n - crypto: ccp - Add support for valid authsize values less than 16\n (bsc#1051510).\n - crypto: ccp - Fix oops by properly managing allocated structures\n (bsc#1051510).\n - crypto: ccp - Ignore tag length when decrypting GCM ciphertext\n (bsc#1051510).\n - crypto: ccp - Ignore unconfigured CCP device on suspend/resume\n (bnc#1145934).\n - crypto: ccp - Validate buffer lengths for copy operations (bsc#1051510).\n - cx82310_eth: fix a memory leak bug (bsc#1051510).\n - devres: always use dev_name() in devm_ioremap_resource() (git fixes).\n - dfs_cache: fix a wrong use of kfree in flush_cache_ent() (bsc#1144333).\n - dmaengine: rcar-dmac: Reject zero-length slave DMA requests\n (bsc#1051510).\n - dm btree: fix order of block initialization in btree_split_beneath (git\n fixes).\n - dm bufio: fix deadlock with loop device (git fixes).\n - dm cache metadata: Fix loading discard bitset (git fixes).\n - dm crypt: do not overallocate the integrity tag space (git fixes).\n - dm crypt: fix parsing of extended IV arguments (git fixes).\n - dm delay: fix a crash when invalid device is specified (git fixes).\n - dm: fix to_sector() for 32bit (git fixes).\n - dm integrity: change memcmp to strncmp in dm_integrity_ctr (git fixes).\n - dm integrity: limit the rate of error messages (git fixes).\n - dm kcopyd: always complete failed jobs (git fixes).\n - dm log writes: make sure super sector log updates are written in order\n (git fixes).\n - dm raid: add missing cleanup in raid_ctr() (git fixes).\n - dm: revert 8f50e358153d (&quot;dm: limit the max bio size as BIO_MAX_PAGES *\n PAGE_SIZE&quot;) (git fixes).\n - dm space map metadata: fix missing store of apply_bops() return value\n (git fixes).\n - dm table: fix invalid memory accesses with too high sector number (git\n fixes).\n - dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum\n errors (git fixes).\n - dm thin: fix bug where bio that overwrites thin block ignores FUA (git\n fixes).\n - dm thin: fix passdown_double_checking_shared_status() (git fixes).\n - dm zoned: fix potential NULL dereference in dmz_do_reclaim() (git fixes).\n - dm zoned: Fix zone report handling (git fixes).\n - dm zoned: fix zone state management race (git fixes).\n - dm zoned: improve error handling in i/o map code (git fixes).\n - dm zoned: improve error handling in reclaim (git fixes).\n - dm zoned: properly handle backing device failure (git fixes).\n - dm zoned: Silence a static checker warning (git fixes).\n - Do not log confusing message on reconnect by default (bsc#1129664,\n bsc#1144333).\n - Do not log expected error on DFS referral request (bsc#1051510,\n bsc#1144333).\n - drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl\n (bsc#1051510).\n - drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings\n (bsc#1051510).\n - drm/amdgpu/psp: move psp version specific function pointers to\n (bsc#1135642)\n - drm/etnaviv: add missing failure path to destroy suballoc (bsc#1135642)\n - drm/i915: Do not deballoon unused ggtt drm_mm_node in linux guest\n (bsc#1142635)\n - drm/i915: Fix wrong escape clock divisor init for GLK (bsc#1142635)\n - drm/i915/perf: ensure we keep a reference on the driver (bsc#1142635)\n - drm/i915: Restore relaxed padding (OCL_OOB_SUPPRES_ENABLE) for skl+\n (bsc#1142635)\n - drm/i915/userptr: Acquire the page lock around set_page_dirty()\n (bsc#1051510).\n - drm/imx: notify drm core before sending event during crtc disable\n (bsc#1135642)\n - drm/imx: only send event on crtc disable if kept disabled (bsc#1135642)\n - drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver\n (bsc#1135642)\n - drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()\n (bsc#1135642)\n - drm/mediatek: clear num_pipes when unbind driver (bsc#1135642)\n - drm/mediatek: fix unbind functions (bsc#1135642)\n - drm/mediatek: mtk_drm_drv.c: Add of_node_put() before goto (bsc#1142635)\n - drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1135642)\n - drm/mediatek: use correct device to import PRIME buffers (bsc#1142635)\n - drm: msm: Fix add_gpu_components (bsc#1051510).\n - drm/msm/mdp5: Fix mdp5_cfg_init error return (bsc#1142635)\n - drm/nouveau: Do not retry infinitely when receiving no data on i2c\n (bsc#1142635)\n - drm/nouveau: fix memory leak in nouveau_conn_reset() (bsc#1051510).\n - drm/rockchip: Suspend DP late (bsc#1142635)\n - drm: silence variable 'conn' set but not used (bsc#1051510).\n - drm/udl: introduce a macro to convert dev to udl. (bsc#1113722)\n - drm/udl: move to embedding drm device inside udl device. (bsc#1113722)\n - drm/vmwgfx: fix a warning due to missing dma_parms (bsc#1135642)\n - drm/vmwgfx: fix memory leak when too many retries have occurred\n (bsc#1051510).\n - drm/vmwgfx: Use the backdoor port if the HB port is not available\n (bsc#1135642)\n - Drop an ASoC fix that was reverted in 4.14.y stable\n - ehea: Fix a copy-paste err in ehea_init_port_res (bsc#1051510).\n - ext4: use jbd2_inode dirty range scoping (bsc#1148616).\n - firmware: raspberrypi: register clk device (jsc#SLE-7294).\n - Fixed <a rel=\"nofollow\" href=\"https://bugzilla.kernel.org/show_bug.cgi?id=202935\">https://bugzilla.kernel.org/show_bug.cgi?id=202935</a> allow write on\n the same file (bsc#1144333).\n - Fix encryption labels and lengths for SMB3.1.1 (bsc#1085536,\n bsc#1144333).\n - fix incorrect error code mapping for OBJECTID_NOT_FOUND (bsc#1144333).\n - Fix kABI after KVM fixes\n - Fix match_server check to allow for auto dialect negotiate (bsc#1144333).\n - Fix SMB3.1.1 guest authentication to Samba (bsc#1085536, bsc#1144333).\n - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y (bsc#1051510,\n bsc#1144333).\n - fix struct ufs_req removal of unused field (git-fixes).\n - Fix warning messages when mounting to older servers (bsc#1144333).\n - fs/cifs/cifsacl.c Fixes typo in a comment (bsc#1144333).\n - fs: cifs: cifsssmb: Change return type of convert_ace_to_cifs_ace\n (bsc#1144333).\n - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bsc#1144333).\n - fs: cifs: Drop unlikely before IS_ERR(_OR_NULL) (bsc#1144333).\n - fs/cifs: fix uninitialised variable warnings (bsc#1144333).\n - fs: cifs: Kconfig: pedantic formatting (bsc#1144333).\n - fs: cifs: Replace _free_xid call in cifs_root_iget function\n (bsc#1144333).\n - fs/cifs: require sha512 (bsc#1051510, bsc#1144333).\n - fs/cifs: Simplify ib_post_(send|recv|srq_recv)() calls (bsc#1144333).\n - fs/cifs/smb2pdu.c: fix buffer free in SMB2_ioctl_free (bsc#1144333).\n - fs/cifs: suppress a string overflow warning (bsc#1144333).\n - fs/*/Kconfig: drop links to 404-compliant <a rel=\"nofollow\" href=\"http://acl.bestbits.at\">http://acl.bestbits.at</a>\n (bsc#1144333).\n - fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()\n (bsc#1051510).\n - fs/xfs: Fix return code of xfs_break_leased_layouts() (bsc#1148031).\n - fs: xfs: xfs_log: Do not use KM_MAYFAIL at xfs_log_reserve()\n (bsc#1148033).\n - ftrace: Check for empty hash and comment the race with registering\n probes (bsc#1149418).\n - ftrace: Check for successful allocation of hash (bsc#1149424).\n - ftrace: Fix NULL pointer dereference in t_probe_next() (bsc#1149413).\n - gpio: Fix build error of function redefinition (bsc#1051510).\n - gpio: gpio-omap: add check for off wake capable gpios (bsc#1051510).\n - gpiolib: fix incorrect IRQ requesting of an active-low lineevent\n (bsc#1051510).\n - gpiolib: never report open-drain/source lines as 'input' to user-space\n (bsc#1051510).\n - gpio: mxs: Get rid of external API call (bsc#1051510).\n - gpio: pxa: handle corner case of unprobed device (bsc#1051510).\n - gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM (bsc#1142635)\n - HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT (bsc#1051510).\n - HID: Add quirk for HP X1200 PIXART OEM mouse (bsc#1051510).\n - HID: cp2112: prevent sleeping function called from invalid context\n (bsc#1051510).\n - HID: hiddev: avoid opening a disconnected device (bsc#1051510).\n - HID: hiddev: do cleanup in failure of opening a device (bsc#1051510).\n - HID: holtek: test for sanity of intfdata (bsc#1051510).\n - HID: sony: Fix race condition between rumble and device remove\n (bsc#1051510).\n - HID: wacom: Correct distance scale for 2nd-gen Intuos devices\n (bsc#1142635).\n - HID: wacom: correct misreported EKR ring values (bsc#1142635).\n - HID: wacom: fix bit shift for Cintiq Companion 2 (bsc#1051510).\n - hwmon: (nct7802) Fix wrong detection of in4 presence (bsc#1051510).\n - i2c: emev2: avoid race when unregistering slave client (bsc#1051510).\n - i2c: piix4: Fix port selection for AMD Family 16h Model 30h\n (bsc#1051510).\n - i2c: qup: fixed releasing dma without flush operation completion\n (bsc#1051510).\n - IB/mlx5: Fix MR registration flow to use UMR properly (bsc#1093205\n bsc#1145678).\n - ibmveth: Convert multicast list size for little-endian system\n (bsc#1061843).\n - ibmvnic: Do not process reset during or after device removal\n (bsc#1149652 ltc#179635).\n - ibmvnic: Unmap DMA address of TX descriptor buffers after use\n (bsc#1146351 ltc#180726).\n - igmp: fix memory leak in igmpv3_del_delrec()\n (networking-stable-19_07_25).\n - iio: adc: max9611: Fix misuse of GENMASK macro (bsc#1051510).\n - iio: adc: max9611: Fix temperature reading in probe (bsc#1051510).\n - Improve security, move default dialect to SMB3 from old CIFS\n (bsc#1051510, bsc#1144333).\n - include/linux/bitops.h: sanitize rotate primitives (git fixes).\n - Input: iforce - add sanity checks (bsc#1051510).\n - Input: kbtab - sanity check for endpoint type (bsc#1051510).\n - Input: synaptics - enable RMI mode for HP Spectre X360 (bsc#1051510).\n - intel_th: pci: Add support for another Lewisburg PCH (bsc#1051510).\n - intel_th: pci: Add Tiger Lake support (bsc#1051510).\n - iommu/amd: Add support for X2APIC IOMMU interrupts (bsc#1145010).\n - iommu/amd: Fix race in increase_address_space() (bsc#1150860).\n - iommu/amd: Flush old domains in kdump kernel (bsc#1150861).\n - iommu/amd: Move iommu_init_pci() to .init section (bsc#1149105).\n - iommu/dma: Handle SG length overflow better (bsc#1146084).\n - ipip: validate header length in ipip_tunnel_xmit (git-fixes).\n - ipv4: do not set IPv6 only flags to IPv4 addresses\n (networking-stable-19_07_25).\n - irqchip/gic-v3-its: fix build warnings (bsc#1144880).\n - ISDN: hfcsusb: checking idx of ep configuration (bsc#1051510).\n - isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the\n stack (bsc#1051510).\n - isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in\n start_isoc_chain() (bsc#1051510).\n - iwlwifi: dbg: split iwl_fw_error_dump to two functions (bsc#1119086).\n - iwlwifi: do not unmap as page memory that was mapped as single\n (bsc#1051510).\n - iwlwifi: fix bad dma handling in page_mem dumping flow (bsc#1120902).\n - iwlwifi: fw: use helper to determine whether to dump paging\n (bsc#1106434). Patch needed to be adjusted, because our tree does not\n have the global variable IWL_FW_ERROR_DUMP_PAGING\n - iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT on version &lt; 41\n (bsc#1142635).\n - iwlwifi: mvm: fix an out-of-bound access (bsc#1051510).\n - iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support\n (bsc#1142635).\n - iwlwifi: pcie: do not service an interrupt that was masked (bsc#1142635).\n - iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X\n (bsc#1142635).\n - jbd2: flush_descriptor(): Do not decrease buffer head's ref count\n (bsc#1143843).\n - jbd2: introduce jbd2_inode dirty range scoping (bsc#1148616).\n - kABI: Fix kABI for 'struct amd_iommu' (bsc#1145010).\n - kasan: remove redundant initialization of variable 'real_size' (git\n fixes).\n - kconfig/[mn]conf: handle backspace (^H) key (bsc#1051510).\n - keys: Fix missing null pointer check in request_key_auth_describe()\n (bsc#1051510).\n - KVM: Fix leak vCPU's VMCS value into other pCPU (bsc#1145388).\n - KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable\n LAPIC (bsc#1145408).\n - KVM: nVMX: allow setting the VMFUNC controls MSR (bsc#1145389).\n - KVM: nVMX: do not use dangling shadow VMCS after guest reset\n (bsc#1145390).\n - kvm: nVMX: Remove unnecessary sync_roots from handle_invept\n (bsc#1145391).\n - KVM: nVMX: Use adjusted pin controls for vmcs02 (bsc#1145392).\n - KVM: PPC: Book3S HV: Fix CR0 setting in TM emulation (bsc#1061840).\n - KVM: VMX: Always signal #GP on WRMSR to MSR_IA32_CR_PAT with bad value\n (bsc#1145393).\n - KVM: VMX: check CPUID before allowing read/write of IA32_XSS\n (bsc#1145394).\n - KVM: VMX: Fix handling of #MC that occurs during VM-Entry (bsc#1145395).\n - KVM: x86: degrade WARN to pr_warn_ratelimited (bsc#1145409).\n - KVM: x86: Do not update RIP or do single-step on faulting emulation\n (bsc#1149104).\n - KVM: x86: fix backward migration with async_PF (bsc#1146074).\n - kvm/x86: Move MSR_IA32_ARCH_CAPABILITIES to array emulated_msrs\n (bsc#1134881 bsc#1134882).\n - KVM: X86: Reduce the overhead when lapic_timer_advance is disabled\n (bsc#1149083).\n - KVM: x86: Unconditionally enable irqs in guest context (bsc#1145396).\n - KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed\n (bsc#1145397).\n - lan78xx: Fix memory leaks (bsc#1051510).\n - libata: add SG safety checks in SFF pio transfers (bsc#1051510).\n - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests\n (bsc#1051510).\n - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer\n (bsc#1148133).\n - libceph: fix PG split vs OSD (re)connect race (bsc#1148133).\n - libnvdimm/pfn: Store correct value of npfns in namespace superblock\n (bsc#1146381 ltc#180720).\n - liquidio: add cleanup in octeon_setup_iq() (bsc#1051510).\n - loop: set PF_MEMALLOC_NOIO for the worker thread (git fixes).\n - mac80211: do not warn about CW params when not using them (bsc#1051510).\n - mac80211: do not WARN on short WMM parameters from AP (bsc#1051510).\n - mac80211: fix possible memory leak in ieee80211_assign_beacon\n (bsc#1142635).\n - mac80211: fix possible sta leak (bsc#1051510).\n - md: add mddev-&gt;pers to avoid potential NULL pointer dereference (git\n fixes).\n - md/raid: raid5 preserve the writeback action after the parity check (git\n fixes).\n - media: au0828: fix null dereference in error path (bsc#1051510).\n - media: pvrusb2: use a different format for warnings (bsc#1051510).\n - mfd: arizona: Fix undefined behavior (bsc#1051510).\n - mfd: core: Set fwnode for created devices (bsc#1051510).\n - mfd: hi655x-pmic: Fix missing return value check for\n devm_regmap_init_mmio_clk (bsc#1051510).\n - mfd: intel-lpss: Add Intel Comet Lake PCI IDs (jsc#SLE-4875).\n - mm: add filemap_fdatawait_range_keep_errors() (bsc#1148616).\n - mmc: cavium: Add the missing dma unmap when the dma has finished\n (bsc#1051510).\n - mmc: cavium: Set the correct dma max segment size for mmc_host\n (bsc#1051510).\n - mmc: core: Fix init of SD cards reporting an invalid VDD range\n (bsc#1051510).\n - mmc: dw_mmc: Fix occasional hang after tuning on eMMC (bsc#1051510).\n - mmc: sdhci-of-at91: add quirk for broken HS200 (bsc#1051510).\n - mmc: sdhci-pci: Add support for Intel CML (jsc#SLE-4875).\n - mmc: sdhci-pci: Add support for Intel ICP (jsc#SLE-4875).\n - mm: do not stall register_shrinker() (bsc#1104902, VM Performance).\n - mm/hmm: fix bad subpage pointer in try_to_unmap_one (bsc#1148202, HMM,\n VM Functionality).\n - mm/hotplug: fix offline undo_isolate_page_range() (bsc#1148196, VM\n Functionality).\n - mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node\n (bsc#1148379, VM Functionality).\n - mm/memcontrol.c: fix use after free in mem_cgroup_iter() (bsc#1149224,\n VM Functionality).\n - mm/memory.c: recheck page table entry with page table lock held\n (bsc#1148363, VM Functionality).\n - mm/migrate.c: initialize pud_entry in migrate_vma() (bsc#1148198, HMM,\n VM Functionality).\n - mm/mlock.c: change count_mm_mlocked_page_nr return type (bsc#1148527, VM\n Functionality).\n - mm/mlock.c: mlockall error for flag MCL_ONFAULT (bsc#1148527, VM\n Functionality).\n - mm/page_alloc.c: fix calculation of pgdat-&gt;nr_zones (bsc#1148192, VM\n Functionality).\n - mm: page_mapped: do not assume compound page is huge or THP\n (bsc#1148574, VM Functionality).\n - mm, page_owner: handle THP splits correctly (bsc#1149197, VM Debugging\n Functionality).\n - mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() (bsc#1118689).\n - mm/vmscan.c: fix trying to reclaim unevictable LRU page (bsc#1149214, VM\n Functionality).\n - move a few externs to smbdirect.h to eliminate warning (bsc#1144333).\n - mpls: fix warning with multi-label encap (bsc#1051510).\n - nbd: replace kill_bdev() with __invalidate_device() again (git fixes).\n - Negotiate and save preferred compression algorithms (bsc#1144333).\n - net: bcmgenet: use promisc for unsupported filters\n (networking-stable-19_07_25).\n - net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query\n (networking-stable-19_07_25).\n - net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report\n handling (networking-stable-19_07_25).\n - net: bridge: stp: do not cache eth dest pointer before skb pull\n (networking-stable-19_07_25).\n - net: dsa: mv88e6xxx: wait after reset deactivation\n (networking-stable-19_07_25).\n - net: ena: add ethtool function for changing io queue sizes (bsc#1139020\n bsc#1139021).\n - net: ena: add good checksum counter (bsc#1139020 bsc#1139021).\n - net: ena: add handling of llq max tx burst size (bsc#1139020\n bsc#1139021).\n - net: ena: add MAX_QUEUES_EXT get feature admin command (bsc#1139020\n bsc#1139021).\n - net: ena: add newline at the end of pr_err prints (bsc#1139020\n bsc#1139021).\n - net: ena: add support for changing max_header_size in LLQ mode\n (bsc#1139020 bsc#1139021).\n - net: ena: allow automatic fallback to polling mode (bsc#1139020\n bsc#1139021).\n - net: ena: allow queue allocation backoff when low on memory (bsc#1139020\n bsc#1139021).\n - net: ena: arrange ena_probe() function variables in reverse christmas\n tree (bsc#1139020 bsc#1139021).\n - net: ena: enable negotiating larger Rx ring size (bsc#1139020\n bsc#1139021).\n - net: ena: ethtool: add extra properties retrieval via get_priv_flags\n (bsc#1139020 bsc#1139021).\n - net: ena: Fix bug where ring allocation backoff stopped too late\n (bsc#1139020 bsc#1139021).\n - net: ena: fix ena_com_fill_hash_function() implementation (bsc#1139020\n bsc#1139021).\n - net: ena: fix: Free napi resources when ena_up() fails (bsc#1139020\n bsc#1139021).\n - net: ena: fix incorrect test of supported hash function (bsc#1139020\n bsc#1139021).\n - net: ena: fix: set freed objects to NULL to avoid failing future\n allocations (bsc#1139020 bsc#1139021).\n - net: ena: fix swapped parameters when calling\n ena_com_indirect_table_fill_entry (bsc#1139020 bsc#1139021).\n - net: ena: gcc 8: fix compilation warning (bsc#1139020 bsc#1139021).\n - net: ena: improve latency by disabling adaptive interrupt moderation by\n default (bsc#1139020 bsc#1139021).\n - net: ena: make ethtool show correct current and max queue sizes\n (bsc#1139020 bsc#1139021).\n - net: ena: optimise calculations for CQ doorbell (bsc#1139020\n bsc#1139021).\n - net: ena: remove inline keyword from functions in *.c (bsc#1139020\n bsc#1139021).\n - net: ena: replace free_tx/rx_ids union with single free_ids field in\n ena_ring (bsc#1139020 bsc#1139021).\n - net: ena: update driver version from 2.0.3 to 2.1.0 (bsc#1139020\n bsc#1139021).\n - net: ena: use dev_info_once instead of static variable (bsc#1139020\n bsc#1139021).\n - net: Fix netdev_WARN_ONCE macro (git-fixes).\n - net/ibmvnic: Fix missing { in __ibmvnic_reset (bsc#1149652 ltc#179635).\n - net/ibmvnic: free reset work of removed device from queue (bsc#1149652\n ltc#179635).\n - net: Introduce netdev_*_once functions (networking-stable-19_07_25).\n - net: make skb_dst_force return true when dst is refcounted\n (networking-stable-19_07_25).\n - net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bsc#1145678).\n - net/mlx5e: IPoIB, Add error path in mlx5_rdma_setup_rn\n (networking-stable-19_07_25).\n - net: neigh: fix multiple neigh timer scheduling\n (networking-stable-19_07_25).\n - net: openvswitch: fix csum updates for MPLS actions\n (networking-stable-19_07_25).\n - netrom: fix a memory leak in nr_rx_frame() (networking-stable-19_07_25).\n - netrom: hold sock when setting skb-&gt;destructor\n (networking-stable-19_07_25).\n - net_sched: unset TCQ_F_CAN_BYPASS when adding filters\n (networking-stable-19_07_25).\n - net: sched: verify that q!=NULL before setting q-&gt;flags (git-fixes).\n - net: usb: pegasus: fix improper read if get_registers() fail\n (bsc#1051510).\n - NFS: Cleanup if nfs_match_client is interrupted (bsc#1134291).\n - NFS: Fix a double unlock from nfs_match,get_client (bsc#1134291).\n - NFS: Fix the inode request accounting when pages have subrequests\n (bsc#1140012).\n - NFS: make nfs_match_client killable (bsc#1134291).\n - nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header\n (git fixes).\n - nvme: cancel request synchronously (bsc#1145661).\n - nvme: change locking for the per-subsystem controller list (bsc#1142541).\n - nvme-core: Fix extra device_put() call on error path (bsc#1142541).\n - nvme-fc: fix module unloads while lports still pending (bsc#1150033).\n - nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN (bsc#1146938).\n - nvme-multipath: fix ana log nsid lookup when nsid is not found\n (bsc#1141554).\n - nvme-multipath: relax ANA state check (bsc#1123105).\n - nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns\n (bsc#1120876).\n - nvme: Return BLK_STS_TARGET if the DNR bit is set (bsc#1142076).\n - objtool: Add rewind_stack_do_exit() to the noreturn list (bsc#1145302).\n - objtool: Support GCC 9 cold subfunction naming scheme (bsc#1145300).\n - octeon_mgmt: Fix MIX registers configuration on MTU setup (bsc#1051510).\n - PCI: PM/ACPI: Refresh all stale power state data in pci_pm_complete()\n (bsc#1149106).\n - PCI: Restore Resizable BAR size bits correctly for 1MB BARs\n (bsc#1143841).\n - phy: qcom-qusb2: Fix crash if nvmem cell not specified (bsc#1051510).\n - phy: renesas: rcar-gen2: Fix memory leak at error paths (bsc#1051510).\n - PM / devfreq: rk3399_dmc: do not print error when get supply and clk\n defer (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: fix spelling mistakes\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: Pass ODT and auto power down parameters to\n TF-A (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: remove unneeded semicolon\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rk3399_dmc: remove wait for dcf irq event\n (bsc#1144718,bsc#1144813).\n - PM / devfreq: rockchip-dfi: Move GRF definitions to a common place\n (bsc#1144718,bsc#1144813).\n - PM / OPP: OF: Use pr_debug() instead of pr_err() while adding OPP table\n (jsc#SLE-7294).\n - powerpc/64s: Include cpu header (bsc#1065729).\n - powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107).\n - powerpc: Allow flush_(inval_)dcache_range to work across ranges &gt;4GB\n (bsc#1146575 ltc#180764).\n - powerpc/book3s/64: check for NULL pointer in pgd_alloc() (bsc#1078248,\n git-fixes).\n - powerpc: dump kernel log before carrying out fadump or kdump\n (bsc#1149940 ltc#179958).\n - powerpc/fadump: Do not allow hot-remove memory from fadump reserved area\n (bsc#1120937).\n - powerpc/fadump: Reservationless firmware assisted dump (bsc#1120937).\n - powerpc/fadump: Throw proper error message on fadump registration\n failure (bsc#1120937).\n - powerpc/fadump: use kstrtoint to handle sysfs store (bsc#1146376).\n - powerpc/fadump: when fadump is supported register the fadump sysfs files\n (bsc#1146352).\n - powerpc/fsl: Add nospectre_v2 command line argument (bsc#1131107).\n - powerpc/fsl: Update Spectre v2 reporting (bsc#1131107).\n - powerpc/lib: Fix feature fixup test of external branch (bsc#1065729).\n - powerpc/mm: Handle page table allocation failures (bsc#1065729).\n - powerpc/perf: Add constraints for power9 l2/l3 bus events (bsc#1056686).\n - powerpc/perf: Add mem access events to sysfs (bsc#1124370).\n - powerpc/perf: Cleanup cache_sel bits comment (bsc#1056686).\n - powerpc/perf: Fix thresholding counter data for unknown type\n (bsc#1056686).\n - powerpc/perf: Remove PM_BR_CMPL_ALT from power9 event list (bsc#1047238,\n bsc#1056686).\n - powerpc/perf: Update perf_regs structure to include SIER (bsc#1056686).\n - powerpc/powernv: Flush console before platform error reboot (bsc#1149940\n ltc#179958).\n - powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in\n interrupt handler (bsc#1065729).\n - powerpc/powernv: Return for invalid IMC domain (bsc1054914, git-fixes).\n - powerpc/powernv: Use kernel crash path for machine checks (bsc#1149940\n ltc#179958).\n - powerpc/pseries: add missing cpumask.h include file (bsc#1065729).\n - powerpc/pseries: correctly track irq state in default idle (bsc#1150727\n ltc#178925).\n - powerpc/pseries, ps3: panic flush kernel messages before halting system\n (bsc#1149940 ltc#179958).\n - powerpc/rtas: use device model APIs and serialization during LPM\n (bsc#1144123 ltc#178840).\n - powerpc/security: Show powerpc_security_features in debugfs\n (bsc#1131107).\n - powerpc/xive: Fix dump of XIVE interrupt under pseries (bsc#1142019).\n - powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()\n (bsc#1085030, bsc#1145189, LTC#179762).\n - powerpc/xmon: Add a dump of all XIVE interrupts (bsc#1142019).\n - powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL\n (bsc#1142019).\n - qede: fix write to free'd pointer error and double free of ptp\n (bsc#1051510).\n - regulator: qcom_spmi: Fix math of spmi_regulator_set_voltage_time_sel\n (bsc#1051510).\n - Remove ifdef since SMB3 (and later) now STRONGLY preferred (bsc#1051510,\n bsc#1144333).\n - Revert &quot;Bluetooth: validate BLE connection interval updates&quot;\n (bsc#1051510).\n - Revert &quot;cfg80211: fix processing world regdomain when non modular&quot;\n (bsc#1051510).\n - Revert &quot;dm bufio: fix deadlock with loop device&quot; (git fixes).\n - Revert i915 userptr page lock patch (bsc#1145051)\n - Revert &quot;net: ena: ethtool: add extra properties retrieval via\n get_priv_flags&quot; (bsc#1139020 bsc#1139021).\n - Revert\n patches.suse/0001-blk-wbt-Avoid-lock-contention-and-thundering-herd-is.patc\n h (bsc#1141543)\n - rpm/kernel-binary.spec.in: Enable missing modules check.\n - rpmsg: added MODULE_ALIAS for rpmsg_char (bsc#1051510).\n - rpmsg: smd: do not use mananged resources for endpoints and channels\n (bsc#1051510).\n - rpmsg: smd: fix memory leak on channel create (bsc#1051510).\n - rsi: improve kernel thread handling to fix kernel panic (bsc#1051510).\n - rslib: Fix decoding of shortened codes (bsc#1051510).\n - rslib: Fix handling of of caller provided syndrome (bsc#1051510).\n - rtc: pcf8523: do not return invalid date when battery is low\n (bsc#1051510).\n - rxrpc: Fix send on a connected, but unbound socket\n (networking-stable-19_07_25).\n - s390/cio: fix ccw_device_start_timeout API (bsc#1142109 LTC#179339).\n - s390/dasd: fix endless loop after read unit address configuration\n (bsc#1144912 LTC#179907).\n - s390/qeth: avoid control IO completion stalls (bsc#1142109 LTC#179339).\n - s390/qeth: cancel cmd on early error (bsc#1142109 LTC#179339).\n - s390/qeth: fix request-side race during cmd IO timeout (bsc#1142109\n LTC#179339).\n - s390/qeth: release cmd buffer in error paths (bsc#1142109 LTC#179339).\n - s390/qeth: simplify reply object handling (bsc#1142109 LTC#179339).\n - samples, bpf: fix to change the buffer size for read() (bsc#1051510).\n - samples: mei: use /dev/mei0 instead of /dev/mei (bsc#1051510).\n - sched/fair: Do not free p-&gt;numa_faults with concurrent readers\n (bsc#1144920).\n - sched/fair: Use RCU accessors consistently for -&gt;numa_group\n (bsc#1144920).\n - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture\n (bsc#1051510).\n - scripts/decode_stacktrace: only strip base path when a prefix of the\n path (bsc#1051510).\n - scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE\n (bsc#1051510).\n - scripts/gdb: fix lx-version string output (bsc#1051510).\n - scripts/git_sort/git_sort.py:\n - scsi: aacraid: Fix missing break in switch statement (git-fixes).\n - scsi: aacraid: Fix performance issue on logical drives (git-fixes).\n - scsi: aic94xx: fix an error code in aic94xx_init() (git-fixes).\n - scsi: aic94xx: fix module loading (git-fixes).\n - scsi: bfa: convert to strlcpy/strlcat (git-fixes).\n - scsi: bnx2fc: fix incorrect cast to u64 on shift operation (git-fixes).\n - scsi: bnx2fc: Fix NULL dereference in error handling (git-fixes).\n - scsi: core: Fix race on creating sense cache (git-fixes).\n - scsi: core: set result when the command cannot be dispatched (git-fixes).\n - scsi: core: Synchronize request queue PM status only on successful\n resume (git-fixes).\n - scsi: cxlflash: Mark expected switch fall-throughs (bsc#1148868).\n - scsi: cxlflash: Prevent deadlock when adapter probe fails (git-fixes).\n - scsi: esp_scsi: Track residual for PIO transfers (git-fixes) Also,\n mitigate kABI changes.\n - scsi: fas216: fix sense buffer initialization (git-fixes).\n - scsi: isci: initialize shost fully before calling scsi_add_host()\n (git-fixes).\n - scsi: libfc: fix null pointer dereference on a null lport (git-fixes).\n - scsi: libsas: delete sas port if expander discover failed (git-fixes).\n - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached\n (git-fixes).\n - scsi: mac_scsi: Fix pseudo DMA implementation, take 2 (git-fixes).\n - scsi: mac_scsi: Increase PIO/PDMA transfer length threshold (git-fixes).\n - scsi: megaraid: fix out-of-bound array accesses (git-fixes).\n - scsi: megaraid_sas: Fix calculation of target ID (git-fixes).\n - scsi: NCR5380: Always re-enable reselection interrupt (git-fixes).\n - scsi: qedf: Add debug information for unsolicited processing\n (bsc#1149976).\n - scsi: qedf: Add shutdown callback handler (bsc#1149976).\n - scsi: qedf: Add support for 20 Gbps speed (bsc#1149976).\n - scsi: qedf: Check both the FCF and fabric ID before servicing clear\n virtual link (bsc#1149976).\n - scsi: qedf: Check for link state before processing LL2 packets and send\n fipvlan retries (bsc#1149976).\n - scsi: qedf: Check for module unloading bit before processing link update\n AEN (bsc#1149976).\n - scsi: qedf: Decrease the LL2 MTU size to 2500 (bsc#1149976).\n - scsi: qedf: Fix race betwen fipvlan request and response path\n (bsc#1149976).\n - scsi: qedf: Initiator fails to re-login to switch after link down\n (bsc#1149976).\n - scsi: qedf: Print message during bailout conditions (bsc#1149976).\n - scsi: qedf: remove memset/memcpy to nfunc and use func instead\n (git-fixes).\n - scsi: qedf: remove set but not used variables (bsc#1149976).\n - scsi: qedf: Stop sending fipvlan request on unload (bsc#1149976).\n - scsi: qedf: Update module description string (bsc#1149976).\n - scsi: qedf: Update the driver version to 8.37.25.20 (bsc#1149976).\n - scsi: qedf: Update the version to 8.42.3.0 (bsc#1149976).\n - scsi: qedf: Use discovery list to traverse rports (bsc#1149976).\n - scsi: qedi: remove declaration of nvm_image from stack (git-fixes).\n - scsi: qla2xxx: Add cleanup for PCI EEH recovery (bsc#1129424).\n - scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory\n (git-fixes).\n - scsi: qla2xxx: Fix a format specifier (git-fixes).\n - scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() (git-fixes).\n - scsi: qla2xxx: Fix device staying in blocked state (git-fixes).\n - scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() (git-fixes).\n - scsi: qla2xxx: Unregister chrdev if module initialization fails\n (git-fixes).\n - scsi: qla2xxx: Update two source code comments (git-fixes).\n - scsi: qla4xxx: avoid freeing unallocated dma memory (git-fixes).\n - scsi: raid_attrs: fix unused variable warning (git-fixes).\n - scsi: scsi_dh_alua: Fix possible null-ptr-deref (git-fixes).\n - scsi: sd: Defer spinning up drive while SANITIZE is in progress\n (git-fixes).\n - scsi: sd: Fix a race between closing an sd device and sd I/O (git-fixes).\n - scsi: sd: Fix cache_type_store() (git-fixes).\n - scsi: sd: Optimal I/O size should be a multiple of physical block size\n (git-fixes).\n - scsi: sd: Quiesce warning if device does not report optimal I/O size\n (git-fixes).\n - scsi: sd: use mempool for discard special page (git-fixes).\n - scsi: sd_zbc: Fix potential memory leak (git-fixes).\n - scsi: smartpqi: unlock on error in pqi_submit_raid_request_synchronous()\n (git-fixes).\n - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power\n management enabled (git-fixes).\n - scsi: ufs: Avoid runtime suspend possibly being blocked forever\n (git-fixes).\n - scsi: ufs: Check that space was properly alloced in copy_query_response\n (git-fixes).\n - scsi: ufs: Fix NULL pointer dereference in ufshcd_config_vreg_hpm()\n (git-fixes).\n - scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value (git-fixes).\n - scsi: ufs: fix wrong command type of UTRD for UFSHCI v2.1 (git-fixes).\n - scsi: use dma_get_cache_alignment() as minimum DMA alignment (git-fixes).\n - scsi: virtio_scsi: do not send sc payload with tmfs (git-fixes).\n - signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of\n force_sig (bsc#1144333).\n - sis900: fix TX completion (bsc#1051510).\n - smb2: fix missing files in root share directory listing (bsc#1112907,\n bsc#1144333).\n - smb2: fix typo in definition of a few error flags (bsc#1144333).\n - smb2: fix uninitialized variable bug in smb2_ioctl_query_info\n (bsc#1144333).\n - smb3.1.1: Add GCM crypto to the encrypt and decrypt functions\n (bsc#1144333).\n - smb3.1.1 dialect is no longer experimental (bsc#1051510, bsc#1144333).\n - smb311: Fix reconnect (bsc#1051510, bsc#1144333).\n - smb311: Improve checking of negotiate security contexts (bsc#1051510,\n bsc#1144333).\n - smb3.11: replace a 4 with server-&gt;vals-&gt;header_preamble_size\n (bsc#1144333).\n - smb3: add additional ftrace entry points for entry/exit to cifs.ko\n (bsc#1144333).\n - smb3: add credits we receive from oplock/break PDUs (bsc#1144333).\n - smb3: add debug for unexpected mid cancellation (bsc#1144333).\n - smb3: Add debug message later in smb2/smb3 reconnect path (bsc#1144333).\n - smb3: add define for id for posix create context and corresponding\n struct (bsc#1144333).\n - smb3: Add defines for new negotiate contexts (bsc#1144333).\n - smb3: add dynamic trace point for query_info_enter/done (bsc#1144333).\n - smb3: add dynamic trace point for smb3_cmd_enter (bsc#1144333).\n - smb3: add dynamic tracepoint for timeout waiting for credits\n (bsc#1144333).\n - smb3: add dynamic tracepoints for simple fallocate and zero range\n (bsc#1144333).\n - smb3: Add dynamic trace points for various compounded smb3 ops\n (bsc#1144333).\n - smb3: Add ftrace tracepoints for improved SMB3 debugging (bsc#1144333).\n - smb3: Add handling for different FSCTL access flags (bsc#1144333).\n - smb3: add missing read completion trace point (bsc#1144333).\n - smb3: add module alias for smb3 to cifs.ko (bsc#1144333).\n - smb3: add new mount option to retrieve mode from special ACE\n (bsc#1144333).\n - smb3: Add posix create context for smb3.11 posix mounts (bsc#1144333).\n - smb3: Add protocol structs for change notify support (bsc#1144333).\n - smb3: add reconnect tracepoints (bsc#1144333).\n - smb3: Add SMB3.1.1 GCM to negotiated crypto algorigthms (bsc#1144333).\n - smb3: add smb3.1.1 to default dialect list (bsc#1144333).\n - smb3: Add support for multidialect negotiate (SMB2.1 and later)\n (bsc#1051510, bsc#1144333).\n - smb3: add support for posix negotiate context (bsc#1144333).\n - smb3: add support for statfs for smb3.1.1 posix extensions (bsc#1144333).\n - smb3: add tracepoint for sending lease break responses to server\n (bsc#1144333).\n - smb3: add tracepoint for session expired or deleted (bsc#1144333).\n - smb3: add tracepoint for slow responses (bsc#1144333).\n - smb3: add trace point for tree connection (bsc#1144333).\n - smb3: add tracepoints for query dir (bsc#1144333).\n - smb3: Add tracepoints for read, write and query_dir enter (bsc#1144333).\n - smb3: add tracepoints for smb2/smb3 open (bsc#1144333).\n - smb3: add tracepoint to catch cases where credit refund of failed op\n overlaps reconnect (bsc#1144333).\n - smb3: add way to control slow response threshold for logging and stats\n (bsc#1144333).\n - smb3: allow more detailed protocol info on open files for debugging\n (bsc#1144333).\n - smb3: Allow persistent handle timeout to be configurable on mount\n (bsc#1144333).\n - smb3: allow posix mount option to enable new SMB311 protocol extensions\n (bsc#1144333).\n - smb3: allow previous versions to be mounted with snapshot= mount parm\n (bsc#1144333).\n - smb3: Allow query of symlinks stored as reparse points (bsc#1144333).\n - smb3: Allow SMB3 FSCTL queries to be sent to server from tools\n (bsc#1144333).\n - smb3: allow stats which track session and share reconnects to be reset\n (bsc#1051510, bsc#1144333).\n - smb3: Backup intent flag missing for directory opens with backupuid\n mounts (bsc#1051510, bsc#1144333).\n - smb3: Backup intent flag missing from compounded ops (bsc#1144333).\n - smb3: check for and properly advertise directory lease support\n (bsc#1051510, bsc#1144333).\n - smb3 clean up debug output displaying network interfaces (bsc#1144333).\n - smb3: Cleanup license mess (bsc#1144333).\n - smb3: Clean up query symlink when reparse point (bsc#1144333).\n - smb3: create smb3 equivalent alias for cifs pseudo-xattrs (bsc#1144333).\n - smb3: directory sync should not return an error (bsc#1051510,\n bsc#1144333).\n - smb3: display bytes_read and bytes_written in smb3 stats (bsc#1144333).\n - smb3: display security information in /proc/fs/cifs/DebugData more\n accurately (bsc#1144333).\n - smb3: display session id in debug data (bsc#1144333).\n - smb3: display stats counters for number of slow commands (bsc#1144333).\n - smb3: display volume serial number for shares in /proc/fs/cifs/DebugData\n (bsc#1144333).\n - smb3: do not allow insecure cifs mounts when using smb3 (bsc#1144333).\n - smb3: do not attempt cifs operation in smb3 query info error path\n (bsc#1051510, bsc#1144333).\n - smb3: do not display confusing message on mount to Azure servers\n (bsc#1144333).\n - smb3: do not display empty interface list (bsc#1144333).\n - smb3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bsc#1085536,\n bsc#1144333).\n - smb3: do not request leases in symlink creation and query (bsc#1051510,\n bsc#1144333).\n - smb3: do not send compression info by default (bsc#1144333).\n - smb3: Do not send SMB3 SET_INFO if nothing changed (bsc#1051510,\n bsc#1144333).\n - smb3: enumerating snapshots was leaving part of the data off end\n (bsc#1051510, bsc#1144333).\n - smb3: fill in statfs fsid and correct namelen (bsc#1112905, bsc#1144333).\n - smb3: Fix 3.11 encryption to Windows and handle encrypted smb3 tcon\n (bsc#1051510, bsc#1144333).\n - smb3: fix bytes_read statistics (bsc#1144333).\n - smb3: fix corrupt path in subdirs on smb311 with posix (bsc#1144333).\n - smb3: Fix deadlock in validate negotiate hits reconnect (bsc#1144333).\n - smb3: Fix endian warning (bsc#1144333, bsc#1137884).\n - smb3: Fix enumerating snapshots to Azure (bsc#1144333).\n - smb3: fix large reads on encrypted connections (bsc#1144333).\n - smb3: fix lease break problem introduced by compounding (bsc#1144333).\n - smb3: Fix length checking of SMB3.11 negotiate request (bsc#1051510,\n bsc#1144333).\n - smb3: fix minor debug output for CONFIG_CIFS_STATS (bsc#1144333).\n - smb3: Fix mode on mkdir on smb311 mounts (bsc#1144333).\n - smb3: Fix potential memory leak when processing compound chain\n (bsc#1144333).\n - smb3: fix redundant opens on root (bsc#1144333).\n - smb3: fix reset of bytes read and written stats (bsc#1112906,\n bsc#1144333).\n - smb3: Fix rmdir compounding regression to strict servers (bsc#1144333).\n - smb3: Fix root directory when server returns inode number of zero\n (bsc#1051510, bsc#1144333).\n - smb3: Fix SMB3.1.1 guest mounts to Samba (bsc#1051510, bsc#1144333).\n - smb3: fix various xid leaks (bsc#1051510, bsc#1144333).\n - smb3: for kerberos mounts display the credential uid used (bsc#1144333).\n - smb3: handle new statx fields (bsc#1085536, bsc#1144333).\n - smb3: if max_credits is specified then display it in /proc/mounts\n (bsc#1144333).\n - smb3: if server does not support posix do not allow posix mount option\n (bsc#1144333).\n - smb3: improve dynamic tracing of open and posix mkdir (bsc#1144333).\n - smb3: increase initial number of credits requested to allow write\n (bsc#1144333).\n - smb3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL\n (bsc#1144333).\n - smb3: Log at least once if tree connect fails during reconnect\n (bsc#1144333).\n - smb3: make default i/o size for smb3 mounts larger (bsc#1144333).\n - smb3: minor cleanup of compound_send_recv (bsc#1144333).\n - smb3: minor debugging clarifications in rfc1001 len processing\n (bsc#1144333).\n - smb3: minor missing defines relating to reparse points (bsc#1144333).\n - smb3: missing defines and structs for reparse point handling\n (bsc#1144333).\n - smb3: note that smb3.11 posix extensions mount option is experimental\n (bsc#1144333).\n - smb3: Number of requests sent should be displayed for SMB3 not just CIFS\n (bsc#1144333).\n - smb3: on kerberos mount if server does not specify auth type use krb5\n (bsc#1051510, bsc#1144333).\n - smb3: on reconnect set PreviousSessionId field (bsc#1112899,\n bsc#1144333).\n - smb3: optimize open to not send query file internal info (bsc#1144333).\n - smb3: passthru query info does not check for SMB3 FSCTL passthru\n (bsc#1144333).\n - smb3: print tree id in debugdata in proc to be able to help logging\n (bsc#1144333).\n - smb3: query inode number on open via create context (bsc#1144333).\n - smb3: remove noisy warning message on mount (bsc#1129664, bsc#1144333).\n - smb3: remove per-session operations from per-tree connection stats\n (bsc#1144333).\n - smb3: rename encryption_required to smb3_encryption_required\n (bsc#1144333).\n - smb3: request more credits on normal (non-large read/write) ops\n (bsc#1144333).\n - smb3: request more credits on tree connect (bsc#1144333).\n - smb3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write\n (bsc#1144333).\n - smb3: send backup intent on compounded query info (bsc#1144333).\n - smb3: send CAP_DFS capability during session setup (bsc#1144333).\n - smb3: Send netname context during negotiate protocol (bsc#1144333).\n - smb3: show number of current open files in /proc/fs/cifs/Stats\n (bsc#1144333).\n - smb3: simplify code by removing CONFIG_CIFS_SMB311 (bsc#1051510,\n bsc#1144333).\n - smb3: smbdirect no longer experimental (bsc#1144333).\n - smb3: snapshot mounts are read-only and make sure info is displayable\n about the mount (bsc#1144333).\n - smb3: track the instance of each session for debugging (bsc#1144333).\n - smb3: Track total time spent on roundtrips for each SMB3 command\n (bsc#1144333).\n - smb3: trivial cleanup to smb2ops.c (bsc#1144333).\n - smb3: update comment to clarify enumerating snapshots (bsc#1144333).\n - smb3: update default requested iosize to 4MB from 1MB for recent\n dialects (bsc#1144333).\n - smb3: Update POSIX negotiate context with POSIX ctxt GUID (bsc#1144333).\n - smb3: Validate negotiate request must always be signed (bsc#1064597,\n bsc#1144333).\n - smb3: Warn user if trying to sign connection that authenticated as guest\n (bsc#1085536, bsc#1144333).\n - smbd: Make upper layer decide when to destroy the transport\n (bsc#1144333).\n - smb: fix leak of validate negotiate info response buffer (bsc#1064597,\n bsc#1144333).\n - smb: fix validate negotiate info uninitialised memory use (bsc#1064597,\n bsc#1144333).\n - smb: Validate negotiate (to protect against downgrade) even if signing\n off (bsc#1085536, bsc#1144333).\n - smpboot: Place the __percpu annotation correctly (git fixes).\n - soc: rockchip: power-domain: Add a sanity check on pd-&gt;num_clks\n (bsc#1144718,bsc#1144813).\n - soc: rockchip: power-domain: use clk_bulk APIs (bsc#1144718,bsc#1144813).\n - soc: rockchip: power-domain: Use of_clk_get_parent_count() instead of\n open coding (bsc#1144718,bsc#1144813).\n - sound: fix a memory leak bug (bsc#1051510).\n - spi: bcm2835aux: fix corruptions for longer spi transfers (bsc#1051510).\n - spi: bcm2835aux: remove dangerous uncontrolled read of fifo\n (bsc#1051510).\n - spi: bcm2835aux: unifying code between polling and interrupt driven code\n (bsc#1051510).\n - st21nfca_connectivity_event_received: null check the allocation\n (bsc#1051510).\n - staging: comedi: dt3000: Fix rounding up of timer divisor (bsc#1051510).\n - staging: comedi: dt3000: Fix signed integer overflow 'divider * base'\n (bsc#1051510).\n - st_nci_hci_connectivity_event_received: null check the allocation\n (bsc#1051510).\n - supported.conf: Add missing modules (bsc#1066369).\n - tcp: Reset bytes_acked and bytes_received when disconnecting\n (networking-stable-19_07_25).\n - test_firmware: fix a memory leak bug (bsc#1051510).\n - tpm: Fix off-by-one when reading binary_bios_measurements (bsc#1082555).\n - tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations\n (bsc#1082555).\n - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete\n (bsc#1082555).\n - tpm: Unify the send callback behaviour (bsc#1082555).\n - tpm: vtpm_proxy: Suppress error logging when in closed state\n (bsc#1082555).\n - Tree connect for SMB3.1.1 must be signed for non-encrypted shares\n (bsc#1051510, bsc#1144333).\n - treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 231\n (bsc#1144333).\n - udf: Fix incorrect final NOT_ALLOCATED (hole) extent length\n (bsc#1148617).\n - Update config files. (bsc#1145687) Add the following kernel config to\n ARM64: CONFIG_ACPI_PCI_SLOT=y CONFIG_HOTPLUG_PCI_ACPI=y\n - Update config files. - cifs: add CONFIG_CIFS_DEBUG_KEYS to dump\n encryption keys (bsc#1144333).\n - Update config files. - cifs: allow disabling insecure dialects in the\n config (bsc#1144333).\n - Update config files. - cifs: SMBD: Introduce kernel config option\n CONFIG_CIFS_SMB_DIRECT (bsc#1144333).\n - update internal version number for cifs.ko (bsc#1144333).\n - Update patches.fixes/MD-fix-invalid-stored-role-for-a-disk-try2.patch\n (bsc#1143765).\n - Update\n patches.suse/ceph-remove-request-from-waiting-list-before-unregister.patch\n (bsc#1148133 bsc#1138539).\n - Update session and share information displayed for debugging SMB2/SMB3\n (bsc#1144333).\n - Update version of cifs module (bsc#1144333).\n - usb: cdc-acm: make sure a refcount is taken early enough (bsc#1142635).\n - usb: CDC: fix sanity checks in CDC union parser (bsc#1142635).\n - usb: cdc-wdm: fix race between write and disconnect due to flag abuse\n (bsc#1051510).\n - usb: chipidea: udc: do not do hardware access if gadget has stopped\n (bsc#1051510).\n - usb: core: Fix races in character device registration and deregistraion\n (bsc#1051510).\n - usb: gadget: composite: Clear &quot;suspended&quot; on reset/disconnect\n (bsc#1051510).\n - usb: gadget: udc: renesas_usb3: Fix sysfs interface of &quot;role&quot;\n (bsc#1142635).\n - usb: host: fotg2: restart hcd after port reset (bsc#1051510).\n - usb: host: ohci: fix a race condition between shutdown and irq\n (bsc#1051510).\n - usb: host: xhci-rcar: Fix timeout in xhci_suspend() (bsc#1051510).\n - usb: host: xhci: rcar: Fix typo in compatible string matching\n (bsc#1051510).\n - usb: iowarrior: fix deadlock on disconnect (bsc#1051510).\n - usb: serial: option: add D-Link DWM-222 device ID (bsc#1051510).\n - usb: serial: option: Add Motorola modem UARTs (bsc#1051510).\n - usb: serial: option: Add support for ZTE MF871A (bsc#1051510).\n - usb: serial: option: add the BroadMobi BM818 card (bsc#1051510).\n - usb-storage: Add new JMS567 revision to unusual_devs (bsc#1051510).\n - usb: storage: ums-realtek: Update module parameter description for\n auto_delink_en (bsc#1051510).\n - usb: storage: ums-realtek: Whitelist auto-delink support (bsc#1051510).\n - usb: usbfs: fix double-free of usb memory upon submiturb error\n (bsc#1051510).\n - usb: yurex: Fix use-after-free in yurex_delete (bsc#1051510).\n - vfs: fix page locking deadlocks when deduping files (bsc#1148619).\n - VMCI: Release resource if the work is already queued (bsc#1051510).\n - vrf: make sure skb-&gt;data contains ip header to make routing\n (networking-stable-19_07_25).\n - watchdog: bcm2835_wdt: Fix module autoload (bsc#1051510).\n - watchdog: core: fix null pointer dereference when releasing cdev\n (bsc#1051510).\n - watchdog: f71808e_wdt: fix F81866 bit operation (bsc#1051510).\n - watchdog: fix compile time error of pretimeout governors (bsc#1051510).\n - wimax/i2400m: fix a memory leak bug (bsc#1051510).\n - x86/boot: Fix memory leak in default_get_smp_config() (bsc#1114279).\n - x86/entry/64/compat: Fix stack switching for XEN PV (bsc#1108382).\n - x86/microcode: Fix the microcode load on CPU hotplug for real\n (bsc#1114279).\n - x86/mm: Check for pfn instead of page in vmalloc_sync_one()\n (bsc#1118689).\n - x86/mm: Sync also unmappings in vmalloc_sync_all() (bsc#1118689).\n - x86/speculation: Allow guests to use SSBD even if host does not\n (bsc#1114279).\n - x86/speculation/mds: Apply more accurate check on hypervisor platform\n (bsc#1114279).\n - x86/unwind: Add hardcoded ORC entry for NULL (bsc#1114279).\n - x86/unwind: Handle NULL pointer calls better in frame unwinder\n (bsc#1114279).\n - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()\n (bsc#1065600).\n - xfrm: Fix bucket count reported to userspace (bsc#1143300).\n - xfrm: Fix error return code in xfrm_output_one() (bsc#1143300).\n - xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force\n clears the dst_entry (bsc#1143300).\n - xfrm: Fix NULL pointer dereference when skb_dst_force clears the\n dst_entry (bsc#1143300).\n - xfs: do not crash on null attr fork xfs_bmapi_read (bsc#1148035).\n - xfs: do not trip over uninitialized buffer on extent read of corrupted\n inode (bsc#1149053).\n - xfs: dump transaction usage details on log reservation overrun\n (bsc#1145235).\n - xfs: eliminate duplicate icreate tx reservation functions (bsc#1145235).\n - xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to\n EDQUOT (bsc#1148032).\n - xfs: fix semicolon.cocci warnings (bsc#1145235).\n - xfs: fix up agi unlinked list reservations (bsc#1145235).\n - xfs: include an allocfree res for inobt modifications (bsc#1145235).\n - xfs: include inobt buffers in ifree tx log reservation (bsc#1145235).\n - xfs: print transaction log reservation on overrun (bsc#1145235).\n - xfs: refactor inode chunk alloc/free tx reservation (bsc#1145235).\n - xfs: refactor xlog_cil_insert_items() to facilitate transaction dump\n (bsc#1145235).\n - xfs: remove more ondisk directory corruption asserts (bsc#1148034).\n - xfs: separate shutdown from ticket reservation print helper\n (bsc#1145235).\n - xfs: truncate transaction does not modify the inobt (bsc#1145235).\n\n", "modified": "2019-09-24T15:25:32", "published": "2019-09-24T15:25:32", "id": "OPENSUSE-SU-2019:2173-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-13T16:35:04", "bulletinFamily": "unix", "description": "The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-14615: Insufficient control flow in certain data structures for\n some Intel(R) Processors with Intel(R) Processor Graphics may have\n allowed an unauthenticated user to potentially enable information\n disclosure via local access (bnc#1160195 bnc#1165881).\n - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in\n the Marvell WiFi chip driver. A remote attacker could cause a denial of\n service (system crash) or, possibly execute arbitrary code, when the\n lbs_ibss_join_existing function is called after a STA connects to an AP\n (bnc#1157157).\n - CVE-2019-14897: A stack-based buffer overflow was found in the Marvell\n WiFi chip driver. An attacker is able to cause a denial of service\n (system crash) or, possibly execute arbitrary code, when a STA works in\n IBSS mode (allows connecting stations together without the use of an AP)\n and connects to another STA (bnc#1157155).\n - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c. It\n did not check the length of variable elements in a beacon head, leading\n to a buffer overflow (bnc#1152107).\n - CVE-2019-16994: In the Linux kernel before 5.0, a memory leak exists in\n sit_init_net() in net/ipv6/sit.c when register_netdev() fails to\n register sitn-&gt;fb_tunnel_dev, which may cause denial of service, aka\n CID-07f12b26e21a (bnc#1161523).\n - CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in\n drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of\n service (memory consumption), aka CID-128c66429247 (bnc#1156259).\n - CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c allowed a NULL\n pointer dereference because rcu_dereference(root-&gt;node) can be zero\n (bnc#1157692).\n - CVE-2019-19045: A memory leak in the mlx5_fpga_conn_create_cq() function\n in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers\n to cause a denial of service (memory consumption) by triggering\n mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).\n - CVE-2019-19051: A memory leak in the i2400m_op_rfkill_sw_toggle()\n function in drivers/net/wimax/i2400m/op-rfkill.c allowed attackers to\n cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7\n (bnc#1159024).\n - CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in\n drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a\n denial of service (memory consumption) by triggering kfifo_alloc()\n failures, aka CID-a7b2df76b42b (bnc#1161518).\n - CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in\n drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of\n service (memory consumption) by triggering bfa_port_get_stats()\n failures, aka CID-0e62395da2bd (bnc#1157303).\n - CVE-2019-19318: Mounting a crafted btrfs image twice can cause an\n rwsem_down_write_slowpath use-after-free because (in\n rwsem_can_spin_on_owner in kernel/locking/rwsem (bnc#1158026).\n - CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4\n image, can cause a slab-out-of-bounds write access because of an\n ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large\n old_size value is used in a memset call (bnc#1158021).\n - CVE-2019-19332: An out-of-bounds memory write issue was found in the way\n the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID'\n ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A\n user or process able to access the '/dev/kvm' device could use this flaw\n to crash the system, resulting in a denial of service (bnc#1158827).\n - CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous\n Abort (TAA) (bnc#1158954).\n - CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing\n some operations, and unmounting can lead to a use-after-free in\n ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in\n fs/ext4/super.c (bnc#1158819).\n - CVE-2019-19526: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/nfc/pn533/usb.c driver, aka\n CID-6af3aa57a098 (bnc#1158893).\n - CVE-2019-19527: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka\n CID-9c09b214f30e (bnc#1158900).\n - CVE-2019-19532: There were multiple out-of-bounds write bugs that can be\n caused by a malicious USB device in the Linux kernel HID drivers, aka\n CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c,\n drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c,\n drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c,\n drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c,\n drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c,\n drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c,\n drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c (bnc#1158824).\n - CVE-2019-19533: There was an info-leak bug that can be caused by a\n malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c\n driver, aka CID-a10feaf8c464 (bnc#1158834).\n - CVE-2019-19535: There was an info-leak bug that can be caused by a\n malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c\n driver, aka CID-30a8beeb3042 (bnc#1158903).\n - CVE-2019-19537: There was a race condition bug that can be caused by a\n malicious USB device in the USB character device driver layer, aka\n CID-303911cfc5b9. This affects drivers/usb/core/file.c (bnc#1158904).\n - CVE-2019-19767: The Linux kernel mishandled ext4_expand_extra_isize, as\n demonstrated by use-after-free errors in __ext4_expand_extra_isize and\n ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c,\n aka CID-4ea99936a163 (bnc#1159297).\n - CVE-2019-19927: Mounting a crafted f2fs filesystem image and performing\n some operations can lead to slab-out-of-bounds read access in\n ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related\n to the vmwgfx or ttm module (bnc#1160147).\n - CVE-2019-19965: There was a NULL pointer dereference in\n drivers/scsi/libsas/sas_discover.c because of mishandling of port\n disconnection during discovery, related to a PHY down race condition,\n aka CID-f70267f379b5 (bnc#1159911).\n - CVE-2019-19966: There was a use-after-free in cpia2_exit() in\n drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service,\n aka CID-dea37a972655 (bnc#1159841).\n - CVE-2019-20054: There was a NULL pointer dereference in\n drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka\n CID-23da9588037e (bnc#1159910).\n - CVE-2019-20095: mwifiex_tm_cmd in\n drivers/net/wireless/marvell/mwifiex/cfg80211.c had some error-handling\n cases that did not free allocated hostcmd memory, aka CID-003b686ace82.\n This will cause a memory leak and denial of service (bnc#1159909).\n - CVE-2019-20096: There was a memory leak in __feat_register_sp() in\n net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b\n (bnc#1159908).\n - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may\n trick the L0 hypervisor into accessing sensitive L1 resources\n (bsc#1163971).\n - CVE-2020-7053: There was a use-after-free (write) in the\n i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka\n CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in\n drivers/gpu/drm/i915/i915_gem_context.c (bnc#1160966).\n - CVE-2020-8428: fs/namei.c has a may_create_in_sticky use-after-free,\n which allowed local users to cause a denial of service (OOPS) or\n possibly obtain sensitive information from kernel memory, aka\n CID-d0cb50185ae9. One attack vector may be an open system call for a\n UNIX domain socket, if the socket is being moved to a new parent\n directory and its old parent directory is being removed (bnc#1162109).\n - CVE-2020-8648: There was a use-after-free vulnerability in the\n n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).\n - CVE-2020-8992: ext4_protect_reserved_inode in fs/ext4/block_validity.c\n allowed attackers to cause a denial of service (soft lockup) via a\n crafted journal size (bnc#1164069).\n - CVE-2019-19523: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/usb/misc/adutux.c driver, aka\n CID-44efc269db79 (bnc#1158823).\n\n The following non-security bugs were fixed:\n\n - smb3: print warning once if posix context returned on open\n (bsc#1144333).\n - 6pack,mkiss: fix possible deadlock (bsc#1051510).\n - ACPI / APEI: Do not wait to serialise with oops messages when panic()ing\n (bsc#1051510).\n - ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).\n - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value\n (bsc#1051510).\n - ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).\n - ACPI / watchdog: Fix init failure with overlapping register regions\n (bsc#1162557).\n - ACPI / watchdog: Set default timeout in probe (bsc#1162557).\n - ACPI: OSL: only free map once in osl.c (bsc#1051510).\n - ACPI: PM: Avoid attaching ACPI PM domain to certain devices\n (bsc#1051510).\n - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()\n (bsc#1051510).\n - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()\n (bsc#1051510).\n - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (bsc#1051510).\n - ACPI: video: Do not export a non working backlight interface on MSI\n MS-7721 boards (bsc#1051510).\n - ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557).\n - ALSA: control: remove useless assignment in .info callback of PCM chmap\n element (git-fixes).\n - ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666).\n - ALSA: echoaudio: simplify get_audio_levels (bsc#1051510).\n - ALSA: fireface: fix return value in error path of isochronous resources\n reservation (bsc#1051510).\n - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s\n (git-fixes).\n - ALSA: hda - Apply sync-write workaround to old Intel platforms, too\n (bsc#1111666).\n - ALSA: hda - Downgrade error message for single-cmd fallback (git-fixes).\n - ALSA: hda - constify and cleanup static NodeID tables (bsc#1111666).\n - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen\n (git-fixes).\n - ALSA: hda/analog - Minor optimization for SPDIF mux connections\n (git-fixes).\n - ALSA: hda/ca0132 - Avoid endless loop (git-fixes).\n - ALSA: hda/ca0132 - Fix work handling in delayed HP detection (git-fixes).\n - ALSA: hda/ca0132 - Keep power on during processing DSP response\n (git-fixes).\n - ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes).\n - ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks\n (bsc#1111666).\n - ALSA: hda/hdmi - Fix duplicate unref of pci_dev (bsc#1051510).\n - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() (git-fixes).\n - ALSA: hda/hdmi - fix atpx_present when CLASS is not VGA (bsc#1051510).\n - ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes).\n - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker\n (bsc#1111666).\n - ALSA: hda/realtek - Add Headset Mic supported for HP cPC (bsc#1111666).\n - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 (bsc#1051510).\n - ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).\n - ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th\n gen (bsc#1111666).\n - ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too\n (bsc#1111666).\n - ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236\n (git-fixes).\n - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC\n (bsc#1111666).\n - ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G (git-fixes).\n - ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).\n - ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic\n supported (bsc#1111666).\n - ALSA: hda/realtek - Line-out jack does not work on a Dell AIO\n (bsc#1051510).\n - ALSA: hda/realtek - More constifications (bsc#1111666).\n - ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).\n - ALSA: hda: Add Clevo W65_67SB the power_save blacklist (git-fixes).\n - ALSA: hda: Add JasperLake PCI ID and codec vid (bsc#1111666).\n - ALSA: hda: Clear RIRB status before reading WP (bsc#1111666).\n - ALSA: hda: Constify snd_kcontrol_new items (bsc#1111666).\n - ALSA: hda: Constify snd_pci_quirk tables (bsc#1111666).\n - ALSA: hda: More constifications (bsc#1111666).\n - ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666).\n - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs\n (git-fixes).\n - ALSA: hda: constify copied structure (bsc#1111666).\n - ALSA: hda: correct kernel-doc parameter descriptions (bsc#1111666).\n - ALSA: hda: hdmi - add Tigerlake support (bsc#1111666).\n - ALSA: hda: hdmi - fix pin setup on Tigerlake (bsc#1111666).\n - ALSA: hda: patch_hdmi: remove warnings with empty body (bsc#1111666).\n - ALSA: hda: patch_realtek: fix empty macro usage in if block\n (bsc#1111666).\n - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code\n (bsc#1051510).\n - ALSA: oxfw: fix return value in error path of isochronous resources\n reservation (bsc#1051510).\n - ALSA: pcm: Avoid possible info leaks from PCM stream buffers (git-fixes).\n - ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes).\n - ALSA: seq: Avoid concurrent access to queue flags (git-fixes).\n - ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes).\n - ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).\n - ALSA: sh: Fix compile warning wrt const (git-fixes).\n - ALSA: sh: Fix unused variable warnings (bsc#1111666).\n - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes).\n - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5\n (bsc#1111666).\n - ALSA: usb-audio: Fix endianess in descriptor validation (bsc#1111666).\n - ALSA: usb-audio: fix set_format altsetting sanity check (bsc#1051510).\n - ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).\n - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report\n (bsc#1051510).\n - ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).\n - ASoC: compress: fix unsigned integer overflow check (bsc#1051510).\n - ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' (bsc#1051510).\n - ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1\n (bsc#1051510).\n - ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI\n (bsc#1111666).\n - ASoC: sun8i-codec: Fix setting DAI data format (git-fixes).\n - ASoC: wm8962: fix lambda value (git-fixes).\n - Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510).\n - Bluetooth: hci_bcm: Handle specific unknown packets after firmware\n loading (bsc#1051510).\n - btrfs: add missing extents release on file extent cluster relocation\n error (bsc#1159483).\n - btrfs: avoid fallback to transaction commit during fsync of files with\n holes (bsc#1159569).\n - btrfs: fix block group remaining RO forever after error during device\n replace (bsc#1160442).\n - btrfs: fix btrfs_write_inode vs delayed iput deadlock (bsc#1154243).\n - btrfs: fix infinite loop during fsync after rename operations\n (bsc#1163383).\n - btrfs: fix infinite loop during nocow writeback due to race\n (bsc#1160804).\n - btrfs: fix missing data checksums after replaying a log tree\n (bsc#1161931).\n - btrfs: fix negative subv_writers counter and data space leak after\n buffered write (bsc#1160802).\n - btrfs: fix race between adding and putting tree mod seq elements and\n nodes (bsc#1163384).\n - btrfs: fix removal logic of the tree mod log that leads to\n use-after-free issues (bsc#1160803).\n - btrfs: fix selftests failure due to uninitialized i_mode in test inodes\n (Fix for dependency of bsc#1157692).\n - btrfs: make tree checker detect checksum items with overlapping ranges\n (bsc#1161931).\n - btrfs: send, skip backreference walking for extents with many references\n (bsc#1162139).\n - CDC-NCM: handle incomplete transfer of MTU (networking-stable-19_11_10).\n - CIFS: Add support for setting owner info, dos attributes, and create\n time (bsc#1144333).\n - CIFS: Close cached root handle only if it had a lease (bsc#1144333).\n - CIFS: Close open handle after interrupted close (bsc#1144333).\n - CIFS: Do not miss cancelled OPEN responses (bsc#1144333).\n - CIFS: Fix NULL pointer dereference in mid callback (bsc#1144333).\n - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks\n (bsc#1144333).\n - CIFS: Fix task struct use-after-free on reconnect (bsc#1144333).\n - CIFS: Properly process SMB3 lease breaks (bsc#1144333).\n - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1144333).\n - CIFS: Return directly after a failed build_path_from_dentry() in\n cifs_do_create() (bsc#1144333).\n - CIFS: Use common error handling code in smb2_ioctl_query_info()\n (bsc#1144333).\n - CIFS: Use memdup_user() rather than duplicating its implementation\n (bsc#1144333).\n - CIFS: fix a white space issue in cifs_get_inode_info() (bsc#1144333).\n - CIFS: refactor cifs_get_inode_info() (bsc#1144333).\n - CIFS: remove set but not used variables 'cinode' and 'netfid'\n (bsc#1144333).\n - Cover up kABI breakage due to DH key verification (bsc#1155331).\n - Delete patches which cause regression (bsc#1165527 ltc#184149).\n - Documentation: Document arm64 kpti control (bsc#1162623).\n - Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632).\n - Fix the locking in dcache_readdir() and friends (bsc#1123328).\n - HID: doc: fix wrong data structure reference for UHID_OUTPUT\n (bsc#1051510).\n - HID: hiddev: Fix race in in hiddev_disconnect() (git-fixes).\n - HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).\n - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).\n - HID: intel-ish-hid: fixes incorrect error handling (bsc#1051510).\n - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll (bsc#1051510).\n - IB/hfi1: Close window for pq and request coliding (bsc#1060463 ).\n - IB/hfi1: Do not cancel unused work item (bsc#1114685 ).\n - IB/mlx5: Fix steering rule of drop and count (bsc#1103991 ).\n - IB/mlx5: Remove dead code (bsc#1103991).\n - Input: aiptek - fix endpoint sanity check (bsc#1051510).\n - Input: cyttsp4_core - fix use after free bug (bsc#1051510).\n - Input: goodix - add upside-down quirk for Teclast X89 tablet\n (bsc#1051510).\n - Input: gtco - fix endpoint sanity check (bsc#1051510).\n - Input: keyspan-remote - fix control-message timeouts (bsc#1051510).\n - Input: pegasus_notetaker - fix endpoint sanity check (bsc#1051510).\n - Input: pm8xxx-vib - fix handling of separate enable register\n (bsc#1051510).\n - Input: rmi_f54 - read from FIFO in 32 byte blocks (bsc#1051510).\n - Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register\n (bsc#1051510).\n - Input: sur40 - fix interface sanity checks (bsc#1051510).\n - Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus (bsc#1051510).\n - Input: synaptics-rmi4 - do not increment rmiaddr for SMBus transfers\n (bsc#1051510).\n - Input: synaptics-rmi4 - simplify data read in rmi_f54_work (bsc#1051510).\n - KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers\n (bsc#1133021).\n - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840).\n - KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840).\n - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails\n (bsc#1061840).\n - KVM: SVM: Override default MMIO mask if memory encryption is enabled\n (bsc#1162618).\n - KVM: arm64: Store vcpu on the stack during __guest_enter() (bsc#1133021).\n - KVM: fix spectrev1 gadgets (bsc#1164705).\n - KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl\n (git-fixes).\n - KVM: s390: ENOTSUPP -&gt; EOPNOTSUPP fixups (bsc#1133021).\n - KVM: s390: Test for bad access register and size at the start of\n S390_MEM_OP (git-fixes).\n - KVM: s390: do not clobber registers during guest reset/store status\n (bsc#1133021).\n - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF\n attacks (bsc#1164734).\n - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF\n attacks in x86.c (bsc#1164733).\n - KVM: x86: Protect MSR-based index computations in\n fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164731).\n - KVM: x86: Protect MSR-based index computations in pmu.h from\n Spectre-v1/L1TF attacks (bsc#1164732).\n - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks\n (bsc#1164728).\n - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks\n (bsc#1164729).\n - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF\n attacks (bsc#1164712).\n - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks\n (bsc#1164730).\n - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735).\n - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks\n (bsc#1164705).\n - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks\n (bsc#1164727).\n - KVM: x86: Remove a spurious export of a static function (bsc#1158954).\n - NFC: fdp: fix incorrect free object (networking-stable-19_11_10).\n - NFC: pn533: fix bulk-message timeout (bsc#1051510).\n - NFC: pn544: Adjust indentation in pn544_hci_check_presence (git-fixes).\n - NFC: st21nfca: fix double free (networking-stable-19_11_10).\n - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes).\n - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity()\n (bsc#1051510).\n - PCI/switchtec: Fix vep_vector_number ioread width (bsc#1051510).\n - PCI: Add DMA alias quirk for Intel VCA NTB (bsc#1051510).\n - PCI: Do not disable bridge BARs when assigning bus resources\n (bsc#1051510).\n - PCI: pciehp: Avoid returning prematurely from sysfs requests (git-fixes).\n - PCI: rpaphp: Add drc-info support for hotplug slot registration\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Annotate and correctly byte swap DRC properties\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Avoid a sometimes-uninitialized warning (bsc#1157480\n ltc#181028).\n - PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using\n drc-info (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Do not rely on firmware feature to imply drc-info support\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Fix up pointer to first drc-info entry (bsc#1157480\n ltc#181028).\n - PM / AVS: SmartReflex: NULL check before some freeing functions is not\n needed (bsc#1051510).\n - PM / Domains: Deal with multiple states but no governor in genpd\n (bsc#1051510).\n - RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).\n - RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series\n (bsc#1154916).\n - RDMA/bnxt_re: Fix chip number validation Broadcom's Gen P5 series\n (bsc#1157895).\n - RDMA/bnxt_re: Fix missing le16_to_cpu (bsc#1157895).\n - RDMA/cma: Fix unbalanced cm_id reference count during address resolve\n (bsc#1103992).\n - RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create\n (bsc#1114685).\n - RDMA/hns: Bugfix for qpc/cqc timer configuration (bsc#1104427\n bsc#1126206).\n - RDMA/hns: Correct the value of srq_desc_size (bsc#1104427 ).\n - RDMA/hns: Fix to support 64K page for srq (bsc#1104427 ).\n - RDMA/hns: Prevent memory leaks of eq-&gt;buf_list (bsc#1104427 ).\n - RDMA/uverbs: Verify MR access flags (bsc#1103992).\n - crypto/dh: Adjust for change of DH_KPP_SECRET_MIN_SIZE in\n 35f7d5225ffcbf1b759f641aec1735e3a89b1914\n - crypto/dh: Remove the fips=1 check in dh.c dh.c is not fips-specific and\n should perform the same regardless of this setting.\n - Revert &quot;HID: add NOGET quirk for Eaton Ellipse MAX UPS&quot; (git-fixes).\n - Revert &quot;Input: synaptics-rmi4 - do not increment rmiaddr for SMBus\n transfers&quot; (bsc#1051510).\n - Revert &quot;ath10k: fix DMA related firmware crashes on multiple devices&quot;\n (git-fixes).\n - Revert &quot;locking/pvqspinlock: Do not wait if vCPU is preempted&quot;\n (bsc#1050549).\n - Revert &quot;mmc: sdhci: Fix incorrect switch to HS mode&quot; (bsc#1051510).\n - Revert patches.suse/samples-bpf-add-a-test-for-bpf_override_return.patch\n (bsc#1159500)\n - SMB3: Backup intent flag missing from some more ops (bsc#1144333).\n - SMB3: Fix crash in SMB2_open_init due to uninitialized field in\n compounding path (bsc#1144333).\n - SMB3: Fix persistent handles reconnect (bsc#1144333).\n - SUNRPC: Fix svcauth_gss_proxy_init() (bsc#1103992).\n - Staging: iio: adt7316: Fix i2c data reading, set the data field\n (bsc#1051510).\n - USB: EHCI: Do not return -EPIPE when hub is disconnected (git-fixes).\n - USB: adutux: fix interface sanity check (bsc#1051510).\n - USB: atm: ueagle-atm: add missing endpoint check (bsc#1051510).\n - USB: core: add endpoint-blacklist quirk (git-fixes).\n - USB: core: fix check for duplicate endpoints (git-fixes).\n - USB: documentation: flags on usb-storage versus UAS (bsc#1051510).\n - USB: idmouse: fix interface sanity checks (bsc#1051510).\n - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 (git-fixes).\n - USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).\n - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P (bsc#1051510).\n - USB: serial: io_edgeport: add missing active-port sanity check\n (bsc#1051510).\n - USB: serial: io_edgeport: fix epic endpoint lookup (bsc#1051510).\n - USB: serial: io_edgeport: handle unbound ports on URB completion\n (bsc#1051510).\n - USB: serial: io_edgeport: use irqsave() in USB's complete callback\n (bsc#1051510).\n - USB: serial: ir-usb: add missing endpoint sanity check (bsc#1051510).\n - USB: serial: ir-usb: fix IrLAP framing (bsc#1051510).\n - USB: serial: ir-usb: fix link-speed handling (bsc#1051510).\n - USB: serial: keyspan: handle unbound ports (bsc#1051510).\n - USB: serial: opticon: fix control-message timeouts (bsc#1051510).\n - USB: serial: option: Add support for Quectel RM500Q (bsc#1051510).\n - USB: serial: option: add Telit ME910G1 0x110a composition (git-fixes).\n - USB: serial: option: add ZLP support for 0x1bc7/0x9010 (git-fixes).\n - USB: serial: option: add support for Quectel RM500Q in QDL mode\n (git-fixes).\n - USB: serial: quatech2: handle unbound ports (bsc#1051510).\n - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx\n (bsc#1051510).\n - USB: serial: suppress driver bind attributes (bsc#1051510).\n - USB: uas: heed CAPACITY_HEURISTICS (bsc#1051510).\n - USB: uas: honor flag to avoid CAPACITY16 (bsc#1051510).\n - Update\n patches.suse/powerpc-xive-Implement-get_irqchip_state-method-for-.patch\n (bsc#1085030).\n - af_packet: set defaule value for tmo (bsc#1051510).\n - apparmor: fix unsigned len comparison with less than zero (git-fixes).\n - ar5523: check NULL before memcpy() in ar5523_cmd() (bsc#1051510).\n - arm64: Revert support for execute-only user mappings (bsc#1160218).\n - ata: ahci: Add shutdown to freeze hardware resources of ahci\n (bsc#1164388).\n - ath10k: Correct the DMA direction for management tx buffers\n (bsc#1111666).\n - ath10k: fix fw crash by moving chip reset after napi disabled\n (bsc#1051510).\n - ath10k: pci: Fix comment on ath10k_pci_dump_memory_sram (bsc#1111666).\n - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe\n (bsc#1111666).\n - ath6kl: Fix off by one error in scan completion (bsc#1051510).\n - ath9k: fix storage endpoint lookup (git-fixes).\n - atl1e: checking the status of atl1e_write_phy_reg (bsc#1051510).\n - audit: Allow auditd to set pid to 0 to end auditing (bsc#1158094).\n - batman-adv: Fix DAT candidate selection on little endian systems\n (bsc#1051510).\n - bcache: Fix an error code in bch_dump_read() (bsc#1163762).\n - bcache: Revert &quot;bcache: shrink btree node cache after bch_btree_check()&quot;\n (bsc#1163762, bsc#1112504).\n - bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front()\n (bsc#1163762).\n - bcache: add code comments for state-&gt;pool in __btree_sort()\n (bsc#1163762).\n - bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).\n - bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).\n - bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).\n - bcache: add more accurate error messages in read_super() (bsc#1163762).\n - bcache: add readahead cache policy options via sysfs interface\n (bsc#1163762).\n - bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).\n - bcache: avoid unnecessary btree nodes flushing in btree_flush_write()\n (bsc#1163762).\n - bcache: check return value of prio_read() (bsc#1163762).\n - bcache: deleted code comments for dead code in bch_data_insert_keys()\n (bsc#1163762).\n - bcache: do not export symbols (bsc#1163762).\n - bcache: explicity type cast in bset_bkey_last() (bsc#1163762).\n - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock\n (bsc#1163762).\n - bcache: fix deadlock in bcache_allocator (bsc#1163762).\n - bcache: fix incorrect data type usage in btree_flush_write()\n (bsc#1163762).\n - bcache: fix memory corruption in bch_cache_accounting_clear()\n (bsc#1163762).\n - bcache: fix static checker warning in bcache_device_free() (bsc#1163762).\n - bcache: ignore pending signals when creating gc and allocator thread\n (bsc#1163762, bsc#1112504).\n - bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).\n - bcache: reap c-&gt;btree_cache_freeable from the tail in bch_mca_scan()\n (bsc#1163762).\n - bcache: reap from tail of c-&gt;btree_cache in bch_mca_scan() (bsc#1163762).\n - bcache: remove macro nr_to_fifo_front() (bsc#1163762).\n - bcache: remove member accessed from struct btree (bsc#1163762).\n - bcache: remove the extra cflags for request.o (bsc#1163762).\n - bcma: remove set but not used variable 'sizel' (git-fixes).\n - blk-mq: avoid sysfs buffer overflow with too many CPU cores\n (bsc#1159377).\n - blk-mq: avoid sysfs buffer overflow with too many CPU cores\n (bsc#1163840).\n - blk-mq: make sure that line break can be printed (bsc#1159377).\n - blk-mq: make sure that line break can be printed (bsc#1164098).\n - bnxt: apply computed clamp value for coalece parameter (bsc#1104745).\n - bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).\n - bnxt_en: Fix NTUPLE firmware command failures (bsc#1104745 ).\n - bnxt_en: Fix TC queue mapping (networking-stable-20_02_05).\n - bnxt_en: Improve device shutdown method (bsc#1104745 ).\n - bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs\n (bsc#1134090 jsc#SLE-5954).\n - bnxt_en: Return error if FW returns more data than dump length\n (bsc#1104745).\n - bonding: fix active-backup transition after link failure (git-fixes).\n - bonding: fix potential NULL deref in bond_update_slave_arr (bsc#1051510).\n - bonding: fix slave stuck in BOND_LINK_FAIL state\n (networking-stable-19_11_10).\n - bonding: fix state transition issue in link monitoring\n (networking-stable-19_11_10).\n - bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).\n - bpf, offload: Replace bitwise AND by logical AND in\n bpf_prog_offload_info_fill (bsc#1109837).\n - bpf, offload: Unlock on error in bpf_offload_dev_create() (bsc#1109837).\n - bpf/sockmap: Read psock ingress_msg before sk_receive_queue\n (bsc#1083647).\n - bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() (bsc#1083647).\n - bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).\n - bpf: Make use of probe_user_write in probe write helper (bsc#1083647).\n - bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).\n - bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).\n - bpf: Sanity check max value for var_off stack access (bco#1160618).\n - bpf: Support variable offset stack access from helpers (bco#1160618).\n - bpf: add self-check logic to liveness analysis (bsc#1160618).\n - bpf: add verifier stats and log_level bit 2 (bsc#1160618).\n - bpf: improve stacksafe state comparison (bco#1160618).\n - bpf: improve verification speed by droping states (bsc#1160618).\n - bpf: improve verification speed by not remarking live_read (bsc#1160618).\n - bpf: improve verifier branch analysis (bsc#1160618).\n - bpf: increase complexity limit and maximum program size (bsc#1160618).\n - bpf: increase verifier log limit (bsc#1160618).\n - bpf: skmsg, fix potential psock NULL pointer dereference (bsc#1109837).\n - bpf: speed up stacksafe check (bco#1160618).\n - bpf: verifier: teach the verifier to reason about the BPF_JSET\n instruction (bco#1160618).\n - brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() (bsc#1111666).\n - brcmfmac: Fix memory leak in brcmf_usbdev_qinit (git-fixes).\n - brcmfmac: Fix use after free in brcmf_sdio_readframes() (git-fixes).\n - brcmfmac: fix interface sanity check (git-fixes).\n - brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362\n (bsc#1111666).\n - brcmfmac: set F2 watermark to 256 for 4373 (bsc#1111666).\n - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 (bsc#1111666).\n - btrfs: Ensure we trim ranges across block group boundary (bsc#1151910).\n - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it\n (dependency for bsc#1157692).\n - btrfs: abort transaction after failed inode updates in create_subvol\n (bsc#1161936).\n - btrfs: dev-replace: remove warning for unknown return codes when\n finished (dependency for bsc#1162067).\n - btrfs: do not call synchronize_srcu() in inode_tree_del (bsc#1161934).\n - btrfs: do not double lock the subvol_sem for rename exchange\n (bsc#1162943).\n - btrfs: fix integer overflow in calc_reclaim_items_nr (bsc#1160433).\n - btrfs: handle ENOENT in btrfs_uuid_tree_iterate (bsc#1161937).\n - btrfs: harden agaist duplicate fsid on scanned devices (bsc#1134973).\n - btrfs: inode: Verify inode mode to avoid NULL pointer dereference\n (dependency for bsc#1157692).\n - btrfs: record all roots for rename exchange on a subvol (bsc#1161933).\n - btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).\n - btrfs: scrub: Require mandatory block group RO for dev-replace\n (bsc#1162067).\n - btrfs: simplify inode locking for RWF_NOWAIT (git-fixes).\n - btrfs: skip log replay on orphaned roots (bsc#1161935).\n - btrfs: tree-checker: Check chunk item at tree block read time\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Check level for leaves and nodes (dependency for\n bsc#1157692).\n - btrfs: tree-checker: Enhance chunk checker to validate chunk profile\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency\n of bsc#1157692).\n - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN\n instead of EIO (dependency for bsc#1157692).\n - btrfs: tree-checker: Make chunk item checker messages more readable\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).\n - btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in block_group_err (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_block_group_item\n (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_csum_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_dev_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_dir_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_extent_data_item\n (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_inode_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_leaf_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in dev_item_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in dir_item_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in file_extent_err (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_leaf (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in chunk_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in generic_err (dependency for\n bsc#1157692).\n - btrfs: volumes: Use more straightforward way to calculate map length\n (bsc#1151910).\n - can, slip: Protect tty-&gt;disc_data in write_wakeup and close with RCU\n (bsc#1051510).\n - can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open\n (bsc#1051510).\n - can: can_dropped_invalid_skb(): ensure an initialized headroom in\n outgoing CAN sk_buffs (bsc#1051510).\n - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting\n (bsc#1051510).\n - can: mscan: mscan_rx_poll(): fix rx path lockup when returning from\n polling to irq mode (bsc#1051510).\n - can: peak_usb: report bus recovery as well (bsc#1051510).\n - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error\n (bsc#1051510).\n - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on\n error (bsc#1051510).\n - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors\n on queue overflow or OOM (bsc#1051510).\n - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to\n propagate error value in case of errors (bsc#1051510).\n - can: slcan: Fix use-after-free Read in slcan_open (bsc#1051510).\n - cdrom: respect device capabilities during opening action (boo#1164632).\n - cfg80211/mac80211: make ieee80211_send_layer2_update a public function\n (bsc#1051510).\n - cfg80211: check for set_wiphy_params (bsc#1051510).\n - cfg80211: fix deadlocks in autodisconnect work (bsc#1111666).\n - cfg80211: fix memory leak in cfg80211_cqm_rssi_update (bsc#1111666).\n - cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).\n - cgroup: pids: use atomic64_t for pids-&gt;limit (bsc#1161514).\n - chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849).\n - cifs: Add tracepoints for errors on flush or fsync (bsc#1144333).\n - cifs: Adjust indentation in smb2_open_file (bsc#1144333).\n - cifs: Avoid doing network I/O while holding cache lock (bsc#1144333).\n - cifs: Clean up DFS referral cache (bsc#1144333).\n - cifs: Do not display RDMA transport on reconnect (bsc#1144333).\n - cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).\n - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()\n (bsc#1144333).\n - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()\n (bsc#1144333).\n - cifs: Fix mode output in debugging statements (bsc#1144333).\n - cifs: Fix mount options set in automount (bsc#1144333).\n - cifs: Fix mount options set in automount (bsc#1144333).\n - cifs: Fix potential deadlock when updating vol in cifs_reconnect()\n (bsc#1144333).\n - cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).\n - cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).\n - cifs: Fix return value in __update_cache_entry (bsc#1144333).\n - cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).\n - cifs: Get rid of kstrdup_const()'d paths (bsc#1144333).\n - cifs: Introduce helpers for finding TCP connection (bsc#1144333).\n - cifs: Merge is_path_valid() into get_normalized_path() (bsc#1144333).\n - cifs: Optimize readdir on reparse points (bsc#1144333).\n - cifs: Use #define in cifs_dbg (bsc#1144333).\n - cifs: add SMB2_open() arg to return POSIX data (bsc#1144333).\n - cifs: add SMB3 change notification support (bsc#1144333).\n - cifs: add a debug macro that prints \\\\server\\share for errors\n (bsc#1144333).\n - cifs: add missing mount option to /proc/mounts (bsc#1144333).\n - cifs: add new debugging macro cifs_server_dbg (bsc#1144333).\n - cifs: add passthrough for smb2 setinfo (bsc#1144333).\n - cifs: add smb2 POSIX info level (bsc#1144333).\n - cifs: add support for fallocate mode 0 for non-sparse files\n (bsc#1144333).\n - cifs: add support for flock (bsc#1144333).\n - cifs: allow chmod to set mode bits using special sid (bsc#1144333).\n - cifs: call wake_up(&amp;server-&gt;response_q) inside of cifs_reconnect()\n (bsc#1144333).\n - cifs: close the shared root handle on tree disconnect (bsc#1144333).\n - cifs: create a helper function to parse the query-directory response\n buffer (bsc#1144333).\n - cifs: do d_move in rename (bsc#1144333).\n - cifs: do not ignore the SYNC flags in getattr (bsc#1144333).\n - cifs: do not leak -EAGAIN for stat() during reconnect (bsc#1144333).\n - cifs: do not use 'pre:' for MODULE_SOFTDEP (bsc#1144333).\n - cifs: enable change notification for SMB2.1 dialect (bsc#1144333).\n - cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1144333).\n - cifs: fix NULL dereference in match_prepath (bsc#1144333).\n - cifs: fix a comment for the timeouts when sending echos (bsc#1144333).\n - cifs: fix dereference on ses before it is null checked (bsc#1144333).\n - cifs: fix mode bits from dir listing when mounted with modefromsid\n (bsc#1144333).\n - cifs: fix mount option display for sec=krb5i (bsc#1161907).\n - cifs: fix potential mismatch of UNC paths (bsc#1144333).\n - cifs: fix rename() by ensuring source handle opened with DELETE bit\n (bsc#1144333).\n - cifs: fix soft mounts hanging in the reconnect code (bsc#1144333).\n - cifs: fix soft mounts hanging in the reconnect code (bsc#1144333).\n - cifs: fix unitialized variable poential problem with network I/O cache\n lock patch (bsc#1144333).\n - cifs: get mode bits from special sid on stat (bsc#1144333).\n - cifs: handle prefix paths in reconnect (bsc#1144333).\n - cifs: log warning message (once) if out of disk space (bsc#1144333).\n - cifs: make sure we do not overflow the max EA buffer size (bsc#1144333).\n - cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1144333).\n - cifs: modefromsid: make room for 4 ACE (bsc#1144333).\n - cifs: modefromsid: write mode ACE first (bsc#1144333).\n - cifs: plumb smb2 POSIX dir enumeration (bsc#1144333).\n - cifs: potential unintitliazed error code in cifs_getattr() (bsc#1144333).\n - cifs: prepare SMB2_query_directory to be used with compounding\n (bsc#1144333).\n - cifs: print warning once if mounting with vers=1.0 (bsc#1144333).\n - cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1144333).\n - cifs: remove redundant assignment to variable rc (bsc#1144333).\n - cifs: remove set but not used variable 'server' (bsc#1144333).\n - cifs: remove set but not used variables (bsc#1144333).\n - cifs: remove unused variable 'sid_user' (bsc#1144333).\n - cifs: remove unused variable (bsc#1144333).\n - cifs: rename a variable in SendReceive() (bsc#1144333).\n - cifs: rename posix create rsp (bsc#1144333).\n - cifs: replace various strncpy with strscpy and similar (bsc#1144333).\n - cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1144333).\n - cifs: smbd: Add messages on RDMA session destroy and reconnection\n (bsc#1144333).\n - cifs: smbd: Invalidate and deregister memory registration on re-send for\n direct I/O (bsc#1144333).\n - cifs: smbd: Only queue work for error recovery on memory registration\n (bsc#1144333).\n - cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1144333).\n - cifs: smbd: Return -ECONNABORTED when trasnport is not in connected\n state (bsc#1144333).\n - cifs: smbd: Return -EINVAL when the number of iovs exceeds\n SMBDIRECT_MAX_SGE (bsc#1144333).\n - cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1144333).\n - cifs: use compounding for open and first query-dir for readdir()\n (bsc#1144333).\n - cifs: use mod_delayed_work() for &amp;server-&gt;reconnect if already queued\n (bsc#1144333).\n - clk: Do not try to enable critical clocks if prepare failed\n (bsc#1051510).\n - clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).\n - clk: mmp2: Fix the order of timer mux parents (bsc#1051510).\n - clk: qcom: rcg2: Do not crash if our parent can't be found; return an\n error (bsc#1051510).\n - clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).\n - clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).\n - clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering\n (bsc#1051510).\n - clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).\n - clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510).\n - clk: sunxi: sun9i-mmc: Implement reset callback for reset controls\n (bsc#1051510).\n - clk: tegra: Mark fuse clock as critical (bsc#1051510).\n - clocksource/drivers/bcm2835_timer: Fix memory leak of timer\n (bsc#1051510).\n - clocksource: Prevent double add_timer_on() for watchdog_timer\n (bsc#1051510).\n - closures: fix a race on wakeup from closure_sync (bsc#1163762).\n - cls_rsvp: fix rsvp_policy (networking-stable-20_02_05).\n - configfs_register_group() shouldn't be (and isn't) called in rmdirable\n parts (bsc#1051510).\n - copy/pasted &quot;Recommends:&quot; instead of &quot;Provides:&quot;, &quot;Obsoletes:&quot; and\n &quot;Conflicts:\n - core: Do not skip generic XDP program execution for cloned SKBs\n (bsc#1109837).\n - crypto: DRBG - add FIPS 140-2 CTRNG for noise source (bsc#1155334).\n - crypto: af_alg - Use bh_lock_sock in sk_destruct (bsc#1051510).\n - crypto: api - Check spawn-&gt;alg under lock in crypto_drop_spawn\n (bsc#1051510).\n - crypto: api - Fix race condition in crypto_spawn_alg (bsc#1051510).\n - crypto: atmel-sha - fix error handling when setting hmac key\n (bsc#1051510).\n - crypto: caam/qi2 - fix typo in algorithm's driver name (bsc#1111666).\n - crypto: ccp - fix uninitialized list head (bsc#1051510).\n - crypto: chelsio - fix writing tfm flags to wrong place (bsc#1051510).\n - crypto: dh - add public key verification test (bsc#1155331).\n - crypto: dh - fix calculating encoded key size (bsc#1155331).\n - crypto: dh - fix memory leak (bsc#1155331).\n - crypto: dh - update test for public key verification (bsc#1155331).\n - crypto: ecdh - add public key verification test (bsc#1155331).\n - crypto: ecdh - fix typo of P-192 b value (bsc#1155331).\n - crypto: mxc-scc - fix build warnings on ARM64 (bsc#1051510).\n - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request\n (bsc#1051510).\n - crypto: picoxcell - adjust the position of tasklet_init and fix missed\n tasklet_kill (bsc#1051510).\n - crypto: reexport crypto_shoot_alg() (bsc#1051510, kABI fix).\n - cxgb4: request the TX CIDX updates to status page (bsc#1127371).\n - devlink: report 0 after hitting end in region read (bsc#1109837).\n - dma-buf: Fix memory leak in sync_file_merge() (git-fixes).\n - dma-mapping: fix return type of dma_set_max_seg_size() (bsc#1051510).\n - dmaengine: Fix access to uninitialized dma_slave_caps (bsc#1051510).\n - dmaengine: coh901318: Fix a double-lock bug (bsc#1051510).\n - dmaengine: coh901318: Remove unused variable (bsc#1051510).\n - drivers/base/memory.c: cache blocks in radix tree to accelerate lookup\n (bsc#1159955 ltc#182993).\n - drivers/base/memory.c: do not access uninitialized memmaps in\n soft_offline_page_store() (bsc#1051510).\n - drivers/base/platform.c: kmemleak ignore a known leak (bsc#1051510).\n - drivers/regulator: fix a missing check of return value (bsc#1051510).\n - drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero\n (bsc#1111666).\n - drm/amd/powerplay: remove set but not used variable 'us_mvdd'\n (bsc#1111666).\n - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc (bsc#1111666).\n - drm/amdgpu: add function parameter description in\n 'amdgpu_device_set_cg_state' (bsc#1111666).\n - drm/amdgpu: add function parameter description in 'amdgpu_gart_bind'\n (bsc#1051510).\n - drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1114279)\n - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)\n (bsc#1111666).\n - drm/amdgpu: remove 4 set but not used variable in\n amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510).\n - drm/amdgpu: remove always false comparison in\n 'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'amdgpu_connector'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'dig_connector'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'invalid' (bsc#1111666).\n - drm/amdgpu: remove set but not used variable 'mc_shared_chmap'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from\n 'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510).\n - drm/amdkfd: fix a use after free race with mmu_notifer unregister\n (bsc#1114279)\n - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (bsc#1051510).\n - drm/etnaviv: fix dumping of iommuv2 (bsc#1114279)\n - drm/fb-helper: Round up bits_per_pixel if possible (bsc#1051510).\n - drm/i810: Prevent underflow in ioctl (bsc#1114279)\n - drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)\n - drm/i915/gvt: Separate display reset from ALL_ENGINES reset (bsc#1114279)\n - drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)\n - drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)\n - drm/i915/perf: add missing delay for OA muxes configuration\n (bsc#1111666).\n - drm/i915/userptr: Try to acquire the page lock around (bsc#1114279)\n - drm/i915/userptr: fix size calculation (bsc#1114279)\n - drm/i915: Add missing include file &lt;linux/math64.h&gt; (bsc#1051510).\n - drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe()\n (bsc#1111666).\n - drm/i915: Fix pid leak with banned clients (bsc#1114279)\n - drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set\n (bsc#1111666).\n - drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV\n (bsc#1111666).\n - drm/i915: Reacquire priolist cache after dropping the engine lock\n (bsc#1129770) Fixes a const function argument in the patch.\n - drm/i915: Sanity check mmap length against object size (bsc#1111666).\n - drm/i915: Wean off drm_pci_alloc/drm_pci_free (bsc#1114279)\n - drm/mediatek: Add gamma property according to hardware capability\n (bsc#1114279)\n - drm/mediatek: disable all the planes in atomic_disable (bsc#1114279)\n - drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank() (bsc#1114279)\n - drm/msm: include linux/sched/task.h (bsc#1112178)\n - drm/mst: Fix MST sideband up-reply failure handling (bsc#1051510).\n - drm/nouveau/bar/gf100: ensure BAR is mapped (bsc#1111666).\n - drm/nouveau/bar/nv50: check bar1 vmm return value (bsc#1111666).\n - drm/nouveau/mmu: qualify vmm during dtor (bsc#1111666).\n - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()\n (bsc#1051510).\n - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler\n (bsc#1051510).\n - drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)\n - drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)\n - drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)\n - drm/rect: Avoid division by zero (bsc#1111666).\n - drm/rect: update kerneldoc for drm_rect_clip_scaled() (bsc#1111666).\n - drm/rockchip: Round up _before_ giving to the clock framework\n (bsc#1114279)\n - drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510).\n - drm/sun4i: hdmi: Remove duplicate cleanup calls (bsc#1113956)\n - drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model\n (bsc#1111666).\n - drm/sun4i: tcon: Set min division of TCON0_DCLK to 1 (bsc#1111666).\n - drm/ttm: ttm_tt_init_fields() can be static (bsc#1111666).\n - drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (bsc#1051510).\n - drm: atmel-hlcdc: enable clock before configuring timing engine\n (bsc#1114279)\n - drm: bridge: dw-hdmi: constify copied structure (bsc#1051510).\n - drm: limit to INT_MAX in create_blob ioctl (bsc#1051510).\n - drm: meson: venc: cvbs: fix CVBS mode matching (bsc#1051510).\n - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable\n (bsc#1111666).\n - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable\n (bsc#1114279)\n - drm: panel-lvds: Potential Oops in probe error handling (bsc#1114279)\n - drm: rcar-du: Recognize &quot;renesas,vsps&quot; in addition to &quot;vsps&quot;\n (bsc#1114279)\n - e1000e: Add support for Comet Lake (bsc#1158533).\n - e1000e: Add support for Tiger Lake (bsc#1158533).\n - e1000e: Increase pause and refresh time (bsc#1158533).\n - e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait\n (bsc#1051510).\n - enic: prevent waking up stopped tx queues over watchdog reset\n (bsc#1133147).\n - ethtool: Factored out similar ethtool link settings for virtual devices\n to core (bsc#1136157 ltc#177197).\n - exit: panic before exit_mm() on global init exit (bsc#1161549).\n - ext2: check err when partial != NULL (bsc#1163859).\n - ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853).\n - ext4: Fix mount failure with quota configured as module (bsc#1164471).\n - ext4: check for directory entries too close to block end (bsc#1163861).\n - ext4: fix a bug in ext4_wait_for_tail_page_commit (bsc#1163841).\n - ext4: fix checksum errors with indexed dirs (bsc#1160979).\n - ext4: fix deadlock allocating crypto bounce page from mempool\n (bsc#1163842).\n - ext4: fix mount failure with quota configured as module (bsc#1164471).\n - ext4: improve explanation of a mount failure caused by a misconfigured\n kernel (bsc#1163843).\n - extcon: max8997: Fix lack of path setting in USB device mode\n (bsc#1051510).\n - firestream: fix memory leaks (bsc#1051510).\n - fix autofs regression caused by follow_managed() changes (bsc#1159271).\n - fix dget_parent() fastpath race (bsc#1159271).\n - fix memory leak in large read decrypt offload (bsc#1144333).\n - fjes: fix missed check in fjes_acpi_add (bsc#1051510).\n - fs/cifs/cifssmb.c: use true,false for bool variable (bsc#1144333).\n - fs/cifs/sess.c: Remove set but not used variable 'capabilities'\n (bsc#1144333).\n - fs/cifs/smb2ops.c: use true,false for bool variable (bsc#1144333).\n - fs/cifs/smb2pdu.c: Make SMB2_notify_init static (bsc#1144333).\n - fs/namei.c: fix missing barriers when checking positivity (bsc#1159271).\n - fs/namei.c: pull positivity check into follow_managed() (bsc#1159271).\n - fs/open.c: allow opening only regular files during execve()\n (bsc#1163845).\n - fs: cifs: Fix atime update check vs mtime (bsc#1144333).\n - fs: cifs: Initialize filesystem timestamp ranges (bsc#1144333).\n - fs: cifs: cifsssmb: remove redundant assignment to variable ret\n (bsc#1144333).\n - fs: cifs: mute -Wunused-const-variable message (bsc#1144333).\n - fscrypt: do not set policy for a dead directory (bsc#1163846).\n - ftrace: Add comment to why rcu_dereference_sched() is open coded\n (git-fixes).\n - ftrace: Avoid potential division by zero in function profiler\n (bsc#1160784).\n - ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes).\n - genirq/proc: Return proper error code when irq_set_affinity() fails\n (bnc#1105392).\n - genirq: Prevent NULL pointer dereference in resend_irqs() (bsc#1051510).\n - genirq: Properly pair kobject_del() with kobject_add() (bsc#1051510).\n - gpio: Fix error message on out-of-range GPIO in lookup table\n (bsc#1051510).\n - gtp: avoid zero size hashtable (networking-stable-20_01_01).\n - gtp: do not allow adding duplicate tid and ms_addr pdp context\n (networking-stable-20_01_01).\n - gtp: fix an use-after-free in ipv4_pdp_find()\n (networking-stable-20_01_01).\n - gtp: fix wrong condition in gtp_genl_dump_pdp()\n (networking-stable-20_01_01).\n - gtp: make sure only SOCK_DGRAM UDP sockets are accepted\n (networking-stable-20_01_27).\n - gtp: use __GFP_NOWARN to avoid memalloc warning\n (networking-stable-20_02_05).\n - hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).\n - hotplug/drc-info: Add code to search ibm,drc-info property (bsc#1157480\n ltc#181028).\n - hv_netvsc: Fix memory leak when removing rndis device\n (networking-stable-20_01_20).\n - hv_netvsc: Fix offset usage in netvsc_send_table() (bsc#1164598).\n - hv_netvsc: Fix send_table offset in case of a host bug (bsc#1164598).\n - hv_netvsc: Fix tx_table init in rndis_set_subchannel() (bsc#1164598).\n - hv_netvsc: Fix unwanted rx_table reset (bsc#1164598).\n - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input\n (bsc#1051510).\n - hwmon: (core) Do not use device managed functions for memory allocations\n (bsc#1051510).\n - hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs\n (bsc#1163206).\n - hwmon: (nct7802) Fix voltage limits to wrong registers (bsc#1051510).\n - hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions\n (bsc#1051510).\n - hwrng: stm32 - fix unbalanced pm_runtime_enable (bsc#1051510).\n - i2c: imx: do not print error message on probe defer (bsc#1051510).\n - ibmveth: Detect unsupported packets before sending to the hypervisor\n (bsc#1159484 ltc#182983).\n - ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551).\n - ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n - ibmvnic: Fix completion structure initialization (bsc#1155689\n ltc#182047).\n - ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n - ibmvnic: Terminate waiting device threads after loss of service\n (bsc#1155689 ltc#182047).\n - ice: fix stack leakage (bsc#1118661).\n - idr: Fix idr_alloc_u32 on 32-bit systems (bsc#1051510).\n - iio: adc: max9611: Fix too short conversion time delay (bsc#1051510).\n - iio: buffer: align the size of scan bytes to size of the largest element\n (bsc#1051510).\n - inet: protect against too small mtu values (networking-stable-19_12_16).\n - iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162617).\n - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA\n (bsc#1164314).\n - iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()\n (bsc#1164115).\n - iommu/iova: Init the struct iova to fix the possible memleak\n (bsc#1160469).\n - iommu/mediatek: Correct the flush_iotlb_all callback (bsc#1160470).\n - iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).\n - iommu: Remove device link to group on failure (bsc#1160755).\n - ipmi: Do not allow device module unload when in use (bsc#1154768).\n - ipv4: Fix table id reference in fib_sync_down_addr\n (networking-stable-19_11_10).\n - ipv4: ensure rcu_read_lock() in cipso_v4_error() (git-fixes).\n - ipv6: restrict IPV6_ADDRFORM operation (bsc#1109837).\n - iwlegacy: ensure loop counter addr does not wrap and cause an infinite\n loop (git-fixes).\n - iwlwifi: change monitor DMA to be coherent (bsc#1161243).\n - iwlwifi: clear persistence bit according to device family (bsc#1111666).\n - iwlwifi: do not throw error when trying to remove IGTK (bsc#1051510).\n - iwlwifi: mvm: Send non offchannel traffic via AP sta (bsc#1051510).\n - iwlwifi: mvm: fix NVM check for 3168 devices (bsc#1051510).\n - iwlwifi: mvm: force TCM re-evaluation on TCM resume (bsc#1111666).\n - iwlwifi: mvm: synchronize TID queue removal (bsc#1051510).\n - iwlwifi: pcie: fix erroneous print (bsc#1111666).\n - iwlwifi: trans: Clear persistence bit when starting the FW (bsc#1111666).\n - jbd2: Fix possible overflow in jbd2_log_space_left() (bsc#1163860).\n - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info\n when load journal (bsc#1163862).\n - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer\n (bsc#1163836).\n - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock\n (bsc#1163863).\n - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()\n (bsc#1163880).\n - jbd2: switch to use jbd2_journal_abort() when failed to submit the\n commit record (bsc#1163852).\n - kABI fix for &quot;ipmi: Do not allow device module unload when in use&quot;\n (bsc#1154768).\n - kABI fixup for alloc_dax_region (bsc#1158071,bsc#1160678).\n - kABI workaround for can/skb.h inclusion (bsc#1051510).\n - crypto/dh: Make sure the FIPS pubkey check is only executed in FIPS mode.\n - kABI: Protest new fields in BPF structs (bsc#1160618).\n - kABI: add _q suffix to exports that take struct dh (bsc#1155331).\n - kABI: protect struct sctp_ep_common (kabi).\n - kabi/severities: Whitelist rpaphp_get_drc_props (bsc#1157480 ltc#181028).\n - kconfig: fix broken dependency in randconfig-generated .config\n (bsc#1051510).\n - kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure\n flavor (boo#1161360).\n - kernel/module.c: Only return -EEXIST for modules that have finished\n loading (bsc#1165488).\n - kernel/module.c: wakeup processes in module_wq on module unload\n (bsc#1165488).\n - kernel/trace: Fix do not unregister tracepoints when register\n sched_migrate_task fail (bsc#1160787).\n - kernfs: Fix range checks in kernfs_get_target_path (bsc#1051510).\n - kexec: bail out upon SIGKILL when allocating memory (git-fixes).\n - kvm: x86: Host feature SSBD does not imply guest feature SPEC_CTRL_SSBD\n (bsc#1160476).\n - l2tp: Allow duplicate session creation with UDP\n (networking-stable-20_02_05).\n - lcoking/rwsem: Add missing ACQUIRE to read_slowpath sleep loop\n (bsc#1050549).\n - leds: Allow to call led_classdev_unregister() unconditionally\n (bsc#1161674).\n - leds: class: ensure workqueue is initialized before setting brightness\n (bsc#1161674).\n - lib/scatterlist.c: adjust indentation in __sg_alloc_table (bsc#1051510).\n - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()\n (bsc#1051510).\n - lib: crc64: include &lt;linux/crc64.h&gt; for 'crc64_be' (bsc#1163762).\n - libnvdimm-fix-devm_nsio_enable-kabi.patch: Fixup compiler warning\n - libnvdimm/namespace: Differentiate between probe mapping and runtime\n mapping (bsc#1153535).\n - libnvdimm/pfn: Account for PAGE_SIZE &gt; info-block-size in nd_pfn_init()\n (bsc#1127682 bsc#1153535 ltc#175033 ltc#181834).\n - libnvdimm: Fix devm_nsio_enable() kabi (bsc#1153535).\n - livepatch/samples/selftest: Use klp_shadow_alloc() API correctly\n (bsc#1071995).\n - livepatch/selftest: Clean up shadow variable names and type\n (bsc#1071995).\n - locking/rwsem: Prevent decrement of reader count before increment\n (bsc#1050549).\n - mac80211: Do not send Layer 2 Update frame before authorization\n (bsc#1051510).\n - mac80211: Fix TKIP replay protection immediately after key setup\n (bsc#1051510).\n - mac80211: fix ieee80211_txq_setup_flows() failure path (bsc#1111666).\n - mac80211: fix station inactive_time shortly after boot (bsc#1051510).\n - mac80211: mesh: restrict airtime metric to peered established plinks\n (bsc#1051510).\n - macvlan: do not assume mac_header is set in macvlan_broadcast()\n (bsc#1051510).\n - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()\n (bsc#1051510).\n - mailbox: mailbox-test: fix null pointer if no mmio (bsc#1051510).\n - md/raid0: Fix buffer overflow at debug print (bsc#1164051).\n - media/v4l2-core: set pages dirty upon releasing DMA buffers\n (bsc#1051510).\n - media: af9005: uninitialized variable printked (bsc#1051510).\n - media: cec.h: CEC_OP_REC_FLAG_ values were swapped (bsc#1051510).\n - media: cec: CEC 2.0-only bcast messages were ignored (git-fixes).\n - media: cec: report Vendor ID after initialization (bsc#1051510).\n - media: digitv: do not continue if remote control state can't be read\n (bsc#1051510).\n - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (bsc#1051510).\n - media: exynos4-is: fix wrong mdev and v4l2 dev order in error path\n (git-fixes).\n - media: gspca: zero usb_buf (bsc#1051510).\n - media: iguanair: fix endpoint sanity check (bsc#1051510).\n - media: ov6650: Fix control handler not freed on init error (git-fixes).\n - media: ov6650: Fix crop rectangle alignment not passed back (git-fixes).\n - media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes).\n - media: pulse8-cec: fix lost cec_transmit_attempt_done() call.\n - media: pulse8-cec: return 0 when invalidating the logical address\n (bsc#1051510).\n - media: stkwebcam: Bugfix for wrong return values (bsc#1051510).\n - media: uvcvideo: Avoid cyclic entity chains due to malformed USB\n descriptors (bsc#1051510).\n - media: uvcvideo: Fix error path in control parsing failure (git-fixes).\n - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE (bsc#1051510).\n - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (bsc#1051510).\n - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments\n (bsc#1051510).\n - mei: bus: prefix device names on bus with the bus name (bsc#1051510).\n - mfd: da9062: Fix watchdog compatible string (bsc#1051510).\n - mfd: dln2: More sanity checking for endpoints (bsc#1051510).\n - mfd: rn5t618: Mark ADC control register volatile (bsc#1051510).\n - missing escaping of backslashes in macro expansions (bsc#1143959)\n - mlxsw: spectrum: Wipe xstats.backlog of down ports (bsc#1112374).\n - mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1112374).\n - mlxsw: spectrum_qdisc: Include MC TCs in Qdisc counters (bsc#1112374).\n - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel\n (bsc#1112374).\n - mm, memory_hotplug: do not clear numa_node association after hot_remove\n (bnc#1115026).\n - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock\n (bsc#1159394).\n - mm: memory_hotplug: use put_device() if device_register fail\n (bsc#1159955 ltc#182993).\n - mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode (bsc#1051510).\n - mmc: sdhci-of-esdhc: Revert &quot;mmc: sdhci-of-esdhc: add erratum A-009204\n support&quot; (bsc#1051510).\n - mmc: sdhci-of-esdhc: fix P2020 errata handling (bsc#1051510).\n - mmc: sdhci: Add a quirk for broken command queuing (git-fixes).\n - mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes).\n - mmc: sdhci: fix minimum clock rate for v3 controller (bsc#1051510).\n - mmc: spi: Toggle SPI polarity, do not hardcode it (bsc#1051510).\n - mmc: tegra: fix SDR50 tuning override (bsc#1051510).\n - mod_devicetable: fix PHY module format (networking-stable-19_12_28).\n - moduleparam: fix parameter description mismatch (bsc#1051510).\n - mqprio: Fix out-of-bounds access in mqprio_dump (bsc#1109837).\n - mtd: fix mtd_oobavail() incoherent returned value (bsc#1051510).\n - mwifiex: debugfs: correct histogram spacing, formatting (bsc#1051510).\n - mwifiex: delete unused mwifiex_get_intf_num() (bsc#1111666).\n - mwifiex: drop most magic numbers from\n mwifiex_process_tdls_action_frame() (git-fixes).\n - mwifiex: fix potential NULL dereference and use after free (bsc#1051510).\n - mwifiex: update set_mac_address logic (bsc#1111666).\n - namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1163851).\n - net, ip6_tunnel: fix namespaces move (networking-stable-20_01_27).\n - net, ip_tunnel: fix namespaces move (networking-stable-20_01_27).\n - net, sysctl: Fix compiler warning when only cBPF is present\n (bsc#1109837).\n - net-sysfs: Fix reference count leak (networking-stable-20_01_27).\n - net/ethtool: Introduce link_ksettings API for virtual network devices\n (bsc#1136157 ltc#177197).\n - net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047).\n - net/mlx4_en: Fix wrong limitation for number of TX rings (bsc#1103989).\n - net/mlx4_en: fix mlx4 ethtool -N insertion (networking-stable-19_11_25).\n - net/mlx5: Accumulate levels for chains prio namespaces (bsc#1103990).\n - net/mlx5: Fix lowest FDB pool size (bsc#1103990).\n - net/mlx5: IPsec, Fix esp modify function attribute (bsc#1103990 ).\n - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx\n (bsc#1103990).\n - net/mlx5: Update the list of the PCI supported devices (bsc#1127611).\n - net/mlx5: Update the list of the PCI supported devices (bsc#1127611).\n - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (bsc#1046303).\n - net/mlx5e: Fix SFF 8472 eeprom length (git-fixes).\n - net/mlx5e: Fix set vf link state error flow (networking-stable-19_11_25).\n - net/mlx5e: Query global pause state before setting prio2buffer\n (bsc#1103990).\n - net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).\n - net/mlxfw: Verify FSM error code translation does not exceed array size\n (bsc#1051858).\n - net/sched: act_pedit: fix WARN() in the traffic path\n (networking-stable-19_11_25).\n - net/tls: fix async operation (bsc#1109837).\n - net/tls: free the record on encryption error (bsc#1109837).\n - net/tls: take into account that bpf_exec_tx_verdict() may free the\n record (bsc#1109837).\n - net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info\n (networking-stable-20_01_20).\n - net: Fix Tx hash bound checking (bsc#1109837).\n - net: add sendmsg_locked and sendpage_locked to af_inet6 (bsc#1144162).\n - net: bridge: deny dev_set_mac_address() when unregistering\n (networking-stable-19_12_16).\n - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() (git-fixes).\n - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM\n (networking-stable-20_01_27).\n - net: dsa: mv88e6xxx: Preserve priority when setting CPU port\n (networking-stable-20_01_11).\n - net: dsa: tag_qca: fix doubled Tx statistics\n (networking-stable-20_01_20).\n - net: dst: Force 4-byte alignment of dst_metrics\n (networking-stable-19_12_28).\n - net: ena: fix napi handler misbehavior when the napi budget is zero\n (networking-stable-20_01_01).\n - net: ethernet: octeon_mgmt: Account for second possible VLAN header\n (networking-stable-19_11_10).\n - net: ethernet: ti: cpsw: fix extra rx interrupt\n (networking-stable-19_12_16).\n - net: fix data-race in neigh_event_send() (networking-stable-19_11_10).\n - net: hisilicon: Fix a BUG trigered by wrong bytes_compl\n (networking-stable-19_12_28).\n - net: hns3: fix ETS bandwidth validation bug (bsc#1104353 ).\n - net: hns3: fix a copying IPv6 address error in\n hclge_fd_get_flow_tuples() (bsc#1104353).\n - net: hns: fix soft lockup when there is not enough memory\n (networking-stable-20_01_20).\n - net: hsr: fix possible NULL deref in hsr_handle_frame()\n (networking-stable-20_02_05).\n - net: ip6_gre: fix moving ip6gre between namespaces\n (networking-stable-20_01_27).\n - net: nfc: nci: fix a possible sleep-in-atomic-context bug in\n nci_uart_tty_receive() (networking-stable-19_12_28).\n - net: phy: Check against net_device being NULL (bsc#1051510).\n - net: phy: Fix not to call phy_resume() if PHY is not attached\n (bsc#1051510).\n - net: phy: Fix the register offsets in Broadcom iProc mdio mux driver\n (bsc#1051510).\n - net: phy: at803x: Change error to EINVAL for invalid MAC (bsc#1051510).\n - net: phy: broadcom: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: dp83867: Set up RGMII TX delay (bsc#1051510).\n - net: phy: fixed_phy: Fix fixed_phy not checking GPIO (bsc#1051510).\n - net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: marvell: clear wol event before setting it (bsc#1051510).\n - net: phy: meson-gxl: check phy_write return value (bsc#1051510).\n - net: phy: micrel: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 (bsc#1051510).\n - net: phy: mscc: read 'vsc8531,vddmac' as an u32 (bsc#1051510).\n - net: phy: xgene: disable clk on error paths (bsc#1051510).\n - net: phy: xgmiitorgmii: Check phy_driver ready before accessing\n (bsc#1051510).\n - net: phy: xgmiitorgmii: Check read_status results (bsc#1051510).\n - net: phy: xgmiitorgmii: Support generic PHY status read (bsc#1051510).\n - net: psample: fix skb_over_panic (networking-stable-19_12_03).\n - net: qlogic: Fix error paths in ql_alloc_large_buffers()\n (networking-stable-19_12_28).\n - net: rtnetlink: prevent underflows in do_setvfinfo()\n (networking-stable-19_11_25).\n - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()\n (networking-stable-20_01_27).\n - net: sch_prio: When ungrafting, replace with FIFO\n (networking-stable-20_01_11).\n - net: sched: correct flower port blocking (git-fixes).\n - net: sched: ensure opts_len &lt;= IP_TUNNEL_OPTS_MAX in act_tunnel_key\n (bsc#1109837).\n - net: sched: fix `tc -s class show` no bstats on class with nolock\n subqueues (networking-stable-19_12_03).\n - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues\n (bsc#1109837).\n - net: stmmac: Delete txtimer in suspend() (networking-stable-20_02_05).\n - net: stmmac: dwmac-sunxi: Allow all RGMII modes\n (networking-stable-20_01_11).\n - net: usb: lan78xx: Add .ndo_features_check (networking-stable-20_01_27).\n - net: usb: lan78xx: Fix suspend/resume PHY register access error\n (networking-stable-19_12_28).\n - net: usb: lan78xx: fix possible skb leak (networking-stable-20_01_11).\n - net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).\n - net: usb: qmi_wwan: add support for DW5821e with eSIM support\n (networking-stable-19_11_10).\n - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules\n (networking-stable-19_11_18).\n - net_sched: ematch: reject invalid TCF_EM_SIMPLE\n (networking-stable-20_01_30).\n - net_sched: fix an OOB access in cls_tcindex (networking-stable-20_02_05).\n - net_sched: fix datalen for ematch (networking-stable-20_01_27).\n - netfilter: nf_queue: enqueue skbs with NULL dst (git-fixes).\n - new helper: lookup_positive_unlocked() (bsc#1159271).\n - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info\n (bsc#1163774).\n - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()\n (networking-stable-19_12_03).\n - openvswitch: remove another BUG_ON() (networking-stable-19_12_03).\n - openvswitch: support asymmetric conntrack (networking-stable-19_12_16).\n - orinoco_usb: fix interface sanity check (git-fixes).\n - percpu: Separate decrypted varaibles anytime encryption can be enabled\n (bsc#1114279).\n - perf/x86/intel: Fix inaccurate period in context switch for auto-reload\n (bsc#1164315).\n - phy: qualcomm: Adjust indentation in read_poll_timeout (bsc#1051510).\n - pinctrl: cherryview: Fix irq_valid_mask calculation (bsc#1111666).\n - pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues (bsc#1051510).\n - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B\n (bsc#1051510).\n - pinctrl: xway: fix gpio-hog related boot issues (bsc#1051510).\n - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM\n (networking-stable-20_01_11).\n - pktcdvd: remove warning on attempting to register non-passthrough dev\n (bsc#1051510).\n - platform/mellanox: fix potential deadlock in the tmfifo driver\n (bsc#1136333 jsc#SLE-4994).\n - platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0\n (bsc#1051510).\n - platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size\n (bsc#1051510).\n - platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer\n (bsc#1051510).\n - platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes\n (bsc#1051510).\n - platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI\n table (bsc#1051510).\n - power: supply: ltc2941-battery-gauge: fix use-after-free (bsc#1051510).\n - powerpc/archrandom: fix arch_get_random_seed_int() (bsc#1065729).\n - powerpc/irq: fix stack overflow verification (bsc#1065729).\n - powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2\n (bsc#1061840).\n - powerpc/mm: drop #ifdef CONFIG_MMU in is_ioremap_addr() (bsc#1065729).\n - powerpc/papr_scm: Do not enable direct map for a region by default\n (bsc#1129551).\n - powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths\n (bsc#1142685 ltc#179509).\n - powerpc/pkeys: remove unused pkey_allows_readwrite (bsc#1065729).\n - powerpc/powernv: Disable native PCIe port management (bsc#1065729).\n - powerpc/pseries/hotplug-memory: Change rc variable to bool (bsc#1065729).\n - powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028\n ltc#181740).\n - powerpc/pseries/memory-hotplug: Only update DT once per memory DLPAR\n request (bsc#1165404 ltc#183498).\n - powerpc/pseries/mobility: notify network peers after migration\n (bsc#1152631 ltc#181798).\n - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning\n (bsc#1065729).\n - powerpc/pseries: Add cpu DLPAR support for drc-info property\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Advance pfn if section is not present in\n lmb_is_removable() (bsc#1065729).\n - powerpc/pseries: Allow not having ibm,\n hypertas-functions::hcall-multi-tce for DDW (bsc#1065729).\n - powerpc/pseries: Avoid NULL pointer dereference when drmem is\n unavailable (bsc#1160659).\n - powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()\n (git-fixes).\n - powerpc/pseries: Enable support for ibm,drc-info property (bsc#1157480\n ltc#181028).\n - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Fix drc-info mappings of logical cpus to drc-index\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Fix vector5 in ibm architecture vector table\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Revert support for ibm,drc-info devtree property\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: group lmb operation and memblock's (bsc#1165404\n ltc#183498).\n - powerpc/pseries: update device tree before ejecting hotplug uevents\n (bsc#1165404 ltc#183498).\n - powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).\n - powerpc/smp: Use nid as fallback for package_id (bsc#1165813 ltc#184091).\n - powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal\n delivery (bsc#1118338 ltc#173734).\n - powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).\n - powerpc/xive: Discard ESB load value when interrupt is invalid\n (bsc#1085030).\n - powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts\n (bsc#1085030).\n - powerpc/xmon: do not access ASDR in VMs (bsc#1065729).\n - powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges\n &gt;4GB (bnc#1151927 5.3.17).\n - powerpc: Allow flush_icache_range to work across ranges &gt;4GB\n (bnc#1151927 5.3.17).\n - powerpc: Enable support for ibm,drc-info devtree property (bsc#1157480\n ltc#181028).\n - powerpc: Fix vDSO clock_getres() (bsc#1065729).\n - powerpc: avoid adjusting memory_limit for capture kernel memory\n reservation (bsc#1140025 ltc#176086).\n - powerpc: reserve memory for capture kernel after hugepages init\n (bsc#1140025 ltc#176086).\n - ppp: Adjust indentation into ppp_async_input (git-fixes).\n - prevent active file list thrashing due to refault detection (VM\n Performance, bsc#1156286).\n - pseries/drc-info: Search DRC properties for CPU indexes (bsc#1157480\n ltc#181028).\n - pstore/ram: Write new dumps to start of recycled zones (bsc#1051510).\n - ptr_ring: add include of linux/mm.h (bsc#1109837).\n - pwm: Clear chip_data in pwm_put() (bsc#1051510).\n - pwm: Remove set but not set variable 'pwm' (git-fixes).\n - pwm: clps711x: Fix period calculation (bsc#1051510).\n - pwm: omap-dmtimer: Remove PWM chip in .remove before making it\n unfunctional (git-fixes).\n - pxa168fb: Fix the function used to release some memory in an error\n (bsc#1114279)\n - qede: Disable hardware gro when xdp prog is installed (bsc#1086314\n bsc#1086313 bsc#1086301 ).\n - qede: Fix multicast mac configuration (networking-stable-19_12_28).\n - qede: fix NULL pointer deref in __qede_remove()\n (networking-stable-19_11_10).\n - qmi_wwan: Add support for Quectel RM500Q (bsc#1051510).\n - quota: Check that quota is not dirty before release (bsc#1163858).\n - quota: fix livelock in dquot_writeback_dquots (bsc#1163857).\n - r8152: add missing endpoint sanity check (bsc#1051510).\n - r8152: get default setting of WOL before initializing (bsc#1051510).\n - random: move FIPS continuous test to output functions (bsc#1155334).\n - regulator: Fix return value of _set_load() stub (bsc#1051510).\n - regulator: rk808: Lower log level on optional GPIOs being not available\n (bsc#1051510).\n - regulator: rn5t618: fix module aliases (bsc#1051510).\n - regulator: tps65910: fix a missing check of return value (bsc#1051510).\n - reiserfs: Fix memory leak of journal device string (bsc#1163867).\n - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling\n (bsc#1163869).\n - reset: fix reset_control_ops kerneldoc comment (bsc#1051510).\n - resource: fix locking in find_next_iomem_res() (bsc#1114279).\n - rpm/kabi.pl: support new (&gt;=5.4) Module.symvers format (new symbol\n namespace field)\n - rpm/kernel-binary.spec.in: Conflict with too old powerpc-utils\n (jsc#ECO-920, jsc#SLE-11054, jsc#SLE-11322).\n - rpm/kernel-subpackage-spec: Exclude kernel-firmware recommends\n (bsc#1143959) For reducing the dependency on kernel-firmware in sub\n packages\n - rpm/kernel-subpackage-spec: Fix empty Recommends tag (bsc#1143959)\n - rpm/modules.fips: update module list (bsc#1157853)\n - rsi_91x_usb: fix interface sanity check (git-fixes).\n - rtc: cmos: Stop using shared IRQ (bsc#1051510).\n - rtc: dt-binding: abx80x: fix resistance scale (bsc#1051510).\n - rtc: hym8563: Return -EINVAL if the time is known to be invalid\n (bsc#1051510).\n - rtc: max8997: Fix the returned value in case of error in\n 'max8997_rtc_read_alarm()' (bsc#1051510).\n - rtc: msm6242: Fix reading of 10-hour digit (bsc#1051510).\n - rtc: pcf8523: set xtal load capacitance from DT (bsc#1051510).\n - rtc: s35390a: Change buf's type to u8 in s35390a_init (bsc#1051510).\n - rtl818x: fix potential use after free (bsc#1051510).\n - rtl8xxxu: fix interface sanity check (git-fixes).\n - rtlwifi: Fix MAX MPDU of VHT capability (git-fixes).\n - rtlwifi: Remove redundant semicolon in wifi.h (git-fixes).\n - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of\n buffer (bsc#1111666).\n - rxrpc: Fix insufficient receive notification generation\n (networking-stable-20_02_05).\n - s390/qeth: clean up page frag creation (git-fixes).\n - s390/qeth: consolidate skb allocation (git-fixes).\n - s390/qeth: ensure linear access to packet headers (git-fixes).\n - s390/qeth: guard against runt packets (git-fixes).\n - sched/fair: Add tmp_alone_branch assertion (bnc#1156462).\n - sched/fair: Fix O(nr_cgroups) in the load balancing path (bnc#1156462).\n - sched/fair: Fix insertion in rq-&gt;leaf_cfs_rq_list (bnc#1156462).\n - sched/fair: Optimize update_blocked_averages() (bnc#1156462).\n - sched/fair: WARN() and refuse to set buddy when !se-&gt;on_rq (bsc#1158132).\n - scsi-qla2xxx-Fix-qla2x00_request_irqs-for-MSI.patch\n - scsi-qla2xxx-fix-rports-not-being-mark-as-lost-in-sy.patch\n - scsi-qla2xxx-unregister-ports-after-GPN_FT-failure.patch\n - scsi: fnic: do not queue commands during fwreset (bsc#1146539).\n - scsi: ibmvfc: Add failed PRLI to cmd_status lookup array (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot\n (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: Byte swap status and error codes when logging (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Clean up transport events (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: Do not call fc_block_scsi_eh() on host reset (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Mark expected switch fall-throughs (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Remove &quot;failed&quot; from logged errors (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Remove unneeded semicolons (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: constify dev_pm_ops structures (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: ibmvscsi: ibmvscsi_tgt: constify vio_device_id\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Do not use rc uninitialized in ibmvscsi_do_work\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Improve strings handling (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Wire up host_reset() in the driver's scsi_host_template\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: change strncpy+truncation to strlcpy (bsc#1161951\n ltc#183551).\n - scsi: ibmvscsi: constify dev_pm_ops structures (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: fix tripping of blk_mq_run_hw_queue WARN_ON (bsc#1161951\n ltc#183551).\n - scsi: ibmvscsi: redo driver work thread to use enum action states\n (bsc#1161951 ltc#183551).\n - scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1154601).\n - scsi: qla2xxx: Add 16.0GT for PCI String (bsc#1157424).\n - scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs\n (bsc#1158013).\n - scsi: qla2xxx: Add a shadow variable to hold disc_state history of\n fcport (bsc#1158013).\n - scsi: qla2xxx: Add beacon LED config sysfs interface (bsc#1157424).\n - scsi: qla2xxx: Add changes in preparation for vendor extended FDMI/RDP\n (bsc#1157424).\n - scsi: qla2xxx: Add deferred queue for processing ABTS and RDP\n (bsc#1157424).\n - scsi: qla2xxx: Add endianizer macro calls to fc host stats (bsc#1157424).\n - scsi: qla2xxx: Add fixes for mailbox command (bsc#1157424).\n - scsi: qla2xxx: Add ql2xrdpenable module parameter for RDP (bsc#1157424).\n - scsi: qla2xxx: Add sysfs node for D-Port Diagnostics AEN data\n (bsc#1157424).\n - scsi: qla2xxx: Add vendor extended FDMI commands (bsc#1157424).\n - scsi: qla2xxx: Add vendor extended RDP additions and amendments\n (bsc#1157424).\n - scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX\n (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Avoid setting firmware options twice in\n 24xx_update_fw_options (bsc#1157424).\n - scsi: qla2xxx: Check locking assumptions at runtime in\n qla2x00_abort_srb() (bsc#1157424).\n - scsi: qla2xxx: Cleanup ELS/PUREX iocb fields (bsc#1157424).\n - scsi: qla2xxx: Cleanup unused async_logout_done (bsc#1158013).\n - scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).\n - scsi: qla2xxx: Convert MAKE_HANDLE() from a define into an inline\n function (bsc#1157424).\n - scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).\n - scsi: qla2xxx: Correction to selection of loopback/echo test\n (bsc#1157424).\n - scsi: qla2xxx: Correctly retrieve and interpret active flash region\n (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Display message for FCE enabled (bsc#1157424).\n - scsi: qla2xxx: Fix FCP-SCSI FC4 flag passing error (bsc#1157424).\n - scsi: qla2xxx: Fix NPIV instantiation after FW dump (bsc#1157424).\n - scsi: qla2xxx: Fix RDP respond data format (bsc#1157424).\n - scsi: qla2xxx: Fix RDP response size (bsc#1157424).\n - scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).\n - scsi: qla2xxx: Fix a NULL pointer dereference in an error path\n (bsc#1157966 bsc#1158013 bsc#1157424).\n - scsi: qla2xxx: Fix control flags for login/logout IOCB (bsc#1157424).\n - scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).\n - scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB\n Cmd (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).\n - scsi: qla2xxx: Fix qla2x00_echo_test() based on ISP type (bsc#1157424).\n - scsi: qla2xxx: Fix sparse warning reported by kbuild bot (bsc#1157424).\n - scsi: qla2xxx: Fix sparse warnings triggered by the PCI state checking\n code (bsc#1157424).\n - scsi: qla2xxx: Fix stuck login session using prli_pend_timer\n (bsc#1158013).\n - scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).\n - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return\n type (bsc#1158013).\n - scsi: qla2xxx: Fix unbound NVME response length (bsc#1157966 bsc#1158013\n bsc#1157424).\n - scsi: qla2xxx: Fix update_fcport for current_topology (bsc#1158013).\n - scsi: qla2xxx: Force semaphore on flash validation failure (bsc#1157424).\n - scsi: qla2xxx: Handle NVME status iocb correctly (bsc#1157424).\n - scsi: qla2xxx: Handle cases for limiting RDP response payload length\n (bsc#1157424).\n - scsi: qla2xxx: Improve readability of the code that handles\n qla_flt_header (bsc#1158013).\n - scsi: qla2xxx: Improved secure flash support messages (bsc#1157424).\n - scsi: qla2xxx: Move free of fcport out of interrupt context\n (bsc#1157424).\n - scsi: qla2xxx: Print portname for logging in qla24xx_logio_entry()\n (bsc#1157424).\n - scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss\n (bsc#1158013).\n - scsi: qla2xxx: Remove restriction of FC T10-PI and FC-NVMe (bsc#1157424).\n - scsi: qla2xxx: Return appropriate failure through BSG Interface\n (bsc#1157424).\n - scsi: qla2xxx: Save rscn_gen for new fcport (bsc#1157424).\n - scsi: qla2xxx: Serialize fc_port alloc in N2N (bsc#1157424).\n - scsi: qla2xxx: Set Nport ID for N2N (bsc#1157424).\n - scsi: qla2xxx: Show correct port speed capabilities for RDP command\n (bsc#1157424).\n - scsi: qla2xxx: Simplify the code for aborting SCSI commands\n (bsc#1157424).\n - scsi: qla2xxx: Suppress endianness complaints in\n qla2x00_configure_local_loop() (bsc#1157424).\n - scsi: qla2xxx: Update BPM enablement semantics (bsc#1157424).\n - scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).\n - scsi: qla2xxx: Update driver version to 10.01.00.24-k (bsc#1157424).\n - scsi: qla2xxx: Update driver version to 10.01.00.25-k (bsc#1157424).\n - scsi: qla2xxx: Use FC generic update firmware options routine for\n ISP27xx (bsc#1157424).\n - scsi: qla2xxx: Use QLA_FW_STOPPED macro to propagate flag (bsc#1157424).\n - scsi: qla2xxx: Use a dedicated interrupt handler for\n 'handshake-required' ISPs (bsc#1157424).\n - scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).\n - scsi: qla2xxx: Use correct ISP28xx active FW region (bsc#1157424).\n - scsi: qla2xxx: Use endian macros to assign static fields in fwdump\n header (bsc#1157424).\n - scsi: qla2xxx: Use get_unaligned_*() instead of open-coding these\n functions (bsc#1158013).\n - scsi: qla2xxx: add more FW debug information (bsc#1157424).\n - scsi: qla2xxx: fix FW resource count values (bsc#1157424).\n - scsi: tcm_qla2xxx: Make qlt_alloc_qfull_cmd() set cmd-&gt;se_cmd.map_tag\n (bsc#1157424).\n - scsi: zfcp: trace channel log even for FCP command responses (git-fixes).\n - sctp: cache netns in sctp_ep_common (networking-stable-19_12_03).\n - sctp: free cmd-&gt;obj.chunk for the unprocessed SCTP_CMD_REPLY\n (networking-stable-20_01_11).\n - sctp: fully initialize v4 addr in some functions\n (networking-stable-19_12_28).\n - serial: 8250_bcm2835aux: Fix line mismatch on driver unbind\n (bsc#1051510).\n - serial: ifx6x60: add missed pm_runtime_disable (bsc#1051510).\n - serial: max310x: Fix tx_empty() callback (bsc#1051510).\n - serial: pl011: Fix DMA -&gt;flush_buffer() (bsc#1051510).\n - serial: serial_core: Perform NULL checks for break_ctl ops (bsc#1051510).\n - serial: stm32: fix transmit_chars when tx is stopped (bsc#1051510).\n - sfc: Only cancel the PPS workqueue if it exists\n (networking-stable-19_11_25).\n - sfc: Remove 'PCIE error reporting unavailable' (bsc#1161472).\n - sh_eth: TSU_QTAG0/1 registers the same as TSU_QTAGM0/1 (bsc#1051510).\n - sh_eth: check sh_eth_cpu_data::dual_port when dumping registers\n (bsc#1051510).\n - sh_eth: fix TSU init on SH7734/R8A7740 (bsc#1051510).\n - sh_eth: fix TXALCR1 offsets (bsc#1051510).\n - sh_eth: fix dumping ARSTR (bsc#1051510).\n - sh_eth: fix invalid context bug while calling auto-negotiation by\n ethtool (bsc#1051510).\n - sh_eth: fix invalid context bug while changing link options by ethtool\n (bsc#1051510).\n - smb3: Add defines for new information level, FileIdInformation\n (bsc#1144333).\n - smb3: Add missing reparse tags (bsc#1144333).\n - smb3: Fix regression in time handling (bsc#1144333).\n - smb3: add debug messages for closing unmatched open (bsc#1144333).\n - smb3: add dynamic tracepoints for flush and close (bsc#1144333).\n - smb3: add missing flag definitions (bsc#1144333).\n - smb3: add missing worker function for SMB3 change notify (bsc#1144333).\n - smb3: add mount option to allow RW caching of share accessed by only 1\n client (bsc#1144333).\n - smb3: add mount option to allow forced caching of read only share\n (bsc#1144333).\n - smb3: add one more dynamic tracepoint missing from strict fsync path\n (bsc#1144333).\n - smb3: add some more descriptive messages about share when mounting\n cache=ro (bsc#1144333).\n - smb3: allow decryption keys to be dumped by admin for debugging\n (bsc#1144333).\n - smb3: allow disabling requesting leases (bsc#1144333).\n - smb3: allow parallelizing decryption of reads (bsc#1144333).\n - smb3: allow skipping signature verification for perf sensitive\n configurations (bsc#1144333).\n - smb3: cleanup some recent endian errors spotted by updated sparse\n (bsc#1144333).\n - smb3: display max smb3 requests in flight at any one time (bsc#1144333).\n - smb3: dump in_send and num_waiters stats counters by default\n (bsc#1144333).\n - smb3: enable offload of decryption of large reads via mount option\n (bsc#1144333).\n - smb3: fix default permissions on new files when mounting with\n modefromsid (bsc#1144333).\n - smb3: fix mode passed in on create for modetosid mount option\n (bsc#1144333).\n - smb3: fix performance regression with setting mtime (bsc#1144333).\n - smb3: fix potential null dereference in decrypt offload (bsc#1144333).\n - smb3: fix problem with null cifs super block with previous patch\n (bsc#1144333).\n - smb3: fix refcount underflow warning on unmount when no directory leases\n (bsc#1144333).\n - smb3: improve check for when we send the security descriptor context on\n create (bsc#1144333).\n - smb3: log warning if CSC policy conflicts with cache mount option\n (bsc#1144333).\n - smb3: missing ACL related flags (bsc#1144333).\n - smb3: only offload decryption of read responses if multiple requests\n (bsc#1144333).\n - smb3: pass mode bits into create calls (bsc#1144333).\n - smb3: query attributes on file close (bsc#1144333).\n - smb3: remove confusing dmesg when mounting with encryption (&quot;seal&quot;)\n (bsc#1144333).\n - smb3: remove noisy debug message and minor cleanup (bsc#1144333).\n - smb3: remove unused flag passed into close functions (bsc#1144333).\n - soc/tegra: fuse: Correct straps' address for older Tegra124 device trees\n (bsc#1051510).\n - soc: renesas: rcar-sysc: Add goto to of_node_put() before return\n (bsc#1051510).\n - soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot (bsc#1051510).\n - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch\n (bsc#1051510).\n - spi: omap2-mcspi: Set FIFO DMA trigger level to word length\n (bsc#1051510).\n - spi: tegra114: clear packed bit for unpacked mode (bsc#1051510).\n - spi: tegra114: configure dma burst size to fifo trig level (bsc#1051510).\n - spi: tegra114: fix for unpacked mode transfers (bsc#1051510).\n - spi: tegra114: flush fifos (bsc#1051510).\n - spi: tegra114: terminate dma and reset on transfer timeout (bsc#1051510).\n - sr_vendor: support Beurer GL50 evo CD-on-a-chip devices (boo#1164632).\n - staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713\n (bsc#1051510).\n - staging: rtl8188eu: fix interface sanity check (bsc#1051510).\n - staging: rtl8192e: fix potential use after free (bsc#1051510).\n - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids\n (bsc#1051510).\n - staging: rtl8723bs: Drop ACPI device ids (bsc#1051510).\n - staging: vt6656: Fix false Tx excessive retries reporting (bsc#1051510).\n - staging: vt6656: correct packet types for CTS protect, mode\n (bsc#1051510).\n - staging: vt6656: use NULLFUCTION stack on mac80211 (bsc#1051510).\n - staging: wlan-ng: ensure error return is actually returned (bsc#1051510).\n - stm class: Fix a double free of stm_source_device (bsc#1051510).\n - stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock\n (bsc#1088810, bsc#1161702).\n - stop_machine: Atomically queue and wake stopper threads (bsc#1088810,\n bsc#1161702).\n - stop_machine: Disable preemption after queueing stopper threads\n (bsc#1088810, bsc#1161702).\n - stop_machine: Disable preemption when waking two stopper threads\n (bsc#1088810, bsc#1161702).\n - tcp: clear tp-&gt;data_segs{in|out} in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp-&gt;delivered in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp-&gt;packets_out when purging write queue (bsc#1160560).\n - tcp: clear tp-&gt;segs_{in|out} in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp-&gt;total_retrans in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: do not send empty skb from tcp_write_xmit()\n (networking-stable-20_01_01).\n - tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable\n 4.14.159).\n - tcp: fix &quot;old stuff&quot; D-SACK causing SACK to be treated as D-SACK\n (networking-stable-20_01_11).\n - tcp: fix marked lost packets not being retransmitted\n (networking-stable-20_01_20).\n - tcp: md5: fix potential overestimation of TCP option space\n (networking-stable-19_12_16).\n - tcp_bbr: improve arithmetic division in bbr_update_bw()\n (networking-stable-20_01_27).\n - thermal: Fix deadlock in thermal thermal_zone_device_check (bsc#1051510).\n - thunderbolt: Prevent crash if non-active NVMem file is read (git-fixes).\n - tipc: fix a missing check of genlmsg_put (bsc#1051510).\n - tipc: fix link name length check (bsc#1051510).\n - tipc: fix memory leak in tipc_nl_compat_publ_dump (bsc#1051510).\n - tipc: fix skb may be leaky in tipc_link_input (bsc#1051510).\n - tools lib traceevent: Do not free tep-&gt;cmdlines in add_new_comm() on\n failure (git-fixes).\n - tracing: Annotate ftrace_graph_hash pointer with __rcu (git-fixes).\n - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu\n (git-fixes).\n - tracing: Fix tracing_stat return values in error handling paths\n (git-fixes).\n - tracing: Fix very unlikely race of registering two stat tracers\n (git-fixes).\n - tracing: Have the histogram compare functions convert to u64 first\n (bsc#1160210).\n - tracing: xen: Ordered comparison of function pointers (git-fixes).\n - tty/serial: atmel: Add is_half_duplex helper (bsc#1051510).\n - tty: n_hdlc: fix build on SPARC (bsc#1051510).\n - tty: serial: msm_serial: Fix lockup for sysrq and oops (bsc#1051510).\n - tty: vt: keyboard: reject invalid keycodes (bsc#1051510).\n - ttyprintk: fix a potential deadlock in interrupt context issue\n (git-fixes).\n - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()\n (bsc#1109837).\n - uaccess: Add non-pagefault user-space write function (bsc#1083647).\n - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag\n (bsc#1163855).\n - ubifs: Fix deadlock in concurrent bulk-read and writepage (bsc#1163856).\n - ubifs: Reject unsupported ioctl flags explicitly (bsc#1163844).\n - ubifs: do not trigger assertion on invalid no-key filename (bsc#1163850).\n - udp: fix integer overflow while computing available space in sk_rcvbuf\n (networking-stable-20_01_01).\n - usb-storage: Disable UAS on JMicron SATA enclosure (bsc#1051510).\n - usb: Allow USB device to be warm reset in suspended state (bsc#1051510).\n - usb: chipidea: host: Disable port power only if previously enabled\n (bsc#1051510).\n - usb: core: hub: Improved device recognition on remote wakeup\n (bsc#1051510).\n - usb: core: urb: fix URB structure initialization function (bsc#1051510).\n - usb: dwc3: debugfs: Properly print/set link state for HS (bsc#1051510).\n - usb: dwc3: do not log probe deferrals; but do log other error codes\n (bsc#1051510).\n - usb: dwc3: ep0: Clear started flag on completion (bsc#1051510).\n - usb: dwc3: turn off VBUS when leaving host mode (bsc#1051510).\n - usb: gadget: Zero ffs_io_data (bsc#1051510).\n - usb: gadget: f_ecm: Use atomic_t to track in-flight request\n (bsc#1051510).\n - usb: gadget: f_ncm: Use atomic_t to track in-flight request\n (bsc#1051510).\n - usb: gadget: legacy: set max_speed to super-speed (bsc#1051510).\n - usb: gadget: pch_udc: fix use after free (bsc#1051510).\n - usb: gadget: u_serial: add missing port entry locking (bsc#1051510).\n - usb: host: xhci-hub: fix extra endianness conversion (bsc#1051510).\n - usb: mon: Fix a deadlock in usbmon between mmap and read (bsc#1051510).\n - usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler (bsc#1051510).\n - usb: musb: dma: Correct parameter passed to IRQ handler (bsc#1051510).\n - usb: musb: fix idling for suspend after disconnect interrupt\n (bsc#1051510).\n - usb: roles: fix a potential use after free (git-fixes).\n - usb: typec: tcpci: mask event interrupts when remove driver\n (bsc#1051510).\n - usb: xhci: Fix build warning seen with CONFIG_PM=n (bsc#1051510).\n - usb: xhci: only set D3hot for pci device (bsc#1051510).\n - usbip: Fix error path of vhci_recv_ret_submit() (git-fixes).\n - usbip: Fix receive error in vhci-hcd when using scatter-gather\n (bsc#1051510).\n - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit()\n (git-fixes).\n - vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1\n (bsc#1051510).\n - vhost/vsock: accept only packets with the right dst_cid\n (networking-stable-20_01_01).\n - video: backlight: Add devres versions of of_find_backlight (bsc#1090888)\n Taken for 6010831dde5.\n - video: backlight: Add of_find_backlight helper in backlight.c\n (bsc#1090888) Taken for 6010831dde5.\n - vlan: fix memory leak in vlan_dev_set_egress_priority\n (networking-stable-20_01_11).\n - vlan: vlan_changelink() should propagate errors\n (networking-stable-20_01_11).\n - vxlan: fix tos value before xmit (networking-stable-20_01_11).\n - watchdog: max77620_wdt: fix potential build errors (bsc#1051510).\n - watchdog: rn5t618_wdt: fix module aliases (bsc#1051510).\n - watchdog: sama5d4: fix WDD value to be always set to max (bsc#1051510).\n - watchdog: wdat_wdt: fix get_timeleft call for wdat_wdt (bsc#1162557).\n - wireless: fix enabling channel 12 for custom regulatory domain\n (bsc#1051510).\n - wireless: wext: avoid gcc -O3 warning (bsc#1051510).\n - workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).\n - x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks\n (bsc#1114279).\n - x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure()\n (bsc#1114279).\n - x86/amd_nb: Add PCI device IDs for family 17h, model 70h (bsc#1163206).\n - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR\n (bsc#1162619).\n - x86/intel_rdt: Split resource group removal in two (bsc#1112178).\n - x86/intel_rdt: Split resource group removal in two (bsc#1112178).\n - x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI (bsc#1114279).\n - x86/mce/AMD: Allow any CPU to initialize the smca_banks array\n (bsc#1114279).\n - x86/mce: Fix possibly incorrect severity calculation on AMD\n (bsc#1114279).\n - x86/resctrl: Check monitoring static key in the MBM overflow handler\n (bsc#1114279).\n - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178).\n - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178).\n - x86/resctrl: Fix an imbalance in domain_remove_cpu() (bsc#1114279).\n - x86/resctrl: Fix potential memory leak (bsc#1114279).\n - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup\n (bsc#1112178).\n - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup\n (bsc#1112178).\n - x86/resctrl: Fix use-after-free when deleting resource groups\n (bsc#1114279).\n - x86/speculation: Fix incorrect MDS/TAA mitigation status (bsc#1114279).\n - x86/speculation: Fix redundant MDS mitigation message (bsc#1114279).\n - xen-blkfront: switch kcalloc to kvcalloc for large array allocation\n (bsc#1160917).\n - xen/balloon: Support xend-based toolstack take two (bsc#1065600).\n - xen/blkback: Avoid unmapping unmapped grant pages (bsc#1065600).\n - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk (bsc#1065600).\n - xen: Enable interrupts when calling _cond_resched() (bsc#1065600).\n - xfrm: Fix transport mode skb control buffer usage (bsc#1161552).\n - xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1161087,\n bsc#1153917).\n - xhci: Fix memory leak in xhci_add_in_port() (bsc#1051510).\n - xhci: Increase STS_HALT timeout in xhci_suspend() (bsc#1051510).\n - xhci: fix USB3 device initiated resume race with roothub autosuspend\n (bsc#1051510).\n - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour\n (bsc#1051510).\n - xhci: make sure interrupts are restored to correct state (bsc#1051510).\n - zd1211rw: fix storage endpoint lookup (git-fixes).\n\n", "modified": "2020-03-13T12:59:33", "published": "2020-03-13T12:59:33", "id": "OPENSUSE-SU-2020:0336-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html", "title": "Security update for the Linux Kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-01-18T14:43:34", "bulletinFamily": "unix", "description": "Package : linux\nVersion : 3.16.81-1\nCVE ID : CVE-2019-2215 CVE-2019-10220 CVE-2019-14895 CVE-2019-14896\n CVE-2019-14897 CVE-2019-14901 CVE-2019-15098 CVE-2019-15217\n CVE-2019-15291 CVE-2019-15505 CVE-2019-16746 CVE-2019-17052\n CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056\n CVE-2019-17133 CVE-2019-17666 CVE-2019-19051 CVE-2019-19052\n CVE-2019-19056 CVE-2019-19057 CVE-2019-19062 CVE-2019-19066\n CVE-2019-19227 CVE-2019-19332 CVE-2019-19523 CVE-2019-19524\n CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532\n CVE-2019-19533 CVE-2019-19534 CVE-2019-19536 CVE-2019-19537\n CVE-2019-19767 CVE-2019-19922 CVE-2019-19947 CVE-2019-19965\n CVE-2019-19966\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleak.\n\nCVE-2019-2215\n\n The syzkaller tool discovered a use-after-free vulnerability in\n the Android binder driver. A local user on a system with this\n driver enabled could use this to cause a denial of service (memory\n corruption or crash) or possibly for privilege escalation.\n However, this driver is not enabled on Debian packaged kernels.\n\nCVE-2019-10220\n\n Various developers and researchers found that if a crafted file-\n system or malicious file server presented a directory with\n filenames including a &#x27;/&#x27; character, this could confuse and\n possibly defeat security checks in applications that read the\n directory.\n\n The kernel will now return an error when reading such a directory,\n rather than passing the invalid filenames on to user-space.\n\nCVE-2019-14895, CVE-2019-14901\n\n ADLab of Venustech discovered potential heap buffer overflows in\n the mwifiex wifi driver. On systems using this driver, a\n malicious Wireless Access Point or adhoc/P2P peer could use these\n to cause a denial of service (memory corruption or crash) or\n possibly for remote code execution.\n\nCVE-2019-14896, CVE-2019-14897\n\n ADLab of Venustech discovered potential heap and stack buffer\n overflows in the libertas wifi driver. On systems using this\n driver, a malicious Wireless Access Point or adhoc/P2P peer could\n use these to cause a denial of service (memory corruption or\n crash) or possibly for remote code execution.\n\nCVE-2019-15098\n\n Hui Peng and Mathias Payer reported that the ath6kl wifi driver\n did not properly validate USB descriptors, which could lead to a\n null pointer derefernce. An attacker able to add USB devices\n could use this to cause a denial of service (BUG/oops).\n\nCVE-2019-15217\n\n The syzkaller tool discovered that the zr364xx mdia driver did not\n correctly handle devices without a product name string, which\n could lead to a null pointer dereference. An attacker able to add\n USB devices could use this to cause a denial of service\n (BUG/oops).\n\nCVE-2019-15291\n\n The syzkaller tool discovered that the b2c2-flexcop-usb media\n driver did not properly validate USB descriptors, which could lead\n to a null pointer dereference. An attacker able to add USB\n devices could use this to cause a denial of service (BUG/oops).\n\nCVE-2019-15505\n\n The syzkaller tool discovered that the technisat-usb2 media driver\n did not properly validate incoming IR packets, which could lead to\n a heap buffer over-read. An attacker able to add USB devices\n could use this to cause a denial of service (BUG/oops) or to read\n sensitive information from kernel memory.\n\nCVE-2019-16746\n\n It was discovered that the wifi stack did not validate the content\n of beacon heads provided by user-space for use on a wifi interface\n in Access Point mode, which could lead to a heap buffer overflow.\n A local user permitted to configure a wifi interface could use\n this to cause a denial of service (memory corruption or crash) or\n possibly for privilege escalation.\n\nCVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, \nCVE-2019-17056\n\n Ori Nimron reported that various network protocol implementations\n - AX.25, IEEE 802.15.4, Appletalk, ISDN, and NFC - allowed all\n users to create raw sockets. A local user could use this to send\n arbitrary packets on networks using those protocols.\n\nCVE-2019-17133\n\n Nicholas Waisman reported that the wifi stack did not valdiate\n received SSID information before copying it, which could lead to a\n buffer overflow if it is not validated by the driver or firmware.\n A malicious Wireless Access Point might be able to use this to\n cause a denial of service (memory corruption or crash) or for\n remote code execution.\n\nCVE-2019-17666\n\n Nicholas Waisman reported that the rtlwifi wifi drivers did not\n properly validate received P2P information, leading to a buffer\n overflow. A malicious P2P peer could use this to cause a denial\n of service (memory corruption or crash) or for remote code\n execution.\n\nCVE-2019-19051\n\n Navid Emamdoost discovered a potential memory leak in the i2400m\n wimax driver if the software rfkill operation fails. The security\n impact of this is unclear.\n\nCVE-2019-19052\n\n Navid Emamdoost discovered a potential memory leak in the gs_usb\n CAN driver if the open (interface-up) operation fails. The\n security impact of this is unclear.\n\nCVE-2019-19056, CVE-2019-19057\n\n Navid Emamdoost discovered potential memory leaks in the mwifiex\n wifi driver if the probe operation fails. The security impact of\n this is unclear.\n\nCVE-2019-19062\n\n Navid Emamdoost discovered a potential memory leak in the AF_ALG\n subsystem if the CRYPTO_MSG_GETALG operation fails. A local user\n could possibly use this to cause a denial of service (memory\n exhaustion).\n\nCVE-2019-19066\n\n Navid Emamdoost discovered a potential memory leak in the bfa SCSI\n driver if the get_fc_host_stats operation fails. The security\n impact of this is unclear.\n\nCVE-2019-19227\n\n Dan Carpenter reported missing error checks in the Appletalk\n protocol implementation that could lead to a null pointer\n dereference. The security impact of this is unclear.\n\nCVE-2019-19332\n\n The syzkaller tool discovered a missing bounds check in the KVM\n implementation for x86, which could lead to a heap buffer overflow.\n A local user permitted to use KVM could use this to cause a denial\n of service (memory corruption or crash) or possibly for privilege\n escalation.\n\nCVE-2019-19523\n\n The syzkaller tool discovered a use-after-free bug in the adutux\n USB driver. An attacker able to add and remove USB devices could\n use this to cause a denial of service (memory corruption or crash)\n or possibly for privilege escalation.\n\nCVE-2019-19524\n\n The syzkaller tool discovered a race condition in the ff-memless\n library used by input drivers. An attacker able to add and remove\n USB devices could use this to cause a denial of service (memory\n corruption or crash) or possibly for privilege escalation.\n\nCVE-2019-19527\n\n The syzkaller tool discovered that the hiddev driver did not\n correctly handle races between a task opening the device and\n disconnection of the underlying hardware. A local user permitted\n to access hiddev devices, and able to add and remove USB devices,\n could use this to cause a denial of service (memory corruption or\n crash) or possibly for privilege escalation.\n\nCVE-2019-19530\n\n The syzkaller tool discovered a potential use-after-free in the\n cdc-acm network driver. An attacker able to add USB devices could\n use this to cause a denial of service (memory corruption or crash)\n or possibly for privilege escalation.\n\nCVE-2019-19531\n\n The syzkaller tool discovered a use-after-free bug in the yurex\n USB driver. An attacker able to add and remove USB devices could\n use this to cause a denial of service (memory corruption or crash)\n or possibly for privilege escalation.\n\nCVE-2019-19532\n\n The syzkaller tool discovered a potential heap buffer overflow in\n the hid-gaff input driver, which was also found to exist in many\n other input drivers. An attacker able to add USB devices could\n use this to cause a denial of service (memory corruption or crash)\n or possibly for privilege escalation.\n\nCVE-2019-19533\n\n The syzkaller tool discovered that the ttusb-dec media driver was\n missing initialisation of a structure, which could leak sensitive\n information from kernel memory.\n\nCVE-2019-19534, CVE-2019-19536\n\n The syzkaller tool discovered that the peak_usb CAN driver was\n missing initialisation of some structures, which could leak\n sensitive information from kernel memory.\n\nCVE-2019-19537\n\n The syzkaller tool discovered race conditions in the USB stack,\n involving character device registration. An attacker able to add\n USB devices could use this to cause a denial of service (memory\n corruption or crash) or possibly for privilege escalation.\n\nCVE-2019-19767\n\n The syzkaller tool discovered that crafted ext4 volumes could\n trigger a buffer overflow in the ext4 filesystem driver. An\n attacker able to mount such a volume could use this to cause a\n denial of service (memory corruption or crash) or possibly for\n privilege escalation.\n\nCVE-2019-19922\n\n It was discovered that a change in Linux 3.16.61, &quot;sched/fair: Fix\n bandwidth timer clock drift condition&quot;, could lead to tasks being\n throttled before using their full quota of CPU time. A local\n user could use this bug to slow down other users&#x27; tasks. This\n change has been reverted.\n\nCVE-2019-19947\n\n It was discovered that the kvaser_usb CAN driver was missing\n initialisation of some structures, which could leak sensitive\n information from kernel memory.\n\nCVE-2019-19965\n\n Gao Chuan reported a race condition in the libsas library used by\n SCSI host drivers, which could lead to a null pointer dereference.\n An attacker able to add and remove SCSI devices could use this to\n cause a denial of service (BUG/oops).\n\nCVE-2019-19966\n\n The syzkaller tool discovered a missing error check in the cpia2\n media driver, which could lead to a use-after-free. An attacker\n able to add USB devices could use this to cause a denial of\n service (memory corruption or crash) or possibly for privilege\n escalation.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n3.16.81-1.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nBen Hutchings - Debian developer, member of kernel, installer and LTS teams\n", "modified": "2020-01-18T04:38:43", "published": "2020-01-18T04:38:43", "id": "DEBIAN:DLA-2068-1:83234", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202001/msg00013.html", "title": "[SECURITY] [DLA 2068-1] linux security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}