SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)

2020-07-09T00:00:00

Description

The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). CVE-2020-9383: Fixed an out-of-bounds read due to improper error condition check of FDC index (bsc#1165111). CVE-2020-8992: Fixed an issue which could have allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069). CVE-2020-8834: Fixed a stack corruption which could have lead to kernel panic (bsc#1168276). CVE-2020-8649: Fixed a use-after-free in the vgacon_invert_region function in drivers/video/console/vgacon.c (bsc#1162931). CVE-2020-8648: Fixed a use-after-free in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928). CVE-2020-8647: Fixed a use-after-free in the vc_do_resize function in drivers/tty/vt/vt.c (bsc#1162929). CVE-2020-8428: Fixed a use-after-free which could have allowed local users to cause a denial of service (bsc#1162109). CVE-2020-7053: Fixed a use-after-free in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c (bsc#1160966). CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971). CVE-2020-13143: Fixed an out-of-bounds read in gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c (bsc#1171982). CVE-2020-12769: Fixed an issue which could have allowed attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one (bsc#1171983). CVE-2020-12657: An a use-after-free in block/bfq-iosched.c (bsc#1171205). CVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219). CVE-2020-12655: Fixed an issue which could have allowed attackers to trigger a sync of excessive duration via an XFS v5 image with crafted metadata (bsc#1171217). CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202). CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195). CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218). CVE-2020-12464: Fixed a use-after-free due to a transfer without a reference (bsc#1170901). CVE-2020-12114: Fixed a pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098). CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390). CVE-2020-11609: Fixed a NULL pointer dereference due to improper handling of descriptors (bsc#1168854). CVE-2020-11608: Fixed a NULL pointer dereferences via a crafted USB (bsc#1168829). CVE-2020-11494: Fixed an issue which could have allowed attackers to read uninitialized can_frame data (bsc#1168424). CVE-2020-10942: Fixed a kernel stack corruption via crafted system calls (bsc#1167629). CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317). CVE-2020-10751: Fixed an improper implementation in SELinux LSM hook where it was assumed that an skb would only contain a single netlink message (bsc#1171189). CVE-2020-10732: Fixed kernel data leak in userspace coredumps due to uninitialized data (bsc#1171220). CVE-2020-10720: Fixed a use-after-free read in napi_gro_frags() (bsc#1170778). CVE-2020-10711: Fixed a NULL pointer dereference in SELinux subsystem which could have allowed a remote network user to crash the kernel resulting in a denial of service (bsc#1171191). CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056). CVE-2019-9458: Fixed a use after free due to a race condition which could have led to privilege escalation of privilege (bsc#1168295). CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a video driver. This could lead to local information disclosure with System execution privileges needed (bsc#1170345). CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bsc#1120386). CVE-2019-20812: Fixed an issue in prb_calc_retire_blk_tmo() which could have resulted in a denial of service (bsc#1172453). CVE-2019-20810: Fixed a memory leak in due to not calling of snd_card_free (bsc#1172458). CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which could have caused denial of service (bsc#1159908). CVE-2019-20095: Fixed an improper error-handling cases that did not free allocated hostcmd memory which was causing memory leak (bsc#1159909). CVE-2019-20054: Fixed a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links (bsc#1159910). CVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could have caused denial of service (bsc#1159841). CVE-2019-19965: Fixed a NULL pointer dereference, due to mishandling of port disconnection during discovery (bsc#1159911). CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198). CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bsc#1159285). CVE-2019-19462: Fixed an issue which could have allowed local user to cause denial of service (bsc#1158265). CVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem image (bsc#1158819). CVE-2019-19319: Fixed a user after free when a large old_size value is used in a memset call (bsc#1158021). CVE-2019-19318: Fixed a use after free via a crafted btrfs image (bsc#1158026). CVE-2019-19054: Fixed a memory leak in the cx23888_ir_probe() which could have allowed attackers to cause a denial of service (bsc#1161518). CVE-2019-19045: Fixed a memory leak in which could have allowed attackers to cause a denial of service (bsc#1161522). CVE-2019-19036: Fixed a NULL pointer dereference in btrfs_root_node (bsc#1157692). CVE-2019-16994: Fixed a memory leak which might have caused denial of service (bsc#1161523). CVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver (bsc#1157155). CVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver (bsc#1157157). CVE-2019-14615: Fixed an improper control flow in certain data structures which could have led to information disclosure (bsc#1160195). CVE-2018-1000199: Fixed a potential local code execution via ptrace (bsc#1089895). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "SUSE_SU-2020-1663-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)", "description": "The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).\n\nCVE-2020-9383: Fixed an out-of-bounds read due to improper error condition check of FDC index (bsc#1165111).\n\nCVE-2020-8992: Fixed an issue which could have allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069).\n\nCVE-2020-8834: Fixed a stack corruption which could have lead to kernel panic (bsc#1168276).\n\nCVE-2020-8649: Fixed a use-after-free in the vgacon_invert_region function in drivers/video/console/vgacon.c (bsc#1162931).\n\nCVE-2020-8648: Fixed a use-after-free in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).\n\nCVE-2020-8647: Fixed a use-after-free in the vc_do_resize function in drivers/tty/vt/vt.c (bsc#1162929).\n\nCVE-2020-8428: Fixed a use-after-free which could have allowed local users to cause a denial of service (bsc#1162109).\n\nCVE-2020-7053: Fixed a use-after-free in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c (bsc#1160966).\n\nCVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).\n\nCVE-2020-13143: Fixed an out-of-bounds read in gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c (bsc#1171982).\n\nCVE-2020-12769: Fixed an issue which could have allowed attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one (bsc#1171983).\n\nCVE-2020-12657: An a use-after-free in block/bfq-iosched.c (bsc#1171205).\n\nCVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219).\n\nCVE-2020-12655: Fixed an issue which could have allowed attackers to trigger a sync of excessive duration via an XFS v5 image with crafted metadata (bsc#1171217).\n\nCVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).\n\nCVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).\n\nCVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).\n\nCVE-2020-12464: Fixed a use-after-free due to a transfer without a reference (bsc#1170901).\n\nCVE-2020-12114: Fixed a pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-11609: Fixed a NULL pointer dereference due to improper handling of descriptors (bsc#1168854).\n\nCVE-2020-11608: Fixed a NULL pointer dereferences via a crafted USB (bsc#1168829).\n\nCVE-2020-11494: Fixed an issue which could have allowed attackers to read uninitialized can_frame data (bsc#1168424).\n\nCVE-2020-10942: Fixed a kernel stack corruption via crafted system calls (bsc#1167629).\n\nCVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317).\n\nCVE-2020-10751: Fixed an improper implementation in SELinux LSM hook where it was assumed that an skb would only contain a single netlink message (bsc#1171189).\n\nCVE-2020-10732: Fixed kernel data leak in userspace coredumps due to uninitialized data (bsc#1171220).\n\nCVE-2020-10720: Fixed a use-after-free read in napi_gro_frags() (bsc#1170778).\n\nCVE-2020-10711: Fixed a NULL pointer dereference in SELinux subsystem which could have allowed a remote network user to crash the kernel resulting in a denial of service (bsc#1171191).\n\nCVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).\n\nCVE-2019-9458: Fixed a use after free due to a race condition which could have led to privilege escalation of privilege (bsc#1168295).\n\nCVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a video driver. This could lead to local information disclosure with System execution privileges needed (bsc#1170345).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bsc#1120386).\n\nCVE-2019-20812: Fixed an issue in prb_calc_retire_blk_tmo() which could have resulted in a denial of service (bsc#1172453).\n\nCVE-2019-20810: Fixed a memory leak in due to not calling of snd_card_free (bsc#1172458).\n\nCVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which could have caused denial of service (bsc#1159908).\n\nCVE-2019-20095: Fixed an improper error-handling cases that did not free allocated hostcmd memory which was causing memory leak (bsc#1159909).\n\nCVE-2019-20054: Fixed a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links (bsc#1159910).\n\nCVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could have caused denial of service (bsc#1159841).\n\nCVE-2019-19965: Fixed a NULL pointer dereference, due to mishandling of port disconnection during discovery (bsc#1159911).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bsc#1159285).\n\nCVE-2019-19462: Fixed an issue which could have allowed local user to cause denial of service (bsc#1158265).\n\nCVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem image (bsc#1158819).\n\nCVE-2019-19319: Fixed a user after free when a large old_size value is used in a memset call (bsc#1158021).\n\nCVE-2019-19318: Fixed a use after free via a crafted btrfs image (bsc#1158026).\n\nCVE-2019-19054: Fixed a memory leak in the cx23888_ir_probe() which could have allowed attackers to cause a denial of service (bsc#1161518).\n\nCVE-2019-19045: Fixed a memory leak in which could have allowed attackers to cause a denial of service (bsc#1161522).\n\nCVE-2019-19036: Fixed a NULL pointer dereference in btrfs_root_node (bsc#1157692).\n\nCVE-2019-16994: Fixed a memory leak which might have caused denial of service (bsc#1161523).\n\nCVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver (bsc#1157155).\n\nCVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver (bsc#1157157).\n\nCVE-2019-14615: Fixed an improper control flow in certain data structures which could have led to information disclosure (bsc#1160195).\n\nCVE-2018-1000199: Fixed a potential local code execution via ptrace (bsc#1089895).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2020-07-09T00:00:00", "modified": "2021-01-13T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/138272", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=1157692", "https://bugzilla.suse.com/show_bug.cgi?id=1164078", "https://www.suse.com/security/cve/CVE-2019-3701/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19447", "https://www.suse.com/security/cve/CVE-2020-11494/", "https://bugzilla.suse.com/show_bug.cgi?id=1171220", "https://www.suse.com/security/cve/CVE-2020-2732/", "https://bugzilla.suse.com/show_bug.cgi?id=1164069", "https://bugzilla.suse.com/show_bug.cgi?id=1171098", "https://www.suse.com/security/cve/CVE-2019-19318/", "https://bugzilla.suse.com/show_bug.cgi?id=1167423", "https://bugzilla.suse.com/show_bug.cgi?id=1162931", "https://bugzilla.suse.com/show_bug.cgi?id=1161087", "https://bugzilla.suse.com/show_bug.cgi?id=1164733", "https://bugzilla.suse.com/show_bug.cgi?id=1156286", "https://www.suse.com/security/cve/CVE-2020-12652/", "https://bugzilla.suse.com/show_bug.cgi?id=1168295", "https://bugzilla.suse.com/show_bug.cgi?id=1170778", "https://bugzilla.suse.com/show_bug.cgi?id=1171202", "https://bugzilla.suse.com/show_bug.cgi?id=1151910", "https://www.suse.com/security/cve/CVE-2019-14615/", "https://bugzilla.suse.com/show_bug.cgi?id=1168829", "https://www.suse.com/security/cve/CVE-2020-12657/", "https://www.suse.com/security/cve/CVE-2019-19966/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000199", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751", "https://bugzilla.suse.com/show_bug.cgi?id=1161937", "https://www.suse.com/security/cve/CVE-2019-20096/", "https://bugzilla.suse.com/show_bug.cgi?id=1159028", "https://bugzilla.suse.com/show_bug.cgi?id=1171982", "https://bugzilla.suse.com/show_bug.cgi?id=1160476", "https://bugzilla.suse.com/show_bug.cgi?id=1157155", "https://bugzilla.suse.com/show_bug.cgi?id=1161674", "https://bugzilla.suse.com/show_bug.cgi?id=1061840", "https://bugzilla.suse.com/show_bug.cgi?id=1165984", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7053", "https://www.suse.com/security/cve/CVE-2020-10757/", "https://bugzilla.suse.com/show_bug.cgi?id=1164734", "https://bugzilla.suse.com/show_bug.cgi?id=1171983", "https://bugzilla.suse.com/show_bug.cgi?id=1162928", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2732", "https://bugzilla.suse.com/show_bug.cgi?id=1161514", "https://www.suse.com/security/cve/CVE-2019-20810/", "https://www.suse.com/security/cve/CVE-2019-9458/", "https://bugzilla.suse.com/show_bug.cgi?id=1161935", "https://bugzilla.suse.com/show_bug.cgi?id=1162139", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12464", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12114", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11609", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13143", "https://bugzilla.suse.com/show_bug.cgi?id=1086314", "https://bugzilla.suse.com/show_bug.cgi?id=1160787", "http://www.nessus.org/u?37205986", "https://www.suse.com/security/cve/CVE-2020-12114/", "https://bugzilla.suse.com/show_bug.cgi?id=1154243", "https://bugzilla.suse.com/show_bug.cgi?id=1172453", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16994", "https://www.suse.com/security/cve/CVE-2020-13143/", "https://bugzilla.suse.com/show_bug.cgi?id=1169625", "https://bugzilla.suse.com/show_bug.cgi?id=1171205", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543", "https://bugzilla.suse.com/show_bug.cgi?id=1171217", "https://bugzilla.suse.com/show_bug.cgi?id=1171219", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8647", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9458", "https://www.suse.com/security/cve/CVE-2020-12769/", "https://bugzilla.suse.com/show_bug.cgi?id=1162067", "https://bugzilla.suse.com/show_bug.cgi?id=1161552", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770", "https://bugzilla.suse.com/show_bug.cgi?id=1159483", "https://bugzilla.suse.com/show_bug.cgi?id=1157157", "https://bugzilla.suse.com/show_bug.cgi?id=1159909", "https://bugzilla.suse.com/show_bug.cgi?id=1065600", "https://bugzilla.suse.com/show_bug.cgi?id=1160433", "https://bugzilla.suse.com/show_bug.cgi?id=1134973", "https://www.suse.com/security/cve/CVE-2019-14897/", "https://bugzilla.suse.com/show_bug.cgi?id=1160560", "https://bugzilla.suse.com/show_bug.cgi?id=1171689", "https://bugzilla.suse.com/show_bug.cgi?id=1163971", "https://bugzilla.suse.com/show_bug.cgi?id=1114279", "https://www.suse.com/security/cve/CVE-2020-10711/", "https://bugzilla.suse.com/show_bug.cgi?id=1159910", "https://bugzilla.suse.com/show_bug.cgi?id=1160195", "https://bugzilla.suse.com/show_bug.cgi?id=1160218", "https://bugzilla.suse.com/show_bug.cgi?id=1168424", "https://bugzilla.suse.com/show_bug.cgi?id=1171218", "https://www.suse.com/security/cve/CVE-2020-8647/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10690", "https://bugzilla.suse.com/show_bug.cgi?id=1168670", "https://bugzilla.suse.com/show_bug.cgi?id=1161555", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19966", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19319", "https://www.suse.com/security/cve/CVE-2019-16994/", "https://bugzilla.suse.com/show_bug.cgi?id=1161951", "https://bugzilla.suse.com/show_bug.cgi?id=1170345", "https://bugzilla.suse.com/show_bug.cgi?id=1172458", "https://bugzilla.suse.com/show_bug.cgi?id=1169514", "https://bugzilla.suse.com/show_bug.cgi?id=1161549", "https://www.suse.com/security/cve/CVE-2019-20054/", "https://bugzilla.suse.com/show_bug.cgi?id=1168075", "https://bugzilla.suse.com/show_bug.cgi?id=1159394", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8428", "https://bugzilla.suse.com/show_bug.cgi?id=1170617", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8649", "https://bugzilla.suse.com/show_bug.cgi?id=1065729", "https://www.suse.com/security/cve/CVE-2020-12653/", "https://www.suse.com/security/cve/CVE-2020-10751/", "https://www.suse.com/security/cve/CVE-2019-19965/", "https://bugzilla.suse.com/show_bug.cgi?id=1164051", "https://bugzilla.suse.com/show_bug.cgi?id=1159285", "https://www.suse.com/security/cve/CVE-2020-8428/", "https://www.suse.com/security/cve/CVE-2020-12655/", "https://www.suse.com/security/cve/CVE-2019-19045/", "https://bugzilla.suse.com/show_bug.cgi?id=1159198", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11669", "https://bugzilla.suse.com/show_bug.cgi?id=1162929", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8648", "https://www.suse.com/security/cve/CVE-2019-19768/", "https://bugzilla.suse.com/show_bug.cgi?id=1161933", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19318", "https://www.suse.com/security/cve/CVE-2019-19036/", "https://bugzilla.suse.com/show_bug.cgi?id=1120386", "https://bugzilla.suse.com/show_bug.cgi?id=1089895", "https://www.suse.com/security/cve/CVE-2019-19462/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19036", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9383", "https://bugzilla.suse.com/show_bug.cgi?id=1165741", "https://bugzilla.suse.com/show_bug.cgi?id=1160917", "https://bugzilla.suse.com/show_bug.cgi?id=1160756", "https://bugzilla.suse.com/show_bug.cgi?id=1165873", "https://bugzilla.suse.com/show_bug.cgi?id=1160804", "https://bugzilla.suse.com/show_bug.cgi?id=1159588", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14897", "https://bugzilla.suse.com/show_bug.cgi?id=1086313", "https://bugzilla.suse.com/show_bug.cgi?id=1161518", "https://bugzilla.suse.com/show_bug.cgi?id=1164727", "https://bugzilla.suse.com/show_bug.cgi?id=1164735", "https://bugzilla.suse.com/show_bug.cgi?id=1169390", "https://www.suse.com/security/cve/CVE-2020-8649/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11494", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11608", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12655", "https://bugzilla.suse.com/show_bug.cgi?id=1051510", "https://bugzilla.suse.com/show_bug.cgi?id=1164730", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12654", "https://bugzilla.suse.com/show_bug.cgi?id=1071995", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12652", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19965", "https://bugzilla.suse.com/show_bug.cgi?id=1158026", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711", "https://bugzilla.suse.com/show_bug.cgi?id=1158265", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10732", "https://bugzilla.suse.com/show_bug.cgi?id=1144333", "https://bugzilla.suse.com/show_bug.cgi?id=1172317", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20096", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19054", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8834", "https://bugzilla.suse.com/show_bug.cgi?id=1161931", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12653", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19462", "https://bugzilla.suse.com/show_bug.cgi?id=1143959", "https://bugzilla.suse.com/show_bug.cgi?id=1165881", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20810", "https://bugzilla.suse.com/show_bug.cgi?id=1050244", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8992", "https://www.suse.com/security/cve/CVE-2020-0543/", "https://bugzilla.suse.com/show_bug.cgi?id=1159911", "https://bugzilla.suse.com/show_bug.cgi?id=1160211", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10757", "https://bugzilla.suse.com/show_bug.cgi?id=1109911", "https://www.suse.com/security/cve/CVE-2020-11609/", "https://www.suse.com/security/cve/CVE-2019-19770/", "https://bugzilla.suse.com/show_bug.cgi?id=1167629", "https://www.suse.com/security/cve/CVE-2020-10732/", "https://bugzilla.suse.com/show_bug.cgi?id=1159908", "https://www.suse.com/security/cve/CVE-2020-10690/", "https://www.suse.com/security/cve/CVE-2020-12656/", "https://www.suse.com/security/cve/CVE-2019-19054/", "https://www.suse.com/security/cve/CVE-2019-19319/", "https://bugzilla.suse.com/show_bug.cgi?id=1159841", "https://bugzilla.suse.com/show_bug.cgi?id=1164728", "https://bugzilla.suse.com/show_bug.cgi?id=1160966", "https://bugzilla.suse.com/show_bug.cgi?id=1165111", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12657", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10720", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19045", "https://bugzilla.suse.com/show_bug.cgi?id=1085030", "https://www.suse.com/security/cve/CVE-2019-20812/", "https://bugzilla.suse.com/show_bug.cgi?id=1159271", "https://www.suse.com/security/cve/CVE-2020-11669/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20812", "https://bugzilla.suse.com/show_bug.cgi?id=1160803", "https://bugzilla.suse.com/show_bug.cgi?id=1160210", "https://bugzilla.suse.com/show_bug.cgi?id=1171191", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20095", "https://bugzilla.suse.com/show_bug.cgi?id=1158013", "https://bugzilla.suse.com/show_bug.cgi?id=1158021", "https://bugzilla.suse.com/show_bug.cgi?id=1171189", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9455", "https://bugzilla.suse.com/show_bug.cgi?id=1161936", "https://bugzilla.suse.com/show_bug.cgi?id=1166969", "https://bugzilla.suse.com/show_bug.cgi?id=1151927", "https://bugzilla.suse.com/show_bug.cgi?id=1118338", "https://bugzilla.suse.com/show_bug.cgi?id=1167421", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12769", "https://bugzilla.suse.com/show_bug.cgi?id=1159484", "https://bugzilla.suse.com/show_bug.cgi?id=1058115", "https://bugzilla.suse.com/show_bug.cgi?id=1164871", "https://bugzilla.suse.com/show_bug.cgi?id=1164705", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14896", "https://www.suse.com/security/cve/CVE-2020-8834/", "https://bugzilla.suse.com/show_bug.cgi?id=1160784", "https://bugzilla.suse.com/show_bug.cgi?id=1170621", "https://bugzilla.suse.com/show_bug.cgi?id=1161934", "https://www.suse.com/security/cve/CVE-2020-10942/", "https://www.suse.com/security/cve/CVE-2019-9455/", "https://www.suse.com/security/cve/CVE-2020-12464/", "https://bugzilla.suse.com/show_bug.cgi?id=1160755", "https://bugzilla.suse.com/show_bug.cgi?id=1171195", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12656", "https://bugzilla.suse.com/show_bug.cgi?id=1159955", "https://bugzilla.suse.com/show_bug.cgi?id=1158819", "https://bugzilla.suse.com/show_bug.cgi?id=1086301", "https://www.suse.com/security/cve/CVE-2020-7053/", "https://bugzilla.suse.com/show_bug.cgi?id=1170618", "https://bugzilla.suse.com/show_bug.cgi?id=1164732", "https://www.suse.com/security/cve/CVE-2020-8992/", "https://bugzilla.suse.com/show_bug.cgi?id=1160802", "https://www.suse.com/security/cve/CVE-2019-20095/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19768", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20054", "https://www.suse.com/security/cve/CVE-2018-1000199/", "https://www.suse.com/security/cve/CVE-2019-14896/", "https://bugzilla.suse.com/show_bug.cgi?id=1164729", "https://bugzilla.suse.com/show_bug.cgi?id=1170901", "https://bugzilla.suse.com/show_bug.cgi?id=1168854", "https://www.suse.com/security/cve/CVE-2019-19447/", "https://bugzilla.suse.com/show_bug.cgi?id=1160442", "https://www.suse.com/security/cve/CVE-2020-11608/", "https://bugzilla.suse.com/show_bug.cgi?id=1153917", "https://bugzilla.suse.com/show_bug.cgi?id=1161522", "https://bugzilla.suse.com/show_bug.cgi?id=1162109", "https://bugzilla.suse.com/show_bug.cgi?id=1165985", "https://bugzilla.suse.com/show_bug.cgi?id=1172221", "https://bugzilla.suse.com/show_bug.cgi?id=1161523", "https://bugzilla.suse.com/show_bug.cgi?id=1168276", "https://www.suse.com/security/cve/CVE-2020-9383/", "https://bugzilla.suse.com/show_bug.cgi?id=1154824", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942", "https://www.suse.com/security/cve/CVE-2020-8648/", "https://bugzilla.suse.com/show_bug.cgi?id=1051858", "https://www.suse.com/security/cve/CVE-2020-12654/", "https://bugzilla.suse.com/show_bug.cgi?id=1164731", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3701", "https://bugzilla.suse.com/show_bug.cgi?id=1170056", "https://bugzilla.suse.com/show_bug.cgi?id=1159569", "https://www.suse.com/security/cve/CVE-2020-10720/", "https://bugzilla.suse.com/show_bug.cgi?id=1164712"], "cvelist": ["CVE-2018-1000199", "CVE-2019-14615", "CVE-2019-14896", "CVE-2019-14897", "CVE-2019-16994", "CVE-2019-19036", "CVE-2019-19045", "CVE-2019-19054", "CVE-2019-19318", "CVE-2019-19319", "CVE-2019-19447", "CVE-2019-19462", "CVE-2019-19768", "CVE-2019-19770", "CVE-2019-19965", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20095", "CVE-2019-20096", "CVE-2019-20810", "CVE-2019-20812", "CVE-2019-3701", "CVE-2019-9455", "CVE-2019-9458", "CVE-2020-0543", "CVE-2020-10690", "CVE-2020-10711", "CVE-2020-10720", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11669", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12655", "CVE-2020-12656", "CVE-2020-12657", "CVE-2020-12769", "CVE-2020-13143", "CVE-2020-2732", "CVE-2020-7053", "CVE-2020-8428", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-8992", "CVE-2020-9383"], "immutableFields": [], "lastseen": "2022-08-10T15:07:29", "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431", "ALSA-2021:1578", "ALSA-2021:3027"]}, {"type": "altlinux", "idList": ["DA7EB86A979E50AA3788F1F41AC8607F"]}, {"type": "amazon", "idList": ["ALAS-2018-1023", "ALAS-2020-1349", "ALAS-2020-1360", "ALAS-2020-1366", "ALAS-2020-1377", "ALAS-2020-1382", "ALAS-2020-1396", "ALAS-2020-1401", "ALAS-2020-1462", "ALAS-2021-1461", "ALAS2-2018-1023", "ALAS2-2020-1399", "ALAS2-2020-1405", "ALAS2-2020-1425", "ALAS2-2020-1431", "ALAS2-2020-1440", "ALAS2-2020-1444", "ALAS2-2020-1465", "ALAS2-2020-1480", "ALAS2-2020-1566"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-06-01", "ANDROID:2020-08-01", "ANDROID:2021-01-01"]}, {"type": "apple", "idList": ["APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:HT211100"]}, {"type": "archlinux", "idList": ["ASA-202003-6", "ASA-202006-10"]}, {"type": "attackerkb", "idList": ["AKB:555EF2E1-269F-4133-8D13-B67EA80F8CC3"]}, {"type": "centos", "idList": ["CESA-2018:1318", "CESA-2020:2103", "CESA-2020:2430", "CESA-2020:2432", "CESA-2020:2433", "CESA-2020:2664", "CESA-2020:3220", "CESA-2020:4060", "CESA-2021:0856", "CESA-2021:2314", "CESA-2021:3028"]}, {"type": "citrix", "idList": ["CTX275165"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0835B914E665F771DA10821B3BDE2D9F", "CFOUNDRY:1F5DBB3C3CBCE17DE26C796E1F59B3C4", "CFOUNDRY:27F5DB3AFDCF54F32837F9CE39245DE1", "CFOUNDRY:2B547AA94018245E71F37CB94BA4EEBC", "CFOUNDRY:4C29708E9DB1757C4BE1AE571C33062C", "CFOUNDRY:5D359B30C62666D917EB31596D1BFDE4", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:7D6795462AFD47DE31FD5B40467B68C4", "CFOUNDRY:873D4C50CDC37566272A2CA3925ADB7A", "CFOUNDRY:9BF498B2FAF35AA57F2C51B7E395428D", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:A5CCCF4486FE273FEA953C57B224799B", "CFOUNDRY:A6BB54E614972BC1F16419D7DB82331A", "CFOUNDRY:ABBF4BD74406CA92477E7CFB1AD01190", "CFOUNDRY:AC693D367392F4AE1E35E167BAADA484", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:C4D1C1686A388941AD439B6E19ADC7F2", "CFOUNDRY:F57A73CFC5FB17A63EC4D0328D382C3A"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1650576075"]}, {"type": "cve", "idList": ["CVE-2018-1000199", "CVE-2019-14615", "CVE-2019-14896", "CVE-2019-14897", "CVE-2019-16994", "CVE-2019-19036", "CVE-2019-19045", "CVE-2019-19054", "CVE-2019-19318", "CVE-2019-19319", "CVE-2019-19447", "CVE-2019-19462", "CVE-2019-19768", "CVE-2019-19770", "CVE-2019-19965", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20095", "CVE-2019-20096", "CVE-2019-20810", "CVE-2019-20812", "CVE-2019-3701", "CVE-2019-9455", "CVE-2019-9458", "CVE-2020-0255", "CVE-2020-0543", "CVE-2020-10690", "CVE-2020-10711", "CVE-2020-10720", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11669", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12655", "CVE-2020-12656", "CVE-2020-12657", "CVE-2020-12769", "CVE-2020-13143", "CVE-2020-2732", "CVE-2020-7053", "CVE-2020-8428", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-8832", "CVE-2020-8834", "CVE-2020-8992", "CVE-2020-9383"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2114-1:93D37", "DEBIAN:DLA-2241-1:DE3AB", "DEBIAN:DLA-2241-2:3E557", "DEBIAN:DLA-2242-1:573AF", "DEBIAN:DLA-2248-1:806E4", "DEBIAN:DLA-2248-1:D7645", "DEBIAN:DLA-2323-1:C146F", "DEBIAN:DLA-2420-1:692E7", "DEBIAN:DLA-2420-2:175D1", "DEBIAN:DLA-2483-1:37DA1", "DEBIAN:DLA-2586-1:6B2FD", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170", "DEBIAN:DSA-4188-1:B3909", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4667-1:62006", "DEBIAN:DSA-4667-1:834A8", "DEBIAN:DSA-4698-1:66813", "DEBIAN:DSA-4698-1:E1A7D", "DEBIAN:DSA-4699-1:122C4", "DEBIAN:DSA-4699-1:D5D43", "DEBIAN:DSA-4701-1:768E4", "DEBIAN:DSA-4701-1:BB3B8"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1000199", "DEBIANCVE:CVE-2019-14615", "DEBIANCVE:CVE-2019-14896", "DEBIANCVE:CVE-2019-14897", "DEBIANCVE:CVE-2019-16994", "DEBIANCVE:CVE-2019-19036", "DEBIANCVE:CVE-2019-19045", "DEBIANCVE:CVE-2019-19054", "DEBIANCVE:CVE-2019-19318", "DEBIANCVE:CVE-2019-19319", "DEBIANCVE:CVE-2019-19447", "DEBIANCVE:CVE-2019-19462", "DEBIANCVE:CVE-2019-19768", "DEBIANCVE:CVE-2019-19770", "DEBIANCVE:CVE-2019-19965", "DEBIANCVE:CVE-2019-19966", "DEBIANCVE:CVE-2019-20054", "DEBIANCVE:CVE-2019-20095", "DEBIANCVE:CVE-2019-20096", "DEBIANCVE:CVE-2019-20810", "DEBIANCVE:CVE-2019-20812", "DEBIANCVE:CVE-2019-3701", "DEBIANCVE:CVE-2019-9455", "DEBIANCVE:CVE-2019-9458", "DEBIANCVE:CVE-2020-0543", "DEBIANCVE:CVE-2020-10690", "DEBIANCVE:CVE-2020-10711", "DEBIANCVE:CVE-2020-10720", "DEBIANCVE:CVE-2020-10732", "DEBIANCVE:CVE-2020-10751", "DEBIANCVE:CVE-2020-10757", "DEBIANCVE:CVE-2020-10942", "DEBIANCVE:CVE-2020-11494", "DEBIANCVE:CVE-2020-11608", "DEBIANCVE:CVE-2020-11609", "DEBIANCVE:CVE-2020-11669", "DEBIANCVE:CVE-2020-12114", "DEBIANCVE:CVE-2020-12464", "DEBIANCVE:CVE-2020-12652", "DEBIANCVE:CVE-2020-12653", "DEBIANCVE:CVE-2020-12654", "DEBIANCVE:CVE-2020-12655", "DEBIANCVE:CVE-2020-12656", "DEBIANCVE:CVE-2020-12657", "DEBIANCVE:CVE-2020-12769", "DEBIANCVE:CVE-2020-13143", "DEBIANCVE:CVE-2020-2732", "DEBIANCVE:CVE-2020-7053", "DEBIANCVE:CVE-2020-8428", "DEBIANCVE:CVE-2020-8647", "DEBIANCVE:CVE-2020-8648", "DEBIANCVE:CVE-2020-8649", "DEBIANCVE:CVE-2020-8832", "DEBIANCVE:CVE-2020-8834", "DEBIANCVE:CVE-2020-8992", "DEBIANCVE:CVE-2020-9383"]}, {"type": "f5", "idList": ["F5:K00384005", "F5:K02354867", "F5:K03310902", "F5:K05617914", "F5:K17957133", "F5:K21458044", "F5:K22526232", "F5:K23641249", "F5:K25370250", "F5:K25920352", "F5:K32196386", "F5:K32780121", "F5:K35255309", "F5:K44435547", "F5:K46444421", "F5:K50928877", "F5:K58541692", "F5:K68024700", "F5:K80234002", "F5:K96414292"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:055473124314", "FEDORA:15484608781D", "FEDORA:1CAC0608E6F2", "FEDORA:1E93431CA0AD", "FEDORA:20DCB60779B2", "FEDORA:224AE608F491", "FEDORA:22D77604972B", "FEDORA:267796076024", "FEDORA:2836F613193B", "FEDORA:296826040AED", "FEDORA:29E8B30D1A9E", "FEDORA:2A755608EC25", "FEDORA:2AE7F3118C24", "FEDORA:3266960F0E44", "FEDORA:371E06040B12", "FEDORA:3A4183118C44", "FEDORA:3C394606D98F", "FEDORA:3C5D13124326", "FEDORA:4002B609954A", "FEDORA:41B546014626", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:51B856067EB8", "FEDORA:5956060491DC", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5B68260A5858", "FEDORA:5BC786077CC2", "FEDORA:628EB603ECD0", "FEDORA:62D0460BC99C", "FEDORA:690DE6022BA8", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6E67663233DB", "FEDORA:79EAC605FC25", "FEDORA:803AE30C6416", "FEDORA:85FBF6076011", "FEDORA:89C9C6051B3A", "FEDORA:8FD3E60491BA", "FEDORA:8FEA960A4096", "FEDORA:94BC060A4ECF", "FEDORA:95A686085F81", "FEDORA:98E8F6079A11", "FEDORA:9E3D9606D195", "FEDORA:AAA6460491BA", "FEDORA:AAD0A60B6998", "FEDORA:AEC7F30A071F", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BF5EC607125E", "FEDORA:C49D061F375F", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C64AE6007F37", "FEDORA:C6AF860C4240", "FEDORA:CB0956087865", "FEDORA:D2B426045A04", "FEDORA:DBB1B659CBE0", "FEDORA:E37FD60924F1", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EC9F26076D31", "FEDORA:EF6BA6045A0C", "FEDORA:F417F60477C5"]}, {"type": "freebsd", "idList": ["D2C2C815-3793-11EA-8BE3-54E1AD3D6335", "FBCBA194-AC7D-11EA-8B5E-B42E99A1B9C3"]}, {"type": "githubexploit", "idList": ["27D2D5B1-EEDA-50EF-A982-E805D9958998"]}, {"type": "hackerone", "idList": ["H1:891846"]}, {"type": "hp", "idList": ["HP:C06561734", "HP:C06655648"]}, {"type": "ibm", "idList": ["056E8E90DE65417DDBD317AECA59E4BA53529394DA5008F22A756C161156DBF1", "11A6D2D3E2F465B16C8FA5A033A65600813397804613FDB0328399EEA7561293", "1879325E67264056B58E8AD7F16855960BE3D80A459CF04AA2C576744065C438", "1FDB55812AD3D9AB018A402C76AD1A7D7977943CA45EE64E54E9B459FD5AD0BA", "22DFDD1FF1BBF70D9C813ACA916818103631328A11AEED7718476AD8FD37F722", "36F5A24A0FE05876D471A20F32BE0669E453AF841B04CDD94792F8F80EF7F4D4", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3EAEDBE0E30513BE7769DF8783660E3102FA1E55B812C2C0193B4C7C36DD66CA", "4C0BE7F4ECAF222474469C63591028C28D2E70157EF6953E863E2720DC1080A5", "4F8960DEB665153229068953126D8AE961D0613ED8FF144699C7301B64E4A63E", "570AF6CDC4F7E864E6852EBD03923041C13A884B424AC254820AD0EEB73694DF", "64ADFD088203597B59C398AB3DEF28DC4F72D37A4C48C7FA81C6531EDA6A9877", "65AC1B828E41A5505E1A8E4F6E7E2E7A2BE86DE58C539C97379A40C7ED8BBD9F", "74EB94293C5F397767E62C9F6D734DE973B44B9B7EC427A98C99E92C3C3D6590", "76523CA6ED9F13FF53F8FE827130B4B536110FD08A6CE82CEB4E3150DA65DF24", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4", "80799E3E1D58D5BC3B23A7FC96F082F8850107986619123365F56948D8AA7250", "89705B406BC34CFDE34239974351BBFD8507A55179356911F33A32F43F42DBB9", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367", "9148A44BD9A1C1A13CCEBD8F0346557CF005830103920CDDC01519240525CB58", "93800CB903FCF930D2442012C501177682436E51AEBEA85D7632953A9A31B533", "B208854B100603393ABFE63FA8975A55F6379CCD86BE9A76E5EA76BC92BEB365", "B599429672D35F0898136CCC25113D8FA5E242634C8CEB73C87851525F0DA4BB", "B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E", "B89616326F2ACA4483A6FD1036A987B8D2828930F6AC900D37AB085C7941179D", "C4826F6BCD3E1EC358C895C9FCA1260EC7609135ED81CBE00F22A388F6B09D6C", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "CF6E536B8BF01E2B0096F9F1D4C7911DD105359E60689B78C9199DE25B362636", "D860B85F49895E0D8CF0AC6A066F6902558B044E03F0320678E24399C41C6135", "ED8A3D1B7861E9FADE2E56F3710C2F426BD0F046968D24A2807B0DBC778A1AA1", "EDC4C5C80C00EE4AC9AA2C2F8FC5CF316B401A50DA42A577EE4FA380D4A47809", "F0AFFAB5446BEF6A6B346CA7237A1583252E55B1EA002352E7DFDFFB5796363C", "F0B9B56079F884F041664405C90E1EA3DD557A7DC4ACA69220B7A78B68F6A1BD"]}, {"type": "ics", "idList": ["ICSA-20-252-07"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00314", "INTEL:INTEL-SA-00320"]}, {"type": "lenovo", "idList": ["LENOVO:PS500302-INTEL-PROCESSOR-GRAPHICS-VULNERABILITY-NOSID", "LENOVO:PS500302-NOSID", "LENOVO:PS500327-INTEL-SPECIAL-REGISTER-BUFFER-DATA-SAMPLING-ADVISORY-NOSID", "LENOVO:PS500327-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0097", "MGASA-2019-0098", "MGASA-2019-0171", "MGASA-2020-0041", "MGASA-2020-0073", "MGASA-2020-0089", "MGASA-2020-0110", "MGASA-2020-0140", "MGASA-2020-0158", "MGASA-2020-0183", "MGASA-2020-0184", "MGASA-2020-0201", "MGASA-2020-0227", "MGASA-2020-0228", "MGASA-2020-0298", "MGASA-2020-0333"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1023.NASL", "AL2_ALAS-2020-1399.NASL", "AL2_ALAS-2020-1405.NASL", "AL2_ALAS-2020-1425.NASL", "AL2_ALAS-2020-1431.NASL", "AL2_ALAS-2020-1440.NASL", "AL2_ALAS-2020-1444.NASL", "AL2_ALAS-2020-1465.NASL", "AL2_ALAS-2020-1480.NASL", "AL2_ALAS-2020-1566.NASL", "AL2_ALASKERNEL-5_4-2022-011.NASL", "AL2_ALASKERNEL-5_4-2022-012.NASL", "AL2_ALASKERNEL-5_4-2022-014.NASL", "AL2_ALASKERNEL-5_4-2022-016.NASL", "ALA_ALAS-2018-1023.NASL", "ALA_ALAS-2020-1349.NASL", "ALA_ALAS-2020-1360.NASL", "ALA_ALAS-2020-1366.NASL", "ALA_ALAS-2020-1377.NASL", "ALA_ALAS-2020-1382.NASL", "ALA_ALAS-2020-1396.NASL", "ALA_ALAS-2020-1401.NASL", "ALA_ALAS-2020-1462.NASL", "ALA_ALAS-2021-1461.NASL", "ALMA_LINUX_ALSA-2020-4431.NASL", "ALMA_LINUX_ALSA-2021-1578.NASL", "ALMA_LINUX_ALSA-2021-3027.NASL", "ALMA_LINUX_ALSA-2021-4356.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS8_RHSA-2020-1769.NASL", "CENTOS8_RHSA-2020-2102.NASL", "CENTOS8_RHSA-2020-2427.NASL", "CENTOS8_RHSA-2020-2431.NASL", "CENTOS8_RHSA-2020-4431.NASL", "CENTOS8_RHSA-2021-1578.NASL", "CENTOS8_RHSA-2021-3027.NASL", "CENTOS8_RHSA-2021-4140.NASL", "CENTOS8_RHSA-2021-4356.NASL", "CENTOS_RHSA-2018-1318.NASL", "CENTOS_RHSA-2020-2103.NASL", "CENTOS_RHSA-2020-2432.NASL", "CENTOS_RHSA-2020-2433.NASL", "CENTOS_RHSA-2020-3220.NASL", "CENTOS_RHSA-2020-4060.NASL", "CENTOS_RHSA-2021-0856.NASL", "CENTOS_RHSA-2021-2314.NASL", "CENTOS_RHSA-2021-3028.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1771.NASL", "DEBIAN_DLA-2068.NASL", "DEBIAN_DLA-2114.NASL", "DEBIAN_DLA-2241.NASL", "DEBIAN_DLA-2242.NASL", "DEBIAN_DLA-2248.NASL", "DEBIAN_DLA-2323.NASL", "DEBIAN_DLA-2420.NASL", "DEBIAN_DLA-2483.NASL", "DEBIAN_DLA-2586.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4667.NASL", "DEBIAN_DSA-4698.NASL", "DEBIAN_DSA-4699.NASL", "DEBIAN_DSA-4701.NASL", "EULEROS_SA-2018-1132.NASL", "EULEROS_SA-2018-1196.NASL", "EULEROS_SA-2018-1263.NASL", "EULEROS_SA-2018-1266.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2019-1131.NASL", "EULEROS_SA-2019-1234.NASL", "EULEROS_SA-2019-1259.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2020-1012.NASL", "EULEROS_SA-2020-1042.NASL", "EULEROS_SA-2020-1112.NASL", "EULEROS_SA-2020-1158.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1269.NASL", "EULEROS_SA-2020-1292.NASL", "EULEROS_SA-2020-1308.NASL", "EULEROS_SA-2020-1342.NASL", "EULEROS_SA-2020-1368.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2020-1452.NASL", "EULEROS_SA-2020-1508.NASL", "EULEROS_SA-2020-1536.NASL", "EULEROS_SA-2020-1592.NASL", "EULEROS_SA-2020-1606.NASL", "EULEROS_SA-2020-1674.NASL", "EULEROS_SA-2020-1698.NASL", "EULEROS_SA-2020-1713.NASL", "EULEROS_SA-2020-1807.NASL", "EULEROS_SA-2020-1892.NASL", "EULEROS_SA-2020-1920.NASL", "EULEROS_SA-2020-1938.NASL", "EULEROS_SA-2020-1958.NASL", "EULEROS_SA-2020-2150.NASL", "EULEROS_SA-2020-2222.NASL", "EULEROS_SA-2020-2353.NASL", "EULEROS_SA-2020-2443.NASL", "EULEROS_SA-2020-2514.NASL", "EULEROS_SA-2021-1039.NASL", "EULEROS_SA-2021-1056.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-1200.NASL", "EULEROS_SA-2021-1311.NASL", "EULEROS_SA-2021-1684.NASL", "EULEROS_SA-2021-1808.NASL", "EULEROS_SA-2021-2040.NASL", "EULEROS_SA-2021-2140.NASL", "FEDORA_2019-021C968423.NASL", "FEDORA_2019-337484D88B.NASL", "FEDORA_2019-34A75D7E61.NASL", "FEDORA_2019-8846A1A5A2.NASL", "FEDORA_2019-91F6E7BB71.NASL", "FEDORA_2019-B0F7A7B74B.NASL", "FEDORA_2020-07F0BE216F.NASL", "FEDORA_2020-11DDBFBDF0.NASL", "FEDORA_2020-1AFBE7BA2D.NASL", "FEDORA_2020-203FFEDEB5.NASL", "FEDORA_2020-227A4C0530.NASL", "FEDORA_2020-3364913ACE.NASL", "FEDORA_2020-5A69DECC0C.NASL", "FEDORA_2020-C6B9FFF7F8.NASL", "FEDORA_2020-E47D28BC2B.NASL", "FEDORA_2020-E8835A5F8E.NASL", "FEDORA_2020-FE00E12580.NASL", "FREEBSD_PKG_D2C2C815379311EA8BE354E1AD3D6335.NASL", "FREEBSD_PKG_FBCBA194AC7D11EA8B5EB42E99A1B9C3.NASL", "MACOS_HT211100.NASL", "NEWSTART_CGSL_NS-SA-2019-0025_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0028_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0030_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0071_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2020-0073_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0001_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2021-0008_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0025_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0078_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0139_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2021-0140_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0169_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0003_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0011_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2022-0046_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2022-0060_MICROCODE_CTL.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "OPENSUSE-2018-514.NASL", "OPENSUSE-2020-1153.NASL", "OPENSUSE-2020-336.NASL", "OPENSUSE-2020-388.NASL", "OPENSUSE-2020-543.NASL", "OPENSUSE-2020-791.NASL", "OPENSUSE-2020-801.NASL", "OPENSUSE-2020-818.NASL", "OPENSUSE-2020-935.NASL", "OPENSUSE-2020-965.NASL", "OPENSUSE-2020-985.NASL", "OPENSUSE-2021-242.NASL", "ORACLELINUX_ELSA-2018-1318.NASL", "ORACLELINUX_ELSA-2018-4126.NASL", "ORACLELINUX_ELSA-2018-4134.NASL", "ORACLELINUX_ELSA-2018-4145.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2019-4596.NASL", "ORACLELINUX_ELSA-2019-4600.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2019-4850.NASL", "ORACLELINUX_ELSA-2019-4871.NASL", "ORACLELINUX_ELSA-2019-4872.NASL", "ORACLELINUX_ELSA-2019-4878.NASL", "ORACLELINUX_ELSA-2020-2082.NASL", "ORACLELINUX_ELSA-2020-2102.NASL", "ORACLELINUX_ELSA-2020-2103.NASL", "ORACLELINUX_ELSA-2020-2427.NASL", "ORACLELINUX_ELSA-2020-2431.NASL", "ORACLELINUX_ELSA-2020-2432.NASL", "ORACLELINUX_ELSA-2020-2433.NASL", "ORACLELINUX_ELSA-2020-3220.NASL", "ORACLELINUX_ELSA-2020-5533.NASL", "ORACLELINUX_ELSA-2020-5540.NASL", "ORACLELINUX_ELSA-2020-5542.NASL", "ORACLELINUX_ELSA-2020-5543.NASL", "ORACLELINUX_ELSA-2020-5569.NASL", "ORACLELINUX_ELSA-2020-5642.NASL", "ORACLELINUX_ELSA-2020-5649.NASL", "ORACLELINUX_ELSA-2020-5663.NASL", "ORACLELINUX_ELSA-2020-5670.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "ORACLELINUX_ELSA-2020-5691.NASL", "ORACLELINUX_ELSA-2020-5708.NASL", "ORACLELINUX_ELSA-2020-5714.NASL", "ORACLELINUX_ELSA-2020-5715.NASL", "ORACLELINUX_ELSA-2020-5722.NASL", "ORACLELINUX_ELSA-2020-5732.NASL", "ORACLELINUX_ELSA-2020-5750.NASL", "ORACLELINUX_ELSA-2020-5755.NASL", "ORACLELINUX_ELSA-2020-5756.NASL", "ORACLELINUX_ELSA-2020-5801.NASL", "ORACLELINUX_ELSA-2020-5802.NASL", "ORACLELINUX_ELSA-2020-5804.NASL", "ORACLELINUX_ELSA-2020-5805.NASL", "ORACLELINUX_ELSA-2020-5837.NASL", "ORACLELINUX_ELSA-2020-5841.NASL", "ORACLELINUX_ELSA-2020-5845.NASL", "ORACLELINUX_ELSA-2020-5848.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLELINUX_ELSA-2020-5878.NASL", "ORACLELINUX_ELSA-2020-5879.NASL", "ORACLELINUX_ELSA-2021-0856.NASL", "ORACLELINUX_ELSA-2021-1578.NASL", "ORACLELINUX_ELSA-2021-2314.NASL", "ORACLELINUX_ELSA-2021-3027.NASL", "ORACLELINUX_ELSA-2021-3028.NASL", "ORACLELINUX_ELSA-2021-9002.NASL", "ORACLELINUX_ELSA-2021-9030.NASL", "ORACLELINUX_ELSA-2021-9442.NASL", "ORACLELINUX_ELSA-2021-9459.NASL", "ORACLEVM_OVMSA-2018-0228.NASL", "ORACLEVM_OVMSA-2018-0231.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2019-0014.NASL", "ORACLEVM_OVMSA-2019-0056.NASL", "ORACLEVM_OVMSA-2020-0019.NASL", "ORACLEVM_OVMSA-2020-0020.NASL", "ORACLEVM_OVMSA-2020-0026.NASL", "ORACLEVM_OVMSA-2020-0027.NASL", "ORACLEVM_OVMSA-2020-0028.NASL", "ORACLEVM_OVMSA-2020-0032.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "ORACLEVM_OVMSA-2020-0041.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "ORACLEVM_OVMSA-2021-0001.NASL", "ORACLEVM_OVMSA-2021-0005.NASL", "ORACLEVM_OVMSA-2021-0030.NASL", "ORACLEVM_OVMSA-2021-0031.NASL", "ORACLEVM_OVMSA-2021-0035.NASL", "PHOTONOS_PHSA-2020-1_0-0290_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0292_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0293_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0297_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0303_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0219_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0230_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0239_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0242_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0246_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0251_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0256_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0052_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0069_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0073_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0089_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0100_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0102_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0108_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0177_LINUX.NASL", "REDHAT-RHSA-2018-1318.NASL", "REDHAT-RHSA-2018-1345.NASL", "REDHAT-RHSA-2018-1347.NASL", "REDHAT-RHSA-2018-1348.NASL", "REDHAT-RHSA-2018-1354.NASL", "REDHAT-RHSA-2018-1355.NASL", "REDHAT-RHSA-2018-1374.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-1493.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "REDHAT-RHSA-2020-1966.NASL", "REDHAT-RHSA-2020-2082.NASL", "REDHAT-RHSA-2020-2085.NASL", "REDHAT-RHSA-2020-2102.NASL", "REDHAT-RHSA-2020-2103.NASL", "REDHAT-RHSA-2020-2104.NASL", "REDHAT-RHSA-2020-2171.NASL", "REDHAT-RHSA-2020-2199.NASL", "REDHAT-RHSA-2020-2214.NASL", "REDHAT-RHSA-2020-2242.NASL", "REDHAT-RHSA-2020-2277.NASL", "REDHAT-RHSA-2020-2285.NASL", "REDHAT-RHSA-2020-2289.NASL", "REDHAT-RHSA-2020-2427.NASL", "REDHAT-RHSA-2020-2428.NASL", "REDHAT-RHSA-2020-2429.NASL", "REDHAT-RHSA-2020-2431.NASL", "REDHAT-RHSA-2020-2432.NASL", "REDHAT-RHSA-2020-2433.NASL", "REDHAT-RHSA-2020-2522.NASL", "REDHAT-RHSA-2020-2667.NASL", "REDHAT-RHSA-2020-2677.NASL", "REDHAT-RHSA-2020-2679.NASL", "REDHAT-RHSA-2020-2680.NASL", "REDHAT-RHSA-2020-2706.NASL", "REDHAT-RHSA-2020-2707.NASL", "REDHAT-RHSA-2020-2757.NASL", "REDHAT-RHSA-2020-2758.NASL", "REDHAT-RHSA-2020-2771.NASL", "REDHAT-RHSA-2020-2832.NASL", "REDHAT-RHSA-2020-2842.NASL", "REDHAT-RHSA-2020-2854.NASL", "REDHAT-RHSA-2020-3010.NASL", "REDHAT-RHSA-2020-3016.NASL", "REDHAT-RHSA-2020-3041.NASL", "REDHAT-RHSA-2020-3220.NASL", "REDHAT-RHSA-2020-3221.NASL", "REDHAT-RHSA-2020-3222.NASL", "REDHAT-RHSA-2020-3224.NASL", "REDHAT-RHSA-2020-3226.NASL", "REDHAT-RHSA-2020-3232.NASL", "REDHAT-RHSA-2020-3389.NASL", "REDHAT-RHSA-2020-3432.NASL", "REDHAT-RHSA-2020-3545.NASL", "REDHAT-RHSA-2020-3548.NASL", "REDHAT-RHSA-2020-3598.NASL", "REDHAT-RHSA-2020-4060.NASL", "REDHAT-RHSA-2020-4062.NASL", "REDHAT-RHSA-2020-4431.NASL", "REDHAT-RHSA-2020-4609.NASL", "REDHAT-RHSA-2020-5206.NASL", "REDHAT-RHSA-2020-5430.NASL", "REDHAT-RHSA-2020-5656.NASL", "REDHAT-RHSA-2021-0856.NASL", "REDHAT-RHSA-2021-0857.NASL", "REDHAT-RHSA-2021-1379.NASL", "REDHAT-RHSA-2021-1578.NASL", "REDHAT-RHSA-2021-1739.NASL", "REDHAT-RHSA-2021-2185.NASL", "REDHAT-RHSA-2021-2190.NASL", "REDHAT-RHSA-2021-2314.NASL", "REDHAT-RHSA-2021-2316.NASL", "REDHAT-RHSA-2021-3027.NASL", "REDHAT-RHSA-2021-3028.NASL", "REDHAT-RHSA-2021-3029.NASL", "REDHAT-RHSA-2021-3176.NASL", "REDHAT-RHSA-2021-3255.NASL", "REDHAT-RHSA-2021-3317.NASL", "REDHAT-RHSA-2021-3320.NASL", "REDHAT-RHSA-2021-3322.NASL", "REDHAT-RHSA-2021-3323.NASL", "REDHAT-RHSA-2021-3364.NASL", "REDHAT-RHSA-2021-3522.NASL", "REDHAT-RHSA-2021-4140.NASL", "REDHAT-RHSA-2021-4356.NASL", "REDHAT-RHSA-2022-1209.NASL", "REDHAT-RHSA-2022-1213.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SLACKWARE_SSA_2020-086-01.NASL", "SLACKWARE_SSA_2020-163-01.NASL", "SLACKWARE_SSA_2020-295-01.NASL", "SL_20180508_KERNEL_ON_SL7_X.NASL", "SL_20200512_KERNEL_ON_SL6_X.NASL", "SL_20200512_KERNEL_ON_SL7_X.NASL", "SL_20200610_MICROCODE_CTL_ON_SL6_X.NASL", "SL_20200826_KERNEL_ON_SL6_X.NASL", "SL_20201001_KERNEL_ON_SL7_X.NASL", "SL_20210609_KERNEL_ON_SL7_X.NASL", "SL_20210809_MICROCODE_CTL_ON_SL7_X.NASL", "SUSE_SU-2018-1222-1.NASL", "SUSE_SU-2018-1223-1.NASL", "SUSE_SU-2018-1224-1.NASL", "SUSE_SU-2018-1226-1.NASL", "SUSE_SU-2018-1227-1.NASL", "SUSE_SU-2018-1229-1.NASL", "SUSE_SU-2018-1230-1.NASL", "SUSE_SU-2018-1231-1.NASL", "SUSE_SU-2018-1232-1.NASL", "SUSE_SU-2018-1233-1.NASL", "SUSE_SU-2018-1234-1.NASL", "SUSE_SU-2018-1235-1.NASL", "SUSE_SU-2018-1236-1.NASL", "SUSE_SU-2018-1237-1.NASL", "SUSE_SU-2018-1239-1.NASL", "SUSE_SU-2018-1241-1.NASL", "SUSE_SU-2018-1242-1.NASL", "SUSE_SU-2018-1243-1.NASL", "SUSE_SU-2018-1244-1.NASL", "SUSE_SU-2018-1245-1.NASL", "SUSE_SU-2018-1247-1.NASL", "SUSE_SU-2018-1250-1.NASL", "SUSE_SU-2018-1251-1.NASL", "SUSE_SU-2018-1253-1.NASL", "SUSE_SU-2018-1254-1.NASL", "SUSE_SU-2018-1255-1.NASL", "SUSE_SU-2018-1256-1.NASL", "SUSE_SU-2018-1257-1.NASL", "SUSE_SU-2018-1258-1.NASL", "SUSE_SU-2018-1259-1.NASL", "SUSE_SU-2018-1261-1.NASL", "SUSE_SU-2018-1262-1.NASL", "SUSE_SU-2018-1264-1.NASL", "SUSE_SU-2018-1266-1.NASL", "SUSE_SU-2018-1267-1.NASL", "SUSE_SU-2018-1268-1.NASL", "SUSE_SU-2018-1269-1.NASL", "SUSE_SU-2018-1272-1.NASL", "SUSE_SU-2018-1273-1.NASL", "SUSE_SU-2018-1366-1.NASL", "SUSE_SU-2018-1368-1.NASL", "SUSE_SU-2018-1374-1.NASL", "SUSE_SU-2018-1375-1.NASL", "SUSE_SU-2018-1376-1.NASL", "SUSE_SU-2018-1508-1.NASL", "SUSE_SU-2018-1525-1.NASL", "SUSE_SU-2018-1550-1.NASL", "SUSE_SU-2018-1551-1.NASL", "SUSE_SU-2018-1855-1.NASL", "SUSE_SU-2018-1855-2.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-0204-1.NASL", "SUSE_SU-2020-0558-1.NASL", "SUSE_SU-2020-0559-1.NASL", "SUSE_SU-2020-0560-1.NASL", "SUSE_SU-2020-0580-1.NASL", "SUSE_SU-2020-0584-1.NASL", "SUSE_SU-2020-0613-1.NASL", "SUSE_SU-2020-0688-1.NASL", "SUSE_SU-2020-0836-1.NASL", "SUSE_SU-2020-1118-1.NASL", "SUSE_SU-2020-1119-1.NASL", "SUSE_SU-2020-1123-1.NASL", "SUSE_SU-2020-1141-1.NASL", "SUSE_SU-2020-1142-1.NASL", "SUSE_SU-2020-1146-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "SUSE_SU-2020-14354-1.NASL", "SUSE_SU-2020-14393-1.NASL", "SUSE_SU-2020-14394-1.NASL", "SUSE_SU-2020-14442-1.NASL", "SUSE_SU-2020-14521-1.NASL", "SUSE_SU-2020-1475-1.NASL", "SUSE_SU-2020-1486-1.NASL", "SUSE_SU-2020-1587-1.NASL", "SUSE_SU-2020-1589-1.NASL", "SUSE_SU-2020-1595-1.NASL", "SUSE_SU-2020-1596-1.NASL", "SUSE_SU-2020-1597-1.NASL", "SUSE_SU-2020-1599-1.NASL", "SUSE_SU-2020-1601-1.NASL", "SUSE_SU-2020-1602-1.NASL", "SUSE_SU-2020-1603-1.NASL", "SUSE_SU-2020-1605-1.NASL", "SUSE_SU-2020-1609-1.NASL", "SUSE_SU-2020-1630-1.NASL", "SUSE_SU-2020-1632-1.NASL", "SUSE_SU-2020-1633-1.NASL", "SUSE_SU-2020-1693-1.NASL", "SUSE_SU-2020-1699-1.NASL", "SUSE_SU-2020-1764-1.NASL", "SUSE_SU-2020-1767-1.NASL", "SUSE_SU-2020-1779-1.NASL", "SUSE_SU-2020-1781-1.NASL", "SUSE_SU-2020-1784-1.NASL", "SUSE_SU-2020-1887-1.NASL", "SUSE_SU-2020-1889-1.NASL", "SUSE_SU-2020-1902-1.NASL", "SUSE_SU-2020-2105-1.NASL", "SUSE_SU-2020-2107-1.NASL", "SUSE_SU-2020-2121-1.NASL", "SUSE_SU-2020-2134-1.NASL", "SUSE_SU-2020-2152-1.NASL", "SUSE_SU-2020-2487-1.NASL", "SUSE_SU-2020-2491-1.NASL", "SUSE_SU-2020-2492-1.NASL", "SUSE_SU-2020-2497-1.NASL", "SUSE_SU-2020-2498-1.NASL", "SUSE_SU-2020-2822-1.NASL", "SUSE_SU-2021-3929-1.NASL", "SUSE_SU-2021-3935-1.NASL", "UBUNTU_USN-3641-1.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4225-1.NASL", "UBUNTU_USN-4225-2.NASL", "UBUNTU_USN-4226-1.NASL", "UBUNTU_USN-4227-1.NASL", "UBUNTU_USN-4228-1.NASL", "UBUNTU_USN-4253-1.NASL", "UBUNTU_USN-4253-2.NASL", "UBUNTU_USN-4254-1.NASL", "UBUNTU_USN-4255-1.NASL", "UBUNTU_USN-4255-2.NASL", "UBUNTU_USN-4284-1.NASL", "UBUNTU_USN-4285-1.NASL", "UBUNTU_USN-4286-1.NASL", "UBUNTU_USN-4287-1.NASL", "UBUNTU_USN-4300-1.NASL", "UBUNTU_USN-4301-1.NASL", "UBUNTU_USN-4302-1.NASL", "UBUNTU_USN-4303-1.NASL", "UBUNTU_USN-4318-1.NASL", "UBUNTU_USN-4319-1.NASL", "UBUNTU_USN-4320-1.NASL", "UBUNTU_USN-4324-1.NASL", "UBUNTU_USN-4325-1.NASL", "UBUNTU_USN-4342-1.NASL", "UBUNTU_USN-4344-1.NASL", "UBUNTU_USN-4345-1.NASL", "UBUNTU_USN-4346-1.NASL", "UBUNTU_USN-4363-1.NASL", "UBUNTU_USN-4364-1.NASL", "UBUNTU_USN-4367-1.NASL", "UBUNTU_USN-4367-2.NASL", "UBUNTU_USN-4368-1.NASL", "UBUNTU_USN-4369-1.NASL", "UBUNTU_USN-4369-2.NASL", "UBUNTU_USN-4385-1.NASL", "UBUNTU_USN-4385-2.NASL", "UBUNTU_USN-4387-1.NASL", "UBUNTU_USN-4388-1.NASL", "UBUNTU_USN-4389-1.NASL", "UBUNTU_USN-4390-1.NASL", "UBUNTU_USN-4391-1.NASL", "UBUNTU_USN-4411-1.NASL", "UBUNTU_USN-4412-1.NASL", "UBUNTU_USN-4413-1.NASL", "UBUNTU_USN-4414-1.NASL", "UBUNTU_USN-4419-1.NASL", "UBUNTU_USN-4425-1.NASL", "UBUNTU_USN-4426-1.NASL", "UBUNTU_USN-4427-1.NASL", "UBUNTU_USN-4439-1.NASL", "UBUNTU_USN-4440-1.NASL", "UBUNTU_USN-4465-1.NASL", "UBUNTU_USN-4483-1.NASL", "UBUNTU_USN-4485-1.NASL", "UBUNTU_USN-4525-1.NASL", "UBUNTU_USN-4526-1.NASL", "UBUNTU_USN-4527-1.NASL", "UBUNTU_USN-4680-1.NASL", "UBUNTU_USN-5343-1.NASL", "VIRTUOZZO_VZA-2018-030.NASL", "VIRTUOZZO_VZA-2020-037.NASL", "VIRTUOZZO_VZA-2020-038.NASL", "VIRTUOZZO_VZA-2020-045.NASL", "XEN_SERVER_XSA-320.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108766", "OPENVAS:1361412562310108812", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704667", "OPENVAS:1361412562310704698", "OPENVAS:1361412562310704699", "OPENVAS:1361412562310704701", "OPENVAS:1361412562310816724", "OPENVAS:1361412562310843518", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844281", "OPENVAS:1361412562310844282", "OPENVAS:1361412562310844283", "OPENVAS:1361412562310844284", "OPENVAS:1361412562310844298", "OPENVAS:1361412562310844312", "OPENVAS:1361412562310844314", "OPENVAS:1361412562310844317", "OPENVAS:1361412562310844318", "OPENVAS:1361412562310844319", "OPENVAS:1361412562310844341", "OPENVAS:1361412562310844342", "OPENVAS:1361412562310844343", "OPENVAS:1361412562310844347", "OPENVAS:1361412562310844362", "OPENVAS:1361412562310844363", "OPENVAS:1361412562310844364", "OPENVAS:1361412562310844365", "OPENVAS:1361412562310844382", "OPENVAS:1361412562310844383", "OPENVAS:1361412562310844384", "OPENVAS:1361412562310844385", "OPENVAS:1361412562310844387", "OPENVAS:1361412562310844406", "OPENVAS:1361412562310844409", "OPENVAS:1361412562310844410", "OPENVAS:1361412562310844411", "OPENVAS:1361412562310844433", "OPENVAS:1361412562310844434", "OPENVAS:1361412562310844438", "OPENVAS:1361412562310844439", "OPENVAS:1361412562310844443", "OPENVAS:1361412562310844448", "OPENVAS:1361412562310844451", "OPENVAS:1361412562310844461", "OPENVAS:1361412562310844462", "OPENVAS:1361412562310844463", "OPENVAS:1361412562310844464", "OPENVAS:1361412562310844465", "OPENVAS:1361412562310844466", "OPENVAS:1361412562310844468", "OPENVAS:1361412562310844482", "OPENVAS:1361412562310844483", "OPENVAS:1361412562310844484", "OPENVAS:1361412562310844485", "OPENVAS:1361412562310844496", "OPENVAS:1361412562310851762", "OPENVAS:1361412562310853070", "OPENVAS:1361412562310853084", "OPENVAS:1361412562310853121", "OPENVAS:1361412562310853200", "OPENVAS:1361412562310853206", "OPENVAS:1361412562310853214", "OPENVAS:1361412562310853260", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877113", "OPENVAS:1361412562310877132", "OPENVAS:1361412562310877136", "OPENVAS:1361412562310877209", "OPENVAS:1361412562310877358", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877479", "OPENVAS:1361412562310877533", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310877541", "OPENVAS:1361412562310877859", "OPENVAS:1361412562310877862", "OPENVAS:1361412562310877884", "OPENVAS:1361412562310877951", "OPENVAS:1361412562310877952", "OPENVAS:1361412562310877958", "OPENVAS:1361412562310877968", "OPENVAS:1361412562310877977", "OPENVAS:1361412562310877980", "OPENVAS:1361412562310877999", "OPENVAS:1361412562310878006", "OPENVAS:1361412562310882900", "OPENVAS:1361412562310883236", "OPENVAS:1361412562310883249", "OPENVAS:1361412562310883250", "OPENVAS:1361412562310883251", "OPENVAS:1361412562310883257", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562310892068", "OPENVAS:1361412562310892114", "OPENVAS:1361412562310892241", "OPENVAS:1361412562310892242", "OPENVAS:1361412562310892248", "OPENVAS:1361412562311220181132", "OPENVAS:1361412562311220181196", "OPENVAS:1361412562311220181263", "OPENVAS:1361412562311220181266", "OPENVAS:1361412562311220191028", "OPENVAS:1361412562311220191131", "OPENVAS:1361412562311220191234", "OPENVAS:1361412562311220191259", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220201012", "OPENVAS:1361412562311220201042", "OPENVAS:1361412562311220201112", "OPENVAS:1361412562311220201158", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201269", "OPENVAS:1361412562311220201292", "OPENVAS:1361412562311220201308", "OPENVAS:1361412562311220201342", "OPENVAS:1361412562311220201368", "OPENVAS:1361412562311220201396", "OPENVAS:1361412562311220201452", "OPENVAS:1361412562311220201508", "OPENVAS:1361412562311220201536", "OPENVAS:1361412562311220201592", "OPENVAS:1361412562311220201606", "OPENVAS:1361412562311220201674", "OPENVAS:1361412562311220201698", "OPENVAS:1361412562311220201713"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-1318", "ELSA-2018-1629", "ELSA-2018-4126", "ELSA-2018-4134", "ELSA-2018-4145", "ELSA-2018-4164", "ELSA-2019-4596", "ELSA-2019-4600", "ELSA-2019-4612", "ELSA-2019-4850", "ELSA-2019-4871", "ELSA-2019-4872", "ELSA-2019-4878", "ELSA-2020-1769", "ELSA-2020-2082", "ELSA-2020-2102", "ELSA-2020-2103", "ELSA-2020-2427", "ELSA-2020-2430", "ELSA-2020-2431", "ELSA-2020-2432", "ELSA-2020-2433", "ELSA-2020-2664", "ELSA-2020-2933", "ELSA-2020-3010", "ELSA-2020-3220", "ELSA-2020-3548", "ELSA-2020-4060", "ELSA-2020-4431", "ELSA-2020-5533", "ELSA-2020-5540", "ELSA-2020-5542", "ELSA-2020-5543", "ELSA-2020-5569", "ELSA-2020-5642", "ELSA-2020-5649", "ELSA-2020-5663", "ELSA-2020-5670", "ELSA-2020-5676", "ELSA-2020-5691", "ELSA-2020-5708", "ELSA-2020-5714", "ELSA-2020-5715", "ELSA-2020-5722", "ELSA-2020-5732", "ELSA-2020-5750", "ELSA-2020-5755", "ELSA-2020-5756", "ELSA-2020-5765", "ELSA-2020-5766", "ELSA-2020-5801", "ELSA-2020-5802", "ELSA-2020-5804", "ELSA-2020-5805", "ELSA-2020-5837", "ELSA-2020-5841", "ELSA-2020-5845", "ELSA-2020-5848", "ELSA-2020-5866", "ELSA-2020-5878", "ELSA-2020-5879", "ELSA-2021-0856", "ELSA-2021-1578", "ELSA-2021-2314", "ELSA-2021-3027", "ELSA-2021-3028", "ELSA-2021-9002", "ELSA-2021-9030", "ELSA-2021-9052", "ELSA-2021-9442", "ELSA-2021-9459"]}, {"type": "osv", "idList": ["OSV:ASB-A-156071259", "OSV:ASB-A-170658976", "OSV:DLA-1369-1", "OSV:DLA-1731-1", "OSV:DLA-1771-1", "OSV:DLA-2068-1", "OSV:DLA-2114-1", "OSV:DLA-2241-1", "OSV:DLA-2242-1", "OSV:DLA-2248-1", "OSV:DLA-2323-1", "OSV:DLA-2420-1", "OSV:DLA-2483-1", "OSV:DLA-2586-1", "OSV:DSA-4187-1", "OSV:DSA-4188-1", "OSV:DSA-4667-1", "OSV:DSA-4698-1", "OSV:DSA-4699-1", "OSV:DSA-4701-1"]}, {"type": "photon", "idList": ["PHSA-2019-0015", "PHSA-2019-0021", "PHSA-2019-0030", "PHSA-2019-0034", "PHSA-2019-0128", "PHSA-2019-0151", "PHSA-2019-0162", "PHSA-2019-0165", "PHSA-2019-0178", "PHSA-2019-0212", "PHSA-2019-0236", "PHSA-2019-1.0-0212", "PHSA-2019-1.0-0236", "PHSA-2019-1.0-0238", "PHSA-2020-0052", "PHSA-2020-0069", "PHSA-2020-0073", "PHSA-2020-0082", "PHSA-2020-0089", "PHSA-2020-0100", "PHSA-2020-0102", "PHSA-2020-0108", "PHSA-2020-0153", "PHSA-2020-0177", "PHSA-2020-0212", "PHSA-2020-0219", "PHSA-2020-0221", "PHSA-2020-0230", "PHSA-2020-0239", "PHSA-2020-0242", "PHSA-2020-0246", "PHSA-2020-0251", "PHSA-2020-0254", "PHSA-2020-0256", "PHSA-2020-0274", "PHSA-2020-0288", "PHSA-2020-0293", "PHSA-2020-1.0-0274", "PHSA-2020-1.0-0279", "PHSA-2020-1.0-0287", "PHSA-2020-1.0-0290", "PHSA-2020-1.0-0292", "PHSA-2020-1.0-0293", "PHSA-2020-1.0-0297", "PHSA-2020-1.0-0303", "PHSA-2020-1.0-0305", "PHSA-2020-2.0-0219", "PHSA-2020-2.0-0230", "PHSA-2020-2.0-0239", "PHSA-2020-2.0-0242", "PHSA-2020-2.0-0246", "PHSA-2020-2.0-0251", "PHSA-2020-2.0-0256", "PHSA-2020-3.0-0052", "PHSA-2020-3.0-0069", "PHSA-2020-3.0-0073", "PHSA-2020-3.0-0089", "PHSA-2020-3.0-0100", "PHSA-2020-3.0-0102", "PHSA-2020-3.0-0108", "PHSA-2020-3.0-0153", "PHSA-2020-3.0-0177"]}, {"type": "redhat", "idList": ["RHSA-2018:1318", "RHSA-2018:1345", "RHSA-2018:1347", "RHSA-2018:1348", "RHSA-2018:1354", "RHSA-2018:1355", "RHSA-2018:1374", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2020:1493", "RHSA-2020:1567", "RHSA-2020:1769", "RHSA-2020:1966", "RHSA-2020:2082", "RHSA-2020:2085", "RHSA-2020:2102", "RHSA-2020:2103", "RHSA-2020:2104", "RHSA-2020:2125", "RHSA-2020:2171", "RHSA-2020:2199", "RHSA-2020:2203", "RHSA-2020:2214", "RHSA-2020:2242", "RHSA-2020:2277", "RHSA-2020:2285", "RHSA-2020:2289", "RHSA-2020:2291", "RHSA-2020:2427", "RHSA-2020:2428", "RHSA-2020:2429", "RHSA-2020:2430", "RHSA-2020:2431", "RHSA-2020:2432", "RHSA-2020:2433", "RHSA-2020:2519", "RHSA-2020:2522", "RHSA-2020:2567", "RHSA-2020:2664", "RHSA-2020:2665", "RHSA-2020:2667", "RHSA-2020:2669", "RHSA-2020:2677", "RHSA-2020:2679", "RHSA-2020:2680", "RHSA-2020:2706", "RHSA-2020:2707", "RHSA-2020:2757", "RHSA-2020:2758", "RHSA-2020:2770", "RHSA-2020:2771", "RHSA-2020:2777", "RHSA-2020:2831", "RHSA-2020:2832", "RHSA-2020:2842", "RHSA-2020:2851", "RHSA-2020:2854", "RHSA-2020:3010", "RHSA-2020:3016", "RHSA-2020:3019", "RHSA-2020:3041", "RHSA-2020:3194", "RHSA-2020:3220", "RHSA-2020:3221", "RHSA-2020:3222", "RHSA-2020:3224", "RHSA-2020:3226", "RHSA-2020:3232", "RHSA-2020:3389", "RHSA-2020:3432", "RHSA-2020:3545", "RHSA-2020:3548", "RHSA-2020:3598", "RHSA-2020:4060", "RHSA-2020:4062", "RHSA-2020:4431", "RHSA-2020:4609", "RHSA-2020:5206", "RHSA-2020:5430", "RHSA-2020:5633", "RHSA-2020:5656", "RHSA-2021:0856", "RHSA-2021:0857", "RHSA-2021:1129", "RHSA-2021:1379", "RHSA-2021:1578", "RHSA-2021:1739", "RHSA-2021:2121", "RHSA-2021:2136", "RHSA-2021:2185", "RHSA-2021:2190", "RHSA-2021:2314", "RHSA-2021:2316", "RHSA-2021:2461", "RHSA-2021:3027", "RHSA-2021:3028", "RHSA-2021:3029", "RHSA-2021:3176", "RHSA-2021:3255", "RHSA-2021:3317", "RHSA-2021:3320", "RHSA-2021:3322", "RHSA-2021:3323", "RHSA-2021:3364", "RHSA-2021:3522", "RHSA-2021:4140", "RHSA-2021:4356", "RHSA-2021:4627", "RHSA-2021:5137", "RHSA-2022:1209", "RHSA-2022:1213", "RHSA-2022:1622"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1000199", "RH:CVE-2019-14615", "RH:CVE-2019-14896", "RH:CVE-2019-14897", "RH:CVE-2019-16994", "RH:CVE-2019-19036", "RH:CVE-2019-19045", "RH:CVE-2019-19054", "RH:CVE-2019-19318", "RH:CVE-2019-19319", "RH:CVE-2019-19447", "RH:CVE-2019-19462", "RH:CVE-2019-19768", "RH:CVE-2019-19770", "RH:CVE-2019-19965", "RH:CVE-2019-19966", "RH:CVE-2019-20054", "RH:CVE-2019-20095", "RH:CVE-2019-20096", "RH:CVE-2019-20810", "RH:CVE-2019-20812", "RH:CVE-2019-3701", "RH:CVE-2019-9455", "RH:CVE-2019-9458", "RH:CVE-2020-0543", "RH:CVE-2020-10690", "RH:CVE-2020-10711", "RH:CVE-2020-10720", "RH:CVE-2020-10732", "RH:CVE-2020-10751", "RH:CVE-2020-10757", "RH:CVE-2020-10942", "RH:CVE-2020-11494", "RH:CVE-2020-11608", "RH:CVE-2020-11609", "RH:CVE-2020-11669", "RH:CVE-2020-12114", "RH:CVE-2020-12464", "RH:CVE-2020-12652", "RH:CVE-2020-12653", "RH:CVE-2020-12654", "RH:CVE-2020-12655", "RH:CVE-2020-12656", "RH:CVE-2020-12657", "RH:CVE-2020-12769", "RH:CVE-2020-13143", "RH:CVE-2020-2732", "RH:CVE-2020-7053", "RH:CVE-2020-8428", "RH:CVE-2020-8647", "RH:CVE-2020-8648", "RH:CVE-2020-8649", "RH:CVE-2020-8832", "RH:CVE-2020-8834", "RH:CVE-2020-8992", "RH:CVE-2020-9383"]}, {"type": "slackware", "idList": ["SSA-2019-030-01", "SSA-2020-086-01", "SSA-2020-163-01", "SSA-2020-295-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1418-1", "OPENSUSE-SU-2020:0336-1", "OPENSUSE-SU-2020:0388-1", "OPENSUSE-SU-2020:0543-1", "OPENSUSE-SU-2020:0791-1", "OPENSUSE-SU-2020:0801-1", "OPENSUSE-SU-2020:0818-1", "OPENSUSE-SU-2020:0935-1", "OPENSUSE-SU-2020:0965-1", "OPENSUSE-SU-2020:0985-1", "OPENSUSE-SU-2020:1153-1", "OPENSUSE-SU-2021:0242-1", "SUSE-SU-2018:1222-1", "SUSE-SU-2018:1223-1", "SUSE-SU-2018:1224-1", "SUSE-SU-2018:1225-1", "SUSE-SU-2018:1226-1", "SUSE-SU-2018:1227-1", "SUSE-SU-2018:1228-1", "SUSE-SU-2018:1229-1", "SUSE-SU-2018:1230-1", "SUSE-SU-2018:1231-1", "SUSE-SU-2018:1232-1", "SUSE-SU-2018:1233-1", "SUSE-SU-2018:1234-1", "SUSE-SU-2018:1235-1", "SUSE-SU-2018:1236-1", "SUSE-SU-2018:1237-1", "SUSE-SU-2018:1238-1", "SUSE-SU-2018:1239-1", "SUSE-SU-2018:1240-1", "SUSE-SU-2018:1241-1", "SUSE-SU-2018:1242-1", "SUSE-SU-2018:1243-1", "SUSE-SU-2018:1244-1", "SUSE-SU-2018:1245-1", "SUSE-SU-2018:1246-1", "SUSE-SU-2018:1247-1", "SUSE-SU-2018:1248-1", "SUSE-SU-2018:1249-1", "SUSE-SU-2018:1250-1", "SUSE-SU-2018:1251-1", "SUSE-SU-2018:1252-1", "SUSE-SU-2018:1253-1", "SUSE-SU-2018:1254-1", "SUSE-SU-2018:1255-1", "SUSE-SU-2018:1256-1", "SUSE-SU-2018:1257-1", "SUSE-SU-2018:1258-1", "SUSE-SU-2018:1259-1", "SUSE-SU-2018:1260-1", "SUSE-SU-2018:1261-1", "SUSE-SU-2018:1262-1", "SUSE-SU-2018:1263-1", "SUSE-SU-2018:1264-1", "SUSE-SU-2018:1266-1", "SUSE-SU-2018:1267-1", "SUSE-SU-2018:1268-1", "SUSE-SU-2018:1269-1", "SUSE-SU-2018:1270-1", "SUSE-SU-2018:1272-1", "SUSE-SU-2018:1273-1"]}, {"type": "symantec", "idList": ["SMNTC-110241", "SMNTC-110895", "SMNTC-110944", "SMNTC-111006", "SMNTC-111195", "SMNTC-111220", "SMNTC-111222", "SMNTC-111286", "SMNTC-111294", "SMNTC-111313", "SMNTC-111315", "SMNTC-111318"]}, {"type": "thn", "idList": ["THN:8841D27BD6D8D04E9583E7E0F20898D5"]}, {"type": "threatpost", "idList": ["THREATPOST:17E00AD621A0ECD9F90FE97E083BF4AC", "THREATPOST:3073D5AD7F3554F422710689A9436CAA", "THREATPOST:3F81254E133ABD9AE724F95349C0040A", "THREATPOST:7016E3D2F3480C9399BCD12F9CE0D562", "THREATPOST:E8A45942B4C8BC03FF0C464DB57C713C", "THREATPOST:EF0075FFF210E542FF3ECB996DDA02A3"]}, {"type": "ubuntu", "idList": ["LSN-0065-1", "LSN-0066-1", "LSN-0067-1", "LSN-0068-1", "LSN-0069-1", "LSN-0072-1", "USN-3641-1", "USN-3641-2", "USN-3932-1", "USN-3932-2", "USN-4115-1", "USN-4115-2", "USN-4118-1", "USN-4225-1", "USN-4225-2", "USN-4226-1", "USN-4227-1", "USN-4227-2", "USN-4228-1", "USN-4228-2", "USN-4253-1", "USN-4253-2", "USN-4254-1", "USN-4254-2", "USN-4255-1", "USN-4255-2", "USN-4284-1", "USN-4285-1", "USN-4286-1", "USN-4286-2", "USN-4287-1", "USN-4287-2", "USN-4300-1", "USN-4301-1", "USN-4302-1", "USN-4303-1", "USN-4303-2", "USN-4318-1", "USN-4319-1", "USN-4320-1", "USN-4324-1", "USN-4325-1", "USN-4342-1", "USN-4344-1", "USN-4345-1", "USN-4346-1", "USN-4363-1", "USN-4364-1", "USN-4367-1", "USN-4367-2", "USN-4368-1", "USN-4369-1", "USN-4369-2", "USN-4385-1", "USN-4385-2", "USN-4387-1", "USN-4388-1", "USN-4389-1", "USN-4390-1", "USN-4391-1", "USN-4392-1", "USN-4393-1", "USN-4411-1", "USN-4412-1", "USN-4413-1", "USN-4414-1", "USN-4419-1", "USN-4425-1", "USN-4426-1", "USN-4427-1", "USN-4439-1", "USN-4440-1", "USN-4465-1", "USN-4483-1", "USN-4485-1", "USN-4525-1", "USN-4526-1", "USN-4527-1", "USN-4680-1", "USN-5343-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1000199", "UB:CVE-2019-14615", "UB:CVE-2019-14896", "UB:CVE-2019-14897", "UB:CVE-2019-16994", "UB:CVE-2019-19036", "UB:CVE-2019-19045", "UB:CVE-2019-19054", "UB:CVE-2019-19318", "UB:CVE-2019-19319", "UB:CVE-2019-19447", "UB:CVE-2019-19462", "UB:CVE-2019-19768", "UB:CVE-2019-19770", "UB:CVE-2019-19965", "UB:CVE-2019-19966", "UB:CVE-2019-20054", "UB:CVE-2019-20095", "UB:CVE-2019-20096", "UB:CVE-2019-20810", "UB:CVE-2019-20812", "UB:CVE-2019-3701", "UB:CVE-2019-9455", "UB:CVE-2019-9458", "UB:CVE-2020-0543", "UB:CVE-2020-10690", "UB:CVE-2020-10711", "UB:CVE-2020-10720", "UB:CVE-2020-10732", "UB:CVE-2020-10751", "UB:CVE-2020-10757", "UB:CVE-2020-10942", "UB:CVE-2020-11494", "UB:CVE-2020-11608", "UB:CVE-2020-11609", "UB:CVE-2020-11669", "UB:CVE-2020-12114", "UB:CVE-2020-12464", "UB:CVE-2020-12652", "UB:CVE-2020-12653", "UB:CVE-2020-12654", "UB:CVE-2020-12655", "UB:CVE-2020-12656", "UB:CVE-2020-12657", "UB:CVE-2020-12769", "UB:CVE-2020-13143", "UB:CVE-2020-2732", "UB:CVE-2020-7053", "UB:CVE-2020-8428", "UB:CVE-2020-8647", "UB:CVE-2020-8648", "UB:CVE-2020-8649", "UB:CVE-2020-8832", "UB:CVE-2020-8834", "UB:CVE-2020-8992", "UB:CVE-2020-9383"]}, {"type": "veracode", "idList": ["VERACODE:25181", "VERACODE:25196", "VERACODE:25398", "VERACODE:25400", "VERACODE:25645", "VERACODE:25648", "VERACODE:25824", "VERACODE:25825", "VERACODE:25934", "VERACODE:26738", "VERACODE:26853", "VERACODE:26925", "VERACODE:26927", "VERACODE:26972", "VERACODE:27123", "VERACODE:27233", "VERACODE:27696", "VERACODE:27761", "VERACODE:27764", "VERACODE:27769", "VERACODE:27772", "VERACODE:27773", "VERACODE:27774", "VERACODE:27775", "VERACODE:27776", "VERACODE:27778", "VERACODE:27781", "VERACODE:29336", "VERACODE:30569", "VERACODE:30571", "VERACODE:30572", "VERACODE:32996"]}, {"type": "virtuozzo", "idList": ["VZA-2018-030", "VZA-2020-036", "VZA-2020-037", "VZA-2020-038", "VZA-2020-044", "VZA-2020-045", "VZA-2020-046", "VZA-2020-048", "VZA-2021-040"]}, {"type": "xen", "idList": ["XSA-320"]}]}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431"]}, {"type": "amazon", "idList": ["ALAS-2018-1023", "ALAS-2020-1360", "ALAS-2020-1366", "ALAS-2020-1377", "ALAS2-2018-1023", "ALAS2-2020-1399", "ALAS2-2020-1405", "ALAS2-2020-1425", "ALAS2-2020-1431", "ALAS2-2020-1440", "ALAS2-2020-1444", "ALAS2-2020-1465", "ALAS2-2020-1480"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-06-01", "ANDROID:2020-08-01", "ANDROID:2021-01-01"]}, {"type": "apple", "idList": ["APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:HT211100"]}, {"type": "archlinux", "idList": ["ASA-202003-6", "ASA-202006-10"]}, {"type": "attackerkb", "idList": ["AKB:555EF2E1-269F-4133-8D13-B67EA80F8CC3"]}, {"type": "centos", "idList": ["CESA-2018:1318", "CESA-2020:2103", "CESA-2020:2430", "CESA-2020:2432", "CESA-2020:2433"]}, {"type": "citrix", "idList": ["CTX275165"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0835B914E665F771DA10821B3BDE2D9F", "CFOUNDRY:27F5DB3AFDCF54F32837F9CE39245DE1", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:9BF498B2FAF35AA57F2C51B7E395428D", "CFOUNDRY:A5CCCF4486FE273FEA953C57B224799B", "CFOUNDRY:A6BB54E614972BC1F16419D7DB82331A", "CFOUNDRY:ABBF4BD74406CA92477E7CFB1AD01190", "CFOUNDRY:AC693D367392F4AE1E35E167BAADA484", "CFOUNDRY:F57A73CFC5FB17A63EC4D0328D382C3A"]}, {"type": "cve", "idList": ["CVE-2018-1000199", "CVE-2019-14615", "CVE-2019-20810", "CVE-2019-20812", "CVE-2020-10690", "CVE-2020-10711", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12655", "CVE-2020-12656", "CVE-2020-12657", "CVE-2020-12769", "CVE-2020-13143", "CVE-2020-7053"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2242-1:573AF", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4667-1:62006", "DEBIAN:DSA-4698-1:66813", "DEBIAN:DSA-4699-1:122C4", "DEBIAN:DSA-4701-1:BB3B8"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-0543"]}, {"type": "f5", "idList": ["F5:K17957133", "F5:K22526232", "F5:K80234002"]}, {"type": "fedora", "idList": ["FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:296826040AED", "FEDORA:3266960F0E44", "FEDORA:41B546014626", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:5956060491DC", "FEDORA:5B68260A5858", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:8FD3E60491BA", "FEDORA:95A686085F81", "FEDORA:9E3D9606D195", "FEDORA:AAA6460491BA", "FEDORA:BBFE360460D0", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:D2B426045A04", "FEDORA:DBB1B659CBE0", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EF6BA6045A0C", "FEDORA:F417F60477C5"]}, {"type": "freebsd", "idList": ["D2C2C815-3793-11EA-8BE3-54E1AD3D6335"]}, {"type": "githubexploit", "idList": ["27D2D5B1-EEDA-50EF-A982-E805D9958998"]}, {"type": "hackerone", "idList": ["H1:891846"]}, {"type": "hp", "idList": ["HP:C06561734", "HP:C06655648"]}, {"type": "ibm", "idList": ["22DFDD1FF1BBF70D9C813ACA916818103631328A11AEED7718476AD8FD37F722", "74EB94293C5F397767E62C9F6D734DE973B44B9B7EC427A98C99E92C3C3D6590", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4"]}, {"type": "ics", "idList": ["ICSA-20-252-07"]}, {"type": "lenovo", "idList": ["LENOVO:PS500302-NOSID", "LENOVO:PS500327-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-INTELGRAPHICSDRIVER-CVE-2019-14615/", "MSF:ILITIES/DEBIAN-CVE-2019-14615/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-20096/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2019-20054/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2019-20096/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-14615/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-20095/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-20054/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-20095/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-20096/", "MSF:ILITIES/ORACLE_LINUX-CVE-2020-10742/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1023.NASL", "AL2_ALAS-2020-1425.NASL", "AL2_ALAS-2020-1431.NASL", "ALA_ALAS-2018-1023.NASL", "ALA_ALAS-2020-1360.NASL", "ALA_ALAS-2020-1366.NASL", "ALA_ALAS-2020-1377.NASL", "CENTOS8_RHSA-2021-1578.NASL", "CENTOS_RHSA-2018-1318.NASL", "CENTOS_RHSA-2020-2103.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-2068.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4667.NASL", "EULEROS_SA-2018-1132.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2020-1012.NASL", "EULEROS_SA-2020-1042.NASL", "EULEROS_SA-2020-1508.NASL", "EULEROS_SA-2020-1536.NASL", "EULEROS_SA-2020-1592.NASL", "EULEROS_SA-2020-1606.NASL", "FEDORA_2020-07F0BE216F.NASL", "FEDORA_2020-1AFBE7BA2D.NASL", "FEDORA_2020-5A69DECC0C.NASL", "FEDORA_2020-C6B9FFF7F8.NASL", "FREEBSD_PKG_D2C2C815379311EA8BE354E1AD3D6335.NASL", "OPENSUSE-2018-514.NASL", "OPENSUSE-2020-543.NASL", "ORACLELINUX_ELSA-2018-1318.NASL", "ORACLELINUX_ELSA-2019-4596.NASL", "ORACLELINUX_ELSA-2019-4600.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2020-2082.NASL", "ORACLELINUX_ELSA-2020-2102.NASL", "ORACLELINUX_ELSA-2020-2103.NASL", "ORACLELINUX_ELSA-2020-5663.NASL", "ORACLELINUX_ELSA-2020-5670.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "ORACLELINUX_ELSA-2020-5691.NASL", "ORACLELINUX_ELSA-2020-5708.NASL", "ORACLELINUX_ELSA-2020-5714.NASL", "ORACLELINUX_ELSA-2020-5715.NASL", "ORACLELINUX_ELSA-2021-1578.NASL", "ORACLELINUX_ELSA-2021-9459.NASL", "ORACLEVM_OVMSA-2019-0014.NASL", "ORACLEVM_OVMSA-2020-0019.NASL", "ORACLEVM_OVMSA-2020-0020.NASL", "ORACLEVM_OVMSA-2021-0031.NASL", "PHOTONOS_PHSA-2020-1_0-0290_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0292_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0293_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0230_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0239_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0242_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0251_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0089_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0100_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0102_LINUX.NASL", "REDHAT-RHSA-2018-1318.NASL", "REDHAT-RHSA-2018-1345.NASL", "REDHAT-RHSA-2018-1347.NASL", "REDHAT-RHSA-2018-1348.NASL", "REDHAT-RHSA-2018-1354.NASL", "REDHAT-RHSA-2018-1355.NASL", "REDHAT-RHSA-2018-1374.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "REDHAT-RHSA-2020-1966.NASL", "REDHAT-RHSA-2020-2082.NASL", "REDHAT-RHSA-2020-2085.NASL", "REDHAT-RHSA-2020-2102.NASL", "REDHAT-RHSA-2020-2103.NASL", "REDHAT-RHSA-2020-2104.NASL", "REDHAT-RHSA-2020-2171.NASL", "REDHAT-RHSA-2020-2199.NASL", "REDHAT-RHSA-2020-2214.NASL", "REDHAT-RHSA-2020-2242.NASL", "REDHAT-RHSA-2020-2277.NASL", "REDHAT-RHSA-2020-2285.NASL", "REDHAT-RHSA-2020-2289.NASL", "REDHAT-RHSA-2020-2427.NASL", "REDHAT-RHSA-2020-2428.NASL", "REDHAT-RHSA-2020-2429.NASL", "REDHAT-RHSA-2020-2431.NASL", "REDHAT-RHSA-2020-2433.NASL", "REDHAT-RHSA-2020-2679.NASL", "REDHAT-RHSA-2020-2707.NASL", "REDHAT-RHSA-2020-2854.NASL", "REDHAT-RHSA-2020-5206.NASL", "REDHAT-RHSA-2021-1578.NASL", "REDHAT-RHSA-2021-1739.NASL", "REDHAT-RHSA-2021-2185.NASL", "REDHAT-RHSA-2021-2190.NASL", "REDHAT-RHSA-2021-3176.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20180508_KERNEL_ON_SL7_X.NASL", "SL_20200512_KERNEL_ON_SL6_X.NASL", "SL_20200512_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2018-1222-1.NASL", "SUSE_SU-2018-1223-1.NASL", "SUSE_SU-2018-1224-1.NASL", "SUSE_SU-2018-1226-1.NASL", "SUSE_SU-2018-1227-1.NASL", "SUSE_SU-2018-1229-1.NASL", "SUSE_SU-2018-1230-1.NASL", "SUSE_SU-2018-1231-1.NASL", "SUSE_SU-2018-1232-1.NASL", "SUSE_SU-2018-1233-1.NASL", "SUSE_SU-2018-1234-1.NASL", "SUSE_SU-2018-1235-1.NASL", "SUSE_SU-2018-1236-1.NASL", "SUSE_SU-2018-1237-1.NASL", "SUSE_SU-2018-1239-1.NASL", "SUSE_SU-2018-1241-1.NASL", "SUSE_SU-2018-1242-1.NASL", "SUSE_SU-2018-1243-1.NASL", "SUSE_SU-2018-1244-1.NASL", "SUSE_SU-2018-1245-1.NASL", "SUSE_SU-2018-1247-1.NASL", "SUSE_SU-2018-1250-1.NASL", "SUSE_SU-2018-1251-1.NASL", "SUSE_SU-2018-1253-1.NASL", "SUSE_SU-2018-1254-1.NASL", "SUSE_SU-2018-1255-1.NASL", "SUSE_SU-2018-1256-1.NASL", "SUSE_SU-2018-1257-1.NASL", "SUSE_SU-2018-1258-1.NASL", "SUSE_SU-2018-1259-1.NASL", "SUSE_SU-2018-1261-1.NASL", "SUSE_SU-2018-1262-1.NASL", "SUSE_SU-2018-1264-1.NASL", "SUSE_SU-2018-1266-1.NASL", "SUSE_SU-2018-1267-1.NASL", "SUSE_SU-2018-1268-1.NASL", "SUSE_SU-2018-1269-1.NASL", "SUSE_SU-2018-1272-1.NASL", "SUSE_SU-2018-1273-1.NASL", "SUSE_SU-2018-1366-1.NASL", "SUSE_SU-2018-1368-1.NASL", "SUSE_SU-2018-1374-1.NASL", "SUSE_SU-2018-1375-1.NASL", "SUSE_SU-2018-1376-1.NASL", "SUSE_SU-2018-1855-1.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-0204-1.NASL", "SUSE_SU-2020-1118-1.NASL", "SUSE_SU-2020-1119-1.NASL", "SUSE_SU-2020-1123-1.NASL", "SUSE_SU-2020-1141-1.NASL", "SUSE_SU-2020-1142-1.NASL", "SUSE_SU-2020-1146-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "UBUNTU_USN-3641-1.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4225-1.NASL", "UBUNTU_USN-4225-2.NASL", "UBUNTU_USN-4226-1.NASL", "UBUNTU_USN-4227-1.NASL", "UBUNTU_USN-4228-1.NASL", "UBUNTU_USN-4342-1.NASL", "UBUNTU_USN-4344-1.NASL", "UBUNTU_USN-4345-1.NASL", "UBUNTU_USN-4346-1.NASL", "UBUNTU_USN-4363-1.NASL", "UBUNTU_USN-4364-1.NASL", "UBUNTU_USN-4367-1.NASL", "UBUNTU_USN-4367-2.NASL", "UBUNTU_USN-4368-1.NASL", "UBUNTU_USN-4369-1.NASL", "UBUNTU_USN-4369-2.NASL", "UBUNTU_USN-4385-1.NASL", "UBUNTU_USN-4387-1.NASL", "UBUNTU_USN-4388-1.NASL", "UBUNTU_USN-4389-1.NASL", "UBUNTU_USN-4525-1.NASL", "UBUNTU_USN-4526-1.NASL", "UBUNTU_USN-4527-1.NASL", "VIRTUOZZO_VZA-2018-030.NASL", "VIRTUOZZO_VZA-2020-037.NASL", "VIRTUOZZO_VZA-2020-038.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108766", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704667", "OPENVAS:1361412562310843518", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310844281", "OPENVAS:1361412562310844282", "OPENVAS:1361412562310844283", "OPENVAS:1361412562310844284", "OPENVAS:1361412562310844298", "OPENVAS:1361412562310844406", "OPENVAS:1361412562310844409", "OPENVAS:1361412562310844410", "OPENVAS:1361412562310844411", "OPENVAS:1361412562310844433", "OPENVAS:1361412562310844434", "OPENVAS:1361412562310844438", "OPENVAS:1361412562310844439", "OPENVAS:1361412562310844443", "OPENVAS:1361412562310844448", "OPENVAS:1361412562310844451", "OPENVAS:1361412562310851762", "OPENVAS:1361412562310853121", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310877113", "OPENVAS:1361412562310877132", "OPENVAS:1361412562310877136", "OPENVAS:1361412562310877209", "OPENVAS:1361412562310877859", "OPENVAS:1361412562310877862", "OPENVAS:1361412562310877884", "OPENVAS:1361412562310877951", "OPENVAS:1361412562310882900", "OPENVAS:1361412562310883236", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562310892068", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220201536", "OPENVAS:1361412562311220201592", "OPENVAS:1361412562311220201606"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-1318", "ELSA-2018-1629", "ELSA-2019-4596", "ELSA-2019-4600", "ELSA-2019-4612", "ELSA-2020-1769", "ELSA-2020-2082", "ELSA-2020-2102", "ELSA-2020-2103", "ELSA-2020-2427", "ELSA-2020-2430", "ELSA-2020-2431", "ELSA-2020-5663", "ELSA-2020-5691", "ELSA-2020-5708", "ELSA-2020-5714", "ELSA-2020-5715", "ELSA-2020-5722", "ELSA-2021-1578", "ELSA-2021-9459"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0212", "PHSA-2019-1.0-0236", "PHSA-2019-1.0-0238", "PHSA-2020-1.0-0274", "PHSA-2020-1.0-0279", "PHSA-2020-1.0-0287", "PHSA-2020-1.0-0290", "PHSA-2020-1.0-0292", "PHSA-2020-1.0-0293", "PHSA-2020-1.0-0297", "PHSA-2020-1.0-0303", "PHSA-2020-1.0-0305", "PHSA-2020-2.0-0219", "PHSA-2020-2.0-0230", "PHSA-2020-2.0-0239", "PHSA-2020-2.0-0242", "PHSA-2020-2.0-0246", "PHSA-2020-2.0-0251", "PHSA-2020-2.0-0256", "PHSA-2020-3.0-0052", "PHSA-2020-3.0-0069", "PHSA-2020-3.0-0073", "PHSA-2020-3.0-0089", "PHSA-2020-3.0-0100", "PHSA-2020-3.0-0102", "PHSA-2020-3.0-0108", "PHSA-2020-3.0-0153", "PHSA-2020-3.0-0177"]}, {"type": "redhat", "idList": ["RHSA-2018:1345", "RHSA-2018:1348", "RHSA-2018:1354", "RHSA-2020:2082", "RHSA-2020:2427", "RHSA-2020:2428", "RHSA-2020:2429", "RHSA-2020:2430", "RHSA-2020:2433", "RHSA-2021:1129", "RHSA-2021:3176"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-14897", "RH:CVE-2019-16994", "RH:CVE-2019-19036", "RH:CVE-2019-19045", "RH:CVE-2019-19447", "RH:CVE-2019-19768", "RH:CVE-2019-19770", "RH:CVE-2019-20054", "RH:CVE-2019-20095", "RH:CVE-2019-20096", "RH:CVE-2019-20810", "RH:CVE-2019-20812", "RH:CVE-2019-9458", "RH:CVE-2020-0543", "RH:CVE-2020-10690", "RH:CVE-2020-10711", "RH:CVE-2020-10720", "RH:CVE-2020-10732", "RH:CVE-2020-10751", "RH:CVE-2020-10757", "RH:CVE-2020-10942", "RH:CVE-2020-11494", "RH:CVE-2020-11608", "RH:CVE-2020-11609", "RH:CVE-2020-11669", "RH:CVE-2020-12114", "RH:CVE-2020-12464", "RH:CVE-2020-12652", "RH:CVE-2020-12654", "RH:CVE-2020-12655", "RH:CVE-2020-12656", "RH:CVE-2020-12657", "RH:CVE-2020-12769", "RH:CVE-2020-13143", "RH:CVE-2020-2732", "RH:CVE-2020-8647", "RH:CVE-2020-8648", "RH:CVE-2020-8649", "RH:CVE-2020-8834"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1418-1", "OPENSUSE-SU-2020:0543-1", "OPENSUSE-SU-2020:0791-1", "SUSE-SU-2018:1222-1", "SUSE-SU-2018:1223-1", "SUSE-SU-2018:1224-1", "SUSE-SU-2018:1225-1", "SUSE-SU-2018:1226-1", "SUSE-SU-2018:1227-1", "SUSE-SU-2018:1228-1", "SUSE-SU-2018:1229-1", "SUSE-SU-2018:1230-1", "SUSE-SU-2018:1231-1", "SUSE-SU-2018:1232-1", "SUSE-SU-2018:1233-1", "SUSE-SU-2018:1234-1", "SUSE-SU-2018:1235-1", "SUSE-SU-2018:1236-1", "SUSE-SU-2018:1237-1", "SUSE-SU-2018:1238-1", "SUSE-SU-2018:1239-1", "SUSE-SU-2018:1240-1", "SUSE-SU-2018:1241-1", "SUSE-SU-2018:1242-1", "SUSE-SU-2018:1243-1", "SUSE-SU-2018:1244-1", "SUSE-SU-2018:1245-1", "SUSE-SU-2018:1246-1", "SUSE-SU-2018:1247-1", "SUSE-SU-2018:1248-1", "SUSE-SU-2018:1249-1", "SUSE-SU-2018:1250-1", "SUSE-SU-2018:1251-1", "SUSE-SU-2018:1252-1", "SUSE-SU-2018:1253-1", "SUSE-SU-2018:1254-1", "SUSE-SU-2018:1255-1", "SUSE-SU-2018:1256-1", "SUSE-SU-2018:1257-1", "SUSE-SU-2018:1258-1", "SUSE-SU-2018:1259-1", "SUSE-SU-2018:1260-1", "SUSE-SU-2018:1261-1", "SUSE-SU-2018:1262-1", "SUSE-SU-2018:1263-1", "SUSE-SU-2018:1264-1", "SUSE-SU-2018:1266-1", "SUSE-SU-2018:1267-1", "SUSE-SU-2018:1268-1", "SUSE-SU-2018:1269-1", "SUSE-SU-2018:1270-1", "SUSE-SU-2018:1272-1", "SUSE-SU-2018:1273-1"]}, {"type": "symantec", "idList": ["SMNTC-111006"]}, {"type": "talos", "idList": ["SAP"]}, {"type": "thn", "idList": ["THN:8841D27BD6D8D04E9583E7E0F20898D5"]}, {"type": "threatpost", "idList": ["THREATPOST:3073D5AD7F3554F422710689A9436CAA", "THREATPOST:E8A45942B4C8BC03FF0C464DB57C713C", "THREATPOST:EF0075FFF210E542FF3ECB996DDA02A3"]}, {"type": "ubuntu", "idList": ["LSN-0066-1", "LSN-0067-1", "LSN-0068-1", "USN-3641-1", "USN-3641-2", "USN-3932-1", "USN-3932-2", "USN-4225-1", "USN-4225-2", "USN-4226-1", "USN-4227-1", "USN-4227-2", "USN-4228-1", "USN-4228-2", "USN-4342-1", "USN-4344-1", "USN-4345-1", "USN-4346-1", "USN-4363-1", "USN-4364-1", "USN-4367-1", "USN-4367-2", "USN-4368-1", "USN-4369-1", "USN-4369-2", "USN-4385-1", "USN-4385-2", "USN-4387-1", "USN-4389-1", "USN-4392-1", "USN-4393-1", "USN-4525-1", "USN-4526-1", "USN-4527-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-14615", "UB:CVE-2019-14896", "UB:CVE-2019-14897", "UB:CVE-2019-16994", "UB:CVE-2019-19036", "UB:CVE-2019-19045", "UB:CVE-2019-19054", "UB:CVE-2019-19318", "UB:CVE-2019-19319", "UB:CVE-2019-19447", "UB:CVE-2019-19462", "UB:CVE-2019-19768", "UB:CVE-2019-19770", "UB:CVE-2019-19965", "UB:CVE-2019-19966", "UB:CVE-2019-20054", "UB:CVE-2019-20095", "UB:CVE-2019-20096", "UB:CVE-2019-20810", "UB:CVE-2019-20812", "UB:CVE-2019-9455", "UB:CVE-2019-9458", "UB:CVE-2020-0543", "UB:CVE-2020-10690", "UB:CVE-2020-10711", "UB:CVE-2020-10720", "UB:CVE-2020-10732", "UB:CVE-2020-10751", "UB:CVE-2020-10757", "UB:CVE-2020-10942", "UB:CVE-2020-11494", "UB:CVE-2020-11608", "UB:CVE-2020-11609", "UB:CVE-2020-11669", "UB:CVE-2020-12114", "UB:CVE-2020-12464", "UB:CVE-2020-12652", "UB:CVE-2020-12653", "UB:CVE-2020-12654", "UB:CVE-2020-12655", "UB:CVE-2020-12656", "UB:CVE-2020-12657", "UB:CVE-2020-12769", "UB:CVE-2020-13143", "UB:CVE-2020-2732", "UB:CVE-2020-7053", "UB:CVE-2020-8428", "UB:CVE-2020-8647", "UB:CVE-2020-8648", "UB:CVE-2020-8649", "UB:CVE-2020-8834", "UB:CVE-2020-8992", "UB:CVE-2020-9383"]}, {"type": "virtuozzo", "idList": ["VZA-2018-030", "VZA-2020-036", "VZA-2020-037", "VZA-2020-038", "VZA-2020-044", "VZA-2020-045"]}, {"type": "xen", "idList": ["XSA-320"]}]}, "exploitation": null, "vulnersScore": 0.0}, "_state": {"dependencies": 1660144098, "score": 1660144387}, "_internal": {"score_hash": "71c313c5c367481da67a0b597aeefbdf"}, "pluginID": "138272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1663-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138272);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-1000199\", \"CVE-2019-14615\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16994\", \"CVE-2019-19036\", \"CVE-2019-19045\", \"CVE-2019-19054\", \"CVE-2019-19318\", \"CVE-2019-19319\", \"CVE-2019-19447\", \"CVE-2019-19462\", \"CVE-2019-19768\", \"CVE-2019-19770\", \"CVE-2019-19965\", \"CVE-2019-19966\", \"CVE-2019-20054\", \"CVE-2019-20095\", \"CVE-2019-20096\", \"CVE-2019-20810\", \"CVE-2019-20812\", \"CVE-2019-3701\", \"CVE-2019-9455\", \"CVE-2019-9458\", \"CVE-2020-0543\", \"CVE-2020-10690\", \"CVE-2020-10711\", \"CVE-2020-10720\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11669\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12656\", \"CVE-2020-12657\", \"CVE-2020-12769\", \"CVE-2020-13143\", \"CVE-2020-2732\", \"CVE-2020-7053\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-8834\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 kernel was updated receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-0543: Fixed a side channel attack against special registers\nwhich could have resulted in leaking of read values to cores other\nthan the one which called it. This attack is known as Special Register\nBuffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).\n\nCVE-2020-9383: Fixed an out-of-bounds read due to improper error\ncondition check of FDC index (bsc#1165111).\n\nCVE-2020-8992: Fixed an issue which could have allowed attackers to\ncause a soft lockup via a crafted journal size (bsc#1164069).\n\nCVE-2020-8834: Fixed a stack corruption which could have lead to\nkernel panic (bsc#1168276).\n\nCVE-2020-8649: Fixed a use-after-free in the vgacon_invert_region\nfunction in drivers/video/console/vgacon.c (bsc#1162931).\n\nCVE-2020-8648: Fixed a use-after-free in the n_tty_receive_buf_common\nfunction in drivers/tty/n_tty.c (bsc#1162928).\n\nCVE-2020-8647: Fixed a use-after-free in the vc_do_resize function in\ndrivers/tty/vt/vt.c (bsc#1162929).\n\nCVE-2020-8428: Fixed a use-after-free which could have allowed local\nusers to cause a denial of service (bsc#1162109).\n\nCVE-2020-7053: Fixed a use-after-free in the i915_ppgtt_close function\nin drivers/gpu/drm/i915/i915_gem_gtt.c (bsc#1160966).\n\nCVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest\nmay trick the L0 hypervisor into accessing sensitive L1 resources\n(bsc#1163971).\n\nCVE-2020-13143: Fixed an out-of-bounds read in\ngadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c\n(bsc#1171982).\n\nCVE-2020-12769: Fixed an issue which could have allowed attackers to\ncause a panic via concurrent calls to dw_spi_irq and\ndw_spi_transfer_one (bsc#1171983).\n\nCVE-2020-12657: An a use-after-free in block/bfq-iosched.c\n(bsc#1171205).\n\nCVE-2020-12656: Fixed an improper handling of certain domain_release\ncalls leadingch could have led to a memory leak (bsc#1171219).\n\nCVE-2020-12655: Fixed an issue which could have allowed attackers to\ntrigger a sync of excessive duration via an XFS v5 image with crafted\nmetadata (bsc#1171217).\n\nCVE-2020-12654: Fixed an issue in he wifi driver which could have\nallowed a remote AP to trigger a heap-based buffer overflow\n(bsc#1171202).\n\nCVE-2020-12653: Fixed an issue in the wifi driver which could have\nallowed local users to gain privileges or cause a denial of service\n(bsc#1171195).\n\nCVE-2020-12652: Fixed an issue which could have allowed local users to\nhold an incorrect lock during the ioctl operation and trigger a race\ncondition (bsc#1171218).\n\nCVE-2020-12464: Fixed a use-after-free due to a transfer without a\nreference (bsc#1170901).\n\nCVE-2020-12114: Fixed a pivot_root race condition which could have\nallowed local users to cause a denial of service (panic) by corrupting\na mountpoint reference counter (bsc#1171098).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-11609: Fixed a NULL pointer dereference due to improper\nhandling of descriptors (bsc#1168854).\n\nCVE-2020-11608: Fixed a NULL pointer dereferences via a crafted USB\n(bsc#1168829).\n\nCVE-2020-11494: Fixed an issue which could have allowed attackers to\nread uninitialized can_frame data (bsc#1168424).\n\nCVE-2020-10942: Fixed a kernel stack corruption via crafted system\ncalls (bsc#1167629).\n\nCVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon\nmmap could have caused user PTE access (bsc#1172317).\n\nCVE-2020-10751: Fixed an improper implementation in SELinux LSM hook\nwhere it was assumed that an skb would only contain a single netlink\nmessage (bsc#1171189).\n\nCVE-2020-10732: Fixed kernel data leak in userspace coredumps due to\nuninitialized data (bsc#1171220).\n\nCVE-2020-10720: Fixed a use-after-free read in napi_gro_frags()\n(bsc#1170778).\n\nCVE-2020-10711: Fixed a NULL pointer dereference in SELinux subsystem\nwhich could have allowed a remote network user to crash the kernel\nresulting in a denial of service (bsc#1171191).\n\nCVE-2020-10690: Fixed the race between the release of ptp_clock and\ncdev (bsc#1170056).\n\nCVE-2019-9458: Fixed a use after free due to a race condition which\ncould have led to privilege escalation of privilege (bsc#1168295).\n\nCVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a\nvideo driver. This could lead to local information disclosure with\nSystem execution privileges needed (bsc#1170345).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bsc#1120386).\n\nCVE-2019-20812: Fixed an issue in prb_calc_retire_blk_tmo() which\ncould have resulted in a denial of service (bsc#1172453).\n\nCVE-2019-20810: Fixed a memory leak in due to not calling of\nsnd_card_free (bsc#1172458).\n\nCVE-2019-20096: Fixed a memory leak in __feat_register_sp() in\nnet/dccp/feat.c, which could have caused denial of service\n(bsc#1159908).\n\nCVE-2019-20095: Fixed an improper error-handling cases that did not\nfree allocated hostcmd memory which was causing memory leak\n(bsc#1159909).\n\nCVE-2019-20054: Fixed a NULL pointer dereference in\ndrop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links\n(bsc#1159910).\n\nCVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could\nhave caused denial of service (bsc#1159841).\n\nCVE-2019-19965: Fixed a NULL pointer dereference, due to mishandling\nof port disconnection during discovery (bsc#1159911).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bsc#1159285).\n\nCVE-2019-19462: Fixed an issue which could have allowed local user to\ncause denial of service (bsc#1158265).\n\nCVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem\nimage (bsc#1158819).\n\nCVE-2019-19319: Fixed a user after free when a large old_size value is\nused in a memset call (bsc#1158021).\n\nCVE-2019-19318: Fixed a use after free via a crafted btrfs image\n(bsc#1158026).\n\nCVE-2019-19054: Fixed a memory leak in the cx23888_ir_probe() which\ncould have allowed attackers to cause a denial of service\n(bsc#1161518).\n\nCVE-2019-19045: Fixed a memory leak in which could have allowed\nattackers to cause a denial of service (bsc#1161522).\n\nCVE-2019-19036: Fixed a NULL pointer dereference in btrfs_root_node\n(bsc#1157692).\n\nCVE-2019-16994: Fixed a memory leak which might have caused denial of\nservice (bsc#1161523).\n\nCVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver\n(bsc#1157155).\n\nCVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver\n(bsc#1157157).\n\nCVE-2019-14615: Fixed an improper control flow in certain data\nstructures which could have led to information disclosure\n(bsc#1160195).\n\nCVE-2018-1000199: Fixed a potential local code execution via ptrace\n(bsc#1089895).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159569\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160756\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160917\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170617\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170618\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171220\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000199/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14615/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14896/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14897/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16994/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19036/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19045/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19318/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19319/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19447/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19462/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19768/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19965/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19966/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20095/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20810/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20812/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3701/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9455/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9458/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-0543/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10690/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10711/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10720/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10732/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10751/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10757/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11608/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11609/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12114/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12464/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12652/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12653/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12654/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12655/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12656/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12657/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-12769/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-13143/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-2732/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-7053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8428/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8647/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8648/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8649/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8834/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8992/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9383/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201663-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37205986\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-1663=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-1663=1\n\nSUSE Linux Enterprise Module for Live Patching 15 :\n\nzypper in -t patch SUSE-SLE-Module-Live-Patching-15-2020-1663=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-1663=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-1663=1\n\nSUSE Linux Enterprise High Availability 15 :\n\nzypper in -t patch SUSE-SLE-Product-HA-15-2020-1663=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-base-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-debuginfo-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-debugsource-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-devel-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-devel-debuginfo-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-obs-build-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-obs-build-debugsource-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-syms-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-vanilla-base-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-vanilla-debuginfo-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-vanilla-debugsource-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"reiserfs-kmp-default-4.12.14-150.52.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-150.52.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15"], "solution": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-1663=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-1663=1\n\nSUSE Linux Enterprise Module for Live Patching 15 :\n\nzypper in -t patch SUSE-SLE-Module-Live-Patching-15-2020-1663=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-1663=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-1663=1\n\nSUSE Linux Enterprise High Availability 15 :\n\nzypper in -t patch SUSE-SLE-Product-HA-15-2020-1663=1", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "High", "score": "7.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-06-18T00:00:00", "vulnerabilityPublicationDate": "2018-05-24T00:00:00", "exploitableWith": []}

{"suse": [{"lastseen": "2022-04-18T12:41:17", "description": "An update that solves 25 vulnerabilities and has 132 fixes\n is now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-0543: Fixed a side channel attack against special registers\n which could have resulted in leaking of read values to cores other than\n the one which called it. This attack is known as Special Register Buffer\n Data Sampling (SRBDS) or \"CrossTalk\" (bsc#1154824).\n - CVE-2018-1000199: Fixed a potential local code execution via ptrace\n (bsc#1089895).\n - CVE-2019-19462: relay_open in kernel/relay.c allowed local users to\n cause a denial of service (such as relay blockage) by triggering a NULL\n alloc_percpu result (bnc#1158265).\n - CVE-2019-20806: Fixed a null pointer dereference in\n tw5864_handle_frame() which may had lead to denial of service\n (bsc#1172199).\n - CVE-2019-20812: The prb_calc_retire_blk_tmo() function in\n net/packet/af_packet.c can result in a denial of service (CPU\n consumption and soft lockup) in a certain failure case involving\n TPACKET_V3, aka CID-b43d1f9f7067 (bnc#1172453).\n - CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a\n video driver. This could lead to local information disclosure with\n System execution privileges needed (bsc#1170345).\n - CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev\n (bsc#1170056).\n - CVE-2020-10711: Fixed a null pointer dereference in SELinux subsystem\n which could have allowed a remote network user to crash the kernel\n resulting in a denial of service (bsc#1171191).\n - CVE-2020-10720: Fixed a use-after-free read in napi_gro_frags()\n (bsc#1170778).\n - CVE-2020-10732: Fixed kernel data leak in userspace coredumps due to\n uninitialized data (bsc#1171220).\n - CVE-2020-10751: Fixed an improper implementation in SELinux LSM hook\n where it was assumed that an skb would only contain a single netlink\n message (bsc#1171189).\n - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap\n could have caused user PTE access (bsc#1172317).\n - CVE-2020-11608: An issue was discovered in\n drivers/media/usb/gspca/ov519.c that allowed NULL pointer dereferences\n in ov511_mode_init_regs and ov518_mode_init_regs when there are zero\n endpoints, aka CID-998912346c0d (bnc#1168829).\n - CVE-2020-11609: An issue was discovered in the stv06xx subsystem in\n drivers/media/usb/gspca/stv06xx/stv06xx.c and\n drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid\n descriptors, as demonstrated by a NULL pointer dereference, aka\n CID-485b06aadb93 (bnc#1168854).\n - CVE-2020-12114: Fixed a pivot_root race condition which could have\n allowed local users to cause a denial of service (panic) by corrupting a\n mountpoint reference counter (bsc#1171098).\n - CVE-2020-12464: Fixed a use-after-free due to a transfer without a\n reference (bsc#1170901).\n - CVE-2020-12652: Fixed an issue which could have allowed local users to\n hold an incorrect lock during the ioctl operation and trigger a race\n condition (bsc#1171218).\n - CVE-2020-12653: Fixed an issue in the wifi driver which could have\n allowed local users to gain privileges or cause a denial of service\n (bsc#1171195).\n - CVE-2020-12654: Fixed an issue in he wifi driver which could have\n allowed a remote AP to trigger a heap-based buffer overflow\n (bsc#1171202).\n - CVE-2020-12655: Fixed an issue which could have allowed attackers to\n trigger a sync of excessive duration via an XFS v5 image with crafted\n metadata (bsc#1171217).\n - CVE-2020-12656: Fixed an improper handling of certain domain_release\n calls leadingch could have led to a memory leak (bsc#1171219).\n - CVE-2020-12657: An a use-after-free in block/bfq-iosched.c (bsc#1171205).\n - CVE-2020-12659: Fixed an out-of-bounds write (by a user with the\n CAP_NET_ADMIN capability) due to improper headroom validation\n (bsc#1171214).\n - CVE-2020-12769: Fixed an issue which could have allowed attackers to\n cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one\n (bsc#1171983).\n - CVE-2020-13143: Fixed an out-of-bounds read in gadget_dev_desc_UDC_store\n in drivers/usb/gadget/configfs.c (bsc#1171982).\n\n The following non-security bugs were fixed:\n\n - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()\n (bsc#1051510).\n - ACPI: sysfs: Fix reference count leak in\n acpi_sysfs_add_hotplug_profile() (bsc#1051510).\n - acpi/x86: ignore unspecified bit positions in the ACPI global lock field\n (bsc#1051510).\n - Add br_netfilter to kernel-default-base (bsc#1169020)\n - agp/intel: Reinforce the barrier after GTT updates (bsc#1051510).\n - ALSA: ctxfi: Remove unnecessary cast in kfree (bsc#1051510).\n - ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256\n (bsc#1051510).\n - ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666).\n - ALSA: hda: Add driver blacklist (bsc#1051510).\n - ALSA: hda: Always use jackpoll helper for jack update after resume\n (bsc#1051510).\n - ALSA: hda: call runtime_allow() for all hda controllers (bsc#1051510).\n - ALSA: hda: Do not release card at firmware loading error (bsc#1051510).\n - ALSA: hda: Explicitly permit using autosuspend if runtime PM is\n supported (bsc#1051510).\n - ALSA: hda/hdmi: fix race in monitor detection during probe (bsc#1051510).\n - ALSA: hda/hdmi: fix without unlocked before return (bsc#1051510).\n - ALSA: hda: Honor PM disablement in PM freeze and thaw_noirq ops\n (bsc#1051510).\n - ALSA: hda: Keep the controller initialization even if no codecs found\n (bsc#1051510).\n - ALSA: hda: Match both PCI ID and SSID for driver blacklist (bsc#1111666).\n - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround\n (bsc#1172017).\n - ALSA: hda/realtek - Add COEF workaround for ASUS ZenBook UX431DA\n (git-fixes).\n - ALSA: hda/realtek - Add HP new mute led supported for ALC236 (git-fixes).\n - ALSA: hda/realtek - Add more fixup entries for Clevo machines\n (git-fixes).\n - ALSA: hda/realtek - Add new codec supported for ALC245 (bsc#1051510).\n - ALSA: hda/realtek - Add new codec supported for ALC287 (git-fixes).\n - ALSA: hda/realtek: Add quirk for Samsung Notebook (git-fixes).\n - ALSA: hda/realtek - Add supported new mute Led for HP (git-fixes).\n - ALSA: hda/realtek - Enable headset mic of ASUS GL503VM with ALC295\n (git-fixes).\n - ALSA: hda/realtek - Enable headset mic of ASUS UX550GE with ALC295\n (git-fixes).\n - ALSA: hda/realtek: Enable headset mic of ASUS UX581LV with ALC295\n (git-fixes).\n - ALSA: hda/realtek - Enable the headset mic on Asus FX505DT (bsc#1051510).\n - ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse (git-fixes).\n - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme\n (bsc#1111666).\n - ALSA: hda/realtek - Fix unexpected init_amp override (bsc#1051510).\n - ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 (git-fixes\n bsc#1171293).\n - ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter (bsc#1051510).\n - ALSA: hda: Release resources at error in delayed probe (bsc#1051510).\n - ALSA: hda: Remove ASUS ROG Zenith from the blacklist (bsc#1051510).\n - ALSA: hda: Skip controller resume if not needed (bsc#1051510).\n - ALSA: hwdep: fix a left shifting 1 by 31 UB bug (git-fixes).\n - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio\n option (git-fixes).\n - ALSA: opti9xx: shut up gcc-10 range warning (bsc#1051510).\n - ALSA: pcm: fix incorrect hw_base increase (git-fixes).\n - ALSA: pcm: oss: Place the plugin buffer overflow checks correctly\n (bsc#1170522).\n - ALSA: rawmidi: Fix racy buffer resize under concurrent accesses\n (git-fixes).\n - ALSA: usb-audio: Add connector notifier delegation (bsc#1051510).\n - ALSA: usb-audio: Add control message quirk delay for Kingston HyperX\n headset (git-fixes).\n - ALSA: usb-audio: add mapping for ASRock TRX40 Creator (git-fixes).\n - ALSA: usb-audio: Add mixer workaround for TRX40 and co (bsc#1051510).\n - ALSA: usb-audio: Add quirk for Focusrite Scarlett 2i2 (bsc#1051510).\n - ALSA: usb-audio: Add static mapping table for ALC1220-VB-based mobos\n (bsc#1051510).\n - ALSA: usb-audio: Apply async workaround for Scarlett 2i4 2nd gen\n (bsc#1051510).\n - ALSA: usb-audio: Check mapping at creating connector controls, too\n (bsc#1051510).\n - ALSA: usb-audio: Correct a typo of NuPrime DAC-10 USB ID (bsc#1051510).\n - ALSA: usb-audio: Do not create jack controls for PCM terminals\n (bsc#1051510).\n - ALSA: usb-audio: Do not override ignore_ctl_error value from the map\n (bsc#1051510).\n - ALSA: usb-audio: Filter error from connector kctl ops, too (bsc#1051510).\n - ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif\n (bsc#1051510).\n - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC\n (git-fixes).\n - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio\n (git-fixes).\n - ALSA: usx2y: Fix potential NULL dereference (bsc#1051510).\n - ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry\n (bsc#1051510).\n - ASoC: dapm: connect virtual mux with default value (bsc#1051510).\n - ASoC: dapm: fixup dapm kcontrol widget (bsc#1051510).\n - ASoC: dpcm: allow start or stop during pause for backend (bsc#1051510).\n - ASoC: fix regwmask (bsc#1051510).\n - ASoC: msm8916-wcd-digital: Reset RX interpolation path after use\n (bsc#1051510).\n - ASoC: samsung: Prevent clk_get_rate() calls in atomic context\n (bsc#1111666).\n - ASoC: topology: Check return value of pcm_new_ver (bsc#1051510).\n - ASoC: topology: use name_prefix for new kcontrol (bsc#1051510).\n - b43legacy: Fix case where channel status is corrupted (bsc#1051510).\n - batman-adv: fix batadv_nc_random_weight_tq (git-fixes).\n - batman-adv: Fix refcnt leak in batadv_show_throughput_override\n (git-fixes).\n - batman-adv: Fix refcnt leak in batadv_store_throughput_override\n (git-fixes).\n - batman-adv: Fix refcnt leak in batadv_v_ogm_process (git-fixes).\n - bcache: avoid unnecessary btree nodes flushing in btree_flush_write()\n (git fixes (block drivers)).\n - bcache: fix incorrect data type usage in btree_flush_write() (git fixes\n (block drivers)).\n - bcache: Revert \"bcache: shrink btree node cache after bch_btree_check()\"\n (git fixes (block drivers)).\n - blk-mq: honor IO scheduler for multiqueue devices (bsc#1165478).\n - blk-mq: simplify blk_mq_make_request() (bsc#1165478).\n - block/drbd: delete invalid function drbd_md_mark_dirty_ (bsc#1171527).\n - block: drbd: remove a stray unlock in __drbd_send_protocol()\n (bsc#1171599).\n - block: fix busy device checking in blk_drop_partitions again\n (bsc#1171948).\n - block: fix busy device checking in blk_drop_partitions (bsc#1171948).\n - block: fix memleak of bio integrity data (git fixes (block drivers)).\n - block: remove the bd_openers checks in blk_drop_partitions (bsc#1171948).\n - bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets()\n (networking-stable-20_03_28).\n - bnxt_en: Reduce BNXT_MSIX_VEC_MAX value to supported CQs per PF\n (bsc#1104745).\n - bnxt_en: reinitialize IRQs when MTU is modified\n (networking-stable-20_03_14).\n - bnxt_en: Return error if bnxt_alloc_ctx_mem() fails (bsc#1104745 ).\n - bnxt_en: Return error when allocating zero size context memory\n (bsc#1104745).\n - bonding/alb: make sure arp header is pulled before accessing it\n (networking-stable-20_03_14).\n - bpf: Fix sk_psock refcnt leak when receiving message (bsc#1083647).\n - bpf: Forbid XADD on spilled pointers for unprivileged users\n (bsc#1083647).\n - brcmfmac: abort and release host after error (bsc#1051510).\n - btrfs: fix deadlock with memory reclaim during scrub (bsc#1172127).\n - btrfs: fix log context list corruption after rename whiteout error\n (bsc#1172342).\n - btrfs: fix partial loss of prealloc extent past i_size after fsync\n (bsc#1172343).\n - btrfs: relocation: add error injection points for cancelling balance\n (bsc#1171417).\n - btrfs: relocation: Check cancel request after each data page read\n (bsc#1171417).\n - btrfs: relocation: Check cancel request after each extent found\n (bsc#1171417).\n - btrfs: relocation: Clear the DEAD_RELOC_TREE bit for orphan roots to\n prevent runaway balance (bsc#1171417).\n - btrfs: relocation: Fix reloc root leakage and the NULL pointer reference\n caused by the leakage (bsc#1171417).\n - btrfs: relocation: Work around dead relocation stage loop (bsc#1171417).\n - btrfs: reloc: clear DEAD_RELOC_TREE bit for orphan roots to prevent\n runaway balance (bsc#1171417 bsc#1160947 bsc#1172366).\n - btrfs: reloc: fix reloc root leak and NULL pointer dereference\n (bsc#1171417 bsc#1160947 bsc#1172366).\n - btrfs: setup a nofs context for memory allocation at btrfs_create_tree()\n (bsc#1172127).\n - btrfs: setup a nofs context for memory allocation at __btrfs_set_acl\n (bsc#1172127).\n - btrfs: use nofs context when initializing security xattrs to avoid\n deadlock (bsc#1172127).\n - can: add missing attribute validation for termination\n (networking-stable-20_03_14).\n - cdc-acm: close race betrween suspend() and acm_softint (git-fixes).\n - cdc-acm: introduce a cool down (git-fixes).\n - ceph: check if file lock exists before sending unlock request\n (bsc#1168789).\n - ceph: demote quotarealm lookup warning to a debug message (bsc#1171692).\n - ceph: fix double unlock in handle_cap_export() (bsc#1171694).\n - ceph: fix endianness bug when handling MDS session feature bits\n (bsc#1171695).\n - cgroup, netclassid: periodically release file_lock on classid updating\n (networking-stable-20_03_14).\n - cifs: Allocate crypto structures on the fly for calculating signatures\n of incoming packets (bsc#1144333).\n - cifs: Allocate encryption header through kmalloc (bsc#1144333).\n - cifs: allow unlock flock and OFD lock across fork (bsc#1144333).\n - cifs: check new file size when extending file by fallocate (bsc#1144333).\n - cifs: cifspdu.h: Replace zero-length array with flexible-array member\n (bsc#1144333).\n - cifs: clear PF_MEMALLOC before exiting demultiplex thread (bsc#1144333).\n - cifs: do not share tcons with DFS (bsc#1144333).\n - cifs: dump the session id and keys also for SMB2 sessions (bsc#1144333).\n - cifs: ensure correct super block for DFS reconnect (bsc#1144333).\n - cifs: Fix bug which the return value by asynchronous read is error\n (bsc#1144333).\n - cifs: fix uninitialised lease_key in open_shroot() (bsc#1144333).\n - cifs: improve read performance for page size 64KB & cache=strict &\n vers=2.1+ (bsc#1144333).\n - cifs: Increment num_remote_opens stats counter even in case of\n smb2_query_dir_first (bsc#1144333).\n - cifs: minor update to comments around the cifs_tcp_ses_lock mutex\n (bsc#1144333).\n - cifs: protect updating server->dstaddr with a spinlock (bsc#1144333).\n - cifs: smb2pdu.h: Replace zero-length array with flexible-array member\n (bsc#1144333).\n - cifs: smbd: Calculate the correct maximum packet size for segmented\n SMBDirect send/receive (bsc#1144333).\n - cifs: smbd: Check and extend sender credits in interrupt context\n (bsc#1144333).\n - cifs: smbd: Check send queue size before posting a send (bsc#1144333).\n - cifs: smbd: Do not schedule work to send immediate packet on every\n receive (bsc#1144333).\n - cifs: smbd: Merge code to track pending packets (bsc#1144333).\n - cifs: smbd: Properly process errors on ib_post_send (bsc#1144333).\n - cifs: smbd: Update receive credits before sending and deal with credits\n roll back on failure before sending (bsc#1144333).\n - cifs: Warn less noisily on default mount (bsc#1144333).\n - clk: Add clk_hw_unregister_composite helper function definition\n (bsc#1051510).\n - clk: imx6ull: use OSC clock during AXI rate change (bsc#1051510).\n - clk: imx: make mux parent strings const (bsc#1051510).\n - clk: mediatek: correct the clocks for MT2701 HDMI PHY module\n (bsc#1051510).\n - clk: sunxi-ng: a64: Fix gate bit of DSI DPHY (bsc#1051510).\n - clocksource/drivers/hyper-v: Set TSC clocksource as default w/\n InvariantTSC (bsc#1170620, bsc#1170621).\n - clocksource: dw_apb_timer_of: Fix missing clockevent timers\n (bsc#1051510).\n - component: Silence bind error on -EPROBE_DEFER (bsc#1051510).\n - coresight: do not use the BIT() macro in the UAPI header (git fixes\n (block drivers)).\n - cpufreq: s3c64xx: Remove pointless NULL check in\n s3c64xx_cpufreq_driver_init (bsc#1051510).\n - crypto: ccp - AES CFB mode is a stream cipher (git-fixes).\n - crypto: ccp - Clean up and exit correctly on allocation failure\n (git-fixes).\n - crypto: ccp - Cleanup misc_dev on sev_exit() (bsc#1114279).\n - crypto: ccp - Cleanup sp_dev_master in psp_dev_destroy() (bsc#1114279).\n - cxgb4: fix MPS index overwrite when setting MAC address (bsc#1127355).\n - cxgb4: fix Txq restart check during backpressure (bsc#1127354\n bsc#1127371).\n - debugfs: Add debugfs_create_xul() for hexadecimal unsigned long\n (git-fixes).\n - debugfs_lookup(): switch to lookup_one_len_unlocked() (bsc#1171979).\n - devlink: fix return value after hitting end in region read (bsc#1109837).\n - devlink: validate length of param values (bsc#1109837).\n - devlink: validate length of region addr/len (bsc#1109837).\n - dmaengine: dmatest: Fix iteration non-stop logic (bsc#1051510).\n - dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574).\n - dm-raid1: fix invalid return value from dm_mirror (bsc#1172378).\n - dm writecache: fix data corruption when reloading the target (git fixes\n (block drivers)).\n - dm writecache: fix incorrect flush sequence when doing SSD mode commit\n (git fixes (block drivers)).\n - dm writecache: verify watermark during resume (git fixes (block\n drivers)).\n - dm zoned: fix invalid memory access (git fixes (block drivers)).\n - dm zoned: reduce overhead of backing device checks (git fixes (block\n drivers)).\n - dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone() (git\n fixes (block drivers)).\n - dm zoned: support zone sizes smaller than 128MiB (git fixes (block\n drivers)).\n - dp83640: reverse arguments to list_add_tail (git-fixes).\n - drivers: hv: Add a module description line to the hv_vmbus driver\n (bsc#1172249, bsc#1172251).\n - drivers/net/ibmvnic: Update VNIC protocol version reporting\n (bsc#1065729).\n - drivers: w1: add hwmon support structures (jsc#SLE-11048).\n - drivers: w1: add hwmon temp support for w1_therm (jsc#SLE-11048).\n - drivers: w1: refactor w1_slave_show to make the temp reading\n functionality separate (jsc#SLE-11048).\n - drm: amd/acp: fix broken menu structure (bsc#1114279)\n - drm/amdgpu: Correctly initialize thermal controller for GPUs with\n Powerplay table v0 (e.g Hawaii) (bsc#1111666).\n - drm/amdgpu: Fix oops when pp_funcs is unset in ACPI event (bsc#1111666).\n - drm/amd/powerplay: force the trim of the mclk dpm_levels if OD is\n (bsc#1113956)\n - drm/atomic: Take the atomic toys away from X (bsc#1112178) \t* context\n changes\n - drm/crc: Actually allow to change the crc source (bsc#1114279) \t* offset\n changes\n - drm/dp_mst: Fix clearing payload state on topology disable (bsc#1051510).\n - drm/dp_mst: Reformat drm_dp_check_act_status() a bit (bsc#1051510).\n - drm/edid: Fix off-by-one in DispID DTD pixel clock (bsc#1114279)\n - drm/etnaviv: fix perfmon domain interation (bsc#1113956)\n - drm/etnaviv: rework perfmon query infrastructure (bsc#1112178)\n - drm/i915: Apply Wa_1406680159:icl,ehl as an engine workaround\n (bsc#1112178)\n - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of\n (bsc#1114279)\n - drm/i915: HDCP: fix Ri prime check done during link check (bsc#1112178)\n - drm/i915: properly sanity check batch_start_offset (bsc#1114279)\n - drm/meson: Delete an error message in meson_dw_hdmi_bind() (bsc#1051510).\n - drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem\n (bsc#1114279)\n - drm/qxl: qxl_release leak in qxl_draw_dirty_fb() (bsc#1051510).\n - drm/qxl: qxl_release leak in qxl_hw_surface_alloc() (bsc#1051510).\n - drm/qxl: qxl_release use after free (bsc#1051510).\n - drm: Remove PageReserved manipulation from drm_pci_alloc (bsc#1114279)\n - drm/sun4i: dsi: Allow binding the host without a panel (bsc#1113956)\n - drm/sun4i: dsi: Avoid hotplug race with DRM driver bind (bsc#1113956)\n - drm/sun4i: dsi: Remove incorrect use of runtime PM (bsc#1113956)\n - drm/sun4i: dsi: Remove unused drv from driver context (bsc#1113956)\n - dump_stack: avoid the livelock of the dump_lock (git fixes (block\n drivers)).\n - EDAC, sb_edac: Add support for systems with segmented PCI buses\n (bsc#1169525).\n - ext4: do not zeroout extents beyond i_disksize (bsc#1167851).\n - ext4: fix extent_status fragmentation for plain files (bsc#1171949).\n - ext4: use non-movable memory for superblock readahead (bsc#1171952).\n - fanotify: fix merging marks masks with FAN_ONDIR (bsc#1171679).\n - fbcon: fix null-ptr-deref in fbcon_switch (bsc#1114279)\n - fib: add missing attribute validation for tun_id\n (networking-stable-20_03_14).\n - firmware: qcom: scm: fix compilation error when disabled (bsc#1051510).\n - Fix a backport bug, where btrfs_put_root() -> btrfs_put_fs_root()\n modification is not needed due to missing dependency\n - Following two patches needs to be combined as one commit (one adds\n context, later removes which affects existing patch) else commit series\n cannot be sequenced.\n - fpga: dfl: afu: Corrected error handling levels (git-fixes).\n - fs/cifs: fix gcc warning in sid_to_id (bsc#1144333).\n - fs/seq_file.c: simplify seq_file iteration code and interface\n (bsc#1170125).\n - gpio: tegra: mask GPIO IRQs during IRQ shutdown (bsc#1051510).\n - gre: fix uninit-value in __iptunnel_pull_header\n (networking-stable-20_03_14).\n - HID: hid-input: clear unmapped usages (git-fixes).\n - HID: hyperv: Add a module description line (bsc#1172249, bsc#1172251).\n - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override\n (git-fixes).\n - HID: i2c-hid: override HID descriptors for certain devices (git-fixes).\n - HID: multitouch: add eGalaxTouch P80H84 support (bsc#1051510).\n - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices\n (git-fixes).\n - hrtimer: Annotate lockless access to timer->state (git fixes (block\n drivers)).\n - hsr: add restart routine into hsr_get_node_list()\n (networking-stable-20_03_28).\n - hsr: check protocol version in hsr_newlink()\n (networking-stable-20_04_17).\n - hsr: fix general protection fault in hsr_addr_is_self()\n (networking-stable-20_03_28).\n - hsr: set .netnsok flag (networking-stable-20_03_28).\n - hsr: use rcu_read_lock() in hsr_get_node_{list/status}()\n (networking-stable-20_03_28).\n - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present\n (git-fixes).\n - i2c: acpi: put device when verifying client fails (git-fixes).\n - i2c: brcmstb: remove unused struct member (git-fixes).\n - i2c: core: Allow empty id_table in ACPI case as well (git-fixes).\n - i2c: core: decrease reference count of device node in\n i2c_unregister_device (git-fixes).\n - i2c: dev: Fix the race between the release of i2c_dev and cdev\n (bsc#1051510).\n - i2c: fix missing pm_runtime_put_sync in i2c_device_probe (git-fixes).\n - i2c-hid: properly terminate i2c_hid_dmi_desc_override_table array\n (git-fixes).\n - i2c: i801: Do not add ICH_RES_IO_SMI for the iTCO_wdt device (git-fixes).\n - i2c: iproc: Stop advertising support of SMBUS quick cmd (git-fixes).\n - i2c: isch: Remove unnecessary acpi.h include (git-fixes).\n - i2c: mux: demux-pinctrl: Fix an error handling path in\n 'i2c_demux_pinctrl_probe()' (bsc#1051510).\n - i2c: st: fix missing struct parameter description (bsc#1051510).\n - IB/mlx5: Fix missing congestion control debugfs on rep rdma device\n (bsc#1103991).\n - ibmvnic: Skip fatal error reset after passive init (bsc#1171078\n ltc#184239).\n - iio:ad7797: Use correct attribute_group (bsc#1051510).\n - iio: adc: stm32-adc: fix device used to request dma (bsc#1051510).\n - iio: adc: stm32-adc: fix sleep in atomic context (git-fixes).\n - iio: adc: stm32-adc: Use dma_request_chan() instead\n dma_request_slave_channel() (bsc#1051510).\n - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()'\n (bsc#1051510).\n - iio: sca3000: Remove an erroneous 'get_device()' (bsc#1051510).\n - iio: xilinx-xadc: Fix ADC-B powerdown (bsc#1051510).\n - iio: xilinx-xadc: Fix clearing interrupt when enabling trigger\n (bsc#1051510).\n - iio: xilinx-xadc: Fix sequencer configuration for aux channels in\n simultaneous mode (bsc#1051510).\n - ima: Fix return value of ima_write_policy() (git-fixes).\n - input: evdev - call input_flush_device() on release(), not flush()\n (bsc#1051510).\n - input: hyperv-keyboard - add module description (bsc#1172249,\n bsc#1172251).\n - input: i8042 - add Acer Aspire 5738z to nomux list (bsc#1051510).\n - input: i8042 - add ThinkPad S230u to i8042 reset list (bsc#1051510).\n - input: raydium_i2c_ts - use true and false for boolean values\n (bsc#1051510).\n - input: synaptics-rmi4 - fix error return code in rmi_driver_probe()\n (bsc#1051510).\n - input: synaptics-rmi4 - really fix attn_data use-after-free (git-fixes).\n - input: usbtouchscreen - add support for BonXeon TP (bsc#1051510).\n - input: xpad - add custom init packet for Xbox One S controllers\n (bsc#1051510).\n - iommu/amd: Call domain_flush_complete() in update_domain() (bsc#1172096).\n - iommu/amd: Do not flush Device Table in iommu_map_page() (bsc#1172097).\n - iommu/amd: Do not loop forever when trying to increase address space\n (bsc#1172098).\n - iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system\n (bsc#1172099).\n - iommu/amd: Fix over-read of ACPI UID from IVRS table (bsc#1172101).\n - iommu/amd: Fix race in increase_address_space()/fetch_pte()\n (bsc#1172102).\n - iommu/amd: Update Device Table in increase_address_space() (bsc#1172103).\n - iommu: Fix reference count leak in iommu_group_alloc (bsc#1172397).\n - ip6_tunnel: Allow rcv/xmit even if remote address is a local address\n (bsc#1166978).\n - ipmi: fix hung processes in __get_guid() (git-fixes).\n - ipv4: fix a RCU-list lock in fib_triestat_seq_show\n (networking-stable-20_04_02).\n - ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface\n (networking-stable-20_03_14).\n - ipv6: do not auto-add link-local address to lag ports\n (networking-stable-20_04_09).\n - ipv6: fix IPV6_ADDRFORM operation logic (bsc#1171662).\n - ipv6: Fix nlmsg_flags when splitting a multipath route\n (networking-stable-20_03_01).\n - ipv6: fix restrict IPV6_ADDRFORM operation (bsc#1171662).\n - ipv6: Fix route replacement with dev-only route\n (networking-stable-20_03_01).\n - ipvlan: add cond_resched_rcu() while processing muticast backlog\n (networking-stable-20_03_14).\n - ipvlan: do not deref eth hdr before checking it's set\n (networking-stable-20_03_14).\n - ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()\n (networking-stable-20_03_14).\n - iwlwifi: pcie: actually release queue memory in TVQM (bsc#1051510).\n - ixgbe: do not check firmware errors (bsc#1170284).\n - kABI fix for early XHCI debug (git-fixes).\n - kabi for for md: improve handling of bio with REQ_PREFLUSH in\n md_flush_request() (git-fixes).\n - kabi/severities: Do not track KVM internal symbols.\n - kabi/severities: Ingnore get_dev_data() The function is internal to the\n AMD IOMMU driver and must not be called by any third party.\n - kABI workaround for snd_rawmidi buffer_ref field addition (git-fixes).\n - keys: reaching the keys quotas correctly (bsc#1051510).\n - KVM: arm64: Change hyp_panic()s dependency on tpidr_el2 (bsc#1133021).\n - KVM: arm64: Stop save/restoring host tpidr_el1 on VHE (bsc#1133021).\n - KVM: Check validity of resolved slot when searching memslots\n (bsc#1172104).\n - KVM: s390: vsie: Fix delivery of addressing exceptions (git-fixes).\n - KVM: s390: vsie: Fix possible race when shadowing region 3 tables\n (git-fixes).\n - KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks\n (git-fixes).\n - KVM: SVM: Fix potential memory leak in svm_cpu_init() (bsc#1171736).\n - KVM x86: Extend AMD specific guest behavior to Hygon virtual CPUs\n (bsc#1152489).\n - l2tp: Allow management of tunnels and session in user namespace\n (networking-stable-20_04_17).\n - libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()\n (bsc#1051510).\n - libata: Return correct status in sata_pmp_eh_recover_pm() when\n ATA_DFLAG_DETACH is set (bsc#1051510).\n - lib: raid6: fix awk build warnings (git fixes (block drivers)).\n - lib/raid6/test: fix build on distros whose /bin/sh is not bash (git\n fixes (block drivers)).\n - lib/stackdepot.c: fix global out-of-bounds in stack_slabs (git fixes\n (block drivers)).\n - locks: print unsigned ino in /proc/locks (bsc#1171951).\n - mac80211: add ieee80211_is_any_nullfunc() (bsc#1051510).\n - mac80211_hwsim: Use kstrndup() in place of kasprintf() (bsc#1051510).\n - mac80211: mesh: fix discovery timer re-arming issue / crash\n (bsc#1051510).\n - macsec: avoid to set wrong mtu (bsc#1051510).\n - macsec: restrict to ethernet devices (networking-stable-20_03_28).\n - macvlan: add cond_resched() during multicast processing\n (networking-stable-20_03_14).\n - macvlan: fix null dereference in macvlan_device_event() (bsc#1051510).\n - md: improve handling of bio with REQ_PREFLUSH in md_flush_request()\n (git-fixes).\n - md/raid0: Fix an error message in raid0_make_request() (git fixes (block\n drivers)).\n - md/raid10: prevent access of uninitialized resync_pages offset\n (git-fixes).\n - media: dvb: return -EREMOTEIO on i2c transfer failure (bsc#1051510).\n - media: platform: fcp: Set appropriate DMA parameters (bsc#1051510).\n - media: ti-vpe: cal: fix disable_irqs to only the intended target\n (git-fixes).\n - mei: release me_cl object reference (bsc#1051510).\n - mlxsw: Fix some IS_ERR() vs NULL bugs (networking-stable-20_04_27).\n - mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE\n (networking-stable-20_04_09).\n - mlxsw: spectrum_mr: Fix list iteration in error path (bsc#1112374).\n - mmc: atmel-mci: Fix debugfs on 64-bit platforms (git-fixes).\n - mmc: core: Check request type before completing the request (git-fixes).\n - mmc: core: Fix recursive locking issue in CQE recovery path (git-fixes).\n - mmc: cqhci: Avoid false \"cqhci: CQE stuck on\" by not open-coding timeout\n loop (git-fixes).\n - mmc: dw_mmc: Fix debugfs on 64-bit platforms (git-fixes).\n - mmc: meson-gx: make sure the descriptor is stopped on errors (git-fixes).\n - mmc: meson-gx: simplify interrupt handler (git-fixes).\n - mmc: renesas_sdhi: limit block count to 16 bit for old revisions\n (git-fixes).\n - mmc: sdhci-esdhc-imx: fix the mask for tuning start point (bsc#1051510).\n - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning (bsc#1051510).\n - mmc: sdhci-of-at91: fix memleak on clk_get failure (git-fixes).\n - mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers\n (bsc#1051510).\n - mmc: sdhci: Update the tuning failed messages to pr_debug level\n (git-fixes).\n - mmc: sdhci-xenon: fix annoying 1.8V regulator warning (bsc#1051510).\n - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()\n (bsc#1051510).\n - mmc: tmio: fix access width of Block Count Register (git-fixes).\n - mm: limit boost_watermark on small zones (git fixes (mm/pgalloc)).\n - mm: thp: handle page cache THP correctly in PageTransCompoundMap (git\n fixes (block drivers)).\n - mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer\n (bsc#1051510).\n - mtd: spi-nor: cadence-quadspi: add a delay in write sequence (git-fixes).\n - mtd: spi-nor: enable 4B opcodes for mx66l51235l (git-fixes).\n - mtd: spi-nor: fsl-quadspi: Do not let -EINVAL on the bus (git-fixes).\n - mwifiex: avoid -Wstringop-overflow warning (bsc#1051510).\n - mwifiex: Fix memory corruption in dump_station (bsc#1051510).\n - net: bcmgenet: correct per TX/RX ring statistics\n (networking-stable-20_04_27).\n - net: dsa: b53: Fix ARL register definitions (networking-stable-20_04_27).\n - net: dsa: b53: Rework ARL bin logic (networking-stable-20_04_27).\n - net: dsa: bcm_sf2: Do not register slave MDIO bus with OF\n (networking-stable-20_04_09).\n - net: dsa: bcm_sf2: Ensure correct sub-node is parsed\n (networking-stable-20_04_09).\n - net: dsa: bcm_sf2: Fix overflow checks (git-fixes).\n - net: dsa: Fix duplicate frames flooded by learning\n (networking-stable-20_03_28).\n - net: dsa: mv88e6xxx: fix lockup on warm boot\n (networking-stable-20_03_14).\n - net/ethernet: add Google GVE driver (jsc#SLE-10538)\n - net: fec: add phy_reset_after_clk_enable() support (git-fixes).\n - net: fec: validate the new settings in fec_enet_set_coalesce()\n (networking-stable-20_03_14).\n - net: fib_rules: Correctly set table field when table number exceeds 8\n bits (networking-stable-20_03_01).\n - net: fix race condition in __inet_lookup_established() (bsc#1151794).\n - net: fq: add missing attribute validation for orphan mask\n (networking-stable-20_03_14).\n - net: hns3: fix \"tc qdisc del\" failed issue (bsc#1109837).\n - net, ip_tunnel: fix interface lookup with no key\n (networking-stable-20_04_02).\n - net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin\n (networking-stable-20_04_17).\n - net: ipv6: do not consider routes via gateways for anycast address check\n (networking-stable-20_04_17).\n - netlink: Use netlink header as base to calculate bad attribute offset\n (networking-stable-20_03_14).\n - net: macsec: update SCI upon MAC address change\n (networking-stable-20_03_14).\n - net: memcg: fix lockdep splat in inet_csk_accept()\n (networking-stable-20_03_14).\n - net: memcg: late association of sock to memcg\n (networking-stable-20_03_14).\n - net/mlx4_en: avoid indirect call in TX completion\n (networking-stable-20_04_27).\n - net/mlx5: Add new fields to Port Type and Speed register (bsc#1171118).\n - net/mlx5: Expose link speed directly (bsc#1171118).\n - net/mlx5: Expose port speed when possible (bsc#1171118).\n - net/mlx5: Fix failing fw tracer allocation on s390 (bsc#1103990 ).\n - net: mvneta: Fix the case where the last poll did not process all rx\n (networking-stable-20_03_28).\n - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node\n (networking-stable-20_04_27).\n - net/packet: tpacket_rcv: do not increment ring index on drop\n (networking-stable-20_03_14).\n - net: phy: restore mdio regs in the iproc mdio driver\n (networking-stable-20_03_01).\n - net: qmi_wwan: add support for ASKEY WWHC050\n (networking-stable-20_03_28).\n - net: revert default NAPI poll timeout to 2 jiffies\n (networking-stable-20_04_17).\n - net_sched: cls_route: remove the right filter from hashtable\n (networking-stable-20_03_28).\n - net_sched: sch_skbprio: add message validation to skbprio_change()\n (bsc#1109837).\n - net/x25: Fix x25_neigh refcnt leak when receiving frame\n (networking-stable-20_04_27).\n - nfc: add missing attribute validation for SE API\n (networking-stable-20_03_14).\n - nfc: add missing attribute validation for vendor subcommand\n (networking-stable-20_03_14).\n - nfc: pn544: Fix occasional HW initialization failure\n (networking-stable-20_03_01).\n - NFC: st21nfca: add missed kfree_skb() in an error path (bsc#1051510).\n - nfp: abm: fix a memory leak bug (bsc#1109837).\n - nfsd4: fix up replay_matches_cache() (git-fixes).\n - nfsd: Ensure CLONE persists data and metadata changes to the target file\n (git-fixes).\n - nfsd: fix delay timer on 32-bit architectures (git-fixes).\n - nfsd: fix jiffies/time_t mixup in LRU list (git-fixes).\n - nfs: Directory page cache pages need to be locked when read (git-fixes).\n - nfsd: memory corruption in nfsd4_lock() (git-fixes).\n - nfs: Do not call generic_error_remove_page() while holding locks\n (bsc#1170457).\n - nfs: Fix memory leaks and corruption in readdir (git-fixes).\n - nfs: Fix O_DIRECT accounting of number of bytes read/written (git-fixes).\n - nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl (git-fixes).\n - nfs: fix racey wait in nfs_set_open_stateid_locked (bsc#1170592).\n - NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O (git-fixes).\n - NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() (git-fixes).\n - nfs: Revalidate the file size on a fatal write error (git-fixes).\n - NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals\n (git-fixes).\n - NFSv4: Do not allow a cached open with a revoked delegation (git-fixes).\n - NFSv4: Fix leak of clp->cl_acceptor string (git-fixes).\n - NFSv4-Fix-OPEN-CLOSE-race.patch\n - NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()\n (git-fixes).\n - NFSv4: try lease recovery on NFS4ERR_EXPIRED (git-fixes).\n - NFSv4.x: Drop the slot if nfs4_delegreturn_prepare waits for\n layoutreturn (git-fixes).\n - nl802154: add missing attribute validation for dev_type\n (networking-stable-20_03_14).\n - nl802154: add missing attribute validation (networking-stable-20_03_14).\n - nvme-fc: print proper nvme-fc devloss_tmo value (bsc#1172391).\n - objtool: Fix stack offset tracking for indirect CFAs (bsc#1169514).\n - objtool: Fix switch table detection in .text.unlikely (bsc#1169514).\n - objtool: Make BP scratch register warning more robust (bsc#1169514).\n - padata: Remove broken queue flushing (git-fixes).\n - Partially revert \"kfifo: fix kfifo_alloc() and kfifo_init()\" (git fixes\n (block drivers)).\n - PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2\n (bsc#1172201, bsc#1172202).\n - PCI: hv: Decouple the func definition in hv_dr_state from VSP message\n (bsc#1172201, bsc#1172202).\n - PCI/PM: Call .bridge_d3() hook only if non-NULL (git-fixes).\n - perf: Allocate context task_ctx_data for child event (git-fixes).\n - perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).\n - perf: Copy parent's address filter offsets on clone (git-fixes).\n - perf/core: Add sanity check to deal with pinned event failure\n (git-fixes).\n - perf/core: Avoid freeing static PMU contexts when PMU is unregistered\n (git-fixes).\n - perf/core: Correct event creation with PERF_FORMAT_GROUP (git-fixes).\n - perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).\n - perf/core: Fix ctx_event_type in ctx_resched() (git-fixes).\n - perf/core: Fix error handling in perf_event_alloc() (git-fixes).\n - perf/core: Fix exclusive events' grouping (git-fixes).\n - perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).\n - perf/core: Fix impossible ring-buffer sizes warning (git-fixes).\n - perf/core: Fix locking for children siblings group read (git-fixes).\n - perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes\n (dependent patch for 18736eef1213)).\n - perf/core: Fix perf_event_read_value() locking (git-fixes).\n - perf/core: Fix perf_pmu_unregister() locking (git-fixes).\n - perf/core: Fix __perf_read_group_add() locking (git-fixes (dependent\n patch)).\n - perf/core: Fix perf_sample_regs_user() mm check (git-fixes).\n - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).\n - perf/core: Fix race between close() and fork() (git-fixes).\n - perf/core: Fix the address filtering fix (git-fixes).\n - perf/core: Fix use-after-free in uprobe_perf_close() (git-fixes).\n - perf/core: Force USER_DS when recording user stack data (git-fixes).\n - perf/core: Restore mmap record type correctly (git-fixes).\n - perf: Fix header.size for namespace events (git-fixes).\n - perf/ioctl: Add check for the sample_period value (git-fixes).\n - perf, pt, coresight: Fix address filters for vmas with non-zero offset\n (git-fixes).\n - perf: Return proper values for user stack errors (git-fixes).\n - pinctrl: baytrail: Enable pin configuration setting for GPIO chip\n (git-fixes).\n - pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler\n (git-fixes).\n - pinctrl: sunrisepoint: Fix PAD lock register offset for SPT-H\n (git-fixes).\n - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA\n (bsc#1051510).\n - pnfs: Ensure we do clear the return-on-close layout stateid on fatal\n errors (git-fixes).\n - powerpc: Add attributes for setjmp/longjmp (bsc#1065729).\n - powerpc/pci/of: Parse unassigned resources (bsc#1065729).\n - powerpc/setup_64: Set cache-line-size based on cache-block-size\n (bsc#1065729).\n - powerpc/sstep: Fix DS operand in ld encoding to appropriate value\n (bsc#1065729).\n - qede: Fix race between rdma destroy workqueue and link change event\n (networking-stable-20_03_01).\n - r8152: check disconnect status after long sleep\n (networking-stable-20_03_14).\n - raid6/ppc: Fix build for clang (git fixes (block drivers)).\n - random: always use batched entropy for get_random_u{32,64} (bsc#1164871).\n - rcu: locking and unlocking need to always be at least barriers (git\n fixes (block drivers)).\n - Redo patch for SLE15-SP1, based on feedback from IBM:\n patches.suse/s390-ftrace-fix-potential-crashes-when-switching-tracers\n (bsc#1171244 LTC#185785 git-fixes).\n - resolve KABI warning for perf-pt-coresight (git-fixes).\n - Revert \"ALSA: hda/realtek: Fix pop noise on ALC225\" (git-fixes).\n - Revert \"drm/panel: simple: Add support for Sharp LQ150X1LG11 panels\"\n (bsc#1114279) \t* offset changes\n - Revert \"HID: i2c-hid: add Trekstor Primebook C11B to descriptor\n override\" Depends on 9b5c747685982d22efffeafc5ec601bd28f6d78b, which was\n also reverted.\n - Revert \"HID: i2c-hid: override HID descriptors for certain devices\" This\n broke i2c-hid.ko's build, there is no way around it without a big file\n rename or renaming the kernel module.\n - Revert \"i2c-hid: properly terminate i2c_hid_dmi_desc_override_table\"\n Fixed 9b5c747685982d22efffeafc5ec601bd28f6d78b, which was also reverted.\n - Revert \"ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()\"\n (bsc#1172221).\n - Revert \"RDMA/cma: Simplify rdma_resolve_addr() error flow\" (bsc#1103992).\n - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() (bsc#1051510).\n - s390/cio: avoid duplicated 'ADD' uevents (git-fixes).\n - s390/cio: generate delayed uevent for vfio-ccw subchannels (git-fixes).\n - s390/cpuinfo: fix wrong output when CPU0 is offline (git-fixes).\n - s390/cpum_cf: Add new extended counters for IBM z15 (bsc#1169762\n LTC#185291).\n - s390/diag: fix display of diagnose call statistics (git-fixes).\n - s390/ftrace: fix potential crashes when switching tracers (git-fixes).\n - s390/gmap: return proper error code on ksm unsharing (git-fixes).\n - s390/ism: fix error return code in ism_probe() (git-fixes).\n - s390/pci: do not set affinity for floating irqs (git-fixes).\n - s390/pci: Fix possible deadlock in recover_store() (bsc#1165183\n LTC#184103).\n - s390/pci: Recover handle in clp_set_pci_fn() (bsc#1165183 LTC#184103).\n - s390/qeth: cancel RX reclaim work earlier (git-fixes).\n - s390/qeth: do not return -ENOTSUPP to userspace (git-fixes).\n - s390/qeth: do not warn for napi with 0 budget (git-fixes).\n - s390/qeth: fix off-by-one in RX copybreak check (git-fixes).\n - s390/qeth: fix promiscuous mode after reset (git-fixes).\n - s390/qeth: fix qdio teardown after early init error (git-fixes).\n - s390/qeth: handle error due to unsupported transport mode (git-fixes).\n - s390/qeth: handle error when backing RX buffer (git-fixes).\n - s390/qeth: lock the card while changing its hsuid (git-fixes).\n - s390/qeth: support net namespaces for L3 devices (git-fixes).\n - s390/time: Fix clk type in get_tod_clock (git-fixes).\n - scripts/decodecode: fix trapping instruction formatting (bsc#1065729).\n - scripts/dtc: Remove redundant YYLOC global declaration (bsc#1160388).\n - scsi: bnx2i: fix potential use after free (bsc#1171600).\n - scsi: core: Handle drivers which set sg_tablesize to zero (bsc#1171601)\n - scsi: core: save/restore command resid for error handling (bsc#1171602).\n - scsi: core: scsi_trace: Use get_unaligned_be*() (bsc#1171604).\n - scsi: core: try to get module before removing device (bsc#1171605).\n - scsi: csiostor: Adjust indentation in csio_device_reset (bsc#1171606).\n - scsi: csiostor: Do not enable IRQs too early (bsc#1171607).\n - scsi: esas2r: unlock on error in esas2r_nvram_read_direct()\n (bsc#1171608).\n - scsi: fnic: fix invalid stack access (bsc#1171609).\n - scsi: fnic: fix msix interrupt allocation (bsc#1171610).\n - scsi-ibmvfc-Don-t-send-implicit-logouts-prior-to-NPI.patch\n - scsi: ibmvscsi: Fix WARN_ON during event pool release (bsc#1170791\n ltc#185128).\n - scsi-ibmvscsi-Fix-WARN_ON-during-event-pool-release.patch\n - scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func (bsc#1171611).\n - scsi: iscsi: Fix a potential deadlock in the timeout handler\n (bsc#1171612).\n - scsi: iscsi: qla4xxx: fix double free in probe (bsc#1171613).\n - scsi: lpfc: Change default queue allocation for reduced memory\n consumption (bsc#1164780).\n - scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer\n dereferences (bsc#1171614).\n - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG\n (bsc#1171615).\n - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event\n (bsc#1164780).\n - scsi: lpfc: Fix MDS Diagnostic Enablement definition (bsc#1164780).\n - scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type\n (bsc#1164780).\n - scsi: lpfc: Fix noderef and address space warnings (bsc#1164780).\n - scsi: lpfc: Maintain atomic consistency of queue_claimed flag\n (bsc#1164780).\n - scsi: lpfc: remove duplicate unloading checks (bsc#1164780).\n - scsi: lpfc: Remove re-binding of nvme rport during registration\n (bsc#1164780).\n - scsi: lpfc: Remove redundant initialization to variable rc (bsc#1164780).\n - scsi: lpfc: Remove unnecessary lockdep_assert_held calls (bsc#1164780).\n - scsi: lpfc: Update lpfc version to 12.8.0.1 (bsc#1164780).\n - scsi: megaraid_sas: Do not initiate OCR if controller is not in ready\n state (bsc#1171616).\n - scsi: qla2xxx: add ring buffer for tracing debug logs (bsc#1157169).\n - scsi-qla2xxx-check-UNLOADING-before-posting-async-wo.patch\n - scsi: qla2xxx: check UNLOADING before posting async work (bsc#1157169).\n - scsi: qla2xxx: Delete all sessions before unregister local nvme port\n (bsc#1157169).\n - scsi: qla2xxx: Do not log message when reading port speed via sysfs\n (bsc#1157169).\n - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV\n (bsc#1157169).\n - scsi: qla2xxx: Fix regression warnings (bsc#1157169).\n - scsi: qla2xxx: Remove non functional code (bsc#1157169).\n - scsi: qla2xxx: set UNLOADING before waiting for session deletion\n (bsc#1157169).\n - scsi-qla2xxx-set-UNLOADING-before-waiting-for-sessio.patch\n - scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free (bsc#1171617).\n - scsi: qla4xxx: fix double free bug (bsc#1171618).\n - scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI\n (bsc#1171619).\n - scsi: sg: add sg_remove_request in sg_common_write (bsc#1171620).\n - scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and\n WRITE(6) (bsc#1171621).\n - scsi: ufs: change msleep to usleep_range (bsc#1171622).\n - scsi: ufs: Clean up ufshcd_scale_clks() and clock scaling error out path\n (bsc#1171623).\n - scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic\n (bsc#1171624).\n - scsi: ufs: Fix ufshcd_probe_hba() reture value in case\n ufshcd_scsi_add_wlus() fails (bsc#1171625).\n - scsi: ufs: Recheck bkops level if bkops is disabled (bsc#1171626).\n - scsi: zfcp: fix missing erp_lock in port recovery trigger for\n point-to-point (git-fixes).\n - sctp: fix possibly using a bad saddr with a given dst\n (networking-stable-20_04_02).\n - sctp: fix refcount bug in sctp_wfree (networking-stable-20_04_02).\n - sctp: move the format error check out of __sctp_sf_do_9_1_abort\n (networking-stable-20_03_01).\n - selftests/powerpc: Fix build errors in powerpc ptrace selftests\n (boo#1124278).\n - seq_file: fix problem when seeking mid-record (bsc#1170125).\n - serial: uartps: Move the spinlock after the read of the tx empty\n (git-fixes).\n - sfc: detach from cb_page in efx_copy_channel()\n (networking-stable-20_03_14).\n - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig\n (bsc#1172185).\n - slcan: not call free_netdev before rtnl_unlock in slcan_open\n (networking-stable-20_03_28).\n - slip: make slhc_compress() more robust against malicious packets\n (networking-stable-20_03_14).\n - smb3: Additional compression structures (bsc#1144333).\n - smb3: Add new compression flags (bsc#1144333).\n - smb3: change noisy error message to FYI (bsc#1144333).\n - smb3: enable swap on SMB3 mounts (bsc#1144333).\n - smb3-fix-performance-regression-with-setting-mtime.patch\n - smb3: Minor cleanup of protocol definitions (bsc#1144333).\n - smb3: remove overly noisy debug line in signing errors (bsc#1144333).\n - smb3: smbdirect support can be configured by default (bsc#1144333).\n - smb3: use SMB2_SIGNATURE_SIZE define (bsc#1144333).\n - spi: bcm2835: Fix 3-wire mode if DMA is enabled (git-fixes).\n - spi: bcm63xx-hsspi: Really keep pll clk enabled (bsc#1051510).\n - spi: bcm-qspi: when tx/rx buffer is NULL set to 0 (bsc#1051510).\n - spi: dw: Add SPI Rx-done wait method to DMA-based transfer (bsc#1051510).\n - spi: dw: Add SPI Tx-done wait method to DMA-based transfer (bsc#1051510).\n - spi: dw: Zero DMA Tx and Rx configurations on stack (bsc#1051510).\n - spi: fsl: do not map irq during probe (git-fixes).\n - spi: fsl: use platform_get_irq() instead of of_irq_to_resource()\n (git-fixes).\n - spi: pxa2xx: Add CS control clock quirk (bsc#1051510).\n - spi: qup: call spi_qup_pm_resume_runtime before suspending (bsc#1051510).\n - spi: spi-fsl-dspi: Replace interruptible wait queue with a simple\n completion (git-fixes).\n - spi: spi-s3c64xx: Fix system resume support (git-fixes).\n - spi/zynqmp: remove entry that causes a cs glitch (bsc#1051510).\n - staging: comedi: dt2815: fix writing hi byte of analog output\n (bsc#1051510).\n - staging: comedi: Fix comedi_device refcnt leak in comedi_open\n (bsc#1051510).\n - staging: iio: ad2s1210: Fix SPI reading (bsc#1051510).\n - staging: vt6656: Do not set RCR_MULTICAST or RCR_BROADCAST by default\n (git-fixes).\n - staging: vt6656: Fix drivers TBTT timing counter (git-fixes).\n - staging: vt6656: Fix pairwise key entry save (git-fixes).\n - sunrpc: expiry_time should be seconds not timeval (git-fixes).\n - sunrpc: Fix a potential buffer overflow in 'svc_print_xprts()'\n (git-fixes).\n - supported.conf: Add br_netfilter to base (bsc#1169020).\n - supported.conf: support w1 core and thermometer support\n - svcrdma: Fix double svc_rdma_send_ctxt_put() in an error path\n (bsc#1103992).\n - svcrdma: Fix leak of transport addresses (git-fixes).\n - svcrdma: Fix trace point use-after-free race (bsc#1103992 ).\n - taskstats: fix data-race (bsc#1172188).\n - tcp: cache line align MAX_TCP_HEADER (networking-stable-20_04_27).\n - tcp: repair: fix TCP_QUEUE_SEQ implementation\n (networking-stable-20_03_28).\n - team: add missing attribute validation for array index\n (networking-stable-20_03_14).\n - team: add missing attribute validation for port ifindex\n (networking-stable-20_03_14).\n - team: fix hang in team_mode_get() (networking-stable-20_04_27).\n - tools lib traceevent: Remove unneeded qsort and uses memmove instead\n (git-fixes).\n - tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send() (bsc#1065729).\n - tpm/tpm_tis: Free IRQ if probing fails (bsc#1082555).\n - tpm/tpm_tis: Free IRQ if probing fails (git-fixes).\n - tracing: Add a vmalloc_sync_mappings() for safe measure (git-fixes).\n - tracing: Disable trace_printk() on post poned tests (git-fixes).\n - tracing: Fix the race between registering 'snapshot' event trigger and\n triggering 'snapshot' operation (git-fixes).\n - tty: rocket, avoid OOB access (git-fixes).\n - tun: Do not put_page() for all negative return values from XDP program\n (bsc#1109837).\n - UAS: fix deadlock in error handling and PM flushing work (git-fixes).\n - UAS: no use logging any details in case of ENODEV (git-fixes).\n - Update config files: Build w1 bus on arm64 (jsc#SLE-11048)\n - Update config files: re-enable CONFIG_HAMRADIO and co (bsc#1170740)\n - Update\n patches.suse/powerpc-pseries-ddw-Extend-upper-limit-for-huge-DMA-.patch\n (bsc#1142685 bsc#1167867 ltc#179509 ltc#184616).\n - Update patches.suse/x86-mm-split-vmalloc_sync_all.patch (bsc#1165741,\n bsc#1166969).\n - Update references:\n patches.suse/s390-pci-do-not-set-affinity-for-floating-irqs (bsc#1171817\n LTC#185819 git-fixes).\n - usb: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair\n K70 RGB RAPIDFIRE (git-fixes).\n - usb: cdc-acm: restore capability check order (git-fixes).\n - usb: core: Fix misleading driver bug report (bsc#1051510).\n - usb: dwc3: do not set gadget->is_otg flag (git-fixes).\n - usb: dwc3: gadget: Do link recovery for SS and SSP (git-fixes).\n - usb: early: Handle AMD's spec-compliant identifiers, too (git-fixes).\n - usb: f_fs: Clear OS Extended descriptor counts to zero in\n ffs_data_reset() (git-fixes).\n - usb: gadget: audio: Fix a missing error return value in audio_bind()\n (git-fixes).\n - usb: gadget: composite: Inform controller driver of self-powered\n (git-fixes).\n - usb: gadget: legacy: fix error return code in cdc_bind() (git-fixes).\n - usb: gadget: legacy: fix error return code in gncm_bind() (git-fixes).\n - usb: gadget: legacy: fix redundant initialization warnings (bsc#1051510).\n - usb: gadget: net2272: Fix a memory leak in an error handling path in\n 'net2272_plat_probe()' (git-fixes).\n - usb: gadget: udc: atmel: Fix vbus disconnect handling (git-fixes).\n - usb: gadget: udc: atmel: Make some symbols static (git-fixes).\n - usb: gadget: udc: bdc: Remove unnecessary NULL checks in\n bdc_req_complete (git-fixes).\n - usb: host: xhci-plat: keep runtime active when removing host (git-fixes).\n - usb: hub: Fix handling of connect changes during sleep (git-fixes).\n - usbnet: silence an unnecessary warning (bsc#1170770).\n - usb: serial: garmin_gps: add sanity checking for data length (git-fixes).\n - usb: serial: option: add BroadMobi BM806U (git-fixes).\n - usb: serial: option: add support for ASKEY WWHC050 (git-fixes).\n - usb: serial: option: add Wistron Neweb D19Q1 (git-fixes).\n - usb: serial: qcserial: Add DW5816e support (git-fixes).\n - usb: sisusbvga: Change port variable from signed to unsigned (git-fixes).\n - usb-storage: Add unusual_devs entry for JMicron JMS566 (git-fixes).\n - usb: uas: add quirk for LaCie 2Big Quadra (git-fixes).\n - usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg\n list (git-fixes).\n - video: fbdev: sis: Remove unnecessary parentheses and commented code\n (bsc#1114279)\n - video: fbdev: w100fb: Fix a potential double free (bsc#1051510).\n - vrf: Check skb for XFRM_TRANSFORMED flag (networking-stable-20_04_27).\n - vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines (git-fixes).\n - vt: selection, introduce vc_is_sel (git-fixes).\n - vt: vt_ioctl: fix race in VT_RESIZEX (git-fixes).\n - vt: vt_ioctl: fix use-after-free in vt_in_use() (git-fixes).\n - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console\n (git-fixes).\n - vxlan: check return value of gro_cells_init()\n (networking-stable-20_03_28).\n - w1: Add subsystem kernel public interface (jsc#SLE-11048).\n - w1: Fix slave count on 1-Wire bus (resend) (jsc#SLE-11048).\n - w1: keep balance of mutex locks and refcnts (jsc#SLE-11048).\n - w1: use put_device() if device_register() fail (jsc#SLE-11048).\n - watchdog: reset last_hw_keepalive time at start (git-fixes).\n - wcn36xx: Fix error handling path in 'wcn36xx_probe()' (bsc#1051510).\n - wil6210: remove reset file from debugfs (git-fixes).\n - wimax/i2400m: Fix potential urb refcnt leak (bsc#1051510).\n - workqueue: do not use wq_select_unbound_cpu() for bound works\n (bsc#1172130).\n - x86/entry/64: Fix unwind hints in kernel exit path (bsc#1058115).\n - x86/entry/64: Fix unwind hints in register clearing code (bsc#1058115).\n - x86/entry/64: Fix unwind hints in rewind_stack_do_exit() (bsc#1058115).\n - x86/entry/64: Fix unwind hints in __switch_to_asm() (bsc#1058115).\n - x86/hyperv: Allow guests to enable InvariantTSC (bsc#1170621,\n bsc#1170620).\n - x86/Hyper-V: Free hv_panic_page when fail to register kmsg dump\n (bsc#1170617, bsc#1170618).\n - x86/Hyper-V: Report crash data in die() when panic_on_oops is set\n (bsc#1170617, bsc#1170618).\n - x86/Hyper-V: Report crash register data or kmsg before running crash\n kernel (bsc#1170617, bsc#1170618).\n - x86/Hyper-V: Report crash register data when sysctl_record_panic_msg is\n not set (bsc#1170617, bsc#1170618).\n - x86: hyperv: report value of misc_features (git fixes).\n - x86/Hyper-V: Trigger crash enlightenment only once during system crash\n (bsc#1170617, bsc#1170618).\n - x86/Hyper-V: Unload vmbus channel in hv panic callback (bsc#1170617,\n bsc#1170618).\n - x86/kprobes: Avoid kretprobe recursion bug (bsc#1114279).\n - x86/resctrl: Fix invalid attempt at removing the default resource group\n (git-fixes).\n - x86/resctrl: Preserve CDP enable over CPU hotplug (bsc#1114279).\n - x86/unwind/orc: Do not skip the first frame for inactive tasks\n (bsc#1058115).\n - x86/unwind/orc: Fix error handling in __unwind_start() (bsc#1058115).\n - x86/unwind/orc: Fix error path for bad ORC entry type (bsc#1058115).\n - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks\n (bsc#1058115).\n - x86/unwind/orc: Prevent unwinding before ORC initialization\n (bsc#1058115).\n - x86/unwind: Prevent false warnings for non-current tasks (bsc#1058115).\n - x86/xen: fix booting 32-bit pv guest (bsc#1071995).\n - x86/xen: Make the boot CPU idle task reliable (bsc#1071995).\n - x86/xen: Make the secondary CPU idle tasks reliable (bsc#1071995).\n - xen/pci: reserve MCFG areas earlier (bsc#1170145).\n - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish\n (networking-stable-20_04_27).\n - xfs: clear PF_MEMALLOC before exiting xfsaild thread (git-fixes).\n - xfs: Correctly invert xfs_buftarg LRU isolation logic (git-fixes).\n - xfs: do not ever return a stale pointer from __xfs_dir3_free_read\n (git-fixes).\n - xprtrdma: Fix completion wait during device removal (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-801=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-06-13T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000199", "CVE-2019-19462", "CVE-2019-20806", "CVE-2019-20812", "CVE-2019-9455", "CVE-2020-0543", "CVE-2020-10690", "CVE-2020-10711", "CVE-2020-10720", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12655", "CVE-2020-12656", "CVE-2020-12657", "CVE-2020-12659", "CVE-2020-12769", "CVE-2020-13143"], "modified": "2020-06-13T00:00:00", "id": "OPENSUSE-SU-2020:0801-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BOYMLRUHWMVAOFIPZH7KANUUUY2YYNL3/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:41:22", "description": "An update that solves 7 vulnerabilities and has 76 fixes is\n now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-11669: An issue was discovered on the powerpc platform.\n arch/powerpc/kernel/idle_book3s.S did not have save/restore\n functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and\n PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).\n - CVE-2020-8834: KVM on Power8 processors had a conflicting use of\n HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\n kvmppc_{save,restore}_tm, leading to a stack corruption. Because of\n this, an attacker with the ability run code in kernel space of a guest\n VM can cause the host kernel to panic. There were two commits that,\n according to the reporter, introduced the vulnerability: f024ee098476\n (\"KVM: PPC: Book3S HV: Pull out TM state save/restore into separate\n procedures\") 87a11bb6a7f7 (\"KVM: PPC: Book3S HV: Work around XER[SO] bug\n in fake suspend mode\") (bnc#1168276).\n - CVE-2020-11494: An issue was discovered in slc_bump in\n drivers/net/can/slcan.c, which allowed attackers to read uninitialized\n can_frame data, potentially containing sensitive information from kernel\n stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka\n CID-b9258a2cece4 (bnc#1168424).\n - CVE-2019-9458: In the video driver there is a use after free due to a\n race condition. This could lead to local escalation of privilege with no\n additional execution privileges needed. User interaction is not needed\n for exploitation (bnc#1168295).\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv in\n net/can/gw.c. The CAN frame modification rules allow bitwise logical\n operations that can be also applied to the can_dlc field. The privileged\n user \"root\" with CAP_NET_ADMIN can create a CAN frame modification rule\n that made the data length code a higher value than the available CAN\n frame data size. In combination with a configured checksum calculation\n where the result is stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in\n skb_shared_info) can be rewritten which finally can cause a system\n crash. Because of a missing check, the CAN drivers may write arbitrary\n content beyond the data registers in the CAN controller's I/O memory\n when processing can-gw manipulated outgoing frames (bnc#1120386).\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacked\n validation of an sk_family field, which might allow attackers to trigger\n kernel stack corruption via crafted system calls (bnc#1167629).\n - CVE-2019-19770: A use-after-free in the debugfs_remove function in\n fs/debugfs/inode.c was fixed. (bnc#1159198).\n\n The following non-security bugs were fixed:\n\n - ACPI: watchdog: Fix gas->access_width usage (bsc#1051510).\n - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (bsc#1051510).\n - ALSA: ali5451: remove redundant variable capture_flag (bsc#1051510).\n - ALSA: core: Add snd_device_get_state() helper (bsc#1051510).\n - ALSA: core: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: emu10k1: Fix endianness annotations (bsc#1051510).\n - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA\n X99 Classified motherboard (bsc#1051510).\n - ALSA: hda/ca0132 - Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662\n (git-fixes).\n - ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662\n (git-fixes).\n - ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups\n (bsc#1051510).\n - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256\n (bsc#1051510).\n - ALSA: hda/realtek - a fake key event is triggered by running shutup\n (bsc#1051510).\n - ALSA: hda/realtek: Enable mute LED on an HP system (bsc#1051510).\n - ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).\n - ALSA: hda: Fix potential access overflow in beep helper (bsc#1051510).\n - ALSA: hda: Use scnprintf() for string truncation (bsc#1051510).\n - ALSA: hda: default enable CA0132 DSP support (bsc#1051510).\n - ALSA: hda: remove redundant assignment to variable timeout (bsc#1051510).\n - ALSA: hda_codec: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: hdsp: remove redundant assignment to variable err (bsc#1051510).\n - ALSA: ice1724: Fix invalid access for enumerated ctl items (bsc#1051510).\n - ALSA: info: remove redundant assignment to variable c (bsc#1051510).\n - ALSA: korg1212: fix if-statement empty body warnings (bsc#1051510).\n - ALSA: line6: Fix endless MIDI read loop (git-fixes).\n - ALSA: pcm.h: add for_each_pcm_streams() (bsc#1051510).\n - ALSA: pcm: Fix superfluous snprintf() usage (bsc#1051510).\n - ALSA: pcm: Use a macro for parameter masks to reduce the needed cast\n (bsc#1051510).\n - ALSA: pcm: oss: Avoid plugin buffer overflow (git-fixes).\n - ALSA: pcm: oss: Fix regression by buffer overflow fix (bsc#1051510).\n - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks\n (git-fixes).\n - ALSA: pcm: oss: Unlock mutex temporarily for sleeping at read/write\n (bsc#1051510).\n - ALSA: seq: oss: Fix running status after receiving sysex (git-fixes).\n - ALSA: seq: virmidi: Fix running status after receiving sysex (git-fixes).\n - ALSA: usb-audio: Add delayed_register option (bsc#1051510).\n - ALSA: usb-audio: Add support for MOTU MicroBook IIc (bsc#1051510).\n - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp\n (0951:16d8) (bsc#1051510).\n - ALSA: usb-audio: Do not create a mixer element with bogus volume range\n (bsc#1051510).\n - ALSA: usb-audio: Fix case when USB MIDI interface has more than one\n extra endpoint descriptor (bsc#1051510).\n - ALSA: usb-audio: Fix mixer controls' USB interface for Kingston HyperX\n Amp (0951:16d8) (bsc#1051510).\n - ALSA: usb-audio: Inform devices that need delayed registration\n (bsc#1051510).\n - ALSA: usb-audio: Parse source ID of UAC2 effect unit (bsc#1051510).\n - ALSA: usb-audio: Rewrite registration quirk handling (bsc#1051510).\n - ALSA: usb-midi: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: usx2y: use for_each_pcm_streams() macro (bsc#1051510).\n - ALSA: via82xx: Fix endianness annotations (bsc#1051510).\n - ASoC: Intel: atom: Take the drv->lock mutex before calling\n sst_send_slot_map() (bsc#1051510).\n - ASoC: Intel: mrfld: fix incorrect check on p->sink (bsc#1051510).\n - ASoC: Intel: mrfld: return error codes when an error occurs\n (bsc#1051510).\n - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register\n (bsc#1051510).\n - ASoC: sun8i-codec: Remove unused dev from codec struct (bsc#1051510).\n - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl (bsc#1051510).\n - Btrfs: clean up error handling in btrfs_truncate() (bsc#1165949).\n - Btrfs: do not reset bio->bi_ops while writing bio (bsc#1168273).\n - Btrfs: fix missing delayed iputs on unmount (bsc#1165949).\n - Btrfs: fix qgroup double free after failure to reserve metadata for\n delalloc (bsc#1165949).\n - Btrfs: fix race leading to metadata space leak after task received\n signal (bsc#1165949).\n - Btrfs: fix unwritten extent buffers and hangs on future writeback\n attempts (bsc#1168273).\n - Btrfs: make plug in writing meta blocks really work (bsc#1168273).\n - Btrfs: only check delayed ref usage in should_end_transaction\n (bsc#1165949).\n - Btrfs: remove bio_flags which indicates a meta block of log-tree\n (bsc#1168273).\n - Crypto: chelsio - Fixes a deadlock between rtnl_lock and uld_mutex\n (bsc#1111666).\n - Crypto: chelsio - Fixes a hang issue during driver registration\n (bsc#1111666).\n - Deprecate NR_UNSTABLE_NFS, use NR_WRITEBACK (bsc#1163403).\n - HID: apple: Add support for recent firmware on Magic Keyboards\n (bsc#1051510).\n - IB/hfi1: convert to debugfs_file_get() and -put() (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - Input: add safety guards to input_set_keycode() (bsc#1168075).\n - Input: avoid BIT() macro usage in the serio.h UAPI header (bsc#1051510).\n - Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()\n (bsc#1051510).\n - Input: synaptics - enable RMI on HP Envy 13-ad105ng (bsc#1051510).\n - MM: replace PF_LESS_THROTTLE with PF_LOCAL_THROTTLE (bsc#1163403).\n - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch() (bsc#1051510).\n - NFS: send state management on a single connection (bsc#1167005).\n - OMAP: DSS2: remove non-zero check on variable r (bsc#1114279)\n - PCI/AER: Factor message prefixes with dev_fmt() (bsc#1161561).\n - PCI/AER: Log which device prevents error recovery (bsc#1161561).\n - PCI/AER: Remove ERR_FATAL code from ERR_NONFATAL path (bsc#1161561).\n - PCI/ASPM: Clear the correct bits when enabling L1 substates\n (bsc#1051510).\n - PCI/ERR: Always report current recovery status for udev (bsc#1161561).\n - PCI/ERR: Handle fatal error recovery (bsc#1161561).\n - PCI/ERR: Remove duplicated include from err.c (bsc#1161561).\n - PCI/ERR: Simplify broadcast callouts (bsc#1161561).\n - PCI/portdrv: Remove pcie_port_bus_type link order dependency\n (bsc#1161561).\n - PCI/switchtec: Fix init_completion race condition with poll_wait()\n (bsc#1051510).\n - PCI: Simplify disconnected marking (bsc#1161561).\n - PCI: Unify device inaccessible (bsc#1161561).\n - PCI: endpoint: Fix clearing start entry in configfs (bsc#1051510).\n - PCI: pciehp: Fix MSI interrupt race (bsc#1159037).\n - PCI: portdrv: Initialize service drivers directly (bsc#1161561).\n - PM: core: Fix handling of devices deleted during system-wide resume\n (git-fixes).\n - SUNRPC: defer slow parts of rpc_free_client() to a workqueue\n (bsc#1168202).\n - USB: Disable LPM on WD19's Realtek Hub (git-fixes).\n - USB: Fix novation SourceControl XL after suspend (git-fixes).\n - USB: cdc-acm: fix rounding error in TIOCSSERIAL (git-fixes).\n - USB: hub: Do not record a connect-change event during reset-resume\n (git-fixes).\n - USB: misc: iowarrior: add support for 2 OEMed devices (git-fixes).\n - USB: misc: iowarrior: add support for the 100 device (git-fixes).\n - USB: misc: iowarrior: add support for the 28 and 28L devices (git-fixes).\n - USB: serial: io_edgeport: fix slab-out-of-bounds read in\n edge_interrupt_callback (bsc#1051510).\n - USB: serial: option: add ME910G1 ECM composition 0x110b (git-fixes).\n - USB: serial: pl2303: add device-id for HP LD381 (git-fixes).\n - ahci: Add support for Amazon's Annapurna Labs SATA controller\n (bsc#1169013).\n - apei/ghes: Do not delay GHES polling (bsc#1166982).\n - ath9k: Handle txpower changes even when TPC is disabled (bsc#1051510).\n - batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation\n (bsc#1051510).\n - batman-adv: Do not schedule OGM for disabled interface (bsc#1051510).\n - batman-adv: prevent TT request storms by not sending inconsistent TT\n TLVLs (bsc#1051510).\n - binfmt_elf: Do not move brk for INTERP-less ET_EXEC (bsc#1169013).\n - binfmt_elf: move brk out of mmap when doing direct loader exec\n (bsc#1169013).\n - blk-mq: Allow blocking queue tag iter callbacks (bsc#1167316).\n - block, bfq: fix use-after-free in bfq_idle_slice_timer_body\n (bsc#1168760).\n - block: keep bdi->io_pages in sync with max_sectors_kb for stacked\n devices (bsc#1168762).\n - bnxt_en: Support all variants of the 5750X chip family (bsc#1167216).\n - bpf: Explicitly memset some bpf info structures declared on the stack\n (bsc#1083647).\n - bpf: Explicitly memset the bpf_attr structure (bsc#1083647).\n - brcmfmac: abort and release host after error (bsc#1111666).\n - btrfs: Account for trans_block_rsv in may_commit_transaction\n (bsc#1165949).\n - btrfs: Add enospc_debug printing in metadata_reserve_bytes (bsc#1165949).\n - btrfs: Do mandatory tree block check before submitting bio (bsc#1168273).\n - btrfs: Improve global reserve stealing logic (bsc#1165949).\n - btrfs: Output ENOSPC debug info in inc_block_group_ro (bsc#1165949).\n - btrfs: Remove btrfs_inode::delayed_iput_count (bsc#1165949).\n - btrfs: Remove fs_info from do_chunk_alloc (bsc#1165949).\n - btrfs: Remove redundant argument of flush_space (bsc#1165949).\n - btrfs: Remove redundant mirror_num arg (bsc#1168273).\n - btrfs: Rename bin_search -> btrfs_bin_search (bsc#1168273).\n - btrfs: add a flush step for delayed iputs (bsc#1165949).\n - btrfs: add assertions for releasing trans handle reservations\n (bsc#1165949).\n - btrfs: add btrfs_delete_ref_head helper (bsc#1165949).\n - btrfs: add enospc debug messages for ticket failure (bsc#1165949).\n - btrfs: add new flushing states for the delayed refs rsv (bsc#1165949).\n - btrfs: add space reservation tracepoint for reserved bytes (bsc#1165949).\n - btrfs: adjust dirty_metadata_bytes after writeback failure of extent\n buffer (bsc#1168273).\n - btrfs: allow us to use up to 90% of the global rsv for unlink\n (bsc#1165949).\n - btrfs: always reserve our entire size for the global reserve\n (bsc#1165949).\n - btrfs: assert on non-empty delayed iputs (bsc##1165949).\n - btrfs: be more explicit about allowed flush states (bsc#1165949).\n - btrfs: call btrfs_create_pending_block_groups unconditionally\n (bsc#1165949).\n - btrfs: catch cow on deleting snapshots (bsc#1165949).\n - btrfs: change the minimum global reserve size (bsc#1165949).\n - btrfs: check if there are free block groups for commit (bsc#1165949).\n - btrfs: cleanup extent_op handling (bsc#1165949).\n - btrfs: cleanup root usage by btrfs_get_alloc_profile (bsc#1165949).\n - btrfs: cleanup the target logic in __btrfs_block_rsv_release\n (bsc#1165949).\n - btrfs: clear space cache inode generation always (bsc#1165949).\n - btrfs: delayed-ref: pass delayed_refs directly to btrfs_delayed_ref_lock\n (bsc#1165949).\n - btrfs: do not account global reserve in can_overcommit (bsc#1165949).\n - btrfs: do not allow reservations if we have pending tickets\n (bsc#1165949).\n - btrfs: do not call btrfs_start_delalloc_roots in flushoncommit\n (bsc#1165949).\n - btrfs: do not end the transaction for delayed refs in throttle\n (bsc#1165949).\n - btrfs: do not enospc all tickets on flush failure (bsc#1165949).\n - btrfs: do not run delayed refs in the end transaction logic\n (bsc#1165949).\n - btrfs: do not run delayed_iputs in commit (bsc##1165949).\n - btrfs: do not use ctl->free_space for max_extent_size (bsc##1165949).\n - btrfs: do not use global reserve for chunk allocation (bsc#1165949).\n - btrfs: drop get_extent from extent_page_data (bsc#1168273).\n - btrfs: drop min_size from evict_refill_and_join (bsc##1165949).\n - btrfs: drop unused space_info parameter from create_space_info\n (bsc#1165949).\n - btrfs: dump block_rsv details when dumping space info (bsc#1165949).\n - btrfs: export __btrfs_block_rsv_release (bsc#1165949).\n - btrfs: export block group accounting helpers (bsc#1165949).\n - btrfs: export block_rsv_use_bytes (bsc#1165949).\n - btrfs: export btrfs_block_rsv_add_bytes (bsc#1165949).\n - btrfs: export space_info_add_*_bytes (bsc#1165949).\n - btrfs: export the block group caching helpers (bsc#1165949).\n - btrfs: export the caching control helpers (bsc#1165949).\n - btrfs: export the excluded extents helpers (bsc#1165949).\n - btrfs: extent-tree: Add lockdep assert when updating space info\n (bsc#1165949).\n - btrfs: extent-tree: Add trace events for space info numbers update\n (bsc#1165949).\n - btrfs: extent-tree: Detect bytes_may_use underflow earlier (bsc#1165949).\n - btrfs: extent-tree: Detect bytes_pinned underflow earlier (bsc#1165949).\n - btrfs: extent_io: Handle errors better in btree_write_cache_pages()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_write_full_page()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_write_locked_range()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_writepages()\n (bsc#1168273).\n - btrfs: extent_io: Kill dead condition in extent_write_cache_pages()\n (bsc#1168273).\n - btrfs: extent_io: Kill the forward declaration of flush_write_bio\n (bsc#1168273).\n - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up\n (bsc#1168273).\n - btrfs: extent_io: add proper error handling to\n lock_extent_buffer_for_io() (bsc#1168273).\n - btrfs: factor our read/write stage off csum_tree_block into its callers\n (bsc#1168273).\n - btrfs: factor out the ticket flush handling (bsc#1165949).\n - btrfs: fix insert_reserved error handling (bsc##1165949).\n - btrfs: fix may_commit_transaction to deal with no partial filling\n (bsc#1165949).\n - btrfs: fix truncate throttling (bsc#1165949).\n - btrfs: force chunk allocation if our global rsv is larger than metadata\n (bsc#1165949).\n - btrfs: introduce an evict flushing state (bsc#1165949).\n - btrfs: introduce delayed_refs_rsv (bsc#1165949).\n - btrfs: loop in inode_rsv_refill (bsc#1165949).\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delayed_ref_lock\n (bsc#1165949).\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delete_ref_head\n (bsc#1165949).\n - btrfs: make caching_thread use btrfs_find_next_key (bsc#1165949).\n - btrfs: merge two flush_write_bio helpers (bsc#1168273).\n - btrfs: migrate btrfs_trans_release_chunk_metadata (bsc#1165949).\n - btrfs: migrate inc/dec_block_group_ro code (bsc#1165949).\n - btrfs: migrate nocow and reservation helpers (bsc#1165949).\n - btrfs: migrate the alloc_profile helpers (bsc#1165949).\n - btrfs: migrate the block group caching code (bsc#1165949).\n - btrfs: migrate the block group cleanup code (bsc#1165949).\n - btrfs: migrate the block group lookup code (bsc#1165949).\n - btrfs: migrate the block group read/creation code (bsc#1165949).\n - btrfs: migrate the block group ref counting stuff (bsc#1165949).\n - btrfs: migrate the block group removal code (bsc#1165949).\n - btrfs: migrate the block group space accounting helpers (bsc#1165949).\n - btrfs: migrate the block-rsv code to block-rsv.c (bsc#1165949).\n - btrfs: migrate the chunk allocation code (bsc#1165949).\n - btrfs: migrate the delalloc space stuff to it's own home (bsc#1165949).\n - btrfs: migrate the delayed refs rsv code (bsc#1165949).\n - btrfs: migrate the dirty bg writeout code (bsc#1165949).\n - btrfs: migrate the global_block_rsv helpers to block-rsv.c (bsc#1165949).\n - btrfs: move and export can_overcommit (bsc#1165949).\n - btrfs: move basic block_group definitions to their own header\n (bsc#1165949).\n - btrfs: move btrfs_add_free_space out of a header file (bsc#1165949).\n - btrfs: move btrfs_block_rsv definitions into it's own header\n (bsc#1165949).\n - btrfs: move btrfs_raid_group values to btrfs_raid_attr table\n (bsc#1165949).\n - btrfs: move btrfs_space_info_add_*_bytes to space-info.c (bsc#1165949).\n - btrfs: move dump_space_info to space-info.c (bsc#1165949).\n - btrfs: move reserve_metadata_bytes and supporting code to space-info.c\n (bsc#1165949).\n - btrfs: move space_info to space-info.h (bsc#1165949).\n - btrfs: move the space info update macro to space-info.h (bsc#1165949).\n - btrfs: move the space_info handling code to space-info.c (bsc#1165949).\n - btrfs: move the subvolume reservation stuff out of extent-tree.c\n (bsc#1165949).\n - btrfs: only check priority tickets for priority flushing (bsc#1165949).\n - btrfs: only free reserved extent if we didn't insert it (bsc##1165949).\n - btrfs: only reserve metadata_size for inodes (bsc#1165949).\n - btrfs: only track ref_heads in delayed_ref_updates (bsc#1165949).\n - btrfs: pass root to various extent ref mod functions (bsc#1165949).\n - btrfs: qgroup: Do not hold qgroup_ioctl_lock in btrfs_qgroup_inherit()\n (bsc#1165823).\n - btrfs: qgroup: Mark qgroup inconsistent if we're inherting snapshot to a\n new qgroup (bsc#1165823).\n - btrfs: refactor block group replication factor calculation to a helper\n (bsc#1165949).\n - btrfs: refactor priority_reclaim_metadata_space (bsc#1165949).\n - btrfs: refactor the ticket wakeup code (bsc#1165949).\n - btrfs: release metadata before running delayed refs (bsc##1165949).\n - btrfs: remove orig_bytes from reserve_ticket (bsc#1165949).\n - btrfs: rename btrfs_space_info_add_old_bytes (bsc#1165949).\n - btrfs: rename do_chunk_alloc to btrfs_chunk_alloc (bsc#1165949).\n - btrfs: rename the btrfs_calc_*_metadata_size helpers (bsc#1165949).\n - btrfs: replace cleaner_delayed_iput_mutex with a waitqueue (bsc#1165949).\n - btrfs: reserve delalloc metadata differently (bsc#1165949).\n - btrfs: reserve extra space during evict (bsc#1165949).\n - btrfs: reset max_extent_size on clear in a bitmap (bsc##1165949).\n - btrfs: reset max_extent_size properly (bsc##1165949).\n - btrfs: rework btrfs_check_space_for_delayed_refs (bsc#1165949).\n - btrfs: rework wake_all_tickets (bsc#1165949).\n - btrfs: roll tracepoint into btrfs_space_info_update helper (bsc#1165949).\n - btrfs: run btrfs_try_granting_tickets if a priority ticket fails\n (bsc#1165949).\n - btrfs: run delayed iput at unlink time (bsc#1165949).\n - btrfs: run delayed iputs before committing (bsc#1165949).\n - btrfs: set max_extent_size properly (bsc##1165949).\n - btrfs: sink extent_write_full_page tree argument (bsc#1168273).\n - btrfs: sink extent_write_locked_range tree parameter (bsc#1168273).\n - btrfs: sink flush_fn to extent_write_cache_pages (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_write_full_page (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_write_locked_range\n (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_fiemap (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_readpages (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_writepages (bsc#1168273).\n - btrfs: sink get_extent parameter to get_extent_skip_holes (bsc#1168273).\n - btrfs: sink writepage parameter to extent_write_cache_pages\n (bsc#1168273).\n - btrfs: stop partially refilling tickets when releasing space\n (bsc#1165949).\n - btrfs: stop using block_rsv_release_bytes everywhere (bsc#1165949).\n - btrfs: switch to on-stack csum buffer in csum_tree_block (bsc#1168273).\n - btrfs: temporarily export btrfs_get_restripe_target (bsc#1165949).\n - btrfs: temporarily export fragment_free_space (bsc#1165949).\n - btrfs: temporarily export inc_block_group_ro (bsc#1165949).\n - btrfs: track DIO bytes in flight (bsc#1165949).\n - btrfs: tree-checker: Remove comprehensive root owner check (bsc#1168273).\n - btrfs: unexport can_overcommit (bsc#1165949).\n - btrfs: unexport the temporary exported functions (bsc#1165949).\n - btrfs: unify error handling for ticket flushing (bsc#1165949).\n - btrfs: unify extent_page_data type passed as void (bsc#1168273).\n - btrfs: update may_commit_transaction to use the delayed refs rsv\n (bsc#1165949).\n - btrfs: use btrfs_try_granting_tickets in update_global_rsv (bsc#1165949).\n - btrfs: wait on caching when putting the bg cache (bsc#1165949).\n - btrfs: wait on ordered extents on abort cleanup (bsc#1165949).\n - btrfs: wakeup cleaner thread when adding delayed iput (bsc#1165949).\n - ceph: canonicalize server path in place (bsc#1168443).\n - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL\n (bsc#1169307).\n - ceph: remove the extra slashes in the server path (bsc#1168443).\n - cfg80211: check reg_rule for NULL in handle_channel_custom()\n (bsc#1051510).\n - cfg80211: check wiphy driver existence for drvinfo report (bsc#1051510).\n - cgroup: memcg: net: do not associate sock with unrelated cgroup\n (bsc#1167290).\n - cifs: ignore cached share root handle closing errors (bsc#1166780).\n - clk: imx: Align imx sc clock msg structs to 4 (bsc#1111666).\n - clk: imx: Align imx sc clock msg structs to 4 (git-fixes).\n - clk: qcom: rcg: Return failure for RCG update (bsc#1051510).\n - configfs: Fix bool initialization/comparison (bsc#1051510).\n - cpufreq: Register drivers only after CPU devices have been registered\n (bsc#1051510).\n - cpuidle: Do not unset the driver if it is there already (bsc#1051510).\n - crypto: arm64/sha-ce - implement export/import (bsc#1051510).\n - crypto: mxs-dcp - fix scatterlist linearization for hash (bsc#1051510).\n - crypto: tcrypt - fix printed skcipher [a]sync mode (bsc#1051510).\n - debugfs: add support for more elaborate ->d_fsdata (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: call debugfs_real_fops() only after debugfs_file_get()\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: call debugfs_real_fops() only after debugfs_file_get()\n (bsc#1159198). Prerequisite for bsc#1159198.\n - debugfs: convert to debugfs_file_get() and -put() (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: debugfs_real_fops(): drop __must_hold sparse annotation\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: debugfs_use_start/finish do not exist anymore (bsc#1159198).\n Prerequisite for bsc#1159198.\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198).\n Prerequisite for bsc#1159198.\n - debugfs: fix debugfs_real_fops() build error (bsc#1159198 bsc#1109911).\n Prerequisite for bsc#1159198.\n - debugfs: implement per-file removal protection (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: purge obsolete SRCU based removal protection (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: simplify __debugfs_remove_file() (bsc#1159198). Prerequisite\n for bsc#1159198.\n - dmaengine: ste_dma40: fix unneeded variable warning (bsc#1051510).\n - drm/amd/amdgpu: Fix GPR read from debugfs (v2) (bsc#1113956)\n - drm/amd/display: Add link_rate quirk for Apple 15\" MBP 2017\n (bsc#1111666).\n - drm/amd/display: Fix wrongly passed static prefix (bsc#1111666).\n - drm/amd/display: remove duplicated assignment to grph_obj_type\n (bsc#1051510).\n - drm/amdgpu: fix typo for vcn1 idle check (bsc#1111666).\n - drm/bochs: downgrade pci_request_region failure from error to warning\n (bsc#1051510).\n - drm/bridge: dw-hdmi: fix AVI frame colorimetry (bsc#1051510).\n - drm/drm_dp_mst:remove set but not used variable 'origlen' (bsc#1051510).\n - drm/exynos: dsi: fix workaround for the legacy clock name (bsc#1111666).\n - drm/exynos: dsi: propagate error value and silence meaningless warning\n (bsc#1111666).\n - drm/lease: fix WARNING in idr_destroy (bsc#1113956)\n - drm/msm: Set dma maximum segment size for mdss (bsc#1051510).\n - drm/msm: Use the correct dma_sync calls harder (bsc#1051510).\n - drm/msm: Use the correct dma_sync calls in msm_gem (bsc#1051510).\n - drm/msm: stop abusing dma_map/unmap for cache (bsc#1051510).\n - drm/sun4i: dsi: Use NULL to signify \"no panel\" (bsc#1111666).\n - drm/v3d: Replace wait_for macros to remove use of msleep (bsc#1111666).\n - drm/vc4: Fix HDMI mode validation (git-fixes).\n - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()\n (bsc#1051510).\n - dt-bindings: allow up to four clocks for orion-mdio (bsc#1051510).\n - efi: Do not attempt to map RCI2 config table if it does not exist\n (jsc#ECO-366, bsc#1168367).\n - efi: Export Runtime Configuration Interface table to sysfs (jsc#ECO-366,\n bsc#1168367).\n - efi: Fix a race and a buffer overflow while reading efivars via sysfs\n (bsc#1164893).\n - efi: x86: move efi_is_table_address() into arch/x86 (jsc#ECO-366,\n bsc#1168367).\n - ext4: Avoid ENOSPC when avoiding to reuse recently deleted inodes\n (bsc#1165019).\n - ext4: Check for non-zero journal inum in ext4_calculate_overhead\n (bsc#1167288).\n - ext4: add cond_resched() to __ext4_find_entry() (bsc#1166862).\n - ext4: do not assume that mmp_nodename/bdevname have NUL (bsc#1166860).\n - ext4: fix a data race in EXT4_I(inode)->i_disksize (bsc#1166861).\n - ext4: fix incorrect group count in ext4_fill_super error message\n (bsc#1168765).\n - ext4: fix incorrect inodes per group in error message (bsc#1168764).\n - ext4: fix potential race between online resizing and write operations\n (bsc#1166864).\n - ext4: fix potential race between s_flex_groups online resizing and\n access (bsc#1166867).\n - ext4: fix potential race between s_group_info online resizing and access\n (bsc#1166866).\n - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL\n (bsc#1166870).\n - ext4: fix support for inode sizes > 1024 bytes (bsc#1164284).\n - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()\n (bsc#1166940).\n - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem (bsc#1166868).\n - ext4: validate the debug_want_extra_isize mount option at parse time\n (bsc#1163897).\n - fat: fix uninit-memory access for partial initialized inode\n (bsc#1051510).\n - fat: work around race with userspace's read via blockdev while mounting\n (bsc#1051510).\n - fbdev/g364fb: Fix build failure (bsc#1051510).\n - fbdev: potential information leak in do_fb_ioctl() (bsc#1114279)\n - fbmem: Adjust indentation in fb_prepare_logo and fb_blank (bsc#1114279)\n - firmware: arm_sdei: fix double-lock on hibernate with shared events\n (bsc#1111666).\n - firmware: arm_sdei: fix possible double-lock on hibernate error path\n (bsc#1111666).\n - ftrace/kprobe: Show the maxactive number on kprobe_events (git-fixes).\n - i2c: hix5hd2: add missed clk_disable_unprepare in remove (bsc#1051510).\n - i2c: jz4780: silence log flood on txabrt (bsc#1051510).\n - ibmvfc: do not send implicit logouts prior to NPIV login (bsc#1169625\n ltc#184611).\n - iio: gyro: adis16136: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis16400: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis16480: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: magnetometer: ak8974: Fix negative raw values in sysfs\n (bsc#1051510).\n - iio: potentiostat: lmp9100: fix\n iio_triggered_buffer_{predisable,postenable} positions (bsc#1051510).\n - intel_th: Fix user-visible error codes (bsc#1051510).\n - intel_th: pci: Add Elkhart Lake CPU support (bsc#1051510).\n - iommu/amd: Fix the configuration of GCR3 table root pointer\n (bsc#1169057).\n - ipmi: fix hung processes in __get_guid() (bsc#1111666).\n - ipmi:ssif: Handle a possible NULL pointer reference (bsc#1051510).\n - ipvlan: do not add hardware address of master to its unicast filter list\n (bsc#1137325).\n - irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (bsc#1051510).\n - irqdomain: Fix a memory leak in irq_domain_push_irq() (bsc#1051510).\n - kABI workaround for pcie_port_bus_type change (bsc#1161561).\n - kABI: fixes for debugfs per-file removal protection backports\n (bsc#1159198 bsc#1109911).\n - kABI: restore debugfs_remove_recursive() (bsc#1159198).\n - kabi fix for (bsc#1168202).\n - libceph: fix alloc_msg_with_page_vector() memory leaks (bsc#1169308).\n - libfs: fix infoleak in simple_attr_read() (bsc#1168881).\n - lpfc: add support for translating an RSCN rcv into a discovery rescan\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - lpfc: add support to generate RSCN events for nport (bsc#1164777\n bsc#1164780 bsc#1165211).\n - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled (bsc#1051510).\n - mac80211: consider more elements in parsing CRC (bsc#1051510).\n - mac80211: free peer keys before vif down in mesh (bsc#1051510).\n - mac80211: mesh: fix RCU warning (bsc#1051510).\n - mac80211: only warn once on chanctx_conf being NULL (bsc#1051510).\n - mac80211: rx: avoid RCU list traversal under mutex (bsc#1051510).\n - macsec: add missing attribute validation for port (bsc#1051510).\n - macsec: fix refcnt leak in module exit routine (bsc#1051510).\n - media: dib0700: fix rc endpoint lookup (bsc#1051510).\n - media: flexcop-usb: fix endpoint sanity check (git-fixes).\n - media: go7007: Fix URB type for interrupt handling (bsc#1051510).\n - media: ov519: add missing endpoint sanity checks (bsc#1168829).\n - media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support\n (bsc#1051510).\n - media: ov6650: Fix some format attributes not under control\n (bsc#1051510).\n - media: ov6650: Fix stored crop rectangle not in sync with hardware\n (bsc#1051510).\n - media: ov6650: Fix stored frame format not in sync with hardware\n (bsc#1051510).\n - media: stv06xx: add missing descriptor sanity checks (bsc#1168854).\n - media: tda10071: fix unsigned sign extension overflow (bsc#1051510).\n - media: usbtv: fix control-message timeouts (bsc#1051510).\n - media: v4l2-core: fix entity initialization in device_register_subdev\n (bsc#1051510).\n - media: vsp1: tidyup VI6_HGT_LBn_H() macro (bsc#1051510).\n - media: xirlink_cit: add missing descriptor sanity checks (bsc#1051510).\n - mfd: dln2: Fix sanity checking for endpoints (bsc#1051510).\n - misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices\n (bsc#1051510).\n - mm/filemap.c: do not initiate writeback if mapping has no dirty pages\n (bsc#1168884).\n - mm/memory_hotplug.c: only respect mem= parameter during boot stage\n (bsc#1065600).\n - mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2 (bsc#1051510).\n - mwifiex: set needed_headroom, not hard_header_len (bsc#1051510).\n - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL\n (bsc#1051510).\n - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS\n (networking-stable-20_02_19).\n - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS\n (networking-stable-20_02_19).\n - net/smc: fix leak of kernel memory to user space\n (networking-stable-20_02_19).\n - net: dsa: tag_qca: Make sure there is headroom for tag\n (networking-stable-20_02_19).\n - net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421,\n bsc#1167423).\n - net: nfc: fix bounds checking bugs on \"pipe\" (bsc#1051510).\n - net: phy: micrel: kszphy_resume(): add delay after genphy_resume()\n before accessing PHY registers (bsc#1051510).\n - net_sched: keep alloc_hash updated after hash allocation (git-fixes).\n - netfilter: conntrack: sctp: use distinct states for new SCTP connections\n (bsc#1159199).\n - nvme-multipath: also check for a disabled path if there is a single\n sibling (bsc#1158983).\n - nvme-multipath: do not select namespaces which are about to be removed\n (bsc#1158983).\n - nvme-multipath: factor out a nvme_path_is_disabled helper (bsc#1158983).\n - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths (bsc#1158983).\n - nvme-multipath: fix possible I/O hang when paths are updated\n (bsc#1158983).\n - nvme-multipath: fix possible io hang after ctrl reconnect (bsc#1158983).\n - nvme-multipath: remove unused groups_only mode in ana log (bsc#1158983).\n - nvme-multipath: round-robin I/O policy (bsc#1158983).\n - nvme: fix a possible deadlock when passthru commands sent to a multipath\n device (bsc#1158983).\n - nvme: fix controller removal race with scan work (bsc#1158983).\n - objtool: Add is_static_jump() helper (bsc#1169514).\n - objtool: Add relocation check for alternative sections (bsc#1169514).\n - partitions/efi: Fix partition name parsing in GUID partition entry\n (bsc#1168763).\n - perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT\n flag (bsc#1114279).\n - perf: qcom_l2: fix column exclusion check (git-fixes).\n - pinctrl: core: Remove extra kref_get which blocks hogs being freed\n (bsc#1051510).\n - platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table\n (bsc#1051510).\n - powerpc/64/tm: Do not let userspace set regs->trap via sigreturn\n (bsc#1118338 ltc#173734).\n - powerpc/64: mark start_here_multiplatform as __ref (bsc#1148868).\n - powerpc/64s: Fix section mismatch warnings from boot code (bsc#1148868).\n - powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap\n PTE entries (bsc#1065729).\n - powerpc/kprobes: Ignore traps that happened in real mode (bsc#1065729).\n - powerpc/mm: Fix section mismatch warning in\n stop_machine_change_mapping() (bsc#1148868).\n - powerpc/pseries/ddw: Extend upper limit for huge DMA window for\n persistent memory (bsc#1142685 ltc#179509).\n - powerpc/pseries/iommu: Fix set but not used values (bsc#1142685\n ltc#179509).\n - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation\n (bsc#1142685 ltc#179509).\n - powerpc/vmlinux.lds: Explicitly retain .gnu.hash (bsc#1148868).\n - powerpc/xive: Replace msleep(x) with msleep(OPAL_BUSY_DELAY_MS)\n (bsc#1085030).\n - powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured\n IPIs (bsc#1085030).\n - pwm: bcm2835: Dynamically allocate base (bsc#1051510).\n - pwm: meson: Fix confusing indentation (bsc#1051510).\n - pwm: pca9685: Fix PWM/GPIO inter-operation (bsc#1051510).\n - pwm: rcar: Fix late Runtime PM enablement (bsc#1051510).\n - pwm: renesas-tpu: Fix late Runtime PM enablement (bsc#1051510).\n - pxa168fb: fix release function mismatch in probe failure (bsc#1051510).\n - qmi_wwan: unconditionally reject 2 ep interfaces (bsc#1051510).\n - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of\n buffer (git-fixes).\n - s390/mm: fix dynamic pagetable upgrade for hugetlbfs (bsc#1165182\n LTC#184102).\n - s390/qeth: fix potential deadlock on workqueue flush (bsc#1165185\n LTC#184108).\n - scsi: core: avoid repetitive logging of device offline messages\n (bsc#1145929).\n - scsi: core: kABI fix offline_already (bsc#1145929).\n - scsi: fc: Update Descriptor definition and add RDF and Link Integrity\n FPINs (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551).\n - scsi: lpfc: Change default SCSI LUN QD to 64 (bsc#1164777 bsc#1164780\n bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Clean up hba max_lun_queue_depth checks (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Copyright updates for 12.6.0.4 patches (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix Fabric hostname registration if system hostname changes\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix MDS Latency Diagnostics Err-drop rates (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix broken Credit Recovery after driver load (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix compiler warning on frame size (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix coverity errors in fmdi attribute handling (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix crash after handling a pci error (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix disablement of FC-AL on lpe35000 models (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix driver nvme rescan logging (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix erroneous cpu limit of 128 on I/O statistics\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix improper flag check for IO type (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix incomplete NVME discovery when target (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lockdep error - register non-static key (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lpfc overwrite of sg_cnt field in nvmefc_tgt_fcp_req\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lpfc_io_buf resource leak in lpfc_get_scsi_buf_s4 error\n path (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix missing check for CSF in Write Object Mbox Rsp\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix ras_log via debugfs (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix registration of ELS type support in fdmi (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix release of hwq to clear the eq relationship (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix scsi host template for SLI3 vports (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix unmap of dpp bars affecting next driver load\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix update of wq consumer index in lpfc_sli4_wq_release\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Make debugfs ktime stats generic for NVME and SCSI\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Remove handler for obsolete ELS - Read Port Status (RPS)\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Remove prototype FIPS/DSS options from SLI-3 (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.6.0.3 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.6.0.4 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.8.0.0 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: add RDF registration and Link Integrity FPIN logging\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: fix spelling mistake \"Notication\" -> \"Notification\"\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: fix spelling mistakes of asynchronous (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: qla2xxx: Fix I/Os being passed down when FC device is being\n deleted (bsc#1157424).\n - serdev: ttyport: restore client ops on deregistration (bsc#1051510).\n - staging: ccree: use signal safe completion wait (git-fixes).\n - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table\n (bsc#1051510).\n - staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi (bsc#1051510).\n - staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb\n (bsc#1051510).\n - staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback\n (bsc#1051510).\n - swiotlb: do not panic on mapping failures (bsc#1162171).\n - swiotlb: remove the overflow buffer (bsc#1162171).\n - thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n\n (bsc#1051510).\n - tpm: ibmvtpm: Wait for buffer to be set before proceeding (bsc#1065729).\n - tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode\n (bsc#1051510).\n - tty: evh_bytechan: Fix out of bounds accesses (bsc#1051510).\n - tty: serial: imx: setup the correct sg entry for tx dma (bsc#1051510).\n - usb: audio-v2: Add uac2_effect_unit_descriptor definition (bsc#1051510).\n - usb: core: hub: do error out if usb_autopm_get_interface() fails\n (git-fixes).\n - usb: core: port: do error out if usb_autopm_get_interface() fails\n (git-fixes).\n - usb: dwc2: Fix in ISOC request length checking (git-fixes).\n - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus (git-fixes).\n - usb: gadget: f_fs: Fix use after free issue as part of queue failure\n (bsc#1051510).\n - usb: host: xhci-plat: add a shutdown (git-fixes).\n - usb: musb: Disable pullup at init (git-fixes).\n - usb: musb: fix crash with highmen PIO and usbmon (bsc#1051510).\n - usb: quirks: add NO_LPM quirk for Logitech Screen Share (git-fixes).\n - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters\n (git-fixes).\n - usb: storage: Add quirk for Samsung Fit flash (git-fixes).\n - usb: uas: fix a plug & unplug racing (git-fixes).\n - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c\n (git-fixes).\n - virtio-blk: improve virtqueue error to BLK_STS (bsc#1167627).\n - virtio_ring: fix unmap of indirect descriptors (bsc#1162171).\n - x86/mce: Fix logic and comments around MSR_PPIN_CTL (bsc#1114279).\n - x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes\n (bsc#1114279).\n - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect()\n (bsc#1168486).\n - xhci: Do not open code __print_symbolic() in xhci trace events\n (git-fixes).\n - xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms\n (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-543=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-04-23T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8834"], "modified": "2020-04-23T00:00:00", "id": "OPENSUSE-SU-2020:0543-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TIJNUS3JX74DEJSKTRECNDTYTY3LURG2/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2022-04-18T12:41:26", "description": "An update that solves 35 vulnerabilities and has 194 fixes\n is now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-14615: Insufficient control flow in certain data structures for\n some Intel(R) Processors with Intel(R) Processor Graphics may have\n allowed an unauthenticated user to potentially enable information\n disclosure via local access (bnc#1160195 bnc#1165881).\n - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in\n the Marvell WiFi chip driver. A remote attacker could cause a denial of\n service (system crash) or, possibly execute arbitrary code, when the\n lbs_ibss_join_existing function is called after a STA connects to an AP\n (bnc#1157157).\n - CVE-2019-14897: A stack-based buffer overflow was found in the Marvell\n WiFi chip driver. An attacker is able to cause a denial of service\n (system crash) or, possibly execute arbitrary code, when a STA works in\n IBSS mode (allows connecting stations together without the use of an AP)\n and connects to another STA (bnc#1157155).\n - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c. It\n did not check the length of variable elements in a beacon head, leading\n to a buffer overflow (bnc#1152107).\n - CVE-2019-16994: In the Linux kernel before 5.0, a memory leak exists in\n sit_init_net() in net/ipv6/sit.c when register_netdev() fails to\n register sitn->fb_tunnel_dev, which may cause denial of service, aka\n CID-07f12b26e21a (bnc#1161523).\n - CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in\n drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of\n service (memory consumption), aka CID-128c66429247 (bnc#1156259).\n - CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c allowed a NULL\n pointer dereference because rcu_dereference(root->node) can be zero\n (bnc#1157692).\n - CVE-2019-19045: A memory leak in the mlx5_fpga_conn_create_cq() function\n in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers\n to cause a denial of service (memory consumption) by triggering\n mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).\n - CVE-2019-19051: A memory leak in the i2400m_op_rfkill_sw_toggle()\n function in drivers/net/wimax/i2400m/op-rfkill.c allowed attackers to\n cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7\n (bnc#1159024).\n - CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in\n drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a\n denial of service (memory consumption) by triggering kfifo_alloc()\n failures, aka CID-a7b2df76b42b (bnc#1161518).\n - CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in\n drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of\n service (memory consumption) by triggering bfa_port_get_stats()\n failures, aka CID-0e62395da2bd (bnc#1157303).\n - CVE-2019-19318: Mounting a crafted btrfs image twice can cause an\n rwsem_down_write_slowpath use-after-free because (in\n rwsem_can_spin_on_owner in kernel/locking/rwsem (bnc#1158026).\n - CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4\n image, can cause a slab-out-of-bounds write access because of an\n ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large\n old_size value is used in a memset call (bnc#1158021).\n - CVE-2019-19332: An out-of-bounds memory write issue was found in the way\n the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID'\n ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A\n user or process able to access the '/dev/kvm' device could use this flaw\n to crash the system, resulting in a denial of service (bnc#1158827).\n - CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous\n Abort (TAA) (bnc#1158954).\n - CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing\n some operations, and unmounting can lead to a use-after-free in\n ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in\n fs/ext4/super.c (bnc#1158819).\n - CVE-2019-19526: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/nfc/pn533/usb.c driver, aka\n CID-6af3aa57a098 (bnc#1158893).\n - CVE-2019-19527: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka\n CID-9c09b214f30e (bnc#1158900).\n - CVE-2019-19532: There were multiple out-of-bounds write bugs that can be\n caused by a malicious USB device in the Linux kernel HID drivers, aka\n CID-d9d4b1e46d95. This affects drivers/hid/hid-axff.c,\n drivers/hid/hid-dr.c, drivers/hid/hid-emsff.c, drivers/hid/hid-gaff.c,\n drivers/hid/hid-holtekff.c, drivers/hid/hid-lg2ff.c,\n drivers/hid/hid-lg3ff.c, drivers/hid/hid-lg4ff.c,\n drivers/hid/hid-lgff.c, drivers/hid/hid-logitech-hidpp.c,\n drivers/hid/hid-microsoft.c, drivers/hid/hid-sony.c,\n drivers/hid/hid-tmff.c, and drivers/hid/hid-zpff.c (bnc#1158824).\n - CVE-2019-19533: There was an info-leak bug that can be caused by a\n malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c\n driver, aka CID-a10feaf8c464 (bnc#1158834).\n - CVE-2019-19535: There was an info-leak bug that can be caused by a\n malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c\n driver, aka CID-30a8beeb3042 (bnc#1158903).\n - CVE-2019-19537: There was a race condition bug that can be caused by a\n malicious USB device in the USB character device driver layer, aka\n CID-303911cfc5b9. This affects drivers/usb/core/file.c (bnc#1158904).\n - CVE-2019-19767: The Linux kernel mishandled ext4_expand_extra_isize, as\n demonstrated by use-after-free errors in __ext4_expand_extra_isize and\n ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c,\n aka CID-4ea99936a163 (bnc#1159297).\n - CVE-2019-19927: Mounting a crafted f2fs filesystem image and performing\n some operations can lead to slab-out-of-bounds read access in\n ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related\n to the vmwgfx or ttm module (bnc#1160147).\n - CVE-2019-19965: There was a NULL pointer dereference in\n drivers/scsi/libsas/sas_discover.c because of mishandling of port\n disconnection during discovery, related to a PHY down race condition,\n aka CID-f70267f379b5 (bnc#1159911).\n - CVE-2019-19966: There was a use-after-free in cpia2_exit() in\n drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service,\n aka CID-dea37a972655 (bnc#1159841).\n - CVE-2019-20054: There was a NULL pointer dereference in\n drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka\n CID-23da9588037e (bnc#1159910).\n - CVE-2019-20095: mwifiex_tm_cmd in\n drivers/net/wireless/marvell/mwifiex/cfg80211.c had some error-handling\n cases that did not free allocated hostcmd memory, aka CID-003b686ace82.\n This will cause a memory leak and denial of service (bnc#1159909).\n - CVE-2019-20096: There was a memory leak in __feat_register_sp() in\n net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b\n (bnc#1159908).\n - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may\n trick the L0 hypervisor into accessing sensitive L1 resources\n (bsc#1163971).\n - CVE-2020-7053: There was a use-after-free (write) in the\n i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka\n CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in\n drivers/gpu/drm/i915/i915_gem_context.c (bnc#1160966).\n - CVE-2020-8428: fs/namei.c has a may_create_in_sticky use-after-free,\n which allowed local users to cause a denial of service (OOPS) or\n possibly obtain sensitive information from kernel memory, aka\n CID-d0cb50185ae9. One attack vector may be an open system call for a\n UNIX domain socket, if the socket is being moved to a new parent\n directory and its old parent directory is being removed (bnc#1162109).\n - CVE-2020-8648: There was a use-after-free vulnerability in the\n n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).\n - CVE-2020-8992: ext4_protect_reserved_inode in fs/ext4/block_validity.c\n allowed attackers to cause a denial of service (soft lockup) via a\n crafted journal size (bnc#1164069).\n - CVE-2019-19523: There was a use-after-free bug that can be caused by a\n malicious USB device in the drivers/usb/misc/adutux.c driver, aka\n CID-44efc269db79 (bnc#1158823).\n\n The following non-security bugs were fixed:\n\n - smb3: print warning once if posix context returned on open\n (bsc#1144333).\n - 6pack,mkiss: fix possible deadlock (bsc#1051510).\n - ACPI / APEI: Do not wait to serialise with oops messages when panic()ing\n (bsc#1051510).\n - ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).\n - ACPI / LPSS: Ignore acpi_device_fix_up_power() return value\n (bsc#1051510).\n - ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).\n - ACPI / watchdog: Fix init failure with overlapping register regions\n (bsc#1162557).\n - ACPI / watchdog: Set default timeout in probe (bsc#1162557).\n - ACPI: OSL: only free map once in osl.c (bsc#1051510).\n - ACPI: PM: Avoid attaching ACPI PM domain to certain devices\n (bsc#1051510).\n - ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()\n (bsc#1051510).\n - ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()\n (bsc#1051510).\n - ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (bsc#1051510).\n - ACPI: video: Do not export a non working backlight interface on MSI\n MS-7721 boards (bsc#1051510).\n - ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557).\n - ALSA: control: remove useless assignment in .info callback of PCM chmap\n element (git-fixes).\n - ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666).\n - ALSA: echoaudio: simplify get_audio_levels (bsc#1051510).\n - ALSA: fireface: fix return value in error path of isochronous resources\n reservation (bsc#1051510).\n - ALSA: hda - Add docking station support for Lenovo Thinkpad T420s\n (git-fixes).\n - ALSA: hda - Apply sync-write workaround to old Intel platforms, too\n (bsc#1111666).\n - ALSA: hda - Downgrade error message for single-cmd fallback (git-fixes).\n - ALSA: hda - constify and cleanup static NodeID tables (bsc#1111666).\n - ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen\n (git-fixes).\n - ALSA: hda/analog - Minor optimization for SPDIF mux connections\n (git-fixes).\n - ALSA: hda/ca0132 - Avoid endless loop (git-fixes).\n - ALSA: hda/ca0132 - Fix work handling in delayed HP detection (git-fixes).\n - ALSA: hda/ca0132 - Keep power on during processing DSP response\n (git-fixes).\n - ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes).\n - ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks\n (bsc#1111666).\n - ALSA: hda/hdmi - Fix duplicate unref of pci_dev (bsc#1051510).\n - ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() (git-fixes).\n - ALSA: hda/hdmi - fix atpx_present when CLASS is not VGA (bsc#1051510).\n - ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes).\n - ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker\n (bsc#1111666).\n - ALSA: hda/realtek - Add Headset Mic supported for HP cPC (bsc#1111666).\n - ALSA: hda/realtek - Add headset Mic no shutup for ALC283 (bsc#1051510).\n - ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).\n - ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th\n gen (bsc#1111666).\n - ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too\n (bsc#1111666).\n - ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236\n (git-fixes).\n - ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC\n (bsc#1111666).\n - ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G (git-fixes).\n - ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).\n - ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic\n supported (bsc#1111666).\n - ALSA: hda/realtek - Line-out jack does not work on a Dell AIO\n (bsc#1051510).\n - ALSA: hda/realtek - More constifications (bsc#1111666).\n - ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).\n - ALSA: hda: Add Clevo W65_67SB the power_save blacklist (git-fixes).\n - ALSA: hda: Add JasperLake PCI ID and codec vid (bsc#1111666).\n - ALSA: hda: Clear RIRB status before reading WP (bsc#1111666).\n - ALSA: hda: Constify snd_kcontrol_new items (bsc#1111666).\n - ALSA: hda: Constify snd_pci_quirk tables (bsc#1111666).\n - ALSA: hda: More constifications (bsc#1111666).\n - ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666).\n - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs\n (git-fixes).\n - ALSA: hda: constify copied structure (bsc#1111666).\n - ALSA: hda: correct kernel-doc parameter descriptions (bsc#1111666).\n - ALSA: hda: hdmi - add Tigerlake support (bsc#1111666).\n - ALSA: hda: hdmi - fix pin setup on Tigerlake (bsc#1111666).\n - ALSA: hda: patch_hdmi: remove warnings with empty body (bsc#1111666).\n - ALSA: hda: patch_realtek: fix empty macro usage in if block\n (bsc#1111666).\n - ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code\n (bsc#1051510).\n - ALSA: oxfw: fix return value in error path of isochronous resources\n reservation (bsc#1051510).\n - ALSA: pcm: Avoid possible info leaks from PCM stream buffers (git-fixes).\n - ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes).\n - ALSA: seq: Avoid concurrent access to queue flags (git-fixes).\n - ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes).\n - ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).\n - ALSA: sh: Fix compile warning wrt const (git-fixes).\n - ALSA: sh: Fix unused variable warnings (bsc#1111666).\n - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes).\n - ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5\n (bsc#1111666).\n - ALSA: usb-audio: Fix endianess in descriptor validation (bsc#1111666).\n - ALSA: usb-audio: fix set_format altsetting sanity check (bsc#1051510).\n - ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).\n - ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report\n (bsc#1051510).\n - ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).\n - ASoC: compress: fix unsigned integer overflow check (bsc#1051510).\n - ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' (bsc#1051510).\n - ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1\n (bsc#1051510).\n - ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI\n (bsc#1111666).\n - ASoC: sun8i-codec: Fix setting DAI data format (git-fixes).\n - ASoC: wm8962: fix lambda value (git-fixes).\n - Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510).\n - Bluetooth: hci_bcm: Handle specific unknown packets after firmware\n loading (bsc#1051510).\n - btrfs: add missing extents release on file extent cluster relocation\n error (bsc#1159483).\n - btrfs: avoid fallback to transaction commit during fsync of files with\n holes (bsc#1159569).\n - btrfs: fix block group remaining RO forever after error during device\n replace (bsc#1160442).\n - btrfs: fix btrfs_write_inode vs delayed iput deadlock (bsc#1154243).\n - btrfs: fix infinite loop during fsync after rename operations\n (bsc#1163383).\n - btrfs: fix infinite loop during nocow writeback due to race\n (bsc#1160804).\n - btrfs: fix missing data checksums after replaying a log tree\n (bsc#1161931).\n - btrfs: fix negative subv_writers counter and data space leak after\n buffered write (bsc#1160802).\n - btrfs: fix race between adding and putting tree mod seq elements and\n nodes (bsc#1163384).\n - btrfs: fix removal logic of the tree mod log that leads to\n use-after-free issues (bsc#1160803).\n - btrfs: fix selftests failure due to uninitialized i_mode in test inodes\n (Fix for dependency of bsc#1157692).\n - btrfs: make tree checker detect checksum items with overlapping ranges\n (bsc#1161931).\n - btrfs: send, skip backreference walking for extents with many references\n (bsc#1162139).\n - CDC-NCM: handle incomplete transfer of MTU (networking-stable-19_11_10).\n - CIFS: Add support for setting owner info, dos attributes, and create\n time (bsc#1144333).\n - CIFS: Close cached root handle only if it had a lease (bsc#1144333).\n - CIFS: Close open handle after interrupted close (bsc#1144333).\n - CIFS: Do not miss cancelled OPEN responses (bsc#1144333).\n - CIFS: Fix NULL pointer dereference in mid callback (bsc#1144333).\n - CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks\n (bsc#1144333).\n - CIFS: Fix task struct use-after-free on reconnect (bsc#1144333).\n - CIFS: Properly process SMB3 lease breaks (bsc#1144333).\n - CIFS: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1144333).\n - CIFS: Return directly after a failed build_path_from_dentry() in\n cifs_do_create() (bsc#1144333).\n - CIFS: Use common error handling code in smb2_ioctl_query_info()\n (bsc#1144333).\n - CIFS: Use memdup_user() rather than duplicating its implementation\n (bsc#1144333).\n - CIFS: fix a white space issue in cifs_get_inode_info() (bsc#1144333).\n - CIFS: refactor cifs_get_inode_info() (bsc#1144333).\n - CIFS: remove set but not used variables 'cinode' and 'netfid'\n (bsc#1144333).\n - Cover up kABI breakage due to DH key verification (bsc#1155331).\n - Delete patches which cause regression (bsc#1165527 ltc#184149).\n - Documentation: Document arm64 kpti control (bsc#1162623).\n - Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632).\n - Fix the locking in dcache_readdir() and friends (bsc#1123328).\n - HID: doc: fix wrong data structure reference for UHID_OUTPUT\n (bsc#1051510).\n - HID: hiddev: Fix race in in hiddev_disconnect() (git-fixes).\n - HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).\n - HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).\n - HID: intel-ish-hid: fixes incorrect error handling (bsc#1051510).\n - HID: uhid: Fix returning EPOLLOUT from uhid_char_poll (bsc#1051510).\n - IB/hfi1: Close window for pq and request coliding (bsc#1060463 ).\n - IB/hfi1: Do not cancel unused work item (bsc#1114685 ).\n - IB/mlx5: Fix steering rule of drop and count (bsc#1103991 ).\n - IB/mlx5: Remove dead code (bsc#1103991).\n - Input: aiptek - fix endpoint sanity check (bsc#1051510).\n - Input: cyttsp4_core - fix use after free bug (bsc#1051510).\n - Input: goodix - add upside-down quirk for Teclast X89 tablet\n (bsc#1051510).\n - Input: gtco - fix endpoint sanity check (bsc#1051510).\n - Input: keyspan-remote - fix control-message timeouts (bsc#1051510).\n - Input: pegasus_notetaker - fix endpoint sanity check (bsc#1051510).\n - Input: pm8xxx-vib - fix handling of separate enable register\n (bsc#1051510).\n - Input: rmi_f54 - read from FIFO in 32 byte blocks (bsc#1051510).\n - Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register\n (bsc#1051510).\n - Input: sur40 - fix interface sanity checks (bsc#1051510).\n - Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus (bsc#1051510).\n - Input: synaptics-rmi4 - do not increment rmiaddr for SMBus transfers\n (bsc#1051510).\n - Input: synaptics-rmi4 - simplify data read in rmi_f54_work (bsc#1051510).\n - KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers\n (bsc#1133021).\n - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840).\n - KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840).\n - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails\n (bsc#1061840).\n - KVM: SVM: Override default MMIO mask if memory encryption is enabled\n (bsc#1162618).\n - KVM: arm64: Store vcpu on the stack during __guest_enter() (bsc#1133021).\n - KVM: fix spectrev1 gadgets (bsc#1164705).\n - KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl\n (git-fixes).\n - KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups (bsc#1133021).\n - KVM: s390: Test for bad access register and size at the start of\n S390_MEM_OP (git-fixes).\n - KVM: s390: do not clobber registers during guest reset/store status\n (bsc#1133021).\n - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF\n attacks (bsc#1164734).\n - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF\n attacks in x86.c (bsc#1164733).\n - KVM: x86: Protect MSR-based index computations in\n fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164731).\n - KVM: x86: Protect MSR-based index computations in pmu.h from\n Spectre-v1/L1TF attacks (bsc#1164732).\n - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks\n (bsc#1164728).\n - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks\n (bsc#1164729).\n - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF\n attacks (bsc#1164712).\n - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks\n (bsc#1164730).\n - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735).\n - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks\n (bsc#1164705).\n - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks\n (bsc#1164727).\n - KVM: x86: Remove a spurious export of a static function (bsc#1158954).\n - NFC: fdp: fix incorrect free object (networking-stable-19_11_10).\n - NFC: pn533: fix bulk-message timeout (bsc#1051510).\n - NFC: pn544: Adjust indentation in pn544_hci_check_presence (git-fixes).\n - NFC: st21nfca: fix double free (networking-stable-19_11_10).\n - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes).\n - PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity()\n (bsc#1051510).\n - PCI/switchtec: Fix vep_vector_number ioread width (bsc#1051510).\n - PCI: Add DMA alias quirk for Intel VCA NTB (bsc#1051510).\n - PCI: Do not disable bridge BARs when assigning bus resources\n (bsc#1051510).\n - PCI: pciehp: Avoid returning prematurely from sysfs requests (git-fixes).\n - PCI: rpaphp: Add drc-info support for hotplug slot registration\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Annotate and correctly byte swap DRC properties\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Avoid a sometimes-uninitialized warning (bsc#1157480\n ltc#181028).\n - PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using\n drc-info (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Do not rely on firmware feature to imply drc-info support\n (bsc#1157480 ltc#181028).\n - PCI: rpaphp: Fix up pointer to first drc-info entry (bsc#1157480\n ltc#181028).\n - PM / AVS: SmartReflex: NULL check before some freeing functions is not\n needed (bsc#1051510).\n - PM / Domains: Deal with multiple states but no governor in genpd\n (bsc#1051510).\n - RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).\n - RDMA/bnxt_re: Enable SRIOV VF support on Broadcom's 57500 adapter series\n (bsc#1154916).\n - RDMA/bnxt_re: Fix chip number validation Broadcom's Gen P5 series\n (bsc#1157895).\n - RDMA/bnxt_re: Fix missing le16_to_cpu (bsc#1157895).\n - RDMA/cma: Fix unbalanced cm_id reference count during address resolve\n (bsc#1103992).\n - RDMA/hfi1: Fix memory leak in _dev_comp_vect_mappings_create\n (bsc#1114685).\n - RDMA/hns: Bugfix for qpc/cqc timer configuration (bsc#1104427\n bsc#1126206).\n - RDMA/hns: Correct the value of srq_desc_size (bsc#1104427 ).\n - RDMA/hns: Fix to support 64K page for srq (bsc#1104427 ).\n - RDMA/hns: Prevent memory leaks of eq->buf_list (bsc#1104427 ).\n - RDMA/uverbs: Verify MR access flags (bsc#1103992).\n - crypto/dh: Adjust for change of DH_KPP_SECRET_MIN_SIZE in\n 35f7d5225ffcbf1b759f641aec1735e3a89b1914\n - crypto/dh: Remove the fips=1 check in dh.c dh.c is not fips-specific and\n should perform the same regardless of this setting.\n - Revert \"HID: add NOGET quirk for Eaton Ellipse MAX UPS\" (git-fixes).\n - Revert \"Input: synaptics-rmi4 - do not increment rmiaddr for SMBus\n transfers\" (bsc#1051510).\n - Revert \"ath10k: fix DMA related firmware crashes on multiple devices\"\n (git-fixes).\n - Revert \"locking/pvqspinlock: Do not wait if vCPU is preempted\"\n (bsc#1050549).\n - Revert \"mmc: sdhci: Fix incorrect switch to HS mode\" (bsc#1051510).\n - Revert patches.suse/samples-bpf-add-a-test-for-bpf_override_return.patch\n (bsc#1159500)\n - SMB3: Backup intent flag missing from some more ops (bsc#1144333).\n - SMB3: Fix crash in SMB2_open_init due to uninitialized field in\n compounding path (bsc#1144333).\n - SMB3: Fix persistent handles reconnect (bsc#1144333).\n - SUNRPC: Fix svcauth_gss_proxy_init() (bsc#1103992).\n - Staging: iio: adt7316: Fix i2c data reading, set the data field\n (bsc#1051510).\n - USB: EHCI: Do not return -EPIPE when hub is disconnected (git-fixes).\n - USB: adutux: fix interface sanity check (bsc#1051510).\n - USB: atm: ueagle-atm: add missing endpoint check (bsc#1051510).\n - USB: core: add endpoint-blacklist quirk (git-fixes).\n - USB: core: fix check for duplicate endpoints (git-fixes).\n - USB: documentation: flags on usb-storage versus UAS (bsc#1051510).\n - USB: idmouse: fix interface sanity checks (bsc#1051510).\n - USB: quirks: blacklist duplicate ep on Sound Devices USBPre2 (git-fixes).\n - USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).\n - USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P (bsc#1051510).\n - USB: serial: io_edgeport: add missing active-port sanity check\n (bsc#1051510).\n - USB: serial: io_edgeport: fix epic endpoint lookup (bsc#1051510).\n - USB: serial: io_edgeport: handle unbound ports on URB completion\n (bsc#1051510).\n - USB: serial: io_edgeport: use irqsave() in USB's complete callback\n (bsc#1051510).\n - USB: serial: ir-usb: add missing endpoint sanity check (bsc#1051510).\n - USB: serial: ir-usb: fix IrLAP framing (bsc#1051510).\n - USB: serial: ir-usb: fix link-speed handling (bsc#1051510).\n - USB: serial: keyspan: handle unbound ports (bsc#1051510).\n - USB: serial: opticon: fix control-message timeouts (bsc#1051510).\n - USB: serial: option: Add support for Quectel RM500Q (bsc#1051510).\n - USB: serial: option: add Telit ME910G1 0x110a composition (git-fixes).\n - USB: serial: option: add ZLP support for 0x1bc7/0x9010 (git-fixes).\n - USB: serial: option: add support for Quectel RM500Q in QDL mode\n (git-fixes).\n - USB: serial: quatech2: handle unbound ports (bsc#1051510).\n - USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx\n (bsc#1051510).\n - USB: serial: suppress driver bind attributes (bsc#1051510).\n - USB: uas: heed CAPACITY_HEURISTICS (bsc#1051510).\n - USB: uas: honor flag to avoid CAPACITY16 (bsc#1051510).\n - Update\n patches.suse/powerpc-xive-Implement-get_irqchip_state-method-for-.patch\n (bsc#1085030).\n - af_packet: set defaule value for tmo (bsc#1051510).\n - apparmor: fix unsigned len comparison with less than zero (git-fixes).\n - ar5523: check NULL before memcpy() in ar5523_cmd() (bsc#1051510).\n - arm64: Revert support for execute-only user mappings (bsc#1160218).\n - ata: ahci: Add shutdown to freeze hardware resources of ahci\n (bsc#1164388).\n - ath10k: Correct the DMA direction for management tx buffers\n (bsc#1111666).\n - ath10k: fix fw crash by moving chip reset after napi disabled\n (bsc#1051510).\n - ath10k: pci: Fix comment on ath10k_pci_dump_memory_sram (bsc#1111666).\n - ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe\n (bsc#1111666).\n - ath6kl: Fix off by one error in scan completion (bsc#1051510).\n - ath9k: fix storage endpoint lookup (git-fixes).\n - atl1e: checking the status of atl1e_write_phy_reg (bsc#1051510).\n - audit: Allow auditd to set pid to 0 to end auditing (bsc#1158094).\n - batman-adv: Fix DAT candidate selection on little endian systems\n (bsc#1051510).\n - bcache: Fix an error code in bch_dump_read() (bsc#1163762).\n - bcache: Revert \"bcache: shrink btree node cache after bch_btree_check()\"\n (bsc#1163762, bsc#1112504).\n - bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front()\n (bsc#1163762).\n - bcache: add code comments for state->pool in __btree_sort()\n (bsc#1163762).\n - bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).\n - bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).\n - bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).\n - bcache: add more accurate error messages in read_super() (bsc#1163762).\n - bcache: add readahead cache policy options via sysfs interface\n (bsc#1163762).\n - bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).\n - bcache: avoid unnecessary btree nodes flushing in btree_flush_write()\n (bsc#1163762).\n - bcache: check return value of prio_read() (bsc#1163762).\n - bcache: deleted code comments for dead code in bch_data_insert_keys()\n (bsc#1163762).\n - bcache: do not export symbols (bsc#1163762).\n - bcache: explicity type cast in bset_bkey_last() (bsc#1163762).\n - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock\n (bsc#1163762).\n - bcache: fix deadlock in bcache_allocator (bsc#1163762).\n - bcache: fix incorrect data type usage in btree_flush_write()\n (bsc#1163762).\n - bcache: fix memory corruption in bch_cache_accounting_clear()\n (bsc#1163762).\n - bcache: fix static checker warning in bcache_device_free() (bsc#1163762).\n - bcache: ignore pending signals when creating gc and allocator thread\n (bsc#1163762, bsc#1112504).\n - bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).\n - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan()\n (bsc#1163762).\n - bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762).\n - bcache: remove macro nr_to_fifo_front() (bsc#1163762).\n - bcache: remove member accessed from struct btree (bsc#1163762).\n - bcache: remove the extra cflags for request.o (bsc#1163762).\n - bcma: remove set but not used variable 'sizel' (git-fixes).\n - blk-mq: avoid sysfs buffer overflow with too many CPU cores\n (bsc#1159377).\n - blk-mq: avoid sysfs buffer overflow with too many CPU cores\n (bsc#1163840).\n - blk-mq: make sure that line break can be printed (bsc#1159377).\n - blk-mq: make sure that line break can be printed (bsc#1164098).\n - bnxt: apply computed clamp value for coalece parameter (bsc#1104745).\n - bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).\n - bnxt_en: Fix NTUPLE firmware command failures (bsc#1104745 ).\n - bnxt_en: Fix TC queue mapping (networking-stable-20_02_05).\n - bnxt_en: Improve device shutdown method (bsc#1104745 ).\n - bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs\n (bsc#1134090 jsc#SLE-5954).\n - bnxt_en: Return error if FW returns more data than dump length\n (bsc#1104745).\n - bonding: fix active-backup transition after link failure (git-fixes).\n - bonding: fix potential NULL deref in bond_update_slave_arr (bsc#1051510).\n - bonding: fix slave stuck in BOND_LINK_FAIL state\n (networking-stable-19_11_10).\n - bonding: fix state transition issue in link monitoring\n (networking-stable-19_11_10).\n - bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).\n - bpf, offload: Replace bitwise AND by logical AND in\n bpf_prog_offload_info_fill (bsc#1109837).\n - bpf, offload: Unlock on error in bpf_offload_dev_create() (bsc#1109837).\n - bpf/sockmap: Read psock ingress_msg before sk_receive_queue\n (bsc#1083647).\n - bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() (bsc#1083647).\n - bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).\n - bpf: Make use of probe_user_write in probe write helper (bsc#1083647).\n - bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).\n - bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).\n - bpf: Sanity check max value for var_off stack access (bco#1160618).\n - bpf: Support variable offset stack access from helpers (bco#1160618).\n - bpf: add self-check logic to liveness analysis (bsc#1160618).\n - bpf: add verifier stats and log_level bit 2 (bsc#1160618).\n - bpf: improve stacksafe state comparison (bco#1160618).\n - bpf: improve verification speed by droping states (bsc#1160618).\n - bpf: improve verification speed by not remarking live_read (bsc#1160618).\n - bpf: improve verifier branch analysis (bsc#1160618).\n - bpf: increase complexity limit and maximum program size (bsc#1160618).\n - bpf: increase verifier log limit (bsc#1160618).\n - bpf: skmsg, fix potential psock NULL pointer dereference (bsc#1109837).\n - bpf: speed up stacksafe check (bco#1160618).\n - bpf: verifier: teach the verifier to reason about the BPF_JSET\n instruction (bco#1160618).\n - brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() (bsc#1111666).\n - brcmfmac: Fix memory leak in brcmf_usbdev_qinit (git-fixes).\n - brcmfmac: Fix use after free in brcmf_sdio_readframes() (git-fixes).\n - brcmfmac: fix interface sanity check (git-fixes).\n - brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362\n (bsc#1111666).\n - brcmfmac: set F2 watermark to 256 for 4373 (bsc#1111666).\n - brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 (bsc#1111666).\n - btrfs: Ensure we trim ranges across block group boundary (bsc#1151910).\n - btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it\n (dependency for bsc#1157692).\n - btrfs: abort transaction after failed inode updates in create_subvol\n (bsc#1161936).\n - btrfs: dev-replace: remove warning for unknown return codes when\n finished (dependency for bsc#1162067).\n - btrfs: do not call synchronize_srcu() in inode_tree_del (bsc#1161934).\n - btrfs: do not double lock the subvol_sem for rename exchange\n (bsc#1162943).\n - btrfs: fix integer overflow in calc_reclaim_items_nr (bsc#1160433).\n - btrfs: handle ENOENT in btrfs_uuid_tree_iterate (bsc#1161937).\n - btrfs: harden agaist duplicate fsid on scanned devices (bsc#1134973).\n - btrfs: inode: Verify inode mode to avoid NULL pointer dereference\n (dependency for bsc#1157692).\n - btrfs: record all roots for rename exchange on a subvol (bsc#1161933).\n - btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).\n - btrfs: scrub: Require mandatory block group RO for dev-replace\n (bsc#1162067).\n - btrfs: simplify inode locking for RWF_NOWAIT (git-fixes).\n - btrfs: skip log replay on orphaned roots (bsc#1161935).\n - btrfs: tree-checker: Check chunk item at tree block read time\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Check level for leaves and nodes (dependency for\n bsc#1157692).\n - btrfs: tree-checker: Enhance chunk checker to validate chunk profile\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency\n of bsc#1157692).\n - btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN\n instead of EIO (dependency for bsc#1157692).\n - btrfs: tree-checker: Make chunk item checker messages more readable\n (dependency for bsc#1157692).\n - btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).\n - btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in block_group_err (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_block_group_item\n (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_csum_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_dev_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_dir_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_extent_data_item\n (dependency for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_inode_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_leaf_item (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in dev_item_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in dir_item_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in file_extent_err (dependency\n for bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in check_leaf (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in chunk_err (dependency for\n bsc#1157692).\n - btrfs: tree-checker: get fs_info from eb in generic_err (dependency for\n bsc#1157692).\n - btrfs: volumes: Use more straightforward way to calculate map length\n (bsc#1151910).\n - can, slip: Protect tty->disc_data in write_wakeup and close with RCU\n (bsc#1051510).\n - can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open\n (bsc#1051510).\n - can: can_dropped_invalid_skb(): ensure an initialized headroom in\n outgoing CAN sk_buffs (bsc#1051510).\n - can: gs_usb: gs_usb_probe(): use descriptors of current altsetting\n (bsc#1051510).\n - can: mscan: mscan_rx_poll(): fix rx path lockup when returning from\n polling to irq mode (bsc#1051510).\n - can: peak_usb: report bus recovery as well (bsc#1051510).\n - can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error\n (bsc#1051510).\n - can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on\n error (bsc#1051510).\n - can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors\n on queue overflow or OOM (bsc#1051510).\n - can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to\n propagate error value in case of errors (bsc#1051510).\n - can: slcan: Fix use-after-free Read in slcan_open (bsc#1051510).\n - cdrom: respect device capabilities during opening action (boo#1164632).\n - cfg80211/mac80211: make ieee80211_send_layer2_update a public function\n (bsc#1051510).\n - cfg80211: check for set_wiphy_params (bsc#1051510).\n - cfg80211: fix deadlocks in autodisconnect work (bsc#1111666).\n - cfg80211: fix memory leak in cfg80211_cqm_rssi_update (bsc#1111666).\n - cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).\n - cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).\n - chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849).\n - cifs: Add tracepoints for errors on flush or fsync (bsc#1144333).\n - cifs: Adjust indentation in smb2_open_file (bsc#1144333).\n - cifs: Avoid doing network I/O while holding cache lock (bsc#1144333).\n - cifs: Clean up DFS referral cache (bsc#1144333).\n - cifs: Do not display RDMA transport on reconnect (bsc#1144333).\n - cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).\n - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()\n (bsc#1144333).\n - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()\n (bsc#1144333).\n - cifs: Fix mode output in debugging statements (bsc#1144333).\n - cifs: Fix mount options set in automount (bsc#1144333).\n - cifs: Fix mount options set in automount (bsc#1144333).\n - cifs: Fix potential deadlock when updating vol in cifs_reconnect()\n (bsc#1144333).\n - cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).\n - cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).\n - cifs: Fix return value in __update_cache_entry (bsc#1144333).\n - cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).\n - cifs: Get rid of kstrdup_const()'d paths (bsc#1144333).\n - cifs: Introduce helpers for finding TCP connection (bsc#1144333).\n - cifs: Merge is_path_valid() into get_normalized_path() (bsc#1144333).\n - cifs: Optimize readdir on reparse points (bsc#1144333).\n - cifs: Use #define in cifs_dbg (bsc#1144333).\n - cifs: add SMB2_open() arg to return POSIX data (bsc#1144333).\n - cifs: add SMB3 change notification support (bsc#1144333).\n - cifs: add a debug macro that prints \\\\server\\share for errors\n (bsc#1144333).\n - cifs: add missing mount option to /proc/mounts (bsc#1144333).\n - cifs: add new debugging macro cifs_server_dbg (bsc#1144333).\n - cifs: add passthrough for smb2 setinfo (bsc#1144333).\n - cifs: add smb2 POSIX info level (bsc#1144333).\n - cifs: add support for fallocate mode 0 for non-sparse files\n (bsc#1144333).\n - cifs: add support for flock (bsc#1144333).\n - cifs: allow chmod to set mode bits using special sid (bsc#1144333).\n - cifs: call wake_up(&server->response_q) inside of cifs_reconnect()\n (bsc#1144333).\n - cifs: close the shared root handle on tree disconnect (bsc#1144333).\n - cifs: create a helper function to parse the query-directory response\n buffer (bsc#1144333).\n - cifs: do d_move in rename (bsc#1144333).\n - cifs: do not ignore the SYNC flags in getattr (bsc#1144333).\n - cifs: do not leak -EAGAIN for stat() during reconnect (bsc#1144333).\n - cifs: do not use 'pre:' for MODULE_SOFTDEP (bsc#1144333).\n - cifs: enable change notification for SMB2.1 dialect (bsc#1144333).\n - cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1144333).\n - cifs: fix NULL dereference in match_prepath (bsc#1144333).\n - cifs: fix a comment for the timeouts when sending echos (bsc#1144333).\n - cifs: fix dereference on ses before it is null checked (bsc#1144333).\n - cifs: fix mode bits from dir listing when mounted with modefromsid\n (bsc#1144333).\n - cifs: fix mount option display for sec=krb5i (bsc#1161907).\n - cifs: fix potential mismatch of UNC paths (bsc#1144333).\n - cifs: fix rename() by ensuring source handle opened with DELETE bit\n (bsc#1144333).\n - cifs: fix soft mounts hanging in the reconnect code (bsc#1144333).\n - cifs: fix soft mounts hanging in the reconnect code (bsc#1144333).\n - cifs: fix unitialized variable poential problem with network I/O cache\n lock patch (bsc#1144333).\n - cifs: get mode bits from special sid on stat (bsc#1144333).\n - cifs: handle prefix paths in reconnect (bsc#1144333).\n - cifs: log warning message (once) if out of disk space (bsc#1144333).\n - cifs: make sure we do not overflow the max EA buffer size (bsc#1144333).\n - cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1144333).\n - cifs: modefromsid: make room for 4 ACE (bsc#1144333).\n - cifs: modefromsid: write mode ACE first (bsc#1144333).\n - cifs: plumb smb2 POSIX dir enumeration (bsc#1144333).\n - cifs: potential unintitliazed error code in cifs_getattr() (bsc#1144333).\n - cifs: prepare SMB2_query_directory to be used with compounding\n (bsc#1144333).\n - cifs: print warning once if mounting with vers=1.0 (bsc#1144333).\n - cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1144333).\n - cifs: remove redundant assignment to variable rc (bsc#1144333).\n - cifs: remove set but not used variable 'server' (bsc#1144333).\n - cifs: remove set but not used variables (bsc#1144333).\n - cifs: remove unused variable 'sid_user' (bsc#1144333).\n - cifs: remove unused variable (bsc#1144333).\n - cifs: rename a variable in SendReceive() (bsc#1144333).\n - cifs: rename posix create rsp (bsc#1144333).\n - cifs: replace various strncpy with strscpy and similar (bsc#1144333).\n - cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1144333).\n - cifs: smbd: Add messages on RDMA session destroy and reconnection\n (bsc#1144333).\n - cifs: smbd: Invalidate and deregister memory registration on re-send for\n direct I/O (bsc#1144333).\n - cifs: smbd: Only queue work for error recovery on memory registration\n (bsc#1144333).\n - cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1144333).\n - cifs: smbd: Return -ECONNABORTED when trasnport is not in connected\n state (bsc#1144333).\n - cifs: smbd: Return -EINVAL when the number of iovs exceeds\n SMBDIRECT_MAX_SGE (bsc#1144333).\n - cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1144333).\n - cifs: use compounding for open and first query-dir for readdir()\n (bsc#1144333).\n - cifs: use mod_delayed_work() for &server->reconnect if already queued\n (bsc#1144333).\n - clk: Do not try to enable critical clocks if prepare failed\n (bsc#1051510).\n - clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).\n - clk: mmp2: Fix the order of timer mux parents (bsc#1051510).\n - clk: qcom: rcg2: Do not crash if our parent can't be found; return an\n error (bsc#1051510).\n - clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).\n - clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).\n - clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering\n (bsc#1051510).\n - clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).\n - clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510).\n - clk: sunxi: sun9i-mmc: Implement reset callback for reset controls\n (bsc#1051510).\n - clk: tegra: Mark fuse clock as critical (bsc#1051510).\n - clocksource/drivers/bcm2835_timer: Fix memory leak of timer\n (bsc#1051510).\n - clocksource: Prevent double add_timer_on() for watchdog_timer\n (bsc#1051510).\n - closures: fix a race on wakeup from closure_sync (bsc#1163762).\n - cls_rsvp: fix rsvp_policy (networking-stable-20_02_05).\n - configfs_register_group() shouldn't be (and isn't) called in rmdirable\n parts (bsc#1051510).\n - copy/pasted \"Recommends:\" instead of \"Provides:\", \"Obsoletes:\" and\n \"Conflicts:\n - core: Do not skip generic XDP program execution for cloned SKBs\n (bsc#1109837).\n - crypto: DRBG - add FIPS 140-2 CTRNG for noise source (bsc#1155334).\n - crypto: af_alg - Use bh_lock_sock in sk_destruct (bsc#1051510).\n - crypto: api - Check spawn->alg under lock in crypto_drop_spawn\n (bsc#1051510).\n - crypto: api - Fix race condition in crypto_spawn_alg (bsc#1051510).\n - crypto: atmel-sha - fix error handling when setting hmac key\n (bsc#1051510).\n - crypto: caam/qi2 - fix typo in algorithm's driver name (bsc#1111666).\n - crypto: ccp - fix uninitialized list head (bsc#1051510).\n - crypto: chelsio - fix writing tfm flags to wrong place (bsc#1051510).\n - crypto: dh - add public key verification test (bsc#1155331).\n - crypto: dh - fix calculating encoded key size (bsc#1155331).\n - crypto: dh - fix memory leak (bsc#1155331).\n - crypto: dh - update test for public key verification (bsc#1155331).\n - crypto: ecdh - add public key verification test (bsc#1155331).\n - crypto: ecdh - fix typo of P-192 b value (bsc#1155331).\n - crypto: mxc-scc - fix build warnings on ARM64 (bsc#1051510).\n - crypto: pcrypt - Do not clear MAY_SLEEP flag in original request\n (bsc#1051510).\n - crypto: picoxcell - adjust the position of tasklet_init and fix missed\n tasklet_kill (bsc#1051510).\n - crypto: reexport crypto_shoot_alg() (bsc#1051510, kABI fix).\n - cxgb4: request the TX CIDX updates to status page (bsc#1127371).\n - devlink: report 0 after hitting end in region read (bsc#1109837).\n - dma-buf: Fix memory leak in sync_file_merge() (git-fixes).\n - dma-mapping: fix return type of dma_set_max_seg_size() (bsc#1051510).\n - dmaengine: Fix access to uninitialized dma_slave_caps (bsc#1051510).\n - dmaengine: coh901318: Fix a double-lock bug (bsc#1051510).\n - dmaengine: coh901318: Remove unused variable (bsc#1051510).\n - drivers/base/memory.c: cache blocks in radix tree to accelerate lookup\n (bsc#1159955 ltc#182993).\n - drivers/base/memory.c: do not access uninitialized memmaps in\n soft_offline_page_store() (bsc#1051510).\n - drivers/base/platform.c: kmemleak ignore a known leak (bsc#1051510).\n - drivers/regulator: fix a missing check of return value (bsc#1051510).\n - drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero\n (bsc#1111666).\n - drm/amd/powerplay: remove set but not used variable 'us_mvdd'\n (bsc#1111666).\n - drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc (bsc#1111666).\n - drm/amdgpu: add function parameter description in\n 'amdgpu_device_set_cg_state' (bsc#1111666).\n - drm/amdgpu: add function parameter description in 'amdgpu_gart_bind'\n (bsc#1051510).\n - drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1114279)\n - drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)\n (bsc#1111666).\n - drm/amdgpu: remove 4 set but not used variable in\n amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510).\n - drm/amdgpu: remove always false comparison in\n 'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'amdgpu_connector'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'dig_connector'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'invalid' (bsc#1111666).\n - drm/amdgpu: remove set but not used variable 'mc_shared_chmap'\n (bsc#1051510).\n - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from\n 'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510).\n - drm/amdkfd: fix a use after free race with mmu_notifer unregister\n (bsc#1114279)\n - drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (bsc#1051510).\n - drm/etnaviv: fix dumping of iommuv2 (bsc#1114279)\n - drm/fb-helper: Round up bits_per_pixel if possible (bsc#1051510).\n - drm/i810: Prevent underflow in ioctl (bsc#1114279)\n - drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)\n - drm/i915/gvt: Separate display reset from ALL_ENGINES reset (bsc#1114279)\n - drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)\n - drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)\n - drm/i915/perf: add missing delay for OA muxes configuration\n (bsc#1111666).\n - drm/i915/userptr: Try to acquire the page lock around (bsc#1114279)\n - drm/i915/userptr: fix size calculation (bsc#1114279)\n - drm/i915: Add missing include file <linux/math64.h> (bsc#1051510).\n - drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe()\n (bsc#1111666).\n - drm/i915: Fix pid leak with banned clients (bsc#1114279)\n - drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set\n (bsc#1111666).\n - drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV\n (bsc#1111666).\n - drm/i915: Reacquire priolist cache after dropping the engine lock\n (bsc#1129770) Fixes a const function argument in the patch.\n - drm/i915: Sanity check mmap length against object size (bsc#1111666).\n - drm/i915: Wean off drm_pci_alloc/drm_pci_free (bsc#1114279)\n - drm/mediatek: Add gamma property according to hardware capability\n (bsc#1114279)\n - drm/mediatek: disable all the planes in atomic_disable (bsc#1114279)\n - drm/mipi_dbi: Fix off-by-one bugs in mipi_dbi_blank() (bsc#1114279)\n - drm/msm: include linux/sched/task.h (bsc#1112178)\n - drm/mst: Fix MST sideband up-reply failure handling (bsc#1051510).\n - drm/nouveau/bar/gf100: ensure BAR is mapped (bsc#1111666).\n - drm/nouveau/bar/nv50: check bar1 vmm return value (bsc#1111666).\n - drm/nouveau/mmu: qualify vmm during dtor (bsc#1111666).\n - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()\n (bsc#1051510).\n - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler\n (bsc#1051510).\n - drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)\n - drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)\n - drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)\n - drm/rect: Avoid division by zero (bsc#1111666).\n - drm/rect: update kerneldoc for drm_rect_clip_scaled() (bsc#1111666).\n - drm/rockchip: Round up _before_ giving to the clock framework\n (bsc#1114279)\n - drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510).\n - drm/sun4i: hdmi: Remove duplicate cleanup calls (bsc#1113956)\n - drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model\n (bsc#1111666).\n - drm/sun4i: tcon: Set min division of TCON0_DCLK to 1 (bsc#1111666).\n - drm/ttm: ttm_tt_init_fields() can be static (bsc#1111666).\n - drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (bsc#1051510).\n - drm: atmel-hlcdc: enable clock before configuring timing engine\n (bsc#1114279)\n - drm: bridge: dw-hdmi: constify copied structure (bsc#1051510).\n - drm: limit to INT_MAX in create_blob ioctl (bsc#1051510).\n - drm: meson: venc: cvbs: fix CVBS mode matching (bsc#1051510).\n - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable\n (bsc#1111666).\n - drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable\n (bsc#1114279)\n - drm: panel-lvds: Potential Oops in probe error handling (bsc#1114279)\n - drm: rcar-du: Recognize \"renesas,vsps\" in addition to \"vsps\"\n (bsc#1114279)\n - e1000e: Add support for Comet Lake (bsc#1158533).\n - e1000e: Add support for Tiger Lake (bsc#1158533).\n - e1000e: Increase pause and refresh time (bsc#1158533).\n - e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait\n (bsc#1051510).\n - enic: prevent waking up stopped tx queues over watchdog reset\n (bsc#1133147).\n - ethtool: Factored out similar ethtool link settings for virtual devices\n to core (bsc#1136157 ltc#177197).\n - exit: panic before exit_mm() on global init exit (bsc#1161549).\n - ext2: check err when partial != NULL (bsc#1163859).\n - ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853).\n - ext4: Fix mount failure with quota configured as module (bsc#1164471).\n - ext4: check for directory entries too close to block end (bsc#1163861).\n - ext4: fix a bug in ext4_wait_for_tail_page_commit (bsc#1163841).\n - ext4: fix checksum errors with indexed dirs (bsc#1160979).\n - ext4: fix deadlock allocating crypto bounce page from mempool\n (bsc#1163842).\n - ext4: fix mount failure with quota configured as module (bsc#1164471).\n - ext4: improve explanation of a mount failure caused by a misconfigured\n kernel (bsc#1163843).\n - extcon: max8997: Fix lack of path setting in USB device mode\n (bsc#1051510).\n - firestream: fix memory leaks (bsc#1051510).\n - fix autofs regression caused by follow_managed() changes (bsc#1159271).\n - fix dget_parent() fastpath race (bsc#1159271).\n - fix memory leak in large read decrypt offload (bsc#1144333).\n - fjes: fix missed check in fjes_acpi_add (bsc#1051510).\n - fs/cifs/cifssmb.c: use true,false for bool variable (bsc#1144333).\n - fs/cifs/sess.c: Remove set but not used variable 'capabilities'\n (bsc#1144333).\n - fs/cifs/smb2ops.c: use true,false for bool variable (bsc#1144333).\n - fs/cifs/smb2pdu.c: Make SMB2_notify_init static (bsc#1144333).\n - fs/namei.c: fix missing barriers when checking positivity (bsc#1159271).\n - fs/namei.c: pull positivity check into follow_managed() (bsc#1159271).\n - fs/open.c: allow opening only regular files during execve()\n (bsc#1163845).\n - fs: cifs: Fix atime update check vs mtime (bsc#1144333).\n - fs: cifs: Initialize filesystem timestamp ranges (bsc#1144333).\n - fs: cifs: cifsssmb: remove redundant assignment to variable ret\n (bsc#1144333).\n - fs: cifs: mute -Wunused-const-variable message (bsc#1144333).\n - fscrypt: do not set policy for a dead directory (bsc#1163846).\n - ftrace: Add comment to why rcu_dereference_sched() is open coded\n (git-fixes).\n - ftrace: Avoid potential division by zero in function profiler\n (bsc#1160784).\n - ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes).\n - genirq/proc: Return proper error code when irq_set_affinity() fails\n (bnc#1105392).\n - genirq: Prevent NULL pointer dereference in resend_irqs() (bsc#1051510).\n - genirq: Properly pair kobject_del() with kobject_add() (bsc#1051510).\n - gpio: Fix error message on out-of-range GPIO in lookup table\n (bsc#1051510).\n - gtp: avoid zero size hashtable (networking-stable-20_01_01).\n - gtp: do not allow adding duplicate tid and ms_addr pdp context\n (networking-stable-20_01_01).\n - gtp: fix an use-after-free in ipv4_pdp_find()\n (networking-stable-20_01_01).\n - gtp: fix wrong condition in gtp_genl_dump_pdp()\n (networking-stable-20_01_01).\n - gtp: make sure only SOCK_DGRAM UDP sockets are accepted\n (networking-stable-20_01_27).\n - gtp: use __GFP_NOWARN to avoid memalloc warning\n (networking-stable-20_02_05).\n - hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).\n - hotplug/drc-info: Add code to search ibm,drc-info property (bsc#1157480\n ltc#181028).\n - hv_netvsc: Fix memory leak when removing rndis device\n (networking-stable-20_01_20).\n - hv_netvsc: Fix offset usage in netvsc_send_table() (bsc#1164598).\n - hv_netvsc: Fix send_table offset in case of a host bug (bsc#1164598).\n - hv_netvsc: Fix tx_table init in rndis_set_subchannel() (bsc#1164598).\n - hv_netvsc: Fix unwanted rx_table reset (bsc#1164598).\n - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input\n (bsc#1051510).\n - hwmon: (core) Do not use device managed functions for memory allocations\n (bsc#1051510).\n - hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs\n (bsc#1163206).\n - hwmon: (nct7802) Fix voltage limits to wrong registers (bsc#1051510).\n - hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions\n (bsc#1051510).\n - hwrng: stm32 - fix unbalanced pm_runtime_enable (bsc#1051510).\n - i2c: imx: do not print error message on probe defer (bsc#1051510).\n - ibmveth: Detect unsupported packets before sending to the hypervisor\n (bsc#1159484 ltc#182983).\n - ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551).\n - ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).\n - ibmvnic: Fix completion structure initialization (bsc#1155689\n ltc#182047).\n - ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).\n - ibmvnic: Terminate waiting device threads after loss of service\n (bsc#1155689 ltc#182047).\n - ice: fix stack leakage (bsc#1118661).\n - idr: Fix idr_alloc_u32 on 32-bit systems (bsc#1051510).\n - iio: adc: max9611: Fix too short conversion time delay (bsc#1051510).\n - iio: buffer: align the size of scan bytes to size of the largest element\n (bsc#1051510).\n - inet: protect against too small mtu values (networking-stable-19_12_16).\n - iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162617).\n - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA\n (bsc#1164314).\n - iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()\n (bsc#1164115).\n - iommu/iova: Init the struct iova to fix the possible memleak\n (bsc#1160469).\n - iommu/mediatek: Correct the flush_iotlb_all callback (bsc#1160470).\n - iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).\n - iommu: Remove device link to group on failure (bsc#1160755).\n - ipmi: Do not allow device module unload when in use (bsc#1154768).\n - ipv4: Fix table id reference in fib_sync_down_addr\n (networking-stable-19_11_10).\n - ipv4: ensure rcu_read_lock() in cipso_v4_error() (git-fixes).\n - ipv6: restrict IPV6_ADDRFORM operation (bsc#1109837).\n - iwlegacy: ensure loop counter addr does not wrap and cause an infinite\n loop (git-fixes).\n - iwlwifi: change monitor DMA to be coherent (bsc#1161243).\n - iwlwifi: clear persistence bit according to device family (bsc#1111666).\n - iwlwifi: do not throw error when trying to remove IGTK (bsc#1051510).\n - iwlwifi: mvm: Send non offchannel traffic via AP sta (bsc#1051510).\n - iwlwifi: mvm: fix NVM check for 3168 devices (bsc#1051510).\n - iwlwifi: mvm: force TCM re-evaluation on TCM resume (bsc#1111666).\n - iwlwifi: mvm: synchronize TID queue removal (bsc#1051510).\n - iwlwifi: pcie: fix erroneous print (bsc#1111666).\n - iwlwifi: trans: Clear persistence bit when starting the FW (bsc#1111666).\n - jbd2: Fix possible overflow in jbd2_log_space_left() (bsc#1163860).\n - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info\n when load journal (bsc#1163862).\n - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer\n (bsc#1163836).\n - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock\n (bsc#1163863).\n - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()\n (bsc#1163880).\n - jbd2: switch to use jbd2_journal_abort() when failed to submit the\n commit record (bsc#1163852).\n - kABI fix for \"ipmi: Do not allow device module unload when in use\"\n (bsc#1154768).\n - kABI fixup for alloc_dax_region (bsc#1158071,bsc#1160678).\n - kABI workaround for can/skb.h inclusion (bsc#1051510).\n - crypto/dh: Make sure the FIPS pubkey check is only executed in FIPS mode.\n - kABI: Protest new fields in BPF structs (bsc#1160618).\n - kABI: add _q suffix to exports that take struct dh (bsc#1155331).\n - kABI: protect struct sctp_ep_common (kabi).\n - kabi/severities: Whitelist rpaphp_get_drc_props (bsc#1157480 ltc#181028).\n - kconfig: fix broken dependency in randconfig-generated .config\n (bsc#1051510).\n - kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure\n flavor (boo#1161360).\n - kernel/module.c: Only return -EEXIST for modules that have finished\n loading (bsc#1165488).\n - kernel/module.c: wakeup processes in module_wq on module unload\n (bsc#1165488).\n - kernel/trace: Fix do not unregister tracepoints when register\n sched_migrate_task fail (bsc#1160787).\n - kernfs: Fix range checks in kernfs_get_target_path (bsc#1051510).\n - kexec: bail out upon SIGKILL when allocating memory (git-fixes).\n - kvm: x86: Host feature SSBD does not imply guest feature SPEC_CTRL_SSBD\n (bsc#1160476).\n - l2tp: Allow duplicate session creation with UDP\n (networking-stable-20_02_05).\n - lcoking/rwsem: Add missing ACQUIRE to read_slowpath sleep loop\n (bsc#1050549).\n - leds: Allow to call led_classdev_unregister() unconditionally\n (bsc#1161674).\n - leds: class: ensure workqueue is initialized before setting brightness\n (bsc#1161674).\n - lib/scatterlist.c: adjust indentation in __sg_alloc_table (bsc#1051510).\n - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()\n (bsc#1051510).\n - lib: crc64: include <linux/crc64.h> for 'crc64_be' (bsc#1163762).\n - libnvdimm-fix-devm_nsio_enable-kabi.patch: Fixup compiler warning\n - libnvdimm/namespace: Differentiate between probe mapping and runtime\n mapping (bsc#1153535).\n - libnvdimm/pfn: Account for PAGE_SIZE > info-block-size in nd_pfn_init()\n (bsc#1127682 bsc#1153535 ltc#175033 ltc#181834).\n - libnvdimm: Fix devm_nsio_enable() kabi (bsc#1153535).\n - livepatch/samples/selftest: Use klp_shadow_alloc() API correctly\n (bsc#1071995).\n - livepatch/selftest: Clean up shadow variable names and type\n (bsc#1071995).\n - locking/rwsem: Prevent decrement of reader count before increment\n (bsc#1050549).\n - mac80211: Do not send Layer 2 Update frame before authorization\n (bsc#1051510).\n - mac80211: Fix TKIP replay protection immediately after key setup\n (bsc#1051510).\n - mac80211: fix ieee80211_txq_setup_flows() failure path (bsc#1111666).\n - mac80211: fix station inactive_time shortly after boot (bsc#1051510).\n - mac80211: mesh: restrict airtime metric to peered established plinks\n (bsc#1051510).\n - macvlan: do not assume mac_header is set in macvlan_broadcast()\n (bsc#1051510).\n - macvlan: use skb_reset_mac_header() in macvlan_queue_xmit()\n (bsc#1051510).\n - mailbox: mailbox-test: fix null pointer if no mmio (bsc#1051510).\n - md/raid0: Fix buffer overflow at debug print (bsc#1164051).\n - media/v4l2-core: set pages dirty upon releasing DMA buffers\n (bsc#1051510).\n - media: af9005: uninitialized variable printked (bsc#1051510).\n - media: cec.h: CEC_OP_REC_FLAG_ values were swapped (bsc#1051510).\n - media: cec: CEC 2.0-only bcast messages were ignored (git-fixes).\n - media: cec: report Vendor ID after initialization (bsc#1051510).\n - media: digitv: do not continue if remote control state can't be read\n (bsc#1051510).\n - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (bsc#1051510).\n - media: exynos4-is: fix wrong mdev and v4l2 dev order in error path\n (git-fixes).\n - media: gspca: zero usb_buf (bsc#1051510).\n - media: iguanair: fix endpoint sanity check (bsc#1051510).\n - media: ov6650: Fix control handler not freed on init error (git-fixes).\n - media: ov6650: Fix crop rectangle alignment not passed back (git-fixes).\n - media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes).\n - media: pulse8-cec: fix lost cec_transmit_attempt_done() call.\n - media: pulse8-cec: return 0 when invalidating the logical address\n (bsc#1051510).\n - media: stkwebcam: Bugfix for wrong return values (bsc#1051510).\n - media: uvcvideo: Avoid cyclic entity chains due to malformed USB\n descriptors (bsc#1051510).\n - media: uvcvideo: Fix error path in control parsing failure (git-fixes).\n - media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE (bsc#1051510).\n - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (bsc#1051510).\n - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments\n (bsc#1051510).\n - mei: bus: prefix device names on bus with the bus name (bsc#1051510).\n - mfd: da9062: Fix watchdog compatible string (bsc#1051510).\n - mfd: dln2: More sanity checking for endpoints (bsc#1051510).\n - mfd: rn5t618: Mark ADC control register volatile (bsc#1051510).\n - missing escaping of backslashes in macro expansions (bsc#1143959)\n - mlxsw: spectrum: Wipe xstats.backlog of down ports (bsc#1112374).\n - mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1112374).\n - mlxsw: spectrum_qdisc: Include MC TCs in Qdisc counters (bsc#1112374).\n - mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel\n (bsc#1112374).\n - mm, memory_hotplug: do not clear numa_node association after hot_remove\n (bnc#1115026).\n - mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock\n (bsc#1159394).\n - mm: memory_hotplug: use put_device() if device_register fail\n (bsc#1159955 ltc#182993).\n - mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode (bsc#1051510).\n - mmc: sdhci-of-esdhc: Revert \"mmc: sdhci-of-esdhc: add erratum A-009204\n support\" (bsc#1051510).\n - mmc: sdhci-of-esdhc: fix P2020 errata handling (bsc#1051510).\n - mmc: sdhci: Add a quirk for broken command queuing (git-fixes).\n - mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes).\n - mmc: sdhci: fix minimum clock rate for v3 controller (bsc#1051510).\n - mmc: spi: Toggle SPI polarity, do not hardcode it (bsc#1051510).\n - mmc: tegra: fix SDR50 tuning override (bsc#1051510).\n - mod_devicetable: fix PHY module format (networking-stable-19_12_28).\n - moduleparam: fix parameter description mismatch (bsc#1051510).\n - mqprio: Fix out-of-bounds access in mqprio_dump (bsc#1109837).\n - mtd: fix mtd_oobavail() incoherent returned value (bsc#1051510).\n - mwifiex: debugfs: correct histogram spacing, formatting (bsc#1051510).\n - mwifiex: delete unused mwifiex_get_intf_num() (bsc#1111666).\n - mwifiex: drop most magic numbers from\n mwifiex_process_tdls_action_frame() (git-fixes).\n - mwifiex: fix potential NULL dereference and use after free (bsc#1051510).\n - mwifiex: update set_mac_address logic (bsc#1111666).\n - namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1163851).\n - net, ip6_tunnel: fix namespaces move (networking-stable-20_01_27).\n - net, ip_tunnel: fix namespaces move (networking-stable-20_01_27).\n - net, sysctl: Fix compiler warning when only cBPF is present\n (bsc#1109837).\n - net-sysfs: Fix reference count leak (networking-stable-20_01_27).\n - net/ethtool: Introduce link_ksettings API for virtual network devices\n (bsc#1136157 ltc#177197).\n - net/ibmvnic: Fix typo in retry check (bsc#1155689 ltc#182047).\n - net/mlx4_en: Fix wrong limitation for number of TX rings (bsc#1103989).\n - net/mlx4_en: fix mlx4 ethtool -N insertion (networking-stable-19_11_25).\n - net/mlx5: Accumulate levels for chains prio namespaces (bsc#1103990).\n - net/mlx5: Fix lowest FDB pool size (bsc#1103990).\n - net/mlx5: IPsec, Fix esp modify function attribute (bsc#1103990 ).\n - net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx\n (bsc#1103990).\n - net/mlx5: Update the list of the PCI supported devices (bsc#1127611).\n - net/mlx5: Update the list of the PCI supported devices (bsc#1127611).\n - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (bsc#1046303).\n - net/mlx5e: Fix SFF 8472 eeprom length (git-fixes).\n - net/mlx5e: Fix set vf link state error flow (networking-stable-19_11_25).\n - net/mlx5e: Query global pause state before setting prio2buffer\n (bsc#1103990).\n - net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).\n - net/mlxfw: Verify FSM error code translation does not exceed array size\n (bsc#1051858).\n - net/sched: act_pedit: fix WARN() in the traffic path\n (networking-stable-19_11_25).\n - net/tls: fix async operation (bsc#1109837).\n - net/tls: free the record on encryption error (bsc#1109837).\n - net/tls: take into account that bpf_exec_tx_verdict() may free the\n record (bsc#1109837).\n - net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info\n (networking-stable-20_01_20).\n - net: Fix Tx hash bound checking (bsc#1109837).\n - net: add sendmsg_locked and sendpage_locked to af_inet6 (bsc#1144162).\n - net: bridge: deny dev_set_mac_address() when unregistering\n (networking-stable-19_12_16).\n - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size() (git-fixes).\n - net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM\n (networking-stable-20_01_27).\n - net: dsa: mv88e6xxx: Preserve priority when setting CPU port\n (networking-stable-20_01_11).\n - net: dsa: tag_qca: fix doubled Tx statistics\n (networking-stable-20_01_20).\n - net: dst: Force 4-byte alignment of dst_metrics\n (networking-stable-19_12_28).\n - net: ena: fix napi handler misbehavior when the napi budget is zero\n (networking-stable-20_01_01).\n - net: ethernet: octeon_mgmt: Account for second possible VLAN header\n (networking-stable-19_11_10).\n - net: ethernet: ti: cpsw: fix extra rx interrupt\n (networking-stable-19_12_16).\n - net: fix data-race in neigh_event_send() (networking-stable-19_11_10).\n - net: hisilicon: Fix a BUG trigered by wrong bytes_compl\n (networking-stable-19_12_28).\n - net: hns3: fix ETS bandwidth validation bug (bsc#1104353 ).\n - net: hns3: fix a copying IPv6 address error in\n hclge_fd_get_flow_tuples() (bsc#1104353).\n - net: hns: fix soft lockup when there is not enough memory\n (networking-stable-20_01_20).\n - net: hsr: fix possible NULL deref in hsr_handle_frame()\n (networking-stable-20_02_05).\n - net: ip6_gre: fix moving ip6gre between namespaces\n (networking-stable-20_01_27).\n - net: nfc: nci: fix a possible sleep-in-atomic-context bug in\n nci_uart_tty_receive() (networking-stable-19_12_28).\n - net: phy: Check against net_device being NULL (bsc#1051510).\n - net: phy: Fix not to call phy_resume() if PHY is not attached\n (bsc#1051510).\n - net: phy: Fix the register offsets in Broadcom iProc mdio mux driver\n (bsc#1051510).\n - net: phy: at803x: Change error to EINVAL for invalid MAC (bsc#1051510).\n - net: phy: broadcom: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: dp83867: Set up RGMII TX delay (bsc#1051510).\n - net: phy: fixed_phy: Fix fixed_phy not checking GPIO (bsc#1051510).\n - net: phy: marvell: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: marvell: clear wol event before setting it (bsc#1051510).\n - net: phy: meson-gxl: check phy_write return value (bsc#1051510).\n - net: phy: micrel: Use strlcpy() for ethtool::get_strings (bsc#1051510).\n - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 (bsc#1051510).\n - net: phy: mscc: read 'vsc8531,vddmac' as an u32 (bsc#1051510).\n - net: phy: xgene: disable clk on error paths (bsc#1051510).\n - net: phy: xgmiitorgmii: Check phy_driver ready before accessing\n (bsc#1051510).\n - net: phy: xgmiitorgmii: Check read_status results (bsc#1051510).\n - net: phy: xgmiitorgmii: Support generic PHY status read (bsc#1051510).\n - net: psample: fix skb_over_panic (networking-stable-19_12_03).\n - net: qlogic: Fix error paths in ql_alloc_large_buffers()\n (networking-stable-19_12_28).\n - net: rtnetlink: prevent underflows in do_setvfinfo()\n (networking-stable-19_11_25).\n - net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()\n (networking-stable-20_01_27).\n - net: sch_prio: When ungrafting, replace with FIFO\n (networking-stable-20_01_11).\n - net: sched: correct flower port blocking (git-fixes).\n - net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key\n (bsc#1109837).\n - net: sched: fix `tc -s class show` no bstats on class with nolock\n subqueues (networking-stable-19_12_03).\n - net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues\n (bsc#1109837).\n - net: stmmac: Delete txtimer in suspend() (networking-stable-20_02_05).\n - net: stmmac: dwmac-sunxi: Allow all RGMII modes\n (networking-stable-20_01_11).\n - net: usb: lan78xx: Add .ndo_features_check (networking-stable-20_01_27).\n - net: usb: lan78xx: Fix suspend/resume PHY register access error\n (networking-stable-19_12_28).\n - net: usb: lan78xx: fix possible skb leak (networking-stable-20_01_11).\n - net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).\n - net: usb: qmi_wwan: add support for DW5821e with eSIM support\n (networking-stable-19_11_10).\n - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules\n (networking-stable-19_11_18).\n - net_sched: ematch: reject invalid TCF_EM_SIMPLE\n (networking-stable-20_01_30).\n - net_sched: fix an OOB access in cls_tcindex (networking-stable-20_02_05).\n - net_sched: fix datalen for ematch (networking-stable-20_01_27).\n - netfilter: nf_queue: enqueue skbs with NULL dst (git-fixes).\n - new helper: lookup_positive_unlocked() (bsc#1159271).\n - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info\n (bsc#1163774).\n - openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()\n (networking-stable-19_12_03).\n - openvswitch: remove another BUG_ON() (networking-stable-19_12_03).\n - openvswitch: support asymmetric conntrack (networking-stable-19_12_16).\n - orinoco_usb: fix interface sanity check (git-fixes).\n - percpu: Separate decrypted varaibles anytime encryption can be enabled\n (bsc#1114279).\n - perf/x86/intel: Fix inaccurate period in context switch for auto-reload\n (bsc#1164315).\n - phy: qualcomm: Adjust indentation in read_poll_timeout (bsc#1051510).\n - pinctrl: cherryview: Fix irq_valid_mask calculation (bsc#1111666).\n - pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues (bsc#1051510).\n - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B\n (bsc#1051510).\n - pinctrl: xway: fix gpio-hog related boot issues (bsc#1051510).\n - pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM\n (networking-stable-20_01_11).\n - pktcdvd: remove warning on attempting to register non-passthrough dev\n (bsc#1051510).\n - platform/mellanox: fix potential deadlock in the tmfifo driver\n (bsc#1136333 jsc#SLE-4994).\n - platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0\n (bsc#1051510).\n - platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size\n (bsc#1051510).\n - platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer\n (bsc#1051510).\n - platform/x86: hp-wmi: Make buffer for HPWMI_FEATURE2_QUERY 128 bytes\n (bsc#1051510).\n - platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI\n table (bsc#1051510).\n - power: supply: ltc2941-battery-gauge: fix use-after-free (bsc#1051510).\n - powerpc/archrandom: fix arch_get_random_seed_int() (bsc#1065729).\n - powerpc/irq: fix stack overflow verification (bsc#1065729).\n - powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2\n (bsc#1061840).\n - powerpc/mm: drop #ifdef CONFIG_MMU in is_ioremap_addr() (bsc#1065729).\n - powerpc/papr_scm: Do not enable direct map for a region by default\n (bsc#1129551).\n - powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths\n (bsc#1142685 ltc#179509).\n - powerpc/pkeys: remove unused pkey_allows_readwrite (bsc#1065729).\n - powerpc/powernv: Disable native PCIe port management (bsc#1065729).\n - powerpc/pseries/hotplug-memory: Change rc variable to bool (bsc#1065729).\n - powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028\n ltc#181740).\n - powerpc/pseries/memory-hotplug: Only update DT once per memory DLPAR\n request (bsc#1165404 ltc#183498).\n - powerpc/pseries/mobility: notify network peers after migration\n (bsc#1152631 ltc#181798).\n - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning\n (bsc#1065729).\n - powerpc/pseries: Add cpu DLPAR support for drc-info property\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Advance pfn if section is not present in\n lmb_is_removable() (bsc#1065729).\n - powerpc/pseries: Allow not having ibm,\n hypertas-functions::hcall-multi-tce for DDW (bsc#1065729).\n - powerpc/pseries: Avoid NULL pointer dereference when drmem is\n unavailable (bsc#1160659).\n - powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()\n (git-fixes).\n - powerpc/pseries: Enable support for ibm,drc-info property (bsc#1157480\n ltc#181028).\n - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Fix drc-info mappings of logical cpus to drc-index\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Fix vector5 in ibm architecture vector table\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: Revert support for ibm,drc-info devtree property\n (bsc#1157480 ltc#181028).\n - powerpc/pseries: group lmb operation and memblock's (bsc#1165404\n ltc#183498).\n - powerpc/pseries: update device tree before ejecting hotplug uevents\n (bsc#1165404 ltc#183498).\n - powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).\n - powerpc/smp: Use nid as fallback for package_id (bsc#1165813 ltc#184091).\n - powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal\n delivery (bsc#1118338 ltc#173734).\n - powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).\n - powerpc/xive: Discard ESB load value when interrupt is invalid\n (bsc#1085030).\n - powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts\n (bsc#1085030).\n - powerpc/xmon: do not access ASDR in VMs (bsc#1065729).\n - powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges\n >4GB (bnc#1151927 5.3.17).\n - powerpc: Allow flush_icache_range to work across ranges >4GB\n (bnc#1151927 5.3.17).\n - powerpc: Enable support for ibm,drc-info devtree property (bsc#1157480\n ltc#181028).\n - powerpc: Fix vDSO clock_getres() (bsc#1065729).\n - powerpc: avoid adjusting memory_limit for capture kernel memory\n reservation (bsc#1140025 ltc#176086).\n - powerpc: reserve memory for capture kernel after hugepages init\n (bsc#1140025 ltc#176086).\n - ppp: Adjust indentation into ppp_async_input (git-fixes).\n - prevent active file list thrashing due to refault detection (VM\n Performance, bsc#1156286).\n - pseries/drc-info: Search DRC properties for CPU indexes (bsc#1157480\n ltc#181028).\n - pstore/ram: Write new dumps to start of recycled zones (bsc#1051510).\n - ptr_ring: add include of linux/mm.h (bsc#1109837).\n - pwm: Clear chip_data in pwm_put() (bsc#1051510).\n - pwm: Remove set but not set variable 'pwm' (git-fixes).\n - pwm: clps711x: Fix period calculation (bsc#1051510).\n - pwm: omap-dmtimer: Remove PWM chip in .remove before making it\n unfunctional (git-fixes).\n - pxa168fb: Fix the function used to release some memory in an error\n (bsc#1114279)\n - qede: Disable hardware gro when xdp prog is installed (bsc#1086314\n bsc#1086313 bsc#1086301 ).\n - qede: Fix multicast mac configuration (networking-stable-19_12_28).\n - qede: fix NULL pointer deref in __qede_remove()\n (networking-stable-19_11_10).\n - qmi_wwan: Add support for Quectel RM500Q (bsc#1051510).\n - quota: Check that quota is not dirty before release (bsc#1163858).\n - quota: fix livelock in dquot_writeback_dquots (bsc#1163857).\n - r8152: add missing endpoint sanity check (bsc#1051510).\n - r8152: get default setting of WOL before initializing (bsc#1051510).\n - random: move FIPS continuous test to output functions (bsc#1155334).\n - regulator: Fix return value of _set_load() stub (bsc#1051510).\n - regulator: rk808: Lower log level on optional GPIOs being not available\n (bsc#1051510).\n - regulator: rn5t618: fix module aliases (bsc#1051510).\n - regulator: tps65910: fix a missing check of return value (bsc#1051510).\n - reiserfs: Fix memory leak of journal device string (bsc#1163867).\n - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling\n (bsc#1163869).\n - reset: fix reset_control_ops kerneldoc comment (bsc#1051510).\n - resource: fix locking in find_next_iomem_res() (bsc#1114279).\n - rpm/kabi.pl: support new (>=5.4) Module.symvers format (new symbol\n namespace field)\n - rpm/kernel-binary.spec.in: Conflict with too old powerpc-utils\n (jsc#ECO-920, jsc#SLE-11054, jsc#SLE-11322).\n - rpm/kernel-subpackage-spec: Exclude kernel-firmware recommends\n (bsc#1143959) For reducing the dependency on kernel-firmware in sub\n packages\n - rpm/kernel-subpackage-spec: Fix empty Recommends tag (bsc#1143959)\n - rpm/modules.fips: update module list (bsc#1157853)\n - rsi_91x_usb: fix interface sanity check (git-fixes).\n - rtc: cmos: Stop using shared IRQ (bsc#1051510).\n - rtc: dt-binding: abx80x: fix resistance scale (bsc#1051510).\n - rtc: hym8563: Return -EINVAL if the time is known to be invalid\n (bsc#1051510).\n - rtc: max8997: Fix the returned value in case of error in\n 'max8997_rtc_read_alarm()' (bsc#1051510).\n - rtc: msm6242: Fix reading of 10-hour digit (bsc#1051510).\n - rtc: pcf8523: set xtal load capacitance from DT (bsc#1051510).\n - rtc: s35390a: Change buf's type to u8 in s35390a_init (bsc#1051510).\n - rtl818x: fix potential use after free (bsc#1051510).\n - rtl8xxxu: fix interface sanity check (git-fixes).\n - rtlwifi: Fix MAX MPDU of VHT capability (git-fixes).\n - rtlwifi: Remove redundant semicolon in wifi.h (git-fixes).\n - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of\n buffer (bsc#1111666).\n - rxrpc: Fix insufficient receive notification generation\n (networking-stable-20_02_05).\n - s390/qeth: clean up page frag creation (git-fixes).\n - s390/qeth: consolidate skb allocation (git-fixes).\n - s390/qeth: ensure linear access to packet headers (git-fixes).\n - s390/qeth: guard against runt packets (git-fixes).\n - sched/fair: Add tmp_alone_branch assertion (bnc#1156462).\n - sched/fair: Fix O(nr_cgroups) in the load balancing path (bnc#1156462).\n - sched/fair: Fix insertion in rq->leaf_cfs_rq_list (bnc#1156462).\n - sched/fair: Optimize update_blocked_averages() (bnc#1156462).\n - sched/fair: WARN() and refuse to set buddy when !se->on_rq (bsc#1158132).\n - scsi-qla2xxx-Fix-qla2x00_request_irqs-for-MSI.patch\n - scsi-qla2xxx-fix-rports-not-being-mark-as-lost-in-sy.patch\n - scsi-qla2xxx-unregister-ports-after-GPN_FT-failure.patch\n - scsi: fnic: do not queue commands during fwreset (bsc#1146539).\n - scsi: ibmvfc: Add failed PRLI to cmd_status lookup array (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot\n (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: Byte swap status and error codes when logging (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Clean up transport events (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: Do not call fc_block_scsi_eh() on host reset (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Mark expected switch fall-throughs (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Remove \"failed\" from logged errors (bsc#1161951\n ltc#183551).\n - scsi: ibmvfc: Remove unneeded semicolons (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: constify dev_pm_ops structures (bsc#1161951 ltc#183551).\n - scsi: ibmvfc: ibmvscsi: ibmvscsi_tgt: constify vio_device_id\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Do not use rc uninitialized in ibmvscsi_do_work\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Improve strings handling (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: Wire up host_reset() in the driver's scsi_host_template\n (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: change strncpy+truncation to strlcpy (bsc#1161951\n ltc#183551).\n - scsi: ibmvscsi: constify dev_pm_ops structures (bsc#1161951 ltc#183551).\n - scsi: ibmvscsi: fix tripping of blk_mq_run_hw_queue WARN_ON (bsc#1161951\n ltc#183551).\n - scsi: ibmvscsi: redo driver work thread to use enum action states\n (bsc#1161951 ltc#183551).\n - scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1154601).\n - scsi: qla2xxx: Add 16.0GT for PCI String (bsc#1157424).\n - scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs\n (bsc#1158013).\n - scsi: qla2xxx: Add a shadow variable to hold disc_state history of\n fcport (bsc#1158013).\n - scsi: qla2xxx: Add beacon LED config sysfs interface (bsc#1157424).\n - scsi: qla2xxx: Add changes in preparation for vendor extended FDMI/RDP\n (bsc#1157424).\n - scsi: qla2xxx: Add deferred queue for processing ABTS and RDP\n (bsc#1157424).\n - scsi: qla2xxx: Add endianizer macro calls to fc host stats (bsc#1157424).\n - scsi: qla2xxx: Add fixes for mailbox command (bsc#1157424).\n - scsi: qla2xxx: Add ql2xrdpenable module parameter for RDP (bsc#1157424).\n - scsi: qla2xxx: Add sysfs node for D-Port Diagnostics AEN data\n (bsc#1157424).\n - scsi: qla2xxx: Add vendor extended FDMI commands (bsc#1157424).\n - scsi: qla2xxx: Add vendor extended RDP additions and amendments\n (bsc#1157424).\n - scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX\n (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Avoid setting firmware options twice in\n 24xx_update_fw_options (bsc#1157424).\n - scsi: qla2xxx: Check locking assumptions at runtime in\n qla2x00_abort_srb() (bsc#1157424).\n - scsi: qla2xxx: Cleanup ELS/PUREX iocb fields (bsc#1157424).\n - scsi: qla2xxx: Cleanup unused async_logout_done (bsc#1158013).\n - scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).\n - scsi: qla2xxx: Convert MAKE_HANDLE() from a define into an inline\n function (bsc#1157424).\n - scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).\n - scsi: qla2xxx: Correction to selection of loopback/echo test\n (bsc#1157424).\n - scsi: qla2xxx: Correctly retrieve and interpret active flash region\n (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Display message for FCE enabled (bsc#1157424).\n - scsi: qla2xxx: Fix FCP-SCSI FC4 flag passing error (bsc#1157424).\n - scsi: qla2xxx: Fix NPIV instantiation after FW dump (bsc#1157424).\n - scsi: qla2xxx: Fix RDP respond data format (bsc#1157424).\n - scsi: qla2xxx: Fix RDP response size (bsc#1157424).\n - scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).\n - scsi: qla2xxx: Fix a NULL pointer dereference in an error path\n (bsc#1157966 bsc#1158013 bsc#1157424).\n - scsi: qla2xxx: Fix control flags for login/logout IOCB (bsc#1157424).\n - scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).\n - scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB\n Cmd (bsc#1157424, bsc#1157908, bsc#1157169, bsc#1151548).\n - scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).\n - scsi: qla2xxx: Fix qla2x00_echo_test() based on ISP type (bsc#1157424).\n - scsi: qla2xxx: Fix sparse warning reported by kbuild bot (bsc#1157424).\n - scsi: qla2xxx: Fix sparse warnings triggered by the PCI state checking\n code (bsc#1157424).\n - scsi: qla2xxx: Fix stuck login session using prli_pend_timer\n (bsc#1158013).\n - scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).\n - scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return\n type (bsc#1158013).\n - scsi: qla2xxx: Fix unbound NVME response length (bsc#1157966 bsc#1158013\n bsc#1157424).\n - scsi: qla2xxx: Fix update_fcport for current_topology (bsc#1158013).\n - scsi: qla2xxx: Force semaphore on flash validation failure (bsc#1157424).\n - scsi: qla2xxx: Handle NVME status iocb correctly (bsc#1157424).\n - scsi: qla2xxx: Handle cases for limiting RDP response payload length\n (bsc#1157424).\n - scsi: qla2xxx: Improve readability of the code that handles\n qla_flt_header (bsc#1158013).\n - scsi: qla2xxx: Improved secure flash support messages (bsc#1157424).\n - scsi: qla2xxx: Move free of fcport out of interrupt context\n (bsc#1157424).\n - scsi: qla2xxx: Print portname for logging in qla24xx_logio_entry()\n (bsc#1157424).\n - scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss\n (bsc#1158013).\n - scsi: qla2xxx: Remove restriction of FC T10-PI and FC-NVMe (bsc#1157424).\n - scsi: qla2xxx: Return appropriate failure through BSG Interface\n (bsc#1157424).\n - scsi: qla2xxx: Save rscn_gen for new fcport (bsc#1157424).\n - scsi: qla2xxx: Serialize fc_port alloc in N2N (bsc#1157424).\n - scsi: qla2xxx: Set Nport ID for N2N (bsc#1157424).\n - scsi: qla2xxx: Show correct port speed capabilities for RDP command\n (bsc#1157424).\n - scsi: qla2xxx: Simplify the code for aborting SCSI commands\n (bsc#1157424).\n - scsi: qla2xxx: Suppress endianness complaints in\n qla2x00_configure_local_loop() (bsc#1157424).\n - scsi: qla2xxx: Update BPM enablement semantics (bsc#1157424).\n - scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).\n - scsi: qla2xxx: Update driver version to 10.01.00.24-k (bsc#1157424).\n - scsi: qla2xxx: Update driver version to 10.01.00.25-k (bsc#1157424).\n - scsi: qla2xxx: Use FC generic update firmware options routine for\n ISP27xx (bsc#1157424).\n - scsi: qla2xxx: Use QLA_FW_STOPPED macro to propagate flag (bsc#1157424).\n - scsi: qla2xxx: Use a dedicated interrupt handler for\n 'handshake-required' ISPs (bsc#1157424).\n - scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).\n - scsi: qla2xxx: Use correct ISP28xx active FW region (bsc#1157424).\n - scsi: qla2xxx: Use endian macros to assign static fields in fwdump\n header (bsc#1157424).\n - scsi: qla2xxx: Use get_unaligned_*() instead of open-coding these\n functions (bsc#1158013).\n - scsi: qla2xxx: add more FW debug information (bsc#1157424).\n - scsi: qla2xxx: fix FW resource count values (bsc#1157424).\n - scsi: tcm_qla2xxx: Make qlt_alloc_qfull_cmd() set cmd->se_cmd.map_tag\n (bsc#1157424).\n - scsi: zfcp: trace channel log even for FCP command responses (git-fixes).\n - sctp: cache netns in sctp_ep_common (networking-stable-19_12_03).\n - sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY\n (networking-stable-20_01_11).\n - sctp: fully initialize v4 addr in some functions\n (networking-stable-19_12_28).\n - serial: 8250_bcm2835aux: Fix line mismatch on driver unbind\n (bsc#1051510).\n - serial: ifx6x60: add missed pm_runtime_disable (bsc#1051510).\n - serial: max310x: Fix tx_empty() callback (bsc#1051510).\n - serial: pl011: Fix DMA ->flush_buffer() (bsc#1051510).\n - serial: serial_core: Perform NULL checks for break_ctl ops (bsc#1051510).\n - serial: stm32: fix transmit_chars when tx is stopped (bsc#1051510).\n - sfc: Only cancel the PPS workqueue if it exists\n (networking-stable-19_11_25).\n - sfc: Remove 'PCIE error reporting unavailable' (bsc#1161472).\n - sh_eth: TSU_QTAG0/1 registers the same as TSU_QTAGM0/1 (bsc#1051510).\n - sh_eth: check sh_eth_cpu_data::dual_port when dumping registers\n (bsc#1051510).\n - sh_eth: fix TSU init on SH7734/R8A7740 (bsc#1051510).\n - sh_eth: fix TXALCR1 offsets (bsc#1051510).\n - sh_eth: fix dumping ARSTR (bsc#1051510).\n - sh_eth: fix invalid context bug while calling auto-negotiation by\n ethtool (bsc#1051510).\n - sh_eth: fix invalid context bug while changing link options by ethtool\n (bsc#1051510).\n - smb3: Add defines for new information level, FileIdInformation\n (bsc#1144333).\n - smb3: Add missing reparse tags (bsc#1144333).\n - smb3: Fix regression in time handling (bsc#1144333).\n - smb3: add debug messages for closing unmatched open (bsc#1144333).\n - smb3: add dynamic tracepoints for flush and close (bsc#1144333).\n - smb3: add missing flag definitions (bsc#1144333).\n - smb3: add missing worker function for SMB3 change notify (bsc#1144333).\n - smb3: add mount option to allow RW caching of share accessed by only 1\n client (bsc#1144333).\n - smb3: add mount option to allow forced caching of read only share\n (bsc#1144333).\n - smb3: add one more dynamic tracepoint missing from strict fsync path\n (bsc#1144333).\n - smb3: add some more descriptive messages about share when mounting\n cache=ro (bsc#1144333).\n - smb3: allow decryption keys to be dumped by admin for debugging\n (bsc#1144333).\n - smb3: allow disabling requesting leases (bsc#1144333).\n - smb3: allow parallelizing decryption of reads (bsc#1144333).\n - smb3: allow skipping signature verification for perf sensitive\n configurations (bsc#1144333).\n - smb3: cleanup some recent endian errors spotted by updated sparse\n (bsc#1144333).\n - smb3: display max smb3 requests in flight at any one time (bsc#1144333).\n - smb3: dump in_send and num_waiters stats counters by default\n (bsc#1144333).\n - smb3: enable offload of decryption of large reads via mount option\n (bsc#1144333).\n - smb3: fix default permissions on new files when mounting with\n modefromsid (bsc#1144333).\n - smb3: fix mode passed in on create for modetosid mount option\n (bsc#1144333).\n - smb3: fix performance regression with setting mtime (bsc#1144333).\n - smb3: fix potential null dereference in decrypt offload (bsc#1144333).\n - smb3: fix problem with null cifs super block with previous patch\n (bsc#1144333).\n - smb3: fix refcount underflow warning on unmount when no directory leases\n (bsc#1144333).\n - smb3: improve check for when we send the security descriptor context on\n create (bsc#1144333).\n - smb3: log warning if CSC policy conflicts with cache mount option\n (bsc#1144333).\n - smb3: missing ACL related flags (bsc#1144333).\n - smb3: only offload decryption of read responses if multiple requests\n (bsc#1144333).\n - smb3: pass mode bits into create calls (bsc#1144333).\n - smb3: query attributes on file close (bsc#1144333).\n - smb3: remove confusing dmesg when mounting with encryption (\"seal\")\n (bsc#1144333).\n - smb3: remove noisy debug message and minor cleanup (bsc#1144333).\n - smb3: remove unused flag passed into close functions (bsc#1144333).\n - soc/tegra: fuse: Correct straps' address for older Tegra124 device trees\n (bsc#1051510).\n - soc: renesas: rcar-sysc: Add goto to of_node_put() before return\n (bsc#1051510).\n - soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot (bsc#1051510).\n - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch\n (bsc#1051510).\n - spi: omap2-mcspi: Set FIFO DMA trigger level to word length\n (bsc#1051510).\n - spi: tegra114: clear packed bit for unpacked mode (bsc#1051510).\n - spi: tegra114: configure dma burst size to fifo trig level (bsc#1051510).\n - spi: tegra114: fix for unpacked mode transfers (bsc#1051510).\n - spi: tegra114: flush fifos (bsc#1051510).\n - spi: tegra114: terminate dma and reset on transfer timeout (bsc#1051510).\n - sr_vendor: support Beurer GL50 evo CD-on-a-chip devices (boo#1164632).\n - staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713\n (bsc#1051510).\n - staging: rtl8188eu: fix interface sanity check (bsc#1051510).\n - staging: rtl8192e: fix potential use after free (bsc#1051510).\n - staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids\n (bsc#1051510).\n - staging: rtl8723bs: Drop ACPI device ids (bsc#1051510).\n - staging: vt6656: Fix false Tx excessive retries reporting (bsc#1051510).\n - staging: vt6656: correct packet types for CTS protect, mode\n (bsc#1051510).\n - staging: vt6656: use NULLFUCTION stack on mac80211 (bsc#1051510).\n - staging: wlan-ng: ensure error return is actually returned (bsc#1051510).\n - stm class: Fix a double free of stm_source_device (bsc#1051510).\n - stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock\n (bsc#1088810, bsc#1161702).\n - stop_machine: Atomically queue and wake stopper threads (bsc#1088810,\n bsc#1161702).\n - stop_machine: Disable preemption after queueing stopper threads\n (bsc#1088810, bsc#1161702).\n - stop_machine: Disable preemption when waking two stopper threads\n (bsc#1088810, bsc#1161702).\n - tcp: clear tp->data_segs{in|out} in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp->delivered in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp->packets_out when purging write queue (bsc#1160560).\n - tcp: clear tp->segs_{in|out} in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: clear tp->total_retrans in tcp_disconnect()\n (networking-stable-20_02_05).\n - tcp: do not send empty skb from tcp_write_xmit()\n (networking-stable-20_01_01).\n - tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable\n 4.14.159).\n - tcp: fix \"old stuff\" D-SACK causing SACK to be treated as D-SACK\n (networking-stable-20_01_11).\n - tcp: fix marked lost packets not being retransmitted\n (networking-stable-20_01_20).\n - tcp: md5: fix potential overestimation of TCP option space\n (networking-stable-19_12_16).\n - tcp_bbr: improve arithmetic division in bbr_update_bw()\n (networking-stable-20_01_27).\n - thermal: Fix deadlock in thermal thermal_zone_device_check (bsc#1051510).\n - thunderbolt: Prevent crash if non-active NVMem file is read (git-fixes).\n - tipc: fix a missing check of genlmsg_put (bsc#1051510).\n - tipc: fix link name length check (bsc#1051510).\n - tipc: fix memory leak in tipc_nl_compat_publ_dump (bsc#1051510).\n - tipc: fix skb may be leaky in tipc_link_input (bsc#1051510).\n - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on\n failure (git-fixes).\n - tracing: Annotate ftrace_graph_hash pointer with __rcu (git-fixes).\n - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu\n (git-fixes).\n - tracing: Fix tracing_stat return values in error handling paths\n (git-fixes).\n - tracing: Fix very unlikely race of registering two stat tracers\n (git-fixes).\n - tracing: Have the histogram compare functions convert to u64 first\n (bsc#1160210).\n - tracing: xen: Ordered comparison of function pointers (git-fixes).\n - tty/serial: atmel: Add is_half_duplex helper (bsc#1051510).\n - tty: n_hdlc: fix build on SPARC (bsc#1051510).\n - tty: serial: msm_serial: Fix lockup for sysrq and oops (bsc#1051510).\n - tty: vt: keyboard: reject invalid keycodes (bsc#1051510).\n - ttyprintk: fix a potential deadlock in interrupt context issue\n (git-fixes).\n - tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()\n (bsc#1109837).\n - uaccess: Add non-pagefault user-space write function (bsc#1083647).\n - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag\n (bsc#1163855).\n - ubifs: Fix deadlock in concurrent bulk-read and writepage (bsc#1163856).\n - ubifs: Reject unsupported ioctl flags explicitly (bsc#1163844).\n - ubifs: do not trigger assertion on invalid no-key filename (bsc#1163850).\n - udp: fix integer overflow while computing available space in sk_rcvbuf\n (networking-stable-20_01_01).\n - usb-storage: Disable UAS on JMicron SATA enclosure (bsc#1051510).\n - usb: Allow USB device to be warm reset in suspended state (bsc#1051510).\n - usb: chipidea: host: Disable port power only if previously enabled\n (bsc#1051510).\n - usb: core: hub: Improved device recognition on remote wakeup\n (bsc#1051510).\n - usb: core: urb: fix URB structure initialization function (bsc#1051510).\n - usb: dwc3: debugfs: Properly print/set link state for HS (bsc#1051510).\n - usb: dwc3: do not log probe deferrals; but do log other error codes\n (bsc#1051510).\n - usb: dwc3: ep0: Clear started flag on completion (bsc#1051510).\n - usb: dwc3: turn off VBUS when leaving host mode (bsc#1051510).\n - usb: gadget: Zero ffs_io_data (bsc#1051510).\n - usb: gadget: f_ecm: Use atomic_t to track in-flight request\n (bsc#1051510).\n - usb: gadget: f_ncm: Use atomic_t to track in-flight request\n (bsc#1051510).\n - usb: gadget: legacy: set max_speed to super-speed (bsc#1051510).\n - usb: gadget: pch_udc: fix use after free (bsc#1051510).\n - usb: gadget: u_serial: add missing port entry locking (bsc#1051510).\n - usb: host: xhci-hub: fix extra endianness conversion (bsc#1051510).\n - usb: mon: Fix a deadlock in usbmon between mmap and read (bsc#1051510).\n - usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler (bsc#1051510).\n - usb: musb: dma: Correct parameter passed to IRQ handler (bsc#1051510).\n - usb: musb: fix idling for suspend after disconnect interrupt\n (bsc#1051510).\n - usb: roles: fix a potential use after free (git-fixes).\n - usb: typec: tcpci: mask event interrupts when remove driver\n (bsc#1051510).\n - usb: xhci: Fix build warning seen with CONFIG_PM=n (bsc#1051510).\n - usb: xhci: only set D3hot for pci device (bsc#1051510).\n - usbip: Fix error path of vhci_recv_ret_submit() (git-fixes).\n - usbip: Fix receive error in vhci-hcd when using scatter-gather\n (bsc#1051510).\n - usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit()\n (git-fixes).\n - vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1\n (bsc#1051510).\n - vhost/vsock: accept only packets with the right dst_cid\n (networking-stable-20_01_01).\n - video: backlight: Add devres versions of of_find_backlight (bsc#1090888)\n Taken for 6010831dde5.\n - video: backlight: Add of_find_backlight helper in backlight.c\n (bsc#1090888) Taken for 6010831dde5.\n - vlan: fix memory leak in vlan_dev_set_egress_priority\n (networking-stable-20_01_11).\n - vlan: vlan_changelink() should propagate errors\n (networking-stable-20_01_11).\n - vxlan: fix tos value before xmit (networking-stable-20_01_11).\n - watchdog: max77620_wdt: fix potential build errors (bsc#1051510).\n - watchdog: rn5t618_wdt: fix module aliases (bsc#1051510).\n - watchdog: sama5d4: fix WDD value to be always set to max (bsc#1051510).\n - watchdog: wdat_wdt: fix get_timeleft call for wdat_wdt (bsc#1162557).\n - wireless: fix enabling channel 12 for custom regulatory domain\n (bsc#1051510).\n - wireless: wext: avoid gcc -O3 warning (bsc#1051510).\n - workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).\n - x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks\n (bsc#1114279).\n - x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure()\n (bsc#1114279).\n - x86/amd_nb: Add PCI device IDs for family 17h, model 70h (bsc#1163206).\n - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR\n (bsc#1162619).\n - x86/intel_rdt: Split resource group removal in two (bsc#1112178).\n - x86/intel_rdt: Split resource group removal in two (bsc#1112178).\n - x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI (bsc#1114279).\n - x86/mce/AMD: Allow any CPU to initialize the smca_banks array\n (bsc#1114279).\n - x86/mce: Fix possibly incorrect severity calculation on AMD\n (bsc#1114279).\n - x86/resctrl: Check monitoring static key in the MBM overflow handler\n (bsc#1114279).\n - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178).\n - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178).\n - x86/resctrl: Fix an imbalance in domain_remove_cpu() (bsc#1114279).\n - x86/resctrl: Fix potential memory leak (bsc#1114279).\n - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup\n (bsc#1112178).\n - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup\n (bsc#1112178).\n - x86/resctrl: Fix use-after-free when deleting resource groups\n (bsc#1114279).\n - x86/speculation: Fix incorrect MDS/TAA mitigation status (bsc#1114279).\n - x86/speculation: Fix redundant MDS mitigation message (bsc#1114279).\n - xen-blkfront: switch kcalloc to kvcalloc for large array allocation\n (bsc#1160917).\n - xen/balloon: Support xend-based toolstack take two (bsc#1065600).\n - xen/blkback: Avoid unmapping unmapped grant pages (bsc#1065600).\n - xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk (bsc#1065600).\n - xen: Enable interrupts when calling _cond_resched() (bsc#1065600).\n - xfrm: Fix transport mode skb control buffer usage (bsc#1161552).\n - xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1161087,\n bsc#1153917).\n - xhci: Fix memory leak in xhci_add_in_port() (bsc#1051510).\n - xhci: Increase STS_HALT timeout in xhci_suspend() (bsc#1051510).\n - xhci: fix USB3 device initiated resume race with roothub autosuspend\n (bsc#1051510).\n - xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour\n (bsc#1051510).\n - xhci: make sure interrupts are restored to correct state (bsc#1051510).\n - zd1211rw: fix storage endpoint lookup (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-336=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-13T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-14896", "CVE-2019-14897", "CVE-2019-16746", "CVE-2019-16994", "CVE-2019-18808", "CVE-2019-19036", "CVE-2019-19045", "CVE-2019-19051", "CVE-2019-19054", "CVE-2019-19066", "CVE-2019-19318", "CVE-2019-19319", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19447", "CVE-2019-19523", "CVE-2019-19526", "CVE-2019-19527", "CVE-2019-19532", "CVE-2019-19533", "CVE-2019-19535", "CVE-2019-19537", "CVE-2019-19767", "CVE-2019-19927", "CVE-2019-19965", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20095", "CVE-2019-20096", "CVE-2020-2732", "CVE-2020-7053", "CVE-2020-8428", "CVE-2020-8648", "CVE-2020-8992"], "modified": "2020-03-13T00:00:00", "id": "OPENSUSE-SU-2020:0336-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LSSHQFX4IJH5UZIPQACYQ6RIWLLJPS6R/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-18T12:41:26", "description": "An update that solves four vulnerabilities and has 37 fixes\n is now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-8647: There was a use-after-free vulnerability in the\n vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).\n - CVE-2020-8649: There was a use-after-free vulnerability in the\n vgacon_invert_region function in drivers/video/console/vgacon.c\n (bnc#1162929 1162931).\n - CVE-2020-9383: An issue was discovered in the set_fdc in\n drivers/block/floppy.c that lead to a wait_til_ready out-of-bounds read\n because the FDC index is not checked for errors before assigning it, aka\n CID-2e90ca68b0d2 (bnc#1165111).\n - CVE-2019-19768: There was a use-after-free (read) in the __blk_add_trace\n function in kernel/trace/blktrace.c (which is used to fill out a\n blk_io_trace structure and place it in a per-cpu sub-buffer)\n (bnc#1159285).\n\n The following non-security bugs were fixed:\n\n - ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1\n (bsc#1111666).\n - ALSA: hda/realtek - Add Headset Mic supported (bsc#1111666).\n - ALSA: hda/realtek - Add more codec supported Headset Button\n (bsc#1111666).\n - ALSA: hda/realtek - Apply quirk for MSI GP63, too (bsc#1111666).\n - ALSA: hda/realtek - Apply quirk for yet another MSI laptop (bsc#1111666).\n - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294\n (bsc#1111666).\n - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1\n (bsc#1111666).\n - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master\n (bsc#1111666).\n - ALSA: usb-audio: Add boot quirk for MOTU M Series (bsc#1111666).\n - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000\n (bsc#1111666).\n - ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65\n headset (bsc#1111666).\n - ALSA: usb-audio: Fix UAC2/3 effect unit parsing (bsc#1111666).\n - ALSA: usb-audio: Use lower hex numbers for IDs (bsc#1111666).\n - ALSA: usb-audio: add implicit fb quirk for MOTU M Series (bsc#1111666).\n - ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82\n (bsc#1111666).\n - ALSA: usb-audio: fix Corsair Virtuoso mixer label collision\n (bsc#1111666).\n - ALSA: usb-audio: unlock on error in probe (bsc#1111666).\n - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status\n (bsc#1051510).\n - ASoC: dapm: Correct DAPM handling of active widgets during shutdown\n (bsc#1051510).\n - ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path\n (bsc#1051510).\n - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output\n (bsc#1051510).\n - ASoC: pcm: update FE/BE trigger order based on the command (bsc#1051510).\n - ASoC: topology: Fix memleak in soc_tplg_link_elems_load() (bsc#1051510).\n - Add CONFIG_RAID6_PQ_BENCHMARK=y in following config files for the above\n change,\n - EDAC, ghes: Make platform-based whitelisting x86-only (bsc#1158187).\n - EDAC/mc: Fix use-after-free and memleaks during device removal\n (bsc#1114279).\n - Enable the following two patches in series.conf, and refresh the KABI\n patch due to previous md commit (bsc#1119680),\n - HID: core: fix off-by-one memset in hid_report_raw_event() (bsc#1051510).\n - Input: edt-ft5x06 - work around first register access error\n (bsc#1051510).\n - Input: synaptics - enable SMBus on ThinkPad L470 (bsc#1051510).\n - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list\n (bsc#1051510).\n - Input: synaptics - switch T470s to RMI4 by default (bsc#1051510).\n - KVM: VMX: check descriptor table exits on instruction emulation\n (bsc#1166104).\n - NFC: pn544: Fix a typo in a debug message (bsc#1051510).\n - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use\n le16_add_cpu() (bsc#1051510).\n - PCI/AER: Clear device status bits during ERR_COR handling (bsc#1161561).\n - PCI/AER: Clear device status bits during ERR_FATAL and ERR_NONFATAL\n (bsc#1161561).\n - PCI/AER: Clear only ERR_FATAL status bits during fatal recovery\n (bsc#1161561).\n - PCI/AER: Clear only ERR_NONFATAL bits during non-fatal recovery\n (bsc#1161561).\n - PCI/AER: Do not clear AER bits if error handling is Firmware-First\n (bsc#1161561).\n - PCI/AER: Do not read upstream ports below fatal errors (bsc#1161561).\n - PCI/AER: Factor out ERR_NONFATAL status bit clearing (bsc#1161561).\n - PCI/AER: Take reference on error devices (bsc#1161561).\n - PCI/ERR: Run error recovery callbacks for all affected devices\n (bsc#1161561).\n - PCI/ERR: Use slot reset if available (bsc#1161561).\n - Update \"drm/i915: Wean off drm_pci_alloc/drm_pci_free\" (bsc#1114279)\n This patch fixes ../drivers/gpu/drm/i915/i915_gem.c: In function\n 'i915_gem_object_get_pages_phys':\n ../drivers/gpu/drm/i915/i915_gem.c:232:2: warning: return makes pointer\n from integer without a cast [enabled by default] introduced by commit\n cde29f21f04985905600b14e6936f4f023329a99.\n - Update config files. CONFIG_IPX was set on ARM. Disable as on other\n archs.\n - [1/2,media] uvcvideo: Refactor teardown of uvc on USB disconnect\n (https://patchwork.kernel.org/patch/9683663/) (bsc#1164507)\n - amdgpu/gmc_v9: save/restore sdpif regs during S3 (bsc#1113956)\n - atm: zatm: Fix empty body Clang warnings (bsc#1051510).\n - b43legacy: Fix -Wcast-function-type (bsc#1051510).\n - blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285).\n - blktrace: fix dereference after null check (bsc#1159285).\n - blktrace: fix trace mutex deadlock (bsc#1159285).\n - bonding/alb: properly access headers in bond_alb_xmit()\n (networking-stable-20_02_09).\n - config: enable BLK_DEV_SR_VENDOR on armv7hl (bsc#1164632)\n - cpufreq: powernv: Fix unsafe notifiers (bsc#1065729).\n - cpufreq: powernv: Fix use-after-free (bsc#1065729).\n - crypto: pcrypt - Fix user-after-free on module unload (git-fixes).\n - dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()\n (bsc#1051510).\n - driver core: Print device when resources present in really_probe()\n (bsc#1051510).\n - driver core: platform: Prevent resouce overflow from causing infinite\n loops (bsc#1051510).\n - driver core: platform: fix u32 greater or equal to zero comparison\n (bsc#1051510).\n - drivers/md/raid5-ppl.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET\n (bsc#1166003).\n - drivers/md/raid5.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET\n (bsc#1166003).\n - drm/amd/dm/mst: Ignore payload update failures (bsc#1112178)\n - drm/gma500: Fixup fbdev stolen size usage evaluation (bsc#1051510).\n - drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime (git-fixes).\n - drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits\n (git-fixes).\n - drm/i915/selftests: Fix return in assert_mmap_offset() (bsc#1114279)\n - drm/i915/userptr: Try to acquire the page lock around (bsc#1114279)\n - drm/i915: Program MBUS with rmw during initialization (git-fixes).\n - drm/mediatek: handle events when enabling/disabling crtc (bsc#1051510).\n - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided\n (bsc#1051510).\n - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from\n fw (bsc#1051510).\n - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets\n (git-fixes).\n - drm/sun4i: Fix DE2 VI layer format support (git-fixes).\n - drm/sun4i: de2/de3: Remove unsupported VI layer formats (git-fixes).\n - drm: remove the newline for CRC source name (bsc#1051510).\n - fcntl: fix typo in RWH_WRITE_LIFE_NOT_SET r/w hint name (bsc#1166003).\n - firmware: imx: misc: Align imx sc msg structs to 4 (git-fixes).\n - firmware: imx: scu-pd: Align imx sc msg structs to 4 (git-fixes).\n - firmware: imx: scu: Ensure sequential TX (git-fixes).\n - fs/xfs: fix f_ffree value for statfs when project quota is set\n (bsc#1165985).\n - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() (bsc#1051510).\n - ibmvnic: Do not process device remove during device reset (bsc#1065729).\n - ibmvnic: Warn unknown speed message only when carrier is present\n (bsc#1065729).\n - iommu/amd: Check feature support bit before accessing MSI capability\n registers (bsc#1166101).\n - iommu/amd: Only support x2APIC with IVHD type 11h/40h (bsc#1166102).\n - iommu/amd: Remap the IOMMU device table with the memory encryption mask\n for kdump (bsc#1141895).\n - iommu/dma: Fix MSI reservation allocation (bsc#1166730).\n - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page\n (bsc#1166732).\n - iommu/vt-d: Fix compile warning from intel-svm.h (bsc#1166103).\n - iommu/vt-d: Fix the wrong printing in RHSA parsing (bsc#1166733).\n - iommu/vt-d: Ignore devices with out-of-spec domain number (bsc#1166734).\n - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint\n (bsc#1166731).\n - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn\n + add_taint (bsc#1166735).\n - iwlegacy: Fix -Wcast-function-type (bsc#1051510).\n - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices\n (bsc#1166632).\n - iwlwifi: mvm: Fix thermal zone registration (bsc#1051510).\n - kdump, proc/vmcore: Enable kdumping encrypted memory with SME enabled\n (bsc#1141895).\n - kexec: Allocate decrypted control pages for kdump if SME is enabled\n (bsc#1141895).\n - lib/raid6: add missing include for raid6test (bsc#1166003).\n - lib/raid6: add option to skip algo benchmarking (bsc#1166003).\n - lib/raid6: avoid __attribute_const__ redefinition (bsc#1166003).\n - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields\n (bsc#1165929).\n - libnvdimm/pfn_dev: Do not clear device memmap area during generic\n namespace probe (bsc#1165929 bsc#1165950).\n - libnvdimm: remove redundant __func__ in dev_dbg (bsc#1165929).\n - md raid0/linear: Mark array as 'broken' and fail BIOs if a member is\n gone (bsc#1166003).\n - md-batch-flush-requests-kabi.patch\n - md-batch-flush-requests.patch\n - md-bitmap: create and destroy wb_info_pool with the change of backlog\n (bsc#1166003).\n - md-bitmap: create and destroy wb_info_pool with the change of bitmap\n (bsc#1166003).\n - md-bitmap: small cleanups (bsc#1166003).\n - md-cluster/bitmap: do not call md_bitmap_sync_with_cluster during\n reshaping stage (bsc#1166003).\n - md-cluster/raid10: call update_size in md_reap_sync_thread (bsc#1166003).\n - md-cluster/raid10: do not call remove_and_add_spares during reshaping\n stage (bsc#1166003).\n - md-cluster/raid10: resize all the bitmaps before start reshape\n (bsc#1166003).\n - md-cluster/raid10: support add disk under grow mode (bsc#1166003).\n - md-cluster: introduce resync_info_get interface for sanity check\n (bsc#1166003).\n - md-cluster: remove suspend_info (bsc#1166003).\n - md-cluster: send BITMAP_NEEDS_SYNC message if reshaping is interrupted\n (bsc#1166003).\n - md-linear: use struct_size() in kzalloc() (bsc#1166003).\n - md/bitmap: avoid race window between md_bitmap_resize and\n bitmap_file_clear_bit (bsc#1166003).\n - md/bitmap: use mddev_suspend/resume instead of ->quiesce() (bsc#1166003).\n - md/raid0: Fix an error message in raid0_make_request() (bsc#1166003).\n - md/raid10: Fix raid10 replace hang when new added disk faulty\n (bsc#1166003).\n - md/raid10: end bio when the device faulty (bsc#1166003).\n - md/raid10: prevent access of uninitialized resync_pages offset\n (bsc#1166003).\n - md/raid10: read balance chooses idlest disk for SSD (bsc#1166003).\n - md/raid1: Fix a warning message in remove_wb() (bsc#1166003).\n - md/raid1: avoid soft lockup under high load (bsc#1166003).\n - md/raid1: end bio when the device faulty (bsc#1166003).\n - md/raid1: fail run raid1 array when active disk less than one\n (bsc#1166003).\n - md/raid1: fix potential data inconsistency issue with write behind\n device (bsc#1166003).\n - md/raid1: get rid of extra blank line and space (bsc#1166003).\n - md/raid5: use bio_end_sector to calculate last_sector (bsc#1166003).\n - md/raid6: fix algorithm choice under larger PAGE_SIZE (bsc#1166003).\n - md: Make bio_alloc_mddev use bio_alloc_bioset (bsc#1166003).\n - md: add __acquires/__releases annotations to (un)lock_two_stripes\n (bsc#1166003).\n - md: add __acquires/__releases annotations to handle_active_stripes\n (bsc#1166003).\n - md: add a missing endianness conversion in check_sb_changes\n (bsc#1166003).\n - md: add bitmap_abort label in md_run (bsc#1166003).\n - md: add feature flag MD_FEATURE_RAID0_LAYOUT (bsc#1166003).\n - md: allow last device to be forcibly removed from RAID1/RAID10\n (bsc#1166003).\n - md: avoid invalid memory access for array sb->dev_roles (bsc#1166003).\n - md: change kabi fix patch name, from\n patches.kabi/md-batch-flush-requests-kabi.patch to\n patches.kabi/md-backport-kabi.patch\n - md: convert to kvmalloc (bsc#1166003).\n - md: do not call spare_active in md_reap_sync_thread if all member\n devices can't work (bsc#1166003).\n - md: do not set In_sync if array is frozen (bsc#1166003).\n - md: fix a typo s/creat/create (bsc#1166003).\n - md: fix for divide error in status_resync (bsc#1166003).\n - md: fix spelling typo and add necessary space (bsc#1166003).\n - md: introduce mddev_create/destroy_wb_pool for the change of member\n device (bsc#1166003).\n - md: make sure desc_nr less than MD_SB_DISKS (bsc#1166003).\n - md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show\n (bsc#1166003).\n - md: no longer compare spare disk superblock events in super_load\n (bsc#1166003).\n - md: raid10: Use struct_size() in kmalloc() (bsc#1166003).\n - md: raid1: check rdev before reference in raid1_sync_request func\n (bsc#1166003).\n - md: remove set but not used variable 'bi_rdev' (bsc#1166003).\n - md: rename wb stuffs (bsc#1166003).\n - md: return -ENODEV if rdev has no mddev assigned (bsc#1166003).\n - md: use correct type in super_1_load (bsc#1166003).\n - md: use correct type in super_1_sync (bsc#1166003).\n - md: use correct types in md_bitmap_print_sb (bsc#1166003).\n - media: uvcvideo: Refactor teardown of uvc on USB disconnect\n (bsc#1164507).\n - net/smc: add fallback check to connect() (git-fixes).\n - net/smc: fix cleanup for linkgroup setup failures (git-fixes).\n - net/smc: no peer ID in CLC decline for SMCD (git-fixes).\n - net/smc: transfer fasync_list in case of fallback (git-fixes).\n - net: macb: Limit maximum GEM TX length in TSO\n (networking-stable-20_02_09).\n - net: macb: Remove unnecessary alignment check for TSO\n (networking-stable-20_02_09).\n - net: mvneta: move rx_dropped and rx_errors in per-cpu stats\n (networking-stable-20_02_09).\n - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode\n (networking-stable-20_02_09).\n - net_sched: fix a resource leak in tcindex_set_parms()\n (networking-stable-20_02_09).\n - nvme: Fix parsing of ANA log page (bsc#1166658).\n - nvme: Translate more status codes to blk_status_t (bsc#1156510).\n - nvme: resync include/linux/nvme.h with nvmecli (bsc#1156510).\n - orinoco: avoid assertion in case of NULL pointer (bsc#1051510).\n - padata: always acquire cpu_hotplug_lock before pinst->lock (git-fixes).\n - pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins\n (bsc#1051510).\n - pinctrl: imx: scu: Align imx sc msg structs to 4 (git-fixes).\n - pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs (bsc#1051510).\n - pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs (bsc#1051510).\n - powerpc/pseries: fix of_read_drc_info_cell() to point at next record\n (bsc#1165980 ltc#183834).\n - powerpc: fix hardware PMU exception bug on PowerVM compatibility mode\n systems (bsc#1056686).\n - qmi_wwan: re-add DW5821e pre-production variant (bsc#1051510).\n - raid10: refactor common wait code from regular read/write request\n (bsc#1166003).\n - raid1: factor out a common routine to handle the completion of sync\n write (bsc#1166003).\n - raid1: simplify raid1_error function (bsc#1166003).\n - raid1: use an int as the return value of raise_barrier() (bsc#1166003).\n - raid5 improve too many read errors msg by adding limits (bsc#1166003).\n - raid5: block failing device if raid will be failed (bsc#1166003).\n - raid5: do not increment read_errors on EILSEQ return (bsc#1166003).\n - raid5: do not set STRIPE_HANDLE to stripe which is in batch list\n (bsc#1166003).\n - raid5: need to set STRIPE_HANDLE for batch head (bsc#1166003).\n - raid5: remove STRIPE_OPS_REQ_PENDING (bsc#1166003).\n - raid5: remove worker_cnt_per_group argument from alloc_thread_groups\n (bsc#1166003).\n - raid5: set write hint for PPL (bsc#1166003).\n - raid5: use bio_end_sector in r5_next_bio (bsc#1166003).\n - raid6/test: fix a compilation error (bsc#1166003).\n - raid6/test: fix a compilation warning (bsc#1166003).\n - remoteproc: Initialize rproc_class before use (bsc#1051510).\n - rtlwifi: rtl_pci: Fix -Wcast-function-type (bsc#1051510).\n - s390/pci: Fix unexpected write combine on resource (git-fixes).\n - s390/uv: Fix handling of length extensions (git-fixes).\n - staging: rtl8188eu: Fix potential overuse of kernel memory (bsc#1051510).\n - staging: rtl8188eu: Fix potential security hole (bsc#1051510).\n - staging: rtl8723bs: Fix potential overuse of kernel memory (bsc#1051510).\n - staging: rtl8723bs: Fix potential security hole (bsc#1051510).\n - tick: broadcast-hrtimer: Fix a race in bc_set_next (bsc#1044231).\n - tools: Update include/uapi/linux/fcntl.h copy from the kernel\n (bsc#1166003).\n - usb: host: xhci: update event ring dequeue pointer on purpose\n (git-fixes).\n - vgacon: Fix a UAF in vgacon_invert_region (bsc#1114279)\n - virtio-blk: fix hw_queue stopped on arbitrary error (git-fixes).\n - x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF\n (bsc#1114279).\n - x86/ioremap: Add an ioremap_encrypted() helper (bsc#1141895).\n - x86/kdump: Export the SME mask to vmcoreinfo (bsc#1141895).\n - x86/mce/amd: Fix kobject lifetime (bsc#1114279).\n - x86/mce/amd: Publish the bank pointer only after setup has succeeded\n (bsc#1114279).\n - x86/mm: Split vmalloc_sync_all() (bsc#1165741).\n - xfs: also remove cached ACLs when removing the underlying attr\n (bsc#1165873).\n - xfs: bulkstat should copy lastip whenever userspace supplies one\n (bsc#1165984).\n - xhci: Force Maximum Packet size for Full-speed bulk devices to valid\n range (bsc#1051510).\n - xhci: fix runtime pm enabling for quirky Intel hosts (bsc#1051510).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-388=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-27T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19768", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-9383"], "modified": "2020-03-27T00:00:00", "id": "OPENSUSE-SU-2020:0388-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6IRYS6743ISN3DBCZORC2AEZU7D7GZNC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-20T02:05:12", "description": "An update that solves 16 vulnerabilities and has 117 fixes\n is now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.2 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-19462: relay_open in kernel/relay.c allowed local users to\n cause a denial of service (such as relay blockage) by triggering a NULL\n alloc_percpu result (bnc#1158265).\n - CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c\n did not call snd_card_free for a failure path, which causes a memory\n leak, aka CID-9453264ef586 (bnc#1172458).\n - CVE-2019-20812: The prb_calc_retire_blk_tmo() function in\n net/packet/af_packet.c can result in a denial of service (CPU\n consumption and soft lockup) in a certain failure case involving\n TPACKET_V3, aka CID-b43d1f9f7067 (bnc#1172453).\n - CVE-2020-10711: A NULL pointer dereference flaw was found in the Linux\n kernel's SELinux subsystem. This flaw occurs while importing the\n Commercial IP Security Option (CIPSO) protocol's category bitmap into\n the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine.\n While processing the CIPSO restricted bitmap tag in the\n 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to\n indicate that the category bitmap is present, even if it has not been\n allocated. This issue leads to a NULL pointer dereference issue while\n importing the same category bitmap into SELinux. This flaw allowed a\n remote network user to crash the system kernel, resulting in a denial of\n service (bnc#1171191).\n - CVE-2020-10732: A flaw was found in the implementation of Userspace core\n dumps. This flaw allowed an attacker with a local account to crash a\n trivial program and exfiltrate private kernel data (bnc#1171220).\n - CVE-2020-10751: SELinux LSM hook implementation before version 5.7,\n where it incorrectly assumed that an skb would only contain a single\n netlink message. The hook would incorrectly only validate the first\n netlink message in the skb and allow or deny the rest of the messages\n within the skb with the granted permission without further processing\n (bnc#1171189).\n - CVE-2020-10766: Fixed rogue cross-process SSBD shutdown. Linux scheduler\n logical bug allowed an attacker to turn off the SSBD protection.\n (bnc#1172781).\n - CVE-2020-10767: Fixed that Indirect Branch Prediction Barrier is\n force-disabled when STIBP is unavailable or enhanced IBRS is available.\n (bnc#1172782).\n - CVE-2020-10768: Fixed that indirect branch speculation can be enabled\n after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command\n (bnc#1172783).\n - CVE-2020-10773: Fixed a kernel stack information leak on s390/s390x.\n (bnc#1172999).\n - CVE-2020-12656: Fixed a memory leak in gss_mech_free in the\n rpcsec_gss_krb5 implementation due to lack of certain domain_release\n calls (bnc#1171219).\n - CVE-2020-12769: An issue was discovered in drivers/spi/spi-dw.c allowed\n attackers to cause a panic via concurrent calls to dw_spi_irq and\n dw_spi_transfer_one, aka CID-19b61392c5a8 (bnc#1171983).\n - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access\n disabled memory space (bnc#1171868).\n - CVE-2020-13143: gadget_dev_desc_UDC_store in\n drivers/usb/gadget/configfs.c relied on kstrdup without considering the\n possibility of an internal '\\0' value, which allowed attackers to\n trigger an out-of-bounds read, aka CID-15753588bcd4 (bnc#1171982).\n - CVE-2020-13974: tty/vt/keyboard.c had an integer overflow if k_ascii is\n called several times in a row, aka CID-b86dab054059. (bnc#1172775).\n - CVE-2020-14416: A race condition in tty->disc_data handling in the slip\n and slcan line discipline could lead to a use-after-free, aka\n CID-0ace17d56824. This affects drivers/net/slip/slip.c and\n drivers/net/can/slcan.c (bnc#1162002).\n\n The following non-security bugs were fixed:\n\n - ACPICA: Fixes for acpiExec namespace init file (git-fixes).\n - ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()\n (git-fixes).\n - ACPI: GED: add support for _Exx / _Lxx handler methods (git-fixes).\n - ACPI: GED: use correct trigger type field in _Exx / _Lxx handling\n (git-fixes).\n - ACPI: PM: Avoid using power resources if there are none for D0\n (git-fixes).\n - ACPI: sysfs: Fix reference count leak in\n acpi_sysfs_add_hotplug_profile() (git-fixes).\n - af_unix: add compat_ioctl support (git-fixes).\n - agp/intel: Reinforce the barrier after GTT updates (git-fixes).\n - ALSA: emu10k1: delete an unnecessary condition (git-fixes).\n - ALSA: es1688: Add the missed snd_card_free() (git-fixes).\n - ALSA: fireface: fix configuration error for nominal sampling transfer\n frequency (git-fixes).\n - ALSA: firewire-lib: fix invalid assignment to union data for directional\n parameter (git-fixes).\n - ALSA: hda: Add ElkhartLake HDMI codec vid (git-fixes).\n - ALSA: hda: add member to store ratio for stripe control (git-fixes).\n - ALSA: hda: add sienna_cichlid audio asic id for sienna_cichlid up\n (git-fixes).\n - ALSA: hda: Fix potential race in unsol event handler (git-fixes).\n - ALSA: hda/realtek - Add a model for Thinkpad T570 without DAC workaround\n (bsc#1172017).\n - ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines\n (git-fixes).\n - ALSA: hda/realtek - Add LED class support for micmute LED (git-fixes).\n - ALSA: hda/realtek - Add more fixup entries for Clevo machines\n (git-fixes).\n - ALSA: hda/realtek - Add new codec supported for ALC287 (git-fixes).\n - ALSA: hda/realtek - Enable micmute LED on and HP system (git-fixes).\n - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme\n (git-fixes).\n - ALSA: hda/realtek - Fix unused variable warning w/o\n CONFIG_LEDS_TRIGGER_AUDIO (git-fixes).\n - ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (git-fixes).\n - ALSA: hda/tegra: correct number of SDO lines for Tegra194 (git-fixes).\n - ALSA: hda/tegra: workaround playback failure on Tegra194 (git-fixes).\n - ALSA: hwdep: fix a left shifting 1 by 31 UB bug (git-fixes).\n - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio\n option (git-fixes).\n - ALSA: pcm: disallow linking stream to itself (git-fixes).\n - ALSA: pcm: fix incorrect hw_base increase (git-fixes).\n - ALSA: pcm: fix snd_pcm_link() lockdep splat (git-fixes).\n - ALSA: usb-audio: Add duplex sound support for USB devices using implicit\n feedback (git-fixes).\n - ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (git-fixes).\n - ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt\n Dock (git-fixes).\n - ALSA: usb-audio: Clean up quirk entries with macros (git-fixes).\n - ALSA: usb-audio: Fix a limit check in proc_dump_substream_formats()\n (git-fixes).\n - ALSA: usb-audio: Fix inconsistent card PM state after resume (git-fixes).\n - ALSA: usb-audio: fixing upper volume limit for RME Babyface Pro routing\n crosspoints (git-fixes).\n - ALSA: usb-audio: Fixing usage of plain int instead of NULL (git-fixes).\n - ALSA: usb-audio: Fix racy list management in output queue (git-fixes).\n - ALSA: usb-audio: Improve frames size computation (git-fixes).\n - ALSA: usb-audio: Manage auto-pm of all bundled interfaces (git-fixes).\n - ALSA: usb-audio: mixer: volume quirk for ESS Technology Asus USB DAC\n (git-fixes).\n - ALSA: usb-audio: Print more information in stream proc files (git-fixes).\n - ALSA: usb-audio: Quirks for Gigabyte TRX40 Aorus Master onboard audio\n (git-fixes).\n - ALSA: usb-audio: Remove async workaround for Scarlett 2nd gen\n (git-fixes).\n - ALSA: usb-audio: RME Babyface Pro mixer patch (git-fixes).\n - ALSA: usb-audio: Use the new macro for HP Dock rename quirks (git-fixes).\n - amd-xgbe: Use __napi_schedule() in BH context\n (networking-stable-20_04_17).\n - arm64: map FDT as RW for early_init_dt_scan() (jsc#SLE-12424).\n - ARM: oxnas: make ox820_boot_secondary static (git-fixes).\n - asm-gemeric/tlb: remove stray function declarations (bsc#1156395).\n - ASoC: fix incomplete error-handling in img_i2s_in_probe (git-fixes).\n - ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet\n (git-fixes).\n - ASoC: intel: cht_bsw_max98090_ti: Add all Chromebooks that need\n pmc_plt_clk_0 quirk (bsc#1171246).\n - ASoC: intel - fix the card names (git-fixes).\n - ASoC: max9867: fix volume controls (git-fixes).\n - ASoC: meson: add missing free_irq() in error path (git-fixes).\n - ASoC: rt5645: Add platform-data for Asus T101HA (git-fixes).\n - ASoC: SOF: core: fix error return code in sof_probe_continue()\n (git-fixes).\n - ASoC: ux500: mop500: Fix some refcounted resources issues (git-fixes).\n - ath10k: Remove ath10k_qmi_register_service_notifier() declaration\n (git-fixes).\n - ath10k: remove the max_sched_scan_reqs value (git-fixes).\n - ath10k: Skip handling del_server during driver exit (git-fixes).\n - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (git-fixes).\n - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (git-fixes).\n - ath9k: Fix use-after-free Read in htc_connect_service (git-fixes).\n - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (git-fixes).\n - ath9k_htc: Silence undersized packet warnings (git-fixes).\n - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb (git-fixes).\n - ax25: fix setsockopt(SO_BINDTODEVICE) (git-fixes).\n - b43legacy: Fix case where channel status is corrupted (git-fixes).\n - bfq: Avoid false bfq queue merging (bsc#1171513).\n - bfq: Fix check detecting whether waker queue should be selected\n (bsc#1168838).\n - bfq: Use only idle IO periods for think time calculations (bsc#1171513).\n - bfq: Use 'ttime' local variable (bsc#1171513).\n - blk-iocost: Fix error on iocost_ioc_vrate_adj (bsc#1173206).\n - blk-iocost: fix incorrect vtime comparison in iocg_is_idle()\n (bsc#1173206).\n - bluetooth: btmtkuart: Improve exception handling in btmtuart_probe()\n (git-fixes).\n - bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).\n - bnxt_en: Improve TQM ring context memory sizing formulas (jsc#SLE-8371\n bsc#1153274).\n - bpf: Fix map permissions check (bsc#1155518).\n - bpf: Prevent mmap()'ing read-only maps as writable (bsc#1155518).\n - bpf: Restrict bpf_probe_read{, str}() only to archs where they work\n (bsc#1172344).\n - bpf, sockhash: Synchronize_rcu before free'ing map (git-fixes).\n - bpf, sockmap: Check update requirements after locking (git-fixes).\n - bpf: Undo internal BPF_PROBE_MEM in BPF insns dump (bsc#1155518).\n - brcmfmac: fix wrong location to get firmware feature (git-fixes).\n - btrfs: fix log context list corruption after rename whiteout error\n (bsc#1172342).\n - btrfs: fix partial loss of prealloc extent past i_size after fsync\n (bsc#1172343).\n - btrfs: reloc: clear DEAD_RELOC_TREE bit for orphan roots to prevent\n runaway balance (bsc#1171417 bsc#1160947 bsc#1172366).\n - btrfs: reloc: fix reloc root leak and NULL pointer dereference\n (bsc#1171417 bsc#1160947 bsc#1172366).\n - CDC-ACM: heed quirk also in error handling (git-fixes).\n - CDC-ACM: heed quirk also in error handling (git-fixes).\n - ceph: add comments for handle_cap_flush_ack logic (bsc#1172940).\n - ceph: allow rename operation under different quota realms (bsc#1172988).\n - ceph: ceph_kick_flushing_caps needs the s_mutex (bsc#1172986).\n - ceph: convert mdsc->cap_dirty to a per-session list (bsc#1172984\n bsc#1167104).\n - ceph: document what protects i_dirty_item and i_flushing_item\n (bsc#1172940).\n - ceph: do not release i_ceph_lock in handle_cap_trunc (bsc#1172940).\n - ceph: do not return -ESTALE if there's still an open file (bsc#1171915).\n - ceph: do not take i_ceph_lock in handle_cap_import (bsc#1172940).\n - ceph: fix potential race in ceph_check_caps (bsc#1172940).\n - ceph: flush release queue when handling caps for unknown inode\n (bsc#1172939).\n - ceph: make sure mdsc->mutex is nested in s->s_mutex to fix dead lock\n (bsc#1172989).\n - ceph: normalize 'delta' parameter usage in check_quota_exceeded\n (bsc#1172987).\n - ceph: reorganize __send_cap for less spinlock abuse (bsc#1172940).\n - ceph: request expedited service on session's last cap flush (bsc#1172985\n bsc#1167104).\n - ceph: reset i_requested_max_size if file write is not wanted\n (bsc#1172983).\n - ceph: skip checking caps when session reconnecting and releasing reqs\n (bsc#1172990).\n - ceph: split up __finish_cap_flush (bsc#1172940).\n - ceph: throw a warning if we destroy session with mutex still locked\n (bsc#1172940).\n - char/random: Add a newline at the end of the file (jsc#SLE-12424).\n - clk: bcm2835: Fix return type of bcm2835_register_gate (git-fixes).\n - clk: bcm2835: Remove casting to bcm2835_clk_register (git-fixes).\n - clk: clk-flexgen: fix clock-critical handling (git-fixes).\n - clk: mediatek: assign the initial value to clk_init_data of mtk_mux\n (git-fixes).\n - clk: meson: meson8b: Do not rely on u-boot to init all GP_PLL registers\n (git-fixes).\n - clk: meson: meson8b: Fix the polarity of the RESET_N lines (git-fixes).\n - clk: meson: meson8b: Fix the vclk_div{1, 2, 4, 6, 12}_en gate bits\n (git-fixes).\n - clk: qcom: Add missing msm8998 ufs_unipro_core_clk_src (git-fixes).\n - clk: renesas: cpg-mssr: Fix STBCR suspend/resume handling (git-fixes).\n - clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical\n (git-fixes).\n - clk: sprd: return correct type of value for _sprd_pll_recalc_rate\n (git-fixes).\n - clk: sunxi: Fix incorrect usage of round_down() (git-fixes).\n - clk: ti: am33xx: fix RTC clock parent (git-fixes).\n - clocksource: dw_apb_timer_of: Fix missing clockevent timers (git-fixes).\n - component: Silence bind error on -EPROBE_DEFER (git-fixes).\n - config: arm64: enable CONFIG_IOMMU_DEFAULT_PASSTHROUGH References:\n bsc#1172739\n - coredump: fix crash when umh is disabled (git-fixes).\n - coredump: fix null pointer dereference on coredump (git-fixes).\n - crypto: algapi - Avoid spurious modprobe on LOADED (git-fixes).\n - crypto: algboss - do not wait during notifier callback (git-fixes).\n - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is\n fully iterated (git-fixes).\n - crypto: ccp -- do not \"select\" CONFIG_DMADEVICES (git-fixes).\n - crypto: chelsio/chtls: properly set tp->lsndtime (git-fixes).\n - crypto: drbg - fix error return code in drbg_alloc_state() (git-fixes).\n - crypto: stm32/crc32 - fix ext4 chksum BUG_ON() (git-fixes).\n - crypto: stm32/crc32 - fix multi-instance (git-fixes).\n - crypto: stm32/crc32 - fix run-time self test issue (git-fixes).\n - cxgb4: fix adapter crash due to wrong MC size\n (networking-stable-20_04_27).\n - cxgb4: fix large delays in PTP synchronization\n (networking-stable-20_04_27).\n - Delete\n patches.suse/seltests-powerpc-Add-a-selftest-for-memcpy_mcsafe.patch\n (bsc#1171699).\n - dma-coherent: fix integer overflow in the reserved-memory dma allocation\n (git-fixes).\n - dma-debug: fix displaying of dma allocation type (git-fixes).\n - dma-direct: fix data truncation in dma_direct_get_required_mask()\n (git-fixes).\n - dmaengine: dmatest: Fix process hang when reading 'wait' parameter\n (git-fixes).\n - dmaengine: dmatest: Restore default for channel (git-fixes).\n - dmaengine: mmp_tdma: Do not ignore slave config validation errors\n (git-fixes).\n - dmaengine: mmp_tdma: Reset channel error on release (git-fixes).\n - dmaengine: owl: Use correct lock in owl_dma_get_pchan() (git-fixes).\n - dmaengine: pch_dma.c: Avoid data race between probe and irq handler\n (git-fixes).\n - dmaengine: tegra210-adma: Fix an error handling path in\n 'tegra_adma_probe()' (git-fixes).\n - dm verity fec: fix hash block number in verity_fec_decode (git fixes\n (block drivers)).\n - dm writecache: fix data corruption when reloading the target (git fixes\n (block drivers)).\n - drivers/net/ibmvnic: Update VNIC protocol version reporting\n (bsc#1065729).\n - drivers: phy: sr-usb: do not use internal fsm for USB2 phy init\n (git-fixes).\n - drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static\n (git-fixes).\n - drm/amd/display: add basic atomic check for cursor plane (git-fixes).\n - drm/amd/display: drop cursor position check in atomic test (git-fixes).\n - drm/amd/display: Prevent dpcd reads with passive dongles (git-fixes).\n - drm/amdgpu: force fbdev into vram (bsc#1152472) \t* context changes\n - drm/amdgpu: invalidate L2 before SDMA IBs (v2) (git-fixes).\n - drm/amdgpu: simplify padding calculations (v2) (git-fixes).\n - drm/amd/powerplay: avoid using pm_en before it is initialized revised\n (git-fixes).\n - drm/amd/powerplay: perform PG ungate prior to CG ungate (git-fixes).\n - drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1152472) \t* context\n changes\n - drm/dp_mst: Reformat drm_dp_check_act_status() a bit (git-fixes).\n - drm/edid: Add Oculus Rift S to non-desktop list (git-fixes).\n - drm: encoder_slave: fix refcouting error for modules (git-fixes).\n - drm/etnaviv: fix perfmon domain interation (git-fixes).\n - drm/etnaviv: rework perfmon query infrastructure (git-fixes).\n - drm/i915: Do not enable WaIncreaseLatencyIPCEnabled when IPC is\n (bsc#1152489)\n - drm/i915: Do not enable WaIncreaseLatencyIPCEnabled when IPC is disabled\n (git-fixes).\n - drm/i915: extend audio CDCLK>=2*BCLK constraint to more platforms\n (git-fixes).\n - drm/i915: Extend WaDisableDARBFClkGating to icl,ehl,tgl (bsc#1152489)\n - drm/i915: fix port checks for MST support on gen >= 11 (git-fixes).\n - drm/i915/gem: Avoid iterating an empty list (git-fixes).\n - drm/i915/gvt: Fix kernel oops for 3-level ppgtt guest (bsc#1152489)\n - drm/i915/gvt: Fix kernel oops for 3-level ppgtt guest (git-fixes).\n - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of\n (bsc#1152489)\n - drm/i915/gvt: Init DPLL/DDI vreg for virtual display instead of\n inheritance (git-fixes).\n - drm/i915: HDCP: fix Ri prime check done during link check (bsc#1152489)\n * context changes\n - drm/i915: HDCP: fix Ri prime check done during link check (git-fixes).\n - drm/i915: Limit audio CDCLK>=2*BCLK constraint back to GLK only\n (git-fixes).\n - drm/i915: Propagate error from completed fences (git-fixes).\n - drm/i915: Whitelist context-local timestamp in the gen9 cmdparser\n (git-fixes).\n - drm/i915: work around false-positive maybe-uninitialized warning\n (git-fixes).\n - drm/mcde: dsi: Fix return value check in mcde_dsi_bind() (git-fixes).\n - drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper()\n (git-fixes).\n - drm/sun4i: hdmi ddc clk: Fix size of m divider (git-fixes).\n - drm/vkms: Hold gem object while still in-use (git-fixes).\n - dwc3: Remove check for HWO flag in dwc3_gadget_ep_reclaim_trb_sg()\n (git-fixes).\n - e1000e: Disable TSO for buffer overrun workaround (git-fixes).\n - e1000e: Do not wake up the system via WOL if device wakeup is disabled\n (git-fixes).\n - EDAC/amd64: Add PCI device IDs for family 17h, model 70h (bsc#1165975).\n - EDAC/ghes: Setup DIMM label from DMI and use it in error reports\n (bsc#1168779).\n - EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable\n (bsc#1152489).\n - EDAC/synopsys: Do not dump uninitialized pinf->col (bsc#1152489).\n - efi/efivars: Add missing kobject_put() in sysfs entry creation error\n path (git-fixes).\n - efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness\n (jsc#SLE-12424).\n - efi: READ_ONCE rng seed size before munmap (jsc#SLE-12424).\n - efi/tpm: Verify event log header before parsing (bsc#1173461).\n - eventpoll: fix missing wakeup for ovflist in ep_poll_callback\n (bsc#1159867).\n - evm: Check also if *tfm is an error pointer in init_desc() (git-fixes).\n - evm: Fix a small race in init_desc() (git-fixes).\n - evm: Fix possible memory leak in evm_calc_hmac_or_hash() (git-fixes).\n - evm: Fix RCU list related warnings (git-fixes).\n - extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'\n (git-fixes).\n - fanotify: fix ignore mask logic for events on child and on dir\n (bsc#1172719).\n - fdt: add support for rng-seed (jsc#SLE-12424).\n - fdt: Update CRC check for rng-seed (jsc#SLE-12424).\n - firmware: imx: scu: Fix corruption of header (git-fixes).\n - firmware: imx: scu: Fix possible memory leak in imx_scu_probe()\n (git-fixes).\n - firmware: imx-scu: Support one TX and one RX (git-fixes).\n - firmware: imx: warn on unexpected RX (git-fixes).\n - firmware: qcom_scm: fix bogous abuse of dma-direct internals (git-fixes).\n - firmware: xilinx: Fix an error handling path in\n 'zynqmp_firmware_probe()' (git-fixes).\n - Fix a regression of AF_ALG crypto interface hang with aes_s390\n (bsc#1167651)\n - fpga: dfl: afu: Corrected error handling levels (git-fixes).\n - fs: Do not check if there is a fsnotify watcher on pseudo inodes\n (bsc#1158765).\n - fsnotify: Rearrange fast path to minimise overhead when there is no\n watcher (bsc#1158765).\n - genetlink: clean up family attributes allocations (git-fixes).\n - genetlink: fix memory leaks in genl_family_rcv_msg_dumpit()\n (bsc#1154353).\n - gpio: bcm-kona: Fix return value of bcm_kona_gpio_probe() (git-fixes).\n - gpio: dwapb: Append MODULE_ALIAS for platform driver (git-fixes).\n - gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip\n de-registration (git-fixes).\n - gpio: exar: Fix bad handling for ida_simple_get error path (git-fixes).\n - gpiolib: Document that GPIO line names are not globally unique\n (git-fixes).\n - gpio: pca953x: Fix pca953x_gpio_set_config (git-fixes).\n - gpio: pxa: Fix return value of pxa_gpio_probe() (git-fixes).\n - gpio: tegra: mask GPIO IRQs during IRQ shutdown (git-fixes).\n - gpu/drm: Ingenic: Fix opaque pointer casted to wrong type (git-fixes).\n - habanalabs: Align protection bits configuration of all TPCs (git-fixes).\n - HID: alps: Add AUI1657 device ID (git-fixes).\n - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead\n (git-fixes).\n - HID: i2c-hid: add Schneider SCL142ALM to descriptor override (git-fixes).\n - HID: i2c-hid: reset Synaptics SYNA2393 on resume (git-fixes).\n - HID: intel-ish-hid: avoid bogus uninitialized-variable warning\n (git-fixes).\n - HID: multitouch: add eGalaxTouch P80H84 support (git-fixes).\n - HID: multitouch: enable multi-input as a quirk for some devices\n (git-fixes).\n - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A\n keyboard-dock (git-fixes).\n - HID: sony: Fix for broken buttons on DS3 USB dongles (git-fixes).\n - hsr: check protocol version in hsr_newlink()\n (networking-stable-20_04_17).\n - i2c: acpi: put device when verifying client fails (git-fixes).\n - i2c: altera: Fix race between xfer_msg and isr thread (git-fixes).\n - i2c: designware-pci: Add support for Elkhart Lake PSE I2C\n (jsc#SLE-12734).\n - i2c: designware-pci: Fix BUG_ON during device removal (jsc#SLE-12734).\n - i2c: designware-pci: Switch over to MSI interrupts (jsc#SLE-12734).\n - i2c: dev: Fix the race between the release of i2c_dev and cdev\n (git-fixes).\n - i2c: fix missing pm_runtime_put_sync in i2c_device_probe (git-fixes).\n - i2c: mux: demux-pinctrl: Fix an error handling path in\n 'i2c_demux_pinctrl_probe()' (git-fixes).\n - ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).\n - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280\n ltc#185369).\n - ibmvnic: Flush existing work items before device removal (bsc#1065729).\n - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).\n - ice: Fix error return code in ice_add_prof() (jsc#SLE-7926).\n - ice: Fix inability to set channels when down (jsc#SLE-7926).\n - ieee80211: Fix incorrect mask for default PE duration (git-fixes).\n - iio: adc: stm32-adc: fix device used to request dma (git-fixes).\n - iio: adc: stm32-adc: Use dma_request_chan() instead\n dma_request_slave_channel() (git-fixes).\n - iio: adc: stm32-dfsdm: fix device used to request dma (git-fixes).\n - iio: adc: stm32-dfsdm: Use dma_request_chan() instead\n dma_request_slave_channel() (git-fixes).\n - iio: adc: ti-ads8344: Fix channel selection (git-fixes).\n - iio: buffer: Do not allow buffers without any channels enabled to be\n activated (git-fixes).\n - iio:chemical:pms7003: Fix timestamp alignment and prevent data leak\n (git-fixes).\n - iio:chemical:sps30: Fix timestamp alignment (git-fixes).\n - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()'\n (git-fixes).\n - iio: pressure: bmp280: Tolerate IRQ before registering (git-fixes).\n - iio: sca3000: Remove an erroneous 'get_device()' (git-fixes).\n - iio: vcnl4000: Fix i2c swapped word reading (git-fixes).\n - ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()\n (bsc#1172223).\n - ima: Directly assign the ima_default_policy pointer to ima_rules\n (bsc#1172223)\n - ima: Directly free *entry in ima_alloc_init_template() if digests is\n NULL (bsc#1172223).\n - ima: Remove __init annotation from ima_pcrread() (git-fixes).\n - include/asm-generic/topology.h: guard cpumask_of_node() macro argument\n (bsc#1148868).\n - Input: dlink-dir685-touchkeys - fix a typo in driver name (git-fixes).\n - Input: edt-ft5x06 - fix get_default register write access (git-fixes).\n - Input: evdev - call input_flush_device() on release(), not flush()\n (git-fixes).\n - Input: i8042 - add ThinkPad S230u to i8042 reset list (git-fixes).\n - Input: mms114 - fix handling of mms345l (git-fixes).\n - Input: synaptics - add a second working PNP_ID for Lenovo T470s\n (git-fixes).\n - Input: synaptics-rmi4 - fix error return code in rmi_driver_probe()\n (git-fixes).\n - Input: synaptics-rmi4 - really fix attn_data use-after-free (git-fixes).\n - Input: usbtouchscreen - add support for BonXeon TP (git-fixes).\n - Input: xpad - add custom init packet for Xbox One S controllers\n (git-fixes).\n - iocost: check active_list of all the ancestors in iocg_activate()\n (bsc#1173206).\n - iocost: do not let vrate run wild while there's no saturation signal\n (bsc1173206).\n - iocost: over-budget forced IOs should schedule async delay (bsc#1173206).\n - iommu/amd: Call domain_flush_complete() in update_domain() (bsc#1172061).\n - iommu/amd: Do not flush Device Table in iommu_map_page() (bsc#1172062).\n - iommu/amd: Do not loop forever when trying to increase address space\n (bsc#1172063).\n - iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system\n (bsc#1172393).\n - iommu/amd: Fix over-read of ACPI UID from IVRS table (bsc#1172064).\n - iommu/amd: Fix race in increase_address_space()/fetch_pte()\n (bsc#1172065).\n - iommu/amd: Update Device Table in increase_address_space() (bsc#1172066).\n - iommu: Fix reference count leak in iommu_group_alloc (bsc#1172394).\n - iommu/qcom: Fix local_base status check (bsc#1172067).\n - iommu/virtio: Reverse arguments to list_add (bsc#1172068).\n - ipv4: Update fib_select_default to handle nexthop objects\n (networking-stable-20_04_27).\n - ipv6: fix IPV6_ADDRFORM operation logic (bsc#1171662).\n - ipvs: Improve robustness to the ipvs sysctl (git-fixes).\n - irqchip/al-fic: Add support for irq retrigger (jsc#SLE-10505).\n - irqchip/ti-sci-inta: Fix processing of masked irqs (git-fixes).\n - irqchip/versatile-fpga: Apply clear-mask earlier (git-fixes).\n - irqchip/versatile-fpga: Handle chained IRQs properly (git-fixes).\n - iwlwifi: avoid debug max amsdu config overwriting itself (git-fixes).\n - iwlwifi: mvm: limit maximum queue appropriately (git-fixes).\n - iwlwifi: pcie: handle QuZ configs with killer NICs as well (bsc#1172374).\n - jbd2: fix data races at struct journal_head (bsc#1173438).\n - kabi: ppc64le: prevent struct dma_map_ops to become defined\n (jsc#SLE-12424).\n - kabi/severities: Ingnore get_dev_data() The function is internal to the\n AMD IOMMU driver and must not be called by any third party.\n - kABI workaround for struct hdac_bus changes (git-fixes).\n - ktest: Add timeout for ssh sync testing (git-fixes).\n - KVM: Check validity of resolved slot when searching memslots\n (bsc#1172069).\n - KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated\n (bsc#1171904).\n - KVM: x86: only do L1TF workaround on affected processors (bsc#1171904).\n - l2tp: Allow management of tunnels and session in user namespace\n (networking-stable-20_04_17).\n - libbpf: Fix perf_buffer__free() API for sparse allocs (bsc#1155518).\n - libceph: ignore pool overlay and cache logic on redirects (bsc#1172938).\n - lib: devres: add a helper function for ioremap_uc (git-fixes).\n - libertas_tf: avoid a null dereference in pointer priv (git-fixes).\n - lib/lzo: fix ambiguous encoding bug in lzo-rle (git-fixes).\n - libnvdimm/btt: fix variable 'rc' set but not used (bsc#1162400).\n - libnvdimm: cover up nd_pfn_sb changes (bsc#1171759).\n - libnvdimm: cover up nd_region changes (bsc#1162400).\n - libnvdimm/dax: Pick the right alignment default when creating dax\n devices (bsc#1171759).\n - libnvdimm/label: Remove the dpa align check (bsc#1171759).\n - libnvdimm/namespace: Enforce memremap_compat_align() (bsc#1162400).\n - libnvdimm/namsepace: Do not set claim_class on error (bsc#1162400).\n - libnvdimm/of_pmem: Provide a unique name for bus provider (bsc#1171739).\n - libnvdimm: Out of bounds read in __nd_ioctl() (bsc#1065729).\n - libnvdimm/pfn_dev: Add a build check to make sure we notice when struct\n page size change (bsc#1171743).\n - libnvdimm/pfn_dev: Add page size and struct page size to pfn superblock\n (bsc#1171759).\n - libnvdimm/pfn: Prevent raw mode fallback if pfn-infoblock valid\n (bsc#1171743).\n - libnvdimm/pmem: Advance namespace seed for specific probe errors\n (bsc#1171743).\n - libnvdimm/region: Fix build error (bsc#1162400).\n - libnvdimm/region: Introduce an 'align' attribute (bsc#1162400).\n - libnvdimm/region: Introduce NDD_LABELING (bsc#1162400).\n - libnvdimm/region: Rewrite _probe_success() to _advance_seeds()\n (bsc#1171743).\n - libnvdimm: Use PAGE_SIZE instead of SZ_4K for align check (bsc#1171759).\n - lib: Uplevel the pmem \"region\" ida to a global allocator (bc#1162400).\n - list: Add hlist_unhashed_lockless() (bsc#1173438).\n - livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995).\n - livepatch: Disallow vmlinux.ko (bsc#1071995).\n - livepatch: Make klp_apply_object_relocs static (bsc#1071995).\n - livepatch: Prevent module-specific KLP rela sections from referencing\n vmlinux symbols (bsc#1071995).\n - livepatch: Remove .klp.arch (bsc#1071995).\n - locktorture: Allow CPU-hotplug to be disabled via --bootargs\n (bsc#1173068).\n - lpfc_debugfs: get rid of pointless access_ok() (bsc#1171530).\n - lpfc: fix axchg pointer reference after free and double frees\n (bsc#1171530).\n - lpfc: Fix pointer checks and comments in LS receive refactoring\n (bsc#1171530).\n - lpfc: Fix return value in __lpfc_nvme_ls_abort (bsc#1171530).\n - lpfc: Synchronize NVME transport and lpfc driver devloss_tmo\n (bcs#1173060).\n - mac80211: mesh: fix discovery timer re-arming issue / crash (git-fixes).\n - mailbox: zynqmp-ipi: Fix NULL vs IS_ERR() check in\n zynqmp_ipi_mbox_probe() (git-fixes).\n - Make the \"Reducing compressed framebufer size\" message be\n DRM_INFO_ONCE() (git-fixes).\n - mdraid: fix read/write bytes accounting (bsc#1172537).\n - media: cedrus: Program output format during each run (git-fixes).\n - media: dvb: return -EREMOTEIO on i2c transfer failure (git-fixes).\n - media: platform: fcp: Set appropriate DMA parameters (git-fixes).\n - media: Revert \"staging: imgu: Address a compiler warning on alignment\"\n (git-fixes).\n - media: staging: ipu3: Fix stale list entries on parameter queue failure\n (git-fixes).\n - media: staging: ipu3-imgu: Move alignment attribute to field (git-fixes).\n - mei: release me_cl object reference (git-fixes).\n - mfd: intel-lpss: Add Intel Tiger Lake PCI IDs (jsc#SLE-12737).\n - mfd: intel-lpss: Use devm_ioremap_uc for MMIO (git-fixes).\n - mfd: stmfx: Fix stmfx_irq_init error path (git-fixes).\n - mfd: stmfx: Reset chip on resume as supply was disabled (git-fixes).\n - misc: fastrpc: fix potential fastrpc_invoke_ctx leak (git-fixes).\n - misc: rtsx: Add short delay after exit from ASPM (git-fixes).\n - mlxsw: Fix some IS_ERR() vs NULL bugs (networking-stable-20_04_27).\n - mm: adjust vm_committed_as_batch according to vm overcommit policy\n (bnc#1173271).\n - mmc: block: Fix use-after-free issue for rpmb (git-fixes).\n - mmc: core: Use DEFINE_DEBUGFS_ATTRIBUTE instead of\n DEFINE_SIMPLE_ATTRIBUTE (git-fixes).\n - mmc: fix compilation of user API (git-fixes).\n - mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error\n (git-fixes).\n - mmc: mmci_sdmmc: fix DMA API warning overlapping mappings (git-fixes).\n - mmc: sdhci-esdhc-imx: fix the mask for tuning start point (git-fixes).\n - mmc: sdhci-msm: Clear tuning done flag while hs400 tuning (git-fixes).\n - mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()\n (git-fixes).\n - mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card()\n (git-fixes).\n - mmc: tmio: Further fixup runtime PM management at remove (git-fixes).\n - mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe()\n (git-fixes).\n - mm: do not prepare anon_vma if vma has VM_WIPEONFORK (bsc#1169681).\n - mm: memcontrol: fix memory.low proportional distribution (bsc#1168230).\n - mm/memremap: drop unused SECTION_SIZE and SECTION_MASK (bsc#1162400\n bsc#1170895 ltc#184375 ltc#185686).\n - mm/memremap_pages: Introduce memremap_compat_align() (bsc#1162400).\n - mm/memremap_pages: Kill unused __devm_memremap_pages() (bsc#1162400).\n - mm/util.c: make vm_memory_committed() more accurate (bnc#1173271).\n - mt76: mt76x02u: Add support for newer versions of the XBox One wifi\n adapter (git-fixes).\n - mtd: Fix mtd not registered due to nvmem name collision (git-fixes).\n - mtd: rawnand: brcmnand: correctly verify erased pages (git-fixes).\n - mtd: rawnand: brcmnand: fix CS0 layout (git-fixes).\n - mtd: rawnand: brcmnand: fix hamming oob layout (git-fixes).\n - mtd: rawnand: diskonchip: Fix the probe error path (git-fixes).\n - mtd: rawnand: Fix nand_gpio_waitrdy() (git-fixes).\n - mtd: rawnand: ingenic: Fix the probe error path (git-fixes).\n - mtd: rawnand: marvell: Fix probe error path (git-fixes).\n - mtd: rawnand: marvell: Fix the condition on a return code (git-fixes).\n - mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet\n registered (git-fixes).\n - mtd: rawnand: mtk: Fix the probe error path (git-fixes).\n - mtd: rawnand: onfi: Fix redundancy detection check (git-fixes).\n - mtd: rawnand: orion: Fix the probe error path (git-fixes).\n - mtd: rawnand: oxnas: Keep track of registered devices (git-fixes).\n - mtd: rawnand: oxnas: Release all devices in the _remove() path\n (git-fixes).\n - mtd: rawnand: pasemi: Fix the probe error path (git-fixes).\n - mtd: rawnand: plat_nand: Fix the probe error path (git-fixes).\n - mtd: rawnand: sharpsl: Fix the probe error path (git-fixes).\n - mtd: rawnand: socrates: Fix the probe error path (git-fixes).\n - mtd: rawnand: sunxi: Fix the probe error path (git-fixes).\n - mtd: rawnand: timings: Fix default tR_max and tCCS_min timings\n (git-fixes).\n - mtd: rawnand: tmio: Fix the probe error path (git-fixes).\n - mtd: rawnand: xway: Fix the probe error path (git-fixes).\n - mtd: spinand: Propagate ECC information to the MTD structure (git-fixes).\n - mtd: spi-nor: intel-spi: Add support for Intel Tiger Lake SPI serial\n flash (jsc#SLE-12737).\n - mwifiex: avoid -Wstringop-overflow warning (git-fixes).\n - mwifiex: Fix memory corruption in dump_station (git-fixes).\n - net: bcmgenet: correct per TX/RX ring statistics\n (networking-stable-20_04_27).\n - net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL\n (networking-stable-20_04_27).\n - net: dsa: b53: Fix ARL register definitions (networking-stable-20_04_27).\n - net: dsa: b53: Lookup VID in ARL searches when VLAN is enabled\n (networking-stable-20_04_27).\n - net: dsa: b53: Rework ARL bin logic (networking-stable-20_04_27).\n - net: dsa: declare lockless TX feature for slave ports (bsc#1154353).\n - net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode\n (networking-stable-20_04_17).\n - net: ena: xdp: update napi budget for DROP and ABORTED (bsc#1154492).\n - net: ena: xdp: XDP_TX: fix memory leak (bsc#1154492).\n - netfilter: connlabels: prefer static lock initialiser (git-fixes).\n - netfilter: nf_queue: enqueue skbs with NULL dst (git-fixes).\n - netfilter: nf_tables_offload: return EOPNOTSUPP if rule specifies no\n actions (git-fixes).\n - netfilter: nft_tproxy: Fix port selector on Big Endian (git-fixes).\n - netfilter: nft_tunnel: add the missing ERSPAN_VERSION nla_policy\n (git-fixes).\n - netfilter: not mark a spinlock as __read_mostly (git-fixes).\n - net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin\n (networking-stable-20_04_17).\n - net: ipv6: do not consider routes via gateways for anycast address check\n (networking-stable-20_04_17).\n - net/mlx4_en: avoid indirect call in TX completion\n (networking-stable-20_04_27).\n - net/mlx5e: Add missing release firmware call\n (networking-stable-20_04_17).\n - net/mlx5e: Fix pfnum in devlink port attribute\n (networking-stable-20_04_17).\n - net/mlx5e: Fix stats update for matchall classifier (jsc#SLE-8464).\n - net/mlx5e: replace EINVAL in mlx5e_flower_parse_meta() (jsc#SLE-8464).\n - net/mlx5: Fix cleaning unmanaged flow tables (jsc#SLE-8464).\n - net/mlx5: Fix crash upon suspend/resume (bsc#1172365).\n - net/mlx5: Fix frequent ioread PCI access during recovery\n (networking-stable-20_04_17).\n - net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node\n (networking-stable-20_04_27).\n - net: openvswitch: ovs_ct_exit to be done under ovs_lock\n (networking-stable-20_04_27).\n - net: phy: propagate an error back to the callers of phy_sfp_probe\n (bsc#1154353).\n - net: qrtr: send msgs from local of same id as broadcast\n (networking-stable-20_04_17).\n - net: revert default NAPI poll timeout to 2 jiffies\n (networking-stable-20_04_17).\n - net: revert \"net: get rid of an signed integer overflow in\n ip_idents_reserve()\" (bnc#1158748 (network regression)).\n - net: tun: record RX queue in skb before do_xdp_generic()\n (networking-stable-20_04_17).\n - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in\n vmxnet3_get_rss() (bsc#1172484).\n - net/x25: Fix x25_neigh refcnt leak when receiving frame\n (networking-stable-20_04_27).\n - NFC: st21nfca: add missed kfree_skb() in an error path (git-fixes).\n - nfs: add minor version to nfs_server_key for fscache (bsc#1172467).\n - nfsd4: make drc_slab global, not per-net (git-fixes).\n - nfsd: always check return value of find_any_file (bsc#1172208).\n - NFS: Fix fscache super_cookie index_key from changing after umount\n (git-fixes).\n - nfs: fix NULL deference in nfs4_get_valid_delegation.\n - nfs: fscache: use timespec64 in inode auxdata (git-fixes).\n - nfs: set invalid blocks after NFSv4 writes (git-fixes).\n - NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION\n (git-fixes).\n - NFSv4: Fix fscache cookie aux_data to ensure change_attr is included\n (git-fixes).\n - ntb: intel: add hw workaround for NTB BAR alignment (jsc#SLE-12710).\n - ntb: intel: Add Icelake (gen4) support for Intel NTB (jsc#SLE-12710).\n - ntb: intel: fix static declaration (jsc#SLE-12710).\n - nvdimm: Avoid race between probe and reading device attributes\n (bsc#1170442).\n - nvme-fc: avoid gcc-10 zero-length-bounds warning (bsc#1173206).\n - nvme-fc: do not call nvme_cleanup_cmd() for AENs (bsc#1171688).\n - nvme-fc: print proper nvme-fc devloss_tmo value (bsc#1172391).\n - objtool: Allow no-op CFI ops in alternatives (bsc#1169514).\n - objtool: Clean instruction state before each function validation\n (bsc#1169514).\n - objtool: Fix !CFI insn_state propagation (bsc#1169514).\n - objtool: Fix ORC vs alternatives (bsc#1169514).\n - objtool: Ignore empty alternatives (bsc#1169514).\n - objtool: Remove check preventing branches within alternative\n (bsc#1169514).\n - objtool: Rename struct cfi_state (bsc#1169514).\n - objtool: Uniquely identify alternative instruction groups (bsc#1169514).\n - p54usb: add AirVasT USB stick device-id (git-fixes).\n - panic: do not print uninitialized taint_flags (bsc#1172814).\n - PCI: Allow pci_resize_resource() for devices on root bus (git-fixes).\n - PCI: amlogic: meson: Do not use FAST_LINK_MODE to set up link\n (git-fixes).\n - PCI: brcmstb: Assert fundamental reset on initialization (git-fixes).\n - PCI: brcmstb: Assert fundamental reset on initialization (git-fixes).\n - PCI: brcmstb: Fix window register offset from 4 to 8 (git-fixes).\n - PCI: brcmstb: Fix window register offset from 4 to 8 (git-fixes).\n - pcie: mobiveil: remove patchset v9 Prepare to backport upstream version.\n - PCI: Fix pci_register_host_bridge() device_register() error handling\n (git-fixes).\n - PCI: mobiveil: Add 8-bit and 16-bit CSR register accessors (bsc#1161495).\n - PCI: mobiveil: Add callback function for interrupt initialization\n (bsc#1161495).\n - PCI: mobiveil: Add callback function for link up check (bsc#1161495).\n - PCI: mobiveil: Add Header Type field check (bsc#1161495).\n - PCI: mobiveil: Add PCIe Gen4 RC driver for Layerscape SoCs (bsc#1161495).\n - PCI: mobiveil: Allow mobiveil_host_init() to be used to re-init host\n (bsc#1161495).\n - PCI: mobiveil: Collect the interrupt related operations into a function\n (bsc#1161495).\n - PCI: mobiveil: Fix sparse different address space warnings (bsc#1161495).\n - PCI: mobiveil: Fix unmet dependency warning for PCIE_MOBIVEIL_PLAT\n (bsc#1161495).\n - PCI: mobiveil: Introduce a new structure mobiveil_root_port\n (bsc#1161495).\n - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011451 (bsc#1161495).\n - PCI: mobiveil: ls_pcie_g4: add Workaround for A-011577 (bsc#1161495).\n - PCI: mobiveil: ls_pcie_g4: fix SError when accessing config space\n (bsc#1161495).\n - PCI: mobiveil: Modularize the Mobiveil PCIe Host Bridge IP driver\n (bsc#1161495).\n - PCI: mobiveil: Move the host initialization into a function\n (bsc#1161495).\n - PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay (git-fixes).\n - PCI/PM: Call .bridge_d3() hook only if non-NULL (git-fixes).\n - PCI: Program MPS for RCiEP devices (git-fixes).\n - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port\n (git-fixes).\n - PCI: rcar: Fix incorrect programming of OB windows (git-fixes).\n - PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths\n (git-fixes).\n - PCI: vmd: Filter resource type bits from shadow register (git-fixes).\n - pcm_native: result of put_user() needs to be checked (git-fixes).\n - perf/core: Fix endless multiplex timer (git-fixes).\n - perf/core: fix parent pid/tid in task exit events (git-fixes).\n - pinctrl: freescale: imx: Fix an error handling path in\n 'imx_pinctrl_probe()' (git-fixes).\n - pinctrl: freescale: imx: Use 'devm_of_iomap()' to avoid a resource leak\n in case of error in 'imx_pinctrl_probe()' (git-fixes).\n - pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'\n (git-fixes).\n - pinctrl: intel: Add Intel Tiger Lake pin controller support\n (jsc#SLE-12737).\n - pinctrl: ocelot: Fix GPIO interrupt decoding on Jaguar2 (git-fixes).\n - pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries\n (git-fixes).\n - pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210\n (git-fixes).\n - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE\n GPIOs (git-fixes).\n - pinctrl: sprd: Fix the incorrect pull-up definition (git-fixes).\n - pinctrl: stmfx: stmfx_pinconf_set does not require to get direction\n anymore (git-fixes).\n - pinctrl: tigerlake: Tiger Lake uses _HID enumeration (jsc#SLE-12737).\n - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA\n (git-fixes).\n - platform/x86: dell-laptop: do not register micmute LED if there is no\n token (git-fixes).\n - platform/x86: intel-vbtn: Also handle tablet-mode switch on \"Detachable\"\n and \"Portable\" chassis-types (git-fixes).\n - platform/x86: intel-vbtn: Do not advertise switches to userspace if they\n are not there (git-fixes).\n - platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 /\n \"Laptop\" chasis-type (git-fixes).\n - platform/x86: intel-vbtn: Split keymap into buttons and switches parts\n (git-fixes).\n - platform/x86: intel-vbtn: Use acpi_evaluate_integer() (git-fixes).\n - PM: runtime: clk: Fix clk_pm_runtime_get() error path (git-fixes).\n - pnp: Use list_for_each_entry() instead of open coding (git-fixes).\n - powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729).\n - powerpc/64s/exception: Fix machine check no-loss idle wakeup\n (bsc#1156395).\n - powerpc/64s/kuap: Restore AMR in system reset exception (bsc#1156395).\n - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init\n (bsc#1065729).\n - powerpc/book3s64: Export has_transparent_hugepage() related functions\n (bsc#1171759).\n - powerpc/bpf: Enable bpf_probe_read{, str}() on powerpc again\n (bsc#1172344).\n - powerpc/fadump: Account for memory_limit while reserving memory\n (jsc#SLE-9099 git-fixes).\n - powerpc/fadump: consider reserved ranges while reserving memory\n (jsc#SLE-9099 git-fixes).\n - powerpc/fadump: use static allocation for reserved memory ranges\n (jsc#SLE-9099 git-fixes).\n - powerpc/kuap: PPC_KUAP_DEBUG should depend on PPC_KUAP (bsc#1156395).\n - powerpc/powernv: Fix a warning message (bsc#1156395).\n - powerpc/setup_64: Set cache-line-size based on cache-block-size\n (bsc#1065729).\n - powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030).\n - power: reset: qcom-pon: reg write mask depends on pon generation\n (git-fixes).\n - power: supply: bq24257_charger: Replace depends on REGMAP_I2C with\n select (git-fixes).\n - power: supply: core: fix HWMON temperature labels (git-fixes).\n - power: supply: core: fix memory leak in HWMON error path (git-fixes).\n - power: supply: lp8788: Fix an error handling path in\n 'lp8788_charger_probe()' (git-fixes).\n - power: supply: smb347-charger: IRQSTAT_D is volatile (git-fixes).\n - printk: queue wake_up_klogd irq_work only if per-CPU areas are ready\n (bsc#1172095).\n - proc/meminfo: avoid open coded reading of vm_committed_as (bnc#1173271).\n - pwm: sun4i: Move pwm_calculate() out of spin_lock() (git-fixes).\n - r8152: support additional Microsoft Surface Ethernet Adapter variant\n (git-fixes).\n - r8169: Revive default chip version for r8168 (bsc#1173085).\n - raid5: remove gfp flags from scribble_alloc() (bsc#1166985).\n - random: fix data races at timer_rand_state (bsc#1173438).\n - rcu: Avoid data-race in rcu_gp_fqs_check_wake() (bsc#1171828).\n - rcu: Fix data-race due to atomic_t copy-by-value (bsc#1171828).\n - rcu: Make rcu_read_unlock_special() checks match raise_softirq_irqoff()\n (bsc#1172046).\n - rcu: Simplify rcu_read_unlock_special() deferred wakeups (bsc#1172046).\n - rcutorture: Add 100-CPU configuration (bsc#1173068).\n - rcutorture: Add worst-case call_rcu() forward-progress results\n (bsc#1173068).\n - rcutorture: Dispense with Dracut for initrd creation (bsc#1173068).\n - rcutorture: Make kvm-find-errors.sh abort on bad directory (bsc#1173068).\n - rcutorture: Remove CONFIG_HOTPLUG_CPU=n from scenarios (bsc#1173068).\n - rcutorture: Summarize summary of build and run results (bsc#1173068).\n - rcutorture: Test TREE03 with the threadirqs kernel boot parameter\n (bsc#1173068).\n - rcu: Use *_ONCE() to protect lockless ->expmask accesses (bsc#1171828).\n - rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls\n (bsc#1173438).\n - RDMA/bnxt_re: Remove dead code from rcfw (bsc#1170774).\n - RDMA/core: Move and rename trace_cm_id_create() (jsc#SLE-8449).\n - RDMA/mlx5: Fix NULL pointer dereference in destroy_prefetch_work\n (jsc#SLE-8446).\n - RDMA/nl: Do not permit empty devices names during\n RDMA_NLDEV_CMD_NEWLINK/SET (bsc#1172841).\n - RDMA/srpt: Fix disabling device management (jsc#SLE-8449).\n - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated\n (jsc#SLE-8449).\n - remoteproc: Add missing '\\n' in log messages (git-fixes).\n - remoteproc: Fall back to using parent memory pool if no dedicated\n available (git-fixes).\n - remoteproc: Fix and restore the parenting hierarchy for vdev (git-fixes).\n - remoteproc: Fix IDR initialisation in rproc_alloc() (git-fixes).\n - Revert \"drm/amd/display: disable dcn20 abm feature for bring up\"\n (git-fixes).\n - Revert \"fs/seq_file.c: seq_read(): add info message about buggy .next\n functions\" (bsc#1172751) The message floods dmesg and its benefit is\n marginal in default kernel.\n - Revert \"pinctrl: freescale: imx: Use 'devm_of_iomap()' to avoid a\n resource leak in case of error in 'imx_pinctrl_probe()'\" (git-fixes).\n - rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073).\n - rpm/modules.fips: * add aes-ce-ccm and des3_ede-x86_64 (boo#173030) *\n add aes_ti and aes_neon_bs (boo#1172956)\n - rtc: mc13xxx: fix a double-unlock issue (git-fixes).\n - rtc: rv3028: Add missed check for devm_regmap_init_i2c() (git-fixes).\n - rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup() (git-fixes).\n - rtw88: fix an issue about leak system resources (git-fixes).\n - rxrpc: Fix call RCU cleanup using non-bh-safe locks (git-fixes).\n - s390/bpf: Maintain 8-byte stack alignment (bsc#1169194, LTC#185911).\n - s390/pci: Log new handle in clp_disable_fh() (git-fixes).\n - sched/cfs: change initial value of runnable_avg (bsc#1158765).\n - sched/core: Check cpus_mask, not cpus_ptr in __set_cpus_allowed_ptr(),\n to fix mask corruption (bnc#1155798 (CPU scheduler functional and\n performance backports)).\n - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1172823).\n - sched/core: Fix PI boosting between RT and DEADLINE tasks (git fixes\n (sched)).\n - sched/core: Fix ttwu() race (bnc#1155798 (CPU scheduler functional and\n performance backports)).\n - sched/core: s/WF_ON_RQ/WQ_ON_CPU/ (bnc#1155798 (CPU scheduler functional\n and performance backports)).\n - sched/cpuacct: Fix charge cpuacct.usage_sys (bnc#1155798 (CPU scheduler\n functional and performance backports)).\n - sched/deadline: Initialize ->dl_boosted (bsc#1172823).\n - sched/deadline: Initialize ->dl_boosted (git fixes (sched)).\n - sched: etf: do not assume all sockets are full blown\n (networking-stable-20_04_27).\n - sched/fair: find_idlest_group(): Remove unused sd_flag parameter\n (bnc#1155798 (CPU scheduler functional and performance backports)).\n - sched/fair: Fix enqueue_task_fair() warning some more (bnc#1155798 (CPU\n scheduler functional and performance backports)).\n - sched/fair: fix nohz next idle balance (bnc#1155798 (CPU scheduler\n functional and performance backports)).\n - sched/fair: Optimize dequeue_task_fair() (bnc#1155798 (CPU scheduler\n functional and performance backports)).\n - sched/fair: Optimize enqueue_task_fair() (bnc#1155798 (CPU scheduler\n functional and performance backports)).\n - sched/fair: Simplify the code of should_we_balance() (bnc#1155798 (CPU\n scheduler functional and performance backports)).\n - sched: Make newidle_balance() static again (bnc#1155798 (CPU scheduler\n functional and performance backports)).\n - sched: Offload wakee task activation if it the wakee is descheduling\n (bnc#1158748, bnc#1159781).\n - sched: Optimize ttwu() spinning on p->on_cpu (bnc#1158748, bnc#1159781).\n - sched/pelt: Sync util/runnable_sum with PELT window when propagating\n (bnc#1155798 (CPU scheduler functional and performance backports)).\n - scripts/decodecode: fix trapping instruction formatting (bsc#1065729).\n - scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM\n (bsc#1172759 ltc#184814).\n - scsi: lpfc: Change default queue allocation for reduced memory\n consumption (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Copyright updates for 12.6.0.4 patches (bsc#1171530).\n - scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1171530).\n - scsi: lpfc: Fix incomplete NVME discovery when target (bsc#1171530).\n - scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event\n (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Fix MDS Diagnostic Enablement definition (bsc#1164777\n bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func\n (bsc#1171530).\n - scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type\n (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Fix noderef and address space warnings (bsc#1164777\n bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: fix spelling mistakes of asynchronous (bsc#1171530).\n - scsi: lpfc: Maintain atomic consistency of queue_claimed flag\n (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1171530).\n - scsi: lpfc: remove duplicate unloading checks (bsc#1164777 bsc#1164780\n bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Remove re-binding of nvme rport during registration\n (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Remove redundant initialization to variable rc (bsc#1164777\n bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Remove unnecessary lockdep_assert_held calls (bsc#1164777\n bsc#1164780 bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Update lpfc version to 12.8.0.1 (bsc#1164777 bsc#1164780\n bsc#1165211 jsc#SLE-8654).\n - scsi: megaraid_sas: Replace undefined MFI_BIG_ENDIAN macro with\n __BIG_ENDIAN_BITFIELD macro (bsc#1173206).\n - scsi: qla2xxx: Delete all sessions before unregister local nvme port\n (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169).\n - scsi: qla2xxx: Do not log message when reading port speed via sysfs\n (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169).\n - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV\n (jsc#SLE-9714 jsc#SLE-10327 jsc#SLE-10334 bsc#1157169).\n - scsi: sd_zbc: Fix sd_zbc_complete() (bsc#1173206).\n - scsi: smartpqi: Update attribute name to `driver_version` (bsc#1173206).\n - scsi: zfcp: add diagnostics buffer for exchange config data\n (bsc#1158050).\n - scsi: zfcp: auto variables for dereferenced structs in open port handler\n (bsc#1158050).\n - scsi: zfcp: diagnostics buffer caching and use for exchange port data\n (bsc#1158050).\n - scsi: zfcp: enhance handling of FC Endpoint Security errors\n (bsc#1158050).\n - scsi: zfcp: expose fabric name as common fc_host sysfs attribute\n (bsc#1158050).\n - scsi: zfcp: Fence adapter status propagation for common statuses\n (bsc#1158050).\n - scsi: zfcp: Fence early sysfs interfaces for accesses of shost objects\n (bsc#1158050).\n - scsi: zfcp: Fence fc_host updates during link-down handling\n (bsc#1158050).\n - scsi: zfcp: fix fc_host attributes that should be unknown on local link\n down (bsc#1158050).\n - scsi: zfcp: fix wrong data and display format of SFP+ temperature\n (bsc#1158050).\n - scsi: zfcp: implicitly refresh config-data diagnostics when reading\n sysfs (bsc#1158050).\n - scsi: zfcp: implicitly refresh port-data diagnostics when reading sysfs\n (bsc#1158050).\n - scsi: zfcp: introduce sysfs interface for diagnostics of local SFP\n transceiver (bsc#1158050).\n - scsi: zfcp: introduce sysfs interface to read the local B2B-Credit\n (bsc#1158050).\n - scsi: zfcp: log FC Endpoint Security errors (bsc#1158050).\n - scsi: zfcp: log FC Endpoint Security of connections (bsc#1158050).\n - scsi: zfcp: Move allocation of the shost object to after xconf- and\n xport-data (bsc#1158050).\n - scsi: zfcp: Move fc_host updates during xport data handling into fenced\n function (bsc#1158050).\n - scsi: zfcp: move maximum age of diagnostic buffers into a per-adapter\n variable (bsc#1158050).\n - scsi: zfcp: Move p-t-p port allocation to after xport data (bsc#1158050).\n - scsi: zfcp: Move shost modification after QDIO (re-)open into fenced\n function (bsc#1158050).\n - scsi: zfcp: Move shost updates during xconfig data handling into fenced\n function (bsc#1158050).\n - scsi: zfcp: proper indentation to reduce confusion in\n zfcp_erp_required_act (bsc#1158050).\n - scsi: zfcp: report FC Endpoint Security in sysfs (bsc#1158050).\n - scsi: zfcp: signal incomplete or error for sync exchange config/port\n data (bsc#1158050).\n - scsi: zfcp: support retrieval of SFP Data via Exchange Port Data\n (bsc#1158050).\n - scsi: zfcp: trace FC Endpoint Security of FCP devices and connections\n (bsc#1158050).\n - scsi: zfcp: wire previously driver-specific sysfs attributes also to\n fc_host (bsc#1158050).\n - selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o\n (bsc#1155518).\n - selftests/bpf: CONFIG_LIRC required for test_lirc_mode2.sh (bsc#1155518).\n - selftests/bpf: Fix invalid memory reads in core_relo selftest\n (bsc#1155518).\n - selftests/bpf: Fix memory leak in extract_build_id() (bsc#1155518).\n - selftests/bpf, flow_dissector: Close TAP device FD after the test\n (bsc#1155518).\n - selftests/timens: handle a case when alarm clocks are not supported\n (bsc#1164648,jsc#SLE-11493).\n - serial: 8250: Fix max baud limit in generic 8250 port (git-fixes).\n - slimbus: core: Fix mismatch in of_node_get/put (git-fixes).\n - soc: mediatek: cmdq: return send msg error code (git-fixes).\n - soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner (git-fixes).\n - soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new\n data (git-fixes).\n - soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request\n (git-fixes).\n - soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS\n (git-fixes).\n - soc: qcom: rpmh: Update dirty flag only when data changes (git-fixes).\n - soc/tegra: pmc: Select GENERIC_PINCONF (git-fixes).\n - spi: bcm2835aux: Fix controller unregister order (git-fixes).\n - spi: bcm2835: Fix controller unregister order (git-fixes).\n - spi: bcm-qspi: Handle clock probe deferral (git-fixes).\n - spi: bcm-qspi: when tx/rx buffer is NULL set to 0 (git-fixes).\n - SPI: designware: pci: Switch over to MSI interrupts (jsc#SLE-12735).\n - spi: dt-bindings: spi-controller: Fix #address-cells for slave mode\n (git-fixes).\n - spi: dw: Add SPI Rx-done wait method to DMA-based transfer (git-fixes).\n - spi: dw: Add SPI Tx-done wait method to DMA-based transfer (git-fixes).\n - spi: dw: Fix controller unregister order (git-fixes).\n - spi: dw: Fix native CS being unset (git-fixes).\n - spi: dw-pci: Add MODULE_DEVICE_TABLE (jsc#SLE-12735).\n - spi: dw-pci: Add runtime power management support (jsc#SLE-12735).\n - spi: dw-pci: Add support for Intel Elkhart Lake PSE SPI (jsc#SLE-12735).\n - spi: dw-pci: Fix Chip Select amount on Intel Elkhart Lake PSE SPI\n (jsc#SLE-12735).\n - spi: dw: use \"smp_mb()\" to avoid sending spi data error (git-fixes).\n - spi: dw: Zero DMA Tx and Rx configurations on stack (git-fixes).\n - spi: Fix controller unregister order (git-fixes).\n - spi: fsl: do not map irq during probe (git-fixes).\n - spi: fsl: use platform_get_irq() instead of of_irq_to_resource()\n (git-fixes).\n - spi: pxa2xx: Fix controller unregister order (git-fixes).\n - spi: pxa2xx: Fix runtime PM ref imbalance on probe error (git-fixes).\n - spi: Respect DataBitLength field of SpiSerialBusV2() ACPI resource\n (git-fixes).\n - spi: spi-fsl-dspi: Change usage pattern of SPI_MCR_* and SPI_CTAR_*\n macros (git-fixes).\n - spi: spi-fsl-dspi: Do not access reserved fields in SPI_MCR (git-fixes).\n - spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode (git-fixes).\n - spi: spi-fsl-dspi: Replace interruptible wait queue with a simple\n completion (git-fixes).\n - spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices (git-fixes).\n - staging: iio: ad2s1210: Fix SPI reading (git-fixes).\n - staging: kpc2000: fix error return code in kp2000_pcie_probe()\n (git-fixes).\n - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (git-fixes).\n - staging: sm750fb: add missing case while setting FB_VISUAL (git-fixes).\n - sun6i: dsi: fix gcc-4.8 (bsc#1152489)\n - SUNRPC: Signalled ASYNC tasks need to exit (git-fixes).\n - supported.conf: Add pinctrl-tigerlake as supported\n - supported.conf: Mark two hwtracing helper modules as externally\n supported (bsc#1170879)\n - svcrdma: Fix leak of svc_rdma_recv_ctxt objects (git-fixes).\n - tcp: cache line align MAX_TCP_HEADER (networking-stable-20_04_27).\n - team: fix hang in team_mode_get() (networking-stable-20_04_27).\n - thermal: intel: intel_pch_thermal: Add Comet Lake (CML) platform support\n (jsc#SLE-12668).\n - tick/sched: Annotate lockless access to last_jiffies_update\n (bsc#1173438).\n - timer: Use hlist_unhashed_lockless() in timer_pending() (bsc#1173438).\n - torture: Allow \"CFLIST\" to specify default list of scenarios\n (bsc#1173068).\n - torture: Expand last_ts variable in kvm-test-1-run.sh (bsc#1173068).\n - torture: Handle jitter for CPUs that cannot be offlined (bsc#1173068).\n - torture: Handle systems lacking the mpstat command (bsc#1173068).\n - torture: Hoist calls to lscpu to higher-level kvm.sh script\n (bsc#1173068).\n - torture: Make results-directory date format completion-friendly\n (bsc#1173068).\n - torture: Use gawk instead of awk for systime() function (bsc#1173068).\n - tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send() (bsc#1065729).\n - tty: n_gsm: Fix bogus i++ in gsm_data_kick (git-fixes).\n - tty: n_gsm: Fix SOF skipping (git-fixes).\n - tty: n_gsm: Fix waking up upper tty layer when room available\n (git-fixes).\n - tty: serial: add missing spin_lock_init for SiFive serial console\n (git-fixes).\n - tun: correct header offsets in napi frags mode (git-fixes).\n - Update config files: Add CONFIG_PINCTRL_TIGERLAKE=m\n - Update patch reference for intel_th patch (jsc#SLE-12705)\n - Update the patch reference for ish-hid fix (jsc#SLE-12683)\n - usb: core: Fix misleading driver bug report (git-fixes).\n - usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B\n (git-fixes).\n - usb: dwc2: gadget: move gadget resume after the core is in L0 state\n (git-fixes).\n - usb: dwc3: gadget: Properly handle ClearFeature(halt) (git-fixes).\n - usb: dwc3: gadget: Properly handle failed kick_transfer (git-fixes).\n - usb: dwc3: pci: Enable extcon driver for Intel Merrifield (git-fixes).\n - usb: gadget: audio: Fix a missing error return value in audio_bind()\n (git-fixes).\n - usb: gadget: fix illegal array access in binding with UDC (git-fixes).\n - usb: gadget: fix potential double-free in m66592_probe (git-fixes).\n - usb: gadget: legacy: fix error return code in cdc_bind() (git-fixes).\n - usb: gadget: legacy: fix error return code in gncm_bind() (git-fixes).\n - usb: gadget: legacy: fix redundant initialization warnings (git-fixes).\n - usb: gadget: lpc32xx_udc: do not dereference ep pointer before null\n check (git-fixes).\n - usb: gadget: net2272: Fix a memory leak in an error handling path in\n 'net2272_plat_probe()' (git-fixes).\n - usb: gadget: udc: atmel: Make some symbols static (git-fixes).\n - usb: gadget: udc: s3c2410_udc: Remove pointless NULL check in\n s3c2410_udc_nuke (git-fixes).\n - usb: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()\n (git-fixes).\n - usb: host: xhci-plat: keep runtime active when removing host (git-fixes).\n - usb: musb: Fix runtime PM imbalance on error (git-fixes).\n - usb: musb: start session in resume for host port (git-fixes).\n - usb: ohci-sm501: fix error return code in ohci_hcd_sm501_drv_probe()\n (git-fixes).\n - usb: serial: option: add Telit LE910C1-EUX compositions (git-fixes).\n - usb: serial: qcserial: add DW5816e QDL support (git-fixes).\n - usb: serial: usb_wwan: do not resubmit rx urb on fatal errors\n (git-fixes).\n - usb: usbfs: correct kernel->user page attribute mismatch (git-fixes).\n - usb: usbfs: fix mmap dma mismatch (git-fixes).\n - vfio: avoid possible overflow in vfio_iommu_type1_pin_pages (git-fixes).\n - vfio: Ignore -ENODEV when getting MSI cookie (git-fixes).\n - vfio/mdev: Fix reference count leak in add_mdev_supported_type\n (git-fixes).\n - vfio/pci: fix memory leaks in alloc_perm_bits() (git-fixes).\n - vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()\n (git-fixes).\n - video: fbdev: w100fb: Fix a potential double free (git-fixes).\n - virtio-blk: handle block_device_operations callbacks after hot unplug\n (git fixes (block drivers)).\n - vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484).\n - vmxnet3: add support to get/set rx flow hash (bsc#1172484).\n - vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484).\n - vmxnet3: prepare for version 4 changes (bsc#1172484).\n - vmxnet3: update to version 4 (bsc#1172484).\n - vmxnet3: use correct hdr reference when packet is encapsulated\n (bsc#1172484).\n - vrf: Check skb for XFRM_TRANSFORMED flag (networking-stable-20_04_27).\n - vrf: Fix IPv6 with qdisc and xfrm (networking-stable-20_04_27).\n - vsprintf: do not obfuscate NULL and error pointers (bsc#1172086).\n - vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console\n (git-fixes).\n - vt: vt_ioctl: remove unnecessary console allocation checks (git-fixes).\n - vxlan: use the correct nlattr array in NL_SET_ERR_MSG_ATTR\n (networking-stable-20_04_27).\n - w1: omap-hdq: cleanup to add missing newline for some dev_dbg\n (git-fixes).\n - watchdog: imx_sc_wdt: Fix reboot on crash (git-fixes).\n - wcn36xx: Fix error handling path in 'wcn36xx_probe()' (git-fixes).\n - wireguard: device: avoid circular netns references (git-fixes).\n - wireguard: noise: do not assign initiation time in if condition\n (git-fixes).\n - wireguard: noise: read preshared key while taking lock (bsc#1169021\n jsc#SLE-12250).\n - wireguard: noise: separate receive counter from send counter\n (bsc#1169021 jsc#SLE-12250).\n - wireguard: queueing: preserve flow hash across packet scrubbing\n (bsc#1169021 jsc#SLE-12250).\n - wireguard: receive: account for napi_gro_receive never returning\n GRO_DROP (git-fixes).\n - wireguard: selftests: use newer iproute2 for gcc-10 (bsc#1169021\n jsc#SLE-12250).\n - work around mvfs bug (bsc#1162063).\n - workqueue: do not use wq_select_unbound_cpu() for bound works\n (git-fixes).\n - workqueue: Remove the warning in wq_worker_sleeping() (git-fixes).\n - x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1152489).\n - x86: Fix early boot crash on gcc-10, third try (bsc#1152489).\n - x86/mm/cpa: Flush direct map alias during cpa (bsc#1152489).\n - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).\n - x86/reboot/quirks: Add MacBook6,1 reboot quirk (git-fixes).\n - x86/resctrl: Fix invalid attempt at removing the default resource group\n (bsc#1152489).\n - x86/resctrl: Preserve CDP enable over CPU hotplug (bsc#1152489).\n - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks\n (bsc#1058115).\n - xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish\n (networking-stable-20_04_27).\n - xfrm: fix error in comment (git fixes (block drivers)).\n - xfs: clean up the error handling in xfs_swap_extents (git-fixes).\n - xfs: do not commit sunit/swidth updates to disk if that would cause\n repair failures (bsc#1172169).\n - xfs: do not fail unwritten extent conversion on writeback due to edquot\n (bsc#1158242).\n - xfs: fix duplicate verification from xfs_qm_dqflush() (git-fixes).\n - xfs: force writes to delalloc regions to unwritten (bsc#1158242).\n - xfs: measure all contiguous previous extents for prealloc size\n (bsc#1158242).\n - xfs: preserve default grace interval during quotacheck (bsc#1172170).\n - xfs: refactor agfl length computation function (bsc#1172169).\n - xfs: split the sunit parameter update into two parts (bsc#1172169).\n - wireguard: selftests: initalize ipv6 members to NULL to squelch clang\n warning (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-935=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-07T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19462", "CVE-2019-20810", "CVE-2019-20812", "CVE-2020-10711", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10766", "CVE-2020-10767", "CVE-2020-10768", "CVE-2020-10773", "CVE-2020-12656", "CVE-2020-12769", "CVE-2020-12888", "CVE-2020-13143", "CVE-2020-13974", "CVE-2020-14416"], "modified": "2020-07-07T00:00:00", "id": "OPENSUSE-SU-2020:0935-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Z6FEYXFXT2CJAAJJVCMBHT3BT2ZBZC3G/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-06-25T13:28:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-14T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0801-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10711", "CVE-2020-12659", "CVE-2019-19462", "CVE-2020-12114", "CVE-2020-12769", "CVE-2020-12656", "CVE-2018-1000199", "CVE-2020-11609", "CVE-2020-10720", "CVE-2020-10732", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-10690", "CVE-2020-12654", "CVE-2019-20806", "CVE-2019-20812", "CVE-2019-9455", "CVE-2020-12653", "CVE-2020-11608", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-12652", "CVE-2020-10757", "CVE-2020-12655", "CVE-2020-12657"], "modified": "2020-06-24T00:00:00", "id": "OPENVAS:1361412562310853206", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853206", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853206\");\n script_version(\"2020-06-24T03:42:18+0000\");\n script_cve_id(\"CVE-2018-1000199\", \"CVE-2019-19462\", \"CVE-2019-20806\", \"CVE-2019-20812\", \"CVE-2019-9455\", \"CVE-2020-0543\", \"CVE-2020-10690\", \"CVE-2020-10711\", \"CVE-2020-10720\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12656\", \"CVE-2020-12657\", \"CVE-2020-12659\", \"CVE-2020-12769\", \"CVE-2020-13143\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-24 03:42:18 +0000 (Wed, 24 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-14 03:00:56 +0000 (Sun, 14 Jun 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0801-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0801-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0801-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-0543: Fixed a side channel attack against special registers\n which could have resulted in leaking of read values to cores other than\n the one which called it. This attack is known as Special Register Buffer\n Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).\n\n - CVE-2018-1000199: Fixed a potential local code execution via ptrace\n (bsc#1089895).\n\n - CVE-2019-19462: relay_open in kernel/relay.c allowed local users to\n cause a denial of service (such as relay blockage) by triggering a NULL\n alloc_percpu result (bnc#1158265).\n\n - CVE-2019-20806: Fixed a null pointer dereference in\n tw5864_handle_frame() which may had lead to denial of service\n (bsc#1172199).\n\n - CVE-2019-20812: The prb_calc_retire_blk_tmo() function in\n net/packet/af_packet.c can result in a denial of service (CPU\n consumption and soft lockup) in a certain failure case involving\n TPACKET_V3, aka CID-b43d1f9f7067 (bnc#1172453).\n\n - CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a\n video driver. This could lead to local information disclosure with\n System execution privileges needed (bsc#1170345).\n\n - CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev\n (bsc#1170056).\n\n - CVE-2020-10711: Fixed a null pointer dereference in SELinux subsystem\n which could have allowed a remote network user to crash the kernel\n resulting in a denial of service (bsc#1171191).\n\n - CVE-2020-10720: Fixed a use-after-free read in napi_gro_frags()\n (bsc#1170778).\n\n - CVE-2020-10732: Fixed kernel data leak in userspace coredumps due to\n uninitialized data (bsc#1171220).\n\n - CVE-2020-10751: Fixed an improper implementation in SELinux LSM hook\n where it was assumed that an skb would only contain a single netlink\n message (bsc#1171189).\n\n - CVE-2020-10757: Fixed an issue where remapping hugepage DAX to anon mmap\n could have caused user PTE access (bsc#1172317).\n\n - CVE-2020-11608: An issue was discovered in\n drivers/media/usb/gspca/ov519.c that allowed NULL pointer dereferences\n in ov511_mode_init_regs and ov518_mode_init_regs when there are zero\n endpoints, aka CID-998912346c0d (bnc#1168829).\n\n - CVE-2020-11609: An issue was discovered in the stv06xx subsystem in\n drivers/media/usb/gspca/stv06xx/stv06xx.c and\n drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid\n descriptors, as demonstrated by a NULL pointer dereference, aka\n CID-485b06aadb93 (bnc#1168854).\n\n - CVE-2020-12114: Fixed a pivot_root race condition which could have\n allowed ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.52.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.52.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.52.3\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.52.3\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.52.3\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.52.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-15T15:57:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux-4.9 (DLA-2242-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-5108", "CVE-2020-10711", "CVE-2020-8648", "CVE-2020-12770", "CVE-2020-9383", "CVE-2019-19462", "CVE-2019-2182", "CVE-2020-12114", "CVE-2020-10942", "CVE-2020-11609", "CVE-2020-10732", "CVE-2019-19768", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-12654", "CVE-2019-20806", "CVE-2019-19319", "CVE-2020-12653", "CVE-2020-8428", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-11565", "CVE-2020-8649", "CVE-2020-12652", "CVE-2020-10757", "CVE-2020-8647", "CVE-2019-20811", "CVE-2020-2732"], "modified": "2020-06-11T00:00:00", "id": "OPENVAS:1361412562310892242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892242", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892242\");\n script_version(\"2020-06-11T03:00:11+0000\");\n script_cve_id(\"CVE-2019-19319\", \"CVE-2019-19462\", \"CVE-2019-19768\", \"CVE-2019-20806\", \"CVE-2019-20811\", \"CVE-2019-2182\", \"CVE-2019-5108\", \"CVE-2020-0543\", \"CVE-2020-10711\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12770\", \"CVE-2020-13143\", \"CVE-2020-2732\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-11 03:00:11 +0000 (Thu, 11 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-11 03:00:11 +0000 (Thu, 11 Jun 2020)\");\n script_name(\"Debian LTS: Security Advisory for linux-4.9 (DLA-2242-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2242-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/952660\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-4.9'\n package(s) announced via the DLA-2242-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2019-2182\n\nHanjun Guo and Lei Li reported a race condition in the arm64\nvirtual memory management code, which could lead to an information\ndisclosure, denial of service (crash), or possibly privilege\nescalation.\n\nCVE-2019-5108\n\nMitchell Frank of Cisco discovered that when the IEEE 802.11\n(WiFi) stack was used in AP mode with roaming, it would trigger\nroaming for a newly associated station before the station was\nauthenticated. An attacker within range of the AP could use this\nto cause a denial of service, either by filling up a switching\ntable or by redirecting traffic away from other stations.\n\nCVE-2019-19319\n\nJungyeon discovered that a crafted filesystem can cause the ext4\nimplementation to deallocate or reallocate journal blocks. A user\npermitted to mount filesystems could use this to cause a denial of\nservice (crash), or possibly for privilege escalation.\n\nCVE-2019-19462\n\nThe syzbot tool found a missing error check in the 'relay'\nlibrary used to implement various files under debugfs. A local\nuser permitted to access debugfs could use this to cause a denial\nof service (crash) or possibly for privilege escalation.\n\nCVE-2019-19768\n\nTristan Madani reported a race condition in the blktrace debug\nfacility that could result in a use-after-free. A local user able\nto trigger removal of block devices could possibly use this to\ncause a denial of service (crash) or for privilege escalation.\n\nCVE-2019-20806\n\nA potential null pointer dereference was discovered in the tw5864\nmedia driver. The security impact of this is unclear.\n\nCVE-2019-20811\n\nThe Hulk Robot tool found a reference-counting bug in an error\npath in the network subsystem. The security impact of this is\nunclear.\n\nCVE-2020-0543\n\nResearchers at VU Amsterdam discovered that on some Intel CPUs\nsupporting the RDRAND and RDSEED instructions, part of a random\nvalue generated by these instructions may be used in a later\nspeculative execution on any core of the same physical CPU.\nDepending on how these instructions are used by applications, a\nlocal user or VM guest could use this to obtain sensitive\ninformation such as cryptographic keys from other users or VMs.\n\nThis vulnerability can be mitigated by a microcode update, either\nas part of system firmware (BIOS) or through the intel-microcode\npackage in Debian's non-free archive section. This kernel update\nonly provides reporting of the vulnerability and the option to\ndisable the mitigation if it is not needed.\n\nCVE-2020-2732\n\nPaulo Bonzini discovered that the KVM implemen ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux-4.9' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.9.210-1+deb9u1~deb8u1. This version also fixes some related bugs\nthat do not have their own CVE IDs, and a regression in the macvlan\ndriver introduced in the previous security update (bug #952660).\n\nWe recommend that you upgrade your linux-4.9 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-arm\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-686\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-armel\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-armhf\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-i386\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-armmp\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-armmp-lpae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-common\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-common-rt\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-marvell\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-rt-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-rt-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-686\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-armel\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-armhf\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-i386\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-armmp\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-armmp-lpae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-common\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-common-rt\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-marvell\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-rt-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-rt-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686-pae-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-amd64-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-armmp\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-armmp-lpae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-marvell\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-686-pae-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-amd64-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686-pae-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-amd64-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-armmp\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-armmp-lpae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-marvell\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-686-pae\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-686-pae-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-amd64\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-amd64-dbg\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.11\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.12\", ver:\"4.9.210-1+deb9u1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-15T15:57:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for linux (DSA-4698-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-5108", "CVE-2020-10711", "CVE-2020-8648", "CVE-2020-12770", "CVE-2020-9383", "CVE-2019-19462", "CVE-2019-2182", "CVE-2020-12114", "CVE-2020-10942", "CVE-2020-11609", "CVE-2020-10732", "CVE-2019-19768", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-12654", "CVE-2019-20806", "CVE-2019-19319", "CVE-2020-12653", "CVE-2020-8428", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-11565", "CVE-2020-8649", "CVE-2020-12652", "CVE-2020-10757", "CVE-2020-8647", "CVE-2019-20811", "CVE-2020-2732"], "modified": "2020-06-11T00:00:00", "id": "OPENVAS:1361412562310704698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704698", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704698\");\n script_version(\"2020-06-11T03:00:22+0000\");\n script_cve_id(\"CVE-2019-19319\", \"CVE-2019-19462\", \"CVE-2019-19768\", \"CVE-2019-20806\", \"CVE-2019-20811\", \"CVE-2019-2182\", \"CVE-2019-5108\", \"CVE-2020-0543\", \"CVE-2020-10711\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12770\", \"CVE-2020-13143\", \"CVE-2020-2732\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-11 03:00:22 +0000 (Thu, 11 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-11 03:00:22 +0000 (Thu, 11 Jun 2020)\");\n script_name(\"Debian: Security Advisory for linux (DSA-4698-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4698.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4698-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DSA-4698-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2019-2182\nHanjun Guo and Lei Li reported a race condition in the arm64\nvirtual memory management code, which could lead to an information\ndisclosure, denial of service (crash), or possibly privilege\nescalation.\n\nCVE-2019-5108\nMitchell Frank of Cisco discovered that when the IEEE 802.11\n(WiFi) stack was used in AP mode with roaming, it would trigger\nroaming for a newly associated station before the station was\nauthenticated. An attacker within range of the AP could use this\nto cause a denial of service, either by filling up a switching\ntable or by redirecting traffic away from other stations.\n\nCVE-2019-19319\nJungyeon discovered that a crafted filesystem can cause the ext4\nimplementation to deallocate or reallocate journal blocks. A user\npermitted to mount filesystems could use this to cause a denial of\nservice (crash), or possibly for privilege escalation.\n\nCVE-2019-19462The syzbot tool found a missing error check in the relay\n\nlibrary used to implement various files under debugfs. A local\nuser permitted to access debugfs could use this to cause a denial\nof service (crash) or possibly for privilege escalation.\n\nCVE-2019-19768\nTristan Madani reported a race condition in the blktrace debug\nfacility that could result in a use-after-free. A local user able\nto trigger removal of block devices could possibly use this to\ncause a denial of service (crash) or for privilege escalation.\n\nCVE-2019-20806\nA potential null pointer dereference was discovered in the tw5864\nmedia driver. The security impact of this is unclear.\n\nCVE-2019-20811\nThe Hulk Robot tool found a reference-counting bug in an error\npath in the network subsystem. The security impact of this is\nunclear.\n\nCVE-2020-0543\nResearchers at VU Amsterdam discovered that on some Intel CPUs\nsupporting the RDRAND and RDSEED instructions, part of a random\nvalue generated by these instructions may be used in a later\nspeculative execution on any core of the same physical CPU.\nDepending on how these instructions are used by applications, a\nlocal user or VM guest could use this to obtain sensitive\ninformation such as cryptographic keys from other users or VMs.\n\nThis vulnerability can be mitigated by a microcode update, either\nas part of system firmware (BIOS) or through the intel-microcode\npackage in Debian's non-free archive section. This kernel update\nonly provides reporting of the vulnerability and the option to\ndisable the mitigation if it is not needed.\n\nCVE-2020-2732\nPaulo Bonzini discovered that the KVM implementa ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been\nfixed in version 4.9.210-1+deb9u1. This version also fixes some\nrelated bugs that do not have their own CVE IDs, and a regression in\nthe macvlan driver introduced in the previous point release (bug\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libusbip-dev\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-arm\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-s390\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-x86\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-4kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-5kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-686\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-armel\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-armhf\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-i386\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-mips\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-mips64el\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-mipsel\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-ppc64el\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-all-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-armmp\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-armmp-lpae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-common\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-common-rt\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-loongson-3\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-marvell\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-octeon\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-powerpc64le\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-rt-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-rt-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-11-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-4kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-5kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-686\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-armel\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-armhf\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-i386\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-mips\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-mips64el\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-mipsel\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-ppc64el\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-all-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-armmp\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-armmp-lpae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-common\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-common-rt\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-loongson-3\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-marvell\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-octeon\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-powerpc64le\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-rt-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-rt-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-12-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-4kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-4kc-malta-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-5kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-5kc-malta-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-686\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-686-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-686-pae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-amd64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-arm64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-armmp\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-armmp-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-armmp-lpae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-armmp-lpae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-loongson-3\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-loongson-3-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-marvell\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-marvell-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-octeon\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-octeon-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-powerpc64le\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-powerpc64le-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-rt-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-rt-686-pae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-rt-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-rt-amd64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-11-s390x-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-4kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-4kc-malta-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-5kc-malta\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-5kc-malta-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-686\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-686-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-686-pae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-amd64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-arm64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-arm64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-armmp\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-armmp-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-armmp-lpae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-armmp-lpae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-loongson-3\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-loongson-3-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-marvell\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-marvell-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-octeon\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-octeon-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-powerpc64le\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-powerpc64le-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-rt-686-pae\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-rt-686-pae-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-rt-amd64\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-rt-amd64-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-s390x\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-12-s390x-dbg\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-11\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-12\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"usbip\", ver:\"4.9.210-1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-28T16:56:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-24T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0543-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-19770", "CVE-2020-10942", "CVE-2020-8834", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-11669"], "modified": "2020-04-26T00:00:00", "id": "OPENVAS:1361412562310853121", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853121", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853121\");\n script_version(\"2020-04-26T06:11:04+0000\");\n script_cve_id(\"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8834\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-26 06:11:04 +0000 (Sun, 26 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-24 03:00:39 +0000 (Fri, 24 Apr 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0543-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0543-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0543-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-11669: An issue was discovered on the powerpc platform.\n arch/powerpc/kernel/idle_book3s.S did not have save/restore\n functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and\n PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).\n\n - CVE-2020-8834: KVM on Power8 processors had a conflicting use of\n HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\n kvmppc_{save, restore}_tm, leading to a stack corruption. Because of\n this, an attacker with the ability run code in kernel space of a guest\n VM can cause the host kernel to panic. There were two commits that,\n according to the reporter, introduced the vulnerability: f024ee098476\n ('KVM: PPC: Book3S HV: Pull out TM state save/restore into separate\n procedures') 87a11bb6a7f7 ('KVM: PPC: Book3S HV: Work around XER[SO] bug\n in fake suspend mode') (bnc#1168276).\n\n - CVE-2020-11494: An issue was discovered in slc_bump in\n drivers/net/can/slcan.c, which allowed attackers to read uninitialized\n can_frame data, potentially containing sensitive information from kernel\n stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka\n CID-b9258a2cece4 (bnc#1168424).\n\n - CVE-2019-9458: In the video driver there is a use after free due to a\n race condition. This could lead to local escalation of privilege with no\n additional execution privileges needed. User interaction is not needed\n for exploitation (bnc#1168295).\n\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv in\n net/can/gw.c. The CAN frame modification rules allow bitwise logical\n operations that can be also applied to the can_dlc field. The privileged\n user 'root' with CAP_NET_ADMIN can create a CAN frame modification rule\n that made the data length code a higher value than the available CAN\n frame data size. In combination with a configured checksum calculation\n where the result is stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in\n skb_shared_info) can be rewritten which finally can cause a system\n crash. Because of a missing check, the CAN drivers may write arbitrary\n content beyond the data registers in the CAN controller's I/O memory\n when processing can-gw manipulated outgoing frames (bnc#1120386).\n\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacked\n validation of an sk_family field, which might allow attackers to trigger\n kernel stack corruption via crafted system calls (bnc#1167629).\n\n - CVE-2019-19770: A use-after- ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-03-24T16:51:57", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1292)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2019-3016", "CVE-2019-19768", "CVE-2020-8428", "CVE-2019-19807", "CVE-2020-8649", "CVE-2019-19447", "CVE-2020-8647", "CVE-2020-2732"], "modified": "2020-03-23T00:00:00", "id": "OPENVAS:1361412562311220201292", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201292", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1292\");\n script_version(\"2020-03-23T07:40:01+0000\");\n script_cve_id(\"CVE-2019-19447\", \"CVE-2019-19768\", \"CVE-2019-19807\", \"CVE-2019-3016\", \"CVE-2020-2732\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-23 07:40:01 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 07:40:01 +0000 (Mon, 23 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1292)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1292\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1292\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1292 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.(CVE-2019-19447 )\n\nIn the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).(CVE-2019-19768)\n\next4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.(CVE-2020-8992)\n\nAn issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.(CVE-2020-9383)\n\nIn the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.(CVE-2019-19807)\n\nKernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources(CVE-2020-2732)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.(CVE-2020-8648)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.(CVE-2020-8649)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.(CVE-2020-8647)\n\nfs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed.(CVE-2020-8428)\n\nIn a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.(CVE-2019-3016)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h702.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-20T19:03:11", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-24T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2019-14615", "CVE-2019-0154", "CVE-2020-8649", "CVE-2020-7053", "CVE-2020-8647"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201308", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1308\");\n script_version(\"2020-04-16T12:24:43+0000\");\n script_cve_id(\"CVE-2019-0154\", \"CVE-2019-14615\", \"CVE-2020-7053\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 12:24:43 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-24 07:29:42 +0000 (Tue, 24 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1308)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1308\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1308\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1308 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.(CVE-2020-8992)\n\nAn issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.(CVE-2020-9383)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.(CVE-2020-8649)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.(CVE-2020-8647)\n\nInsufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families, Intel(R) Pentium(R) Processor J, N, Silver and Gold Series, Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series, Intel(R) Atom(R) Processor A and E3900 Series, Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.(CVE-2019-0154)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.(CVE-2020-8648)\n\nIn the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.(CVE-2020-7053)\n\nInsufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.(CVE-2019-14615)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.5.h428.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-11T15:55:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-10T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-2241-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-5108", "CVE-2020-8648", "CVE-2020-12770", "CVE-2020-9383", "CVE-2018-14610", "CVE-2015-8839", "CVE-2020-12114", "CVE-2020-12769", "CVE-2020-12826", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-20636", "CVE-2019-19768", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-10690", "CVE-2020-0009", "CVE-2020-12654", "CVE-2019-19319", "CVE-2020-12653", "CVE-2020-1749", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-11565", "CVE-2018-14612", "CVE-2020-8649", "CVE-2020-12652", "CVE-2019-19447", "CVE-2018-14611", "CVE-2020-8647", "CVE-2020-2732", "CVE-2018-14613"], "modified": "2020-06-10T00:00:00", "id": "OPENVAS:1361412562310892241", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892241", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892241\");\n script_version(\"2020-06-10T03:00:51+0000\");\n script_cve_id(\"CVE-2015-8839\", \"CVE-2018-14610\", \"CVE-2018-14611\", \"CVE-2018-14612\", \"CVE-2018-14613\", \"CVE-2019-19319\", \"CVE-2019-19447\", \"CVE-2019-19768\", \"CVE-2019-20636\", \"CVE-2019-5108\", \"CVE-2020-0009\", \"CVE-2020-0543\", \"CVE-2020-10690\", \"CVE-2020-10751\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12769\", \"CVE-2020-12770\", \"CVE-2020-12826\", \"CVE-2020-13143\", \"CVE-2020-1749\", \"CVE-2020-2732\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-10 03:00:51 +0000 (Wed, 10 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-10 03:00:51 +0000 (Wed, 10 Jun 2020)\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-2241-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2241-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DLA-2241-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2015-8839\n\nA race condition was found in the ext4 filesystem implementation.\nA local user could exploit this to cause a denial of service\n(filesystem corruption).\n\nCVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613\n\nWen Xu from SSLab at Gatech reported that crafted Btrfs volumes\ncould trigger a crash (Oops) and/or out-of-bounds memory access.\nAn attacker able to mount such a volume could use this to cause a\ndenial of service or possibly for privilege escalation.\n\nCVE-2019-5108\n\nMitchell Frank of Cisco discovered that when the IEEE 802.11\n(WiFi) stack was used in AP mode with roaming, it would trigger\nroaming for a newly associated station before the station was\nauthenticated. An attacker within range of the AP could use this\nto cause a denial of service, either by filling up a switching\ntable or by redirecting traffic away from other stations.\n\nCVE-2019-19319\n\nJungyeon discovered that a crafted filesystem can cause the ext4\nimplementation to deallocate or reallocate journal blocks. A user\npermitted to mount filesystems could use this to cause a denial of\nservice (crash), or possibly for privilege escalation.\n\nCVE-2019-19447\n\nIt was discovered that the ext4 filesystem driver did not safely\nhandle unlinking of an inode that, due to filesystem corruption,\nalready has a link count of 0. An attacker able to mount\narbitrary ext4 volumes could use this to cause a denial of service\n(memory corruption or crash) or possibly for privilege escalation.\n\nCVE-2019-19768\n\nTristan Madani reported a race condition in the blktrace debug\nfacility that could result in a use-after-free. A local user able\nto trigger removal of block devices could possibly use this to\ncause a denial of service (crash) or for privilege escalation.\n\nCVE-2019-20636\n\nThe syzbot tool found that the input subsystem did not fully\nvalidate keycode changes, which could result in a heap\nout-of-bounds write. A local user permitted to access the device\nnode for an input or VT device could possibly use this to cause a\ndenial of service (crash or memory corruption) or for privilege\nescalation.\n\nCVE-2020-0009\n\nJann Horn reported that the Android ashmem driver did not prevent\nread-only files from being memory-mapped and then remapped as\nread-write. However, Android drivers are not enabled in Debian\nkernel configurations.\n\nCVE-2020-0543\n\nResearchers at VU Amsterdam discovered that on some Intel CPUs\nsupporting the RDRAND and RDSEED instructions, part of a random\nvalue generated by these instructions may be use ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.16.84-1.\n\nWe recommend that you upgrade your linux packages. Binary packages for\nthe EABI ARM (armel) architecture are not yet available, and a separate\nannouncement will be made when they are.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-x86\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-586\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-686-pae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-armel\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-armhf\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-i386\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-armmp\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-armmp-lpae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-common\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-ixp4xx\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-kirkwood\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-orion5x\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-versatile\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-586\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-686-pae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-all\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-all-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-all-armhf\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-all-i386\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-armmp\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-armmp-lpae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-11-common\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-586\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-686-pae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-686-pae-dbg\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-amd64-dbg\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-armmp\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-armmp-lpae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-ixp4xx\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-kirkwood\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-orion5x\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-versatile\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-586\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-686-pae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-686-pae-dbg\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-amd64-dbg\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-armmp\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-11-armmp-lpae\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-10\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-11\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-10-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-11-amd64\", ver:\"3.16.84-1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-15T15:57:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-11T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for linux (DSA-4699-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10711", "CVE-2020-12770", "CVE-2020-12768", "CVE-2019-19462", "CVE-2020-12114", "CVE-2019-3016", "CVE-2020-10732", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-10757"], "modified": "2020-06-11T00:00:00", "id": "OPENVAS:1361412562310704699", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704699", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704699\");\n script_version(\"2020-06-11T03:00:17+0000\");\n script_cve_id(\"CVE-2019-19462\", \"CVE-2019-3016\", \"CVE-2020-0543\", \"CVE-2020-10711\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12768\", \"CVE-2020-12770\", \"CVE-2020-13143\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-11 03:00:17 +0000 (Thu, 11 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-11 03:00:17 +0000 (Thu, 11 Jun 2020)\");\n script_name(\"Debian: Security Advisory for linux (DSA-4699-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4699.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4699-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DSA-4699-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2019-3016\nIt was discovered that the KVM implementation for x86 did not\nalways perform TLB flushes when needed, if the paravirtualised\nTLB flush feature was enabled. This could lead to disclosure of\nsensitive information within a guest VM.\n\nCVE-2019-19462The syzkaller tool found a missing error check in the relay\n\nlibrary used to implement various files under debugfs. A local\nuser permitted to access debugfs could use this to cause a denial\nof service (crash) or possibly for privilege escalation.\n\nCVE-2020-0543\nResearchers at VU Amsterdam discovered that on some Intel CPUs\nsupporting the RDRAND and RDSEED instructions, part of a random\nvalue generated by these instructions may be used in a later\nspeculative execution on any core of the same physical CPU.\nDepending on how these instructions are used by applications, a\nlocal user or VM guest could use this to obtain sensitive\ninformation such as cryptographic keys from other users or VMs.\n\nThis vulnerability can be mitigated by a microcode update, either\nas part of system firmware (BIOS) or through the intel-microcode\npackage in Debian's non-free archive section. This kernel update\nonly provides reporting of the vulnerability and the option to\ndisable the mitigation if it is not needed.\n\nCVE-2020-10711\nMatthew Sheets reported NULL pointer dereference issues in the\nSELinux subsystem while receiving CIPSO packet with null category. A\nremote attacker can take advantage of this flaw to cause a denial of\nservice (crash). Note that this issue does not affect the binary\npackages distributed in Debian as CONFIG_NETLABEL is not enabled.\n\nCVE-2020-10732\nAn information leak of kernel private memory to userspace was found\nin the kernel's implementation of core dumping userspace processes.\n\nCVE-2020-10751\nDmitry Vyukov reported that the SELinux subsystem did not properly\nhandle validating multiple messages, which could allow a privileged\nattacker to bypass SELinux netlink restrictions.\n\nCVE-2020-10757\nFan Yang reported a flaw in the way mremap handled DAX hugepages,\nallowing a local user to escalate their privileges.\n\nCVE-2020-12114\nPiotr Krysiuk discovered a race condition between the umount and\npivot_root operations in the filesystem core (vfs). A local user\nwith the CAP_SYS_ADMIN capability in any user namespace could use\nthis to cause a denial of service (crash).\n\nCVE-2020-12464\nKyungtae Kim reported a race condition in the USB core that can\nresult in a use-after-free. It is not clear how this can be\nexploited, but i ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed\nin version 4.19.118-2+deb10u1. This version also fixes some related\nbugs that do not have their own CVE IDs, and a regression in the\nUAPI header introduced in the previous point release\n(bug #960271).\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libbpf-dev\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libbpf4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblockdep-dev\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblockdep4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-arm\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-s390\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-x86\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-config-4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-686\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-armel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-armhf\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-i386\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mips\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mips64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mipsel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-ppc64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-cloud-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-common\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-common-rt\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-686\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-armel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-armhf\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-i386\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mips\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mips64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mipsel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-ppc64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-cloud-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-common\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-common-rt\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-686\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-armel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-armhf\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-i386\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-mips\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-mips64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-mipsel\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-ppc64el\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-all-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-cloud-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-common\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-common-rt\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-rt-686-pae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-rt-amd64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-rt-arm64\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-9-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-4kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-5kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-lpae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-cloud-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-cloud-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-loongson-3-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-marvell-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-octeon-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-powerpc64le-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rpi-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-s390x-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-4kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-5kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-lpae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-cloud-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-cloud-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-loongson-3-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-marvell-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-octeon-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-powerpc64le-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rpi-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-s390x-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-4kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-4kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-5kc-malta\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-5kc-malta-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-686-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-686-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-armmp-lpae\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-armmp-lpae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-cloud-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-cloud-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-loongson-3\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-loongson-3-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-marvell\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-marvell-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-octeon\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-octeon-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-powerpc64le\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-powerpc64le-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rpi\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rpi-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-686-pae-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-686-pae-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-amd64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-amd64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-arm64-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-arm64-unsigned\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-armmp\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-rt-armmp-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-s390x\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-9-s390x-dbg\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-amd64-signed-template\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-arm64-signed-template\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-i386-signed-template\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.19\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.19.0-6\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.19.0-8\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.19.0-9\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lockdep\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"usbip\", ver:\"4.19.118-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T21:45:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-05-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1592)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10711", "CVE-2020-12770", "CVE-2020-11884", "CVE-2020-12659", "CVE-2020-12465", "CVE-2019-19462", "CVE-2020-12114", "CVE-2020-12769", "CVE-2020-12826", "CVE-2020-12656", "CVE-2020-10942", "CVE-2020-10720", "CVE-2020-12464", "CVE-2020-12654", "CVE-2020-12653", "CVE-2019-19377", "CVE-2020-12652", "CVE-2020-12771", "CVE-2020-12655", "CVE-2020-12657"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562311220201592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201592", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1592\");\n script_version(\"2020-05-29T10:19:35+0000\");\n script_cve_id(\"CVE-2019-19377\", \"CVE-2019-19462\", \"CVE-2020-10711\", \"CVE-2020-10720\", \"CVE-2020-10942\", \"CVE-2020-11884\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12465\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12656\", \"CVE-2020-12657\", \"CVE-2020-12659\", \"CVE-2020-12769\", \"CVE-2020-12770\", \"CVE-2020-12771\", \"CVE-2020-12826\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 10:19:35 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-26 05:46:04 +0000 (Tue, 26 May 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1592)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1592\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1592\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1592 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the Linux kernels implementation of GRO. This flaw allows an attacker with local access to crash the system.(CVE-2020-10720)\n\nA NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.(CVE-2020-10711)\n\nA signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs, and the lack of scenarios where signals to a parent process present a substantial operational threat.(CVE-2020-12826)\n\nAn issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.(CVE-2020-12769)\n\nAn issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.(CVE-2020-12770)\n\nAn issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.(CVE-2020-12771)\n\nThe __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states 'The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.'(CVE-2020-12652)\n\nAn issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.(CVE-2020-126 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h748.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-18T20:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-15T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0336-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19527", "CVE-2019-19054", "CVE-2020-8992", "CVE-2020-8648", "CVE-2019-19045", "CVE-2019-19533", "CVE-2019-20095", "CVE-2019-19051", "CVE-2019-19767", "CVE-2019-19318", "CVE-2019-19332", "CVE-2019-14896", "CVE-2019-19523", "CVE-2019-19526", "CVE-2019-19965", "CVE-2019-14615", "CVE-2019-16746", "CVE-2019-19319", "CVE-2019-19535", "CVE-2019-19338", "CVE-2019-19927", "CVE-2019-18808", "CVE-2019-14897", "CVE-2019-19036", "CVE-2019-19066", "CVE-2020-8428", "CVE-2019-19447", "CVE-2020-7053", "CVE-2019-19532", "CVE-2019-19537", "CVE-2019-16994", "CVE-2020-2732", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20096"], "modified": "2020-03-16T00:00:00", "id": "OPENVAS:1361412562310853070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853070", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853070\");\n script_version(\"2020-03-16T11:42:10+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16746\", \"CVE-2019-16994\", \"CVE-2019-18808\", \"CVE-2019-19036\", \"CVE-2019-19045\", \"CVE-2019-19051\", \"CVE-2019-19054\", \"CVE-2019-19066\", \"CVE-2019-19318\", \"CVE-2019-19319\", \"CVE-2019-19332\", \"CVE-2019-19338\", \"CVE-2019-19447\", \"CVE-2019-19523\", \"CVE-2019-19526\", \"CVE-2019-19527\", \"CVE-2019-19532\", \"CVE-2019-19533\", \"CVE-2019-19535\", \"CVE-2019-19537\", \"CVE-2019-19767\", \"CVE-2019-19927\", \"CVE-2019-19965\", \"CVE-2019-19966\", \"CVE-2019-20054\", \"CVE-2019-20095\", \"CVE-2019-20096\", \"CVE-2020-2732\", \"CVE-2020-7053\", \"CVE-2020-8428\", \"CVE-2020-8648\", \"CVE-2020-8992\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-16 11:42:10 +0000 (Mon, 16 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-15 04:00:31 +0000 (Sun, 15 Mar 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0336-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0336-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0336-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-14615: Insufficient control flow in certain data structures for\n some Intel(R) Processors with Intel(R) Processor Graphics may have\n allowed an unauthenticated user to potentially enable information\n disclosure via local access (bnc#1160195 bnc#1165881).\n\n - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in\n the Marvell WiFi chip driver. A remote attacker could cause a denial of\n service (system crash) or, possibly execute arbitrary code, when the\n lbs_ibss_join_existing function is called after a STA connects to an AP\n (bnc#1157157).\n\n - CVE-2019-14897: A stack-based buffer overflow was found in the Marvell\n WiFi chip driver. An attacker is able to cause a denial of service\n (system crash) or, possibly execute arbitrary code, when a STA works in\n IBSS mode (allows connecting stations together without the use of an AP)\n and connects to another STA (bnc#1157155).\n\n - CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c. It\n did not check the length of variable elements in a beacon head, leading\n to a buffer overflow (bnc#1152107).\n\n - CVE-2019-16994: In the Linux kernel before 5.0, a memory leak exists in\n sit_init_net() in net/ipv6/sit.c when register_netdev() fails to\n register sitn->fb_tunnel_dev, which may cause denial of service, aka\n CID-07f12b26e21a (bnc#1161523).\n\n - CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in\n drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of\n service (memory consumption), aka CID-128c66429247 (bnc#1156259).\n\n - CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c allowed a NULL\n pointer dereference because rcu_dereference(root->node) can be zero\n (bnc#1157692).\n\n - CVE-2019-19045: A memory leak in the mlx5_fpga_conn_create_cq() function\n in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers\n to cause a denial of service (memory consumption) by triggering\n mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).\n\n - CVE-2019-19051: A memory leak in the i2400m_op_rfkill_sw_toggle()\n function in drivers/net/wimax/i2400m/op-rfkill.c allowed attackers to\n cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7\n (bnc#1159024).\n\n - CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in\n drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a\n denial of service (memory consumption) by triggering kfifo_alloc()\n failures, aka CID-a7b2df76b42b (bnc#1161518).\n\n - CVE-2019 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.40.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T19:53:29", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-07-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1713)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-12770", "CVE-2020-9383", "CVE-2014-8181", "CVE-2017-5967", "CVE-2020-12826", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-20636", "CVE-2019-19768", "CVE-2020-12464", "CVE-2020-12654", "CVE-2020-12653", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-13143", "CVE-2020-11565", "CVE-2020-8649", "CVE-2020-12652", "CVE-2020-8647", "CVE-2019-18675", "CVE-2020-10741"], "modified": "2020-07-03T00:00:00", "id": "OPENVAS:1361412562311220201713", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201713", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1713\");\n script_version(\"2020-07-03T06:18:13+0000\");\n script_cve_id(\"CVE-2014-8181\", \"CVE-2017-5967\", \"CVE-2019-18675\", \"CVE-2019-19768\", \"CVE-2019-20636\", \"CVE-2020-10741\", \"CVE-2020-10942\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12770\", \"CVE-2020-12826\", \"CVE-2020-13143\", \"CVE-2020-8647\", \"CVE-2020-8649\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 06:18:13 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-03 06:18:13 +0000 (Fri, 03 Jul 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1713)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1713\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1713\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1713 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).(CVE-2019-19768)\n\nThe Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.(CVE-2019-18675)\n\nAn issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.(CVE-2020-9383)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.(CVE-2020-8649)\n\nThere is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.(CVE-2020-8647)\n\nThe time subsystem in the Linux kernel, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c and the __timer_stats_timer_set_start_info function in kernel/time/timer.c.(CVE-2017-5967)\n\n** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2014-8181)\n\next4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.(CVE-2020-8992)\n\n** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-12826. Reason: This candidate is a duplicate of CVE-2020-12826. Notes: All CVE users should reference CVE-2020-12826 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.(CVE-2020-10741)\n\nA signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Ex ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.6_111\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-15T15:55:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-10T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-12114", "CVE-2020-12769", "CVE-2020-12826", "CVE-2020-0543", "CVE-2020-12464", "CVE-2019-19319", "CVE-2020-1749", "CVE-2020-10751"], "modified": "2020-06-12T00:00:00", "id": "OPENVAS:1361412562310844461", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844461", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844461\");\n script_version(\"2020-06-12T07:11:22+0000\");\n script_cve_id(\"CVE-2019-19319\", \"CVE-2020-0543\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12769\", \"CVE-2020-12826\", \"CVE-2020-1749\", \"CVE-2020-10751\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-12 07:11:22 +0000 (Fri, 12 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-10 03:01:29 +0000 (Wed, 10 Jun 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4391-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4391-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-June/005474.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4391-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the ext4 file system implementation in the Linux\nkernel did not properly handle setxattr operations in some situations. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2019-19319)\n\nIt was discovered that memory contents previously stored in\nmicroarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY\nread operations on Intel client and Xeon E3 processors may be briefly\nexposed to processes on the same or different processor cores. A local\nattacker could use this to expose sensitive information. (CVE-2020-0543)\n\nPiotr Krysiuk discovered that race conditions existed in the file system\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2020-12114)\n\nIt was discovered that the USB susbsystem's scatter-gather implementation\nin the Linux kernel did not properly take data references in some\nsituations, leading to a use-after-free. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2020-12464)\n\nIt was discovered that the DesignWare SPI controller driver in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash). (CVE-2020-12769)\n\nIt was discovered that the exit signaling implementation in the Linux\nkernel contained an integer overflow. A local attacker could use this to\ncause a denial of service (arbitrary application crash). (CVE-2020-12826)\n\nXiumei Mu discovered that the IPSec implementation in the Linux kernel did\nnot properly encrypt IPv6 traffic in some situations. An attacker could use\nthis to expose sensitive information. (CVE-2020-1749)\n\nDmitry Vyukov discovered that the SELinux netlink security hook in the\nLinux kernel did not validate messages in some situations. A privileged\nattacker could use this to bypass SELinux netlink restrictions.\n(CVE-2020-10751)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1075-kvm\", ver:\"4.4.0-1075.82\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1109-aws\", ver:\"4.4.0-1109.120\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-generic\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-generic-lpae\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-lowlatency\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-powerpc-e500mc\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-powerpc-smp\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-powerpc64-emb\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-184-powerpc64-smp\", ver:\"4.4.0-184.214\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1109.113\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1075.73\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.184.190\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-29T17:52:15", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1698)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-10711", "CVE-2020-12770", "CVE-2019-19770", "CVE-2020-12659", "CVE-2020-12465", "CVE-2019-19462", "CVE-2020-12114", "CVE-2020-12826", "CVE-2020-10942", "CVE-2019-19039", "CVE-2020-11609", "CVE-2019-20636", "CVE-2020-12464", "CVE-2020-12654", "CVE-2019-20806", "CVE-2019-19815", "CVE-2019-19036", "CVE-2020-12653", "CVE-2020-1749", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-13143", "CVE-2019-19037", "CVE-2019-19377", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12652", "CVE-2020-0067", "CVE-2020-12771", "CVE-2020-12655"], "modified": "2020-06-26T00:00:00", "id": "OPENVAS:1361412562311220201698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201698", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1698\");\n script_version(\"2020-06-26T07:27:06+0000\");\n script_cve_id(\"CVE-2019-19036\", \"CVE-2019-19037\", \"CVE-2019-19039\", \"CVE-2019-19377\", \"CVE-2019-19462\", \"CVE-2019-19770\", \"CVE-2019-19815\", \"CVE-2019-20636\", \"CVE-2019-20806\", \"CVE-2020-0067\", \"CVE-2020-10711\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-11669\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12465\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12659\", \"CVE-2020-12770\", \"CVE-2020-12771\", \"CVE-2020-12826\", \"CVE-2020-13143\", \"CVE-2020-1749\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-26 07:27:06 +0000 (Fri, 26 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-26 07:27:06 +0000 (Fri, 26 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1698)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1698\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1698\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1698 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.(CVE-2019-19815)\n\n** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because 1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.(CVE-2019-19039)\n\next4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.(CVE-2019-19037)\n\nbtrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-node) can be zero.(CVE-2019-19036)\n\n** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.(CVE-2019-19770)\n\nAn issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.(CVE-2020-11494)\n\n** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held..(CVE-2020-11565 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-15T14:43:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-29T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0388-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-9383", "CVE-2019-19768", "CVE-2020-8649", "CVE-2020-8647"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310853084", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853084", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853084\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2019-19768\", \"CVE-2020-8647\", \"CVE-2020-8649\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-29 03:02:08 +0000 (Sun, 29 Mar 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0388-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0388-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00039.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0388-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-8647: There was a use-after-free vulnerability in the\n vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).\n\n - CVE-2020-8649: There was a use-after-free vulnerability in the\n vgacon_invert_region function in drivers/video/console/vgacon.c\n (bnc#1162929 1162931).\n\n - CVE-2020-9383: An issue was discovered in the set_fdc in\n drivers/block/floppy.c that lead to a wait_til_ready out-of-bounds read\n because the FDC index is not checked for errors before assigning it, aka\n CID-2e90ca68b0d2 (bnc#1165111).\n\n - CVE-2019-19768: There was a use-after-free (read) in the __blk_add_trace\n function in kernel/trace/blktrace.c (which is used to fill out a\n blk_io_trace structure and place it in a per-cpu sub-buffer)\n (bnc#1159285).\n\n The following non-security bugs were fixed:\n\n - ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1\n (bsc#1111666).\n\n - ALSA: hda/realtek - Add Headset Mic supported (bsc#1111666).\n\n - ALSA: hda/realtek - Add more codec supported Headset Button\n (bsc#1111666).\n\n - ALSA: hda/realtek - Apply quirk for MSI GP63, too (bsc#1111666).\n\n - ALSA: hda/realtek - Apply quirk for yet another MSI laptop (bsc#1111666).\n\n - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294\n (bsc#1111666).\n\n - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1\n (bsc#1111666).\n\n - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master\n (bsc#1111666).\n\n - ALSA: usb-audio: Add boot quirk for MOTU M Series (bsc#1111666).\n\n - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000\n (bsc#1111666).\n\n - ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65\n headset (bsc#1111666).\n\n - ALSA: usb-audio: Fix UAC2/3 effect unit parsing (bsc#1111666).\n\n - ALSA: usb-audio: Use lower hex numbers for IDs (bsc#1111666).\n\n - ALSA: usb-audio: add implicit fb quirk for MOTU M Series (bsc#1111666).\n\n - ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82\n (bsc#1111666).\n\n - ALSA: usb-audio: fix Corsair Virtuoso mixer label collision\n (bsc#1111666).\n\n - ALSA: usb-audio: unlock on error in probe (bsc#1111666).\n\n - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status\n (bsc#1051510).\n\n - ASoC: dapm: Correct DAPM handling of active widgets during shutdown\n (bsc#1051510).\n\n - ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path\n (bsc#1051510).\n\n - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output\n (bsc#1051510).\n\n - ASoC ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.44.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:32:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-08T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0935-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10711", "CVE-2020-12888", "CVE-2019-19462", "CVE-2019-20810", "CVE-2020-12769", "CVE-2020-12656", "CVE-2020-10732", "CVE-2020-10768", "CVE-2019-20812", "CVE-2020-14416", "CVE-2020-10766", "CVE-2020-10751", "CVE-2020-13143", "CVE-2020-13974", "CVE-2020-10773", "CVE-2020-10767"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310853260", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853260", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853260\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2019-19462\", \"CVE-2019-20810\", \"CVE-2019-20812\", \"CVE-2020-10711\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10766\", \"CVE-2020-10767\", \"CVE-2020-10768\", \"CVE-2020-10773\", \"CVE-2020-12656\", \"CVE-2020-12769\", \"CVE-2020-12888\", \"CVE-2020-13143\", \"CVE-2020-13974\", \"CVE-2020-14416\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-08 03:04:13 +0000 (Wed, 08 Jul 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0935-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.2\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0935-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0935-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.2 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-19462: relay_open in kernel/relay.c allowed local users to\n cause a denial of service (such as relay blockage) by triggering a NULL\n alloc_percpu result (bnc#1158265).\n\n - CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c\n did not call snd_card_free for a failure path, which causes a memory\n leak, aka CID-9453264ef586 (bnc#1172458).\n\n - CVE-2019-20812: The prb_calc_retire_blk_tmo() function in\n net/packet/af_packet.c can result in a denial of service (CPU\n consumption and soft lockup) in a certain failure case involving\n TPACKET_V3, aka CID-b43d1f9f7067 (bnc#1172453).\n\n - CVE-2020-10711: A NULL pointer dereference flaw was found in the Linux\n kernel's SELinux subsystem. This flaw occurs while importing the\n Commercial IP Security Option (CIPSO) protocol's category bitmap into\n the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine.\n While processing the CIPSO restricted bitmap tag in the\n 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to\n indicate that the category bitmap is present, even if it has not been\n allocated. This issue leads to a NULL pointer dereference issue while\n importing the same category bitmap into SELinux. This flaw allowed a\n remote network user to crash the system kernel, resulting in a denial of\n service (bnc#1171191).\n\n - CVE-2020-10732: A flaw was found in the implementation of Userspace core\n dumps. This flaw allowed an attacker with a local account to crash a\n trivial program and exfiltrate private kernel data (bnc#1171220).\n\n - CVE-2020-10751: SELinux LSM hook implementation before version 5.7,\n where it incorrectly assumed that an skb would only contain a single\n netlink message. The hook would incorrectly only validate the first\n netlink message in the skb and allow or deny the rest of the messages\n within the skb with the granted permission without further processing\n (bnc#1171189).\n\n - CVE-2020-10766: Fixed rogue cross-process SSBD shutdown. Linux scheduler\n logical bug allowed an attacker to turn off the SSBD protection.\n (bnc#1172781).\n\n - CVE-2020-10767: Fixed that Indirect Branch Prediction Barrier is\n force-disabled when STIBP is unavailable or enhanced IBRS is available.\n (bnc#1172782).\n\n - CVE-2020-10768: Fixed that indirect branch speculation can be enabled\n after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command\n (bnc#1172783).\n\n - CVE-2020-10773: Fixed a kernel stack information leak on s390/s390x.\n (bnc#11729 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-preempt\", rpm:\"kernel-preempt~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-preempt-debuginfo\", rpm:\"kernel-preempt-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-preempt-debugsource\", rpm:\"kernel-preempt-debugsource~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-preempt-devel\", rpm:\"kernel-preempt-devel~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-preempt-devel-debuginfo\", rpm:\"kernel-preempt-devel-debuginfo~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~5.3.18~lp152.20.7.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-11T15:49:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1606)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-12114", "CVE-2014-8181", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-9444", "CVE-2019-20636", "CVE-2020-12464", "CVE-2020-12654", "CVE-2020-0066", "CVE-2019-11599", "CVE-2019-19036", "CVE-2020-12653", "CVE-2020-11608", "CVE-2019-16230", "CVE-2019-19377", "CVE-2020-11565", "CVE-2019-14898", "CVE-2020-12652", "CVE-2018-9518", "CVE-2020-12655"], "modified": "2020-06-11T00:00:00", "id": "OPENVAS:1361412562311220201606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201606", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1606\");\n script_version(\"2020-06-11T08:24:44+0000\");\n script_cve_id(\"CVE-2014-8181\", \"CVE-2018-9518\", \"CVE-2019-14898\", \"CVE-2019-16230\", \"CVE-2019-19036\", \"CVE-2019-19377\", \"CVE-2019-20636\", \"CVE-2019-9444\", \"CVE-2020-0066\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-11 08:24:44 +0000 (Thu, 11 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:05:38 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1606)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1606\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1606\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1606 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.(CVE-2019-19377)\n\nThe fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.(CVE-2019-14898)\n\nA pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.(CVE-2020-12114)\n\nusb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.(CVE-2020-12464)\n\nThe __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states 'The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.'(CVE-2020-12652)\n\nAn issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.(CVE-2020-12653)\n\nAn issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.(CVE-2020-12654)\n\nAn issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.(CVE-2020-12655)\n\nIn nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.(CVE-2018-9518)\n\nAn issue was discovered in slc_bump in d ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-12T15:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4345-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8648", "CVE-2020-9383", "CVE-2020-11884", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-19768", "CVE-2020-11608", "CVE-2020-11668", "CVE-2019-16234"], "modified": "2020-05-11T00:00:00", "id": "OPENVAS:1361412562310844406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844406", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844406\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_cve_id(\"CVE-2020-11884\", \"CVE-2019-16234\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-8648\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:00:54 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4345-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4345-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005410.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4345-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the Linux kernel for s390x systems did not properly\nperform page table upgrades for kernel sections that use secondary address\nmode. A local attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-11884)\n\nIt was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1038-oracle\", ver:\"4.15.0-1038.42\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1058-gke\", ver:\"4.15.0-1058.61\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1059-kvm\", ver:\"4.15.0-1059.60\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1061-raspi2\", ver:\"4.15.0-1061.65\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-aws\", ver:\"4.15.0-1066.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1077-snapdragon\", ver:\"4.15.0-1077.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1080-oem\", ver:\"4.15.0-1080.90\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic-lpae\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-lowlatency\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1066.69\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1058.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1058.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1059.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1080.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1038.47\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1061.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1077.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1038-oracle\", ver:\"4.15.0-1038.42~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1061-gcp\", ver:\"4.15.0-1061.65\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-aws\", ver:\"4.15.0-1066.70~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1082-azure\", ver:\"4.15.0-1082.92~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic-lpae\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-lowlatency\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1066.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1082.81\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure-edge\", ver:\"4.15.0.1082.81\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1061.75\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1061.75\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1038.31\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-21T20:03:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-09T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4419-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-10711", "CVE-2020-12770", "CVE-2020-10690", "CVE-2020-13143"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310844496", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844496", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844496\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2020-10690\", \"CVE-2020-10711\", \"CVE-2020-12770\", \"CVE-2020-13143\", \"CVE-2020-8992\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-09 03:00:30 +0000 (Thu, 09 Jul 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4419-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4419-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-July/005510.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4419-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a race condition existed in the Precision Time\nProtocol (PTP) implementation in the Linux kernel, leading to a use-after-\nfree vulnerability. A local attacker could possibly use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2020-10690)\n\nMatthew Sheets discovered that the SELinux network label handling\nimplementation in the Linux kernel could be coerced into de-referencing a\nNULL pointer. A remote attacker could use this to cause a denial of service\n(system crash). (CVE-2020-10711)\n\nIt was discovered that the SCSI generic (sg) driver in the Linux kernel did\nnot properly handle certain error conditions correctly. A local privileged\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-12770)\n\nIt was discovered that the USB Gadget device driver in the Linux kernel did\nnot validate arguments passed from configfs in some situations. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly expose sensitive information. (CVE-2020-13143)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1076-kvm\", ver:\"4.4.0-1076.83\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1110-aws\", ver:\"4.4.0-1110.121\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1135-raspi2\", ver:\"4.4.0-1135.144\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1139-snapdragon\", ver:\"4.4.0-1139.147\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-generic\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-generic-lpae\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-lowlatency\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-powerpc-e500mc\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-powerpc-smp\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-powerpc64-emb\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-185-powerpc64-smp\", ver:\"4.4.0-185.215\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1110.114\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1076.74\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1135.135\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1139.131\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.185.191\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-08T17:11:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-gke-5.0 (USN-4344-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2019-19051", "CVE-2020-10942", "CVE-2019-19768", "CVE-2019-16234"], "modified": "2020-05-07T00:00:00", "id": "OPENVAS:1361412562310844409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844409", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844409\");\n script_version(\"2020-05-07T08:41:48+0000\");\n script_cve_id(\"CVE-2019-16234\", \"CVE-2019-19051\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-8648\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"5.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 08:41:48 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:01:05 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-gke-5.0 (USN-4344-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4344-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005409.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-gke-5.0'\n package(s) announced via the USN-4344-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did\nnot properly deallocate memory in certain situations. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19051)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux-gke-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1035-gke\", ver:\"5.0.0-1035.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1050-oem-osp1\", ver:\"5.0.0-1050.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1035.23\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1050.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.4, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2020-05-12T15:36:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4342-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2020-11884", "CVE-2020-10942", "CVE-2019-19768", "CVE-2019-16234"], "modified": "2020-05-11T00:00:00", "id": "OPENVAS:1361412562310844410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844410", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844410\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_cve_id(\"CVE-2020-11884\", \"CVE-2019-16234\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-8648\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:01:12 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4342-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4342-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005407.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4342-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the Linux kernel for s390x systems did not properly\nperform page table upgrades for kernel sections that use secondary address\nmode. A local attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-11884)\n\nIt was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1016-kvm\", ver:\"5.3.0-1016.17\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1017-aws\", ver:\"5.3.0-1017.18\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-gcp\", ver:\"5.3.0-1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1020-azure\", ver:\"5.3.0-1020.21\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1023-raspi2\", ver:\"5.3.0-1023.25\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic-lpae\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-lowlatency\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-snapdragon\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1017.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.3.0.1020.39\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.3.0.1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.3.0.1016.18\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1023.20\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-gke\", ver:\"5.3.0-1018.19~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1023-raspi2\", ver:\"5.3.0-1023.25~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic-lpae\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-lowlatency\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.3\", ver:\"5.3.0.1018.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2-hwe-18.04\", ver:\"5.3.0.1023.12\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-15T15:04:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-07T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4318-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8834", "CVE-2020-8428"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310844383", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844383", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844383\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-8428\", \"CVE-2020-8834\", \"CVE-2020-8992\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-07 03:00:25 +0000 (Tue, 07 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4318-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4318-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005380.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4318-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the vfs layer in the Linux kernel contained a use-\nafter-free vulnerability. A local attacker could use this to cause a denial\nof service (system crash) or possibly expose sensitive information (kernel\nmemory). (CVE-2020-8428)\n\nGustavo Romero and Paul Mackerras discovered that the KVM implementation in\nthe Linux kernel for PowerPC processors did not properly keep guest state\nseparate from host state. A local attacker in a KVM guest could use this to\ncause a denial of service (host system crash). (CVE-2020-8834)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic-lpae\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-lowlatency\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic-lpae\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-lowlatency\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-28T13:50:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-20T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-gke-5.0 (USN-4368-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11609", "CVE-2019-19769", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844439", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844439", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844439\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2019-19769\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-11669\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-20 03:00:27 +0000 (Wed, 20 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-gke-5.0 (USN-4368-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4368-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005442.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-gke-5.0'\n package(s) announced via the USN-4368-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tristan Madani discovered that the file locking implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service or expose sensitive information.\n(CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a denial\nof service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux-gke-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1037-gke\", ver:\"5.0.0-1037.38\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1052-oem-osp1\", ver:\"5.0.0-1052.57\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1037.25\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1052.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-04-03T17:04:59", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-01T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5108", "CVE-2020-8648", "CVE-2020-9383", "CVE-2019-20095", "CVE-2019-19332", "CVE-2019-14896", "CVE-2019-19922", "CVE-2019-3016", "CVE-2019-11135", "CVE-2019-19947", "CVE-2019-19338", "CVE-2019-14895", "CVE-2019-14897", "CVE-2020-8428", "CVE-2020-8649", "CVE-2020-8647", "CVE-2019-20096"], "modified": "2020-04-01T00:00:00", "id": "OPENVAS:1361412562311220201342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201342", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1342\");\n script_version(\"2020-04-01T13:54:05+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-19332\", \"CVE-2019-19338\", \"CVE-2019-19922\", \"CVE-2019-19947\", \"CVE-2019-20095\", \"CVE-2019-20096\", \"CVE-2019-3016\", \"CVE-2019-5108\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-01 13:54:05 +0000 (Wed, 01 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-01 13:54:05 +0000 (Wed, 01 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1342)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1342\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1342\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1342 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A heap-based buffer overflow was discovered in the Linux kernel's Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2019-14895)\n\nA flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.(CVE-2019-19338)\n\nA flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing. Intel's Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. The CPU executes instructions in the critical-sections as transactions, while ensuring their atomic state. When such transaction execution is unsuccessful, the processor cannot ensure atomic updates to the transaction memory, so the processor rolls back or aborts such transaction execution. While TSX Asynchronous Abort (TAA) is pending, CPU may continue to read data from architectural buffers and pass it to the dependent speculative operations. This may cause information leakage via speculative side-channel means, which is quite similar to the Microarchitectural Data Sampling (MDS) issue.(CVE-2019-11135)\n\nAn out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the s ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h697.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-28T13:50:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4363-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844434", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844434", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844434\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11669\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-19 03:00:36 +0000 (Tue, 19 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4363-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4363-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005437.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4363-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a denial\nof service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic-lpae\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-lowlatency\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1039-oracle\", ver:\"4.15.0-1039.43\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1059-gke\", ver:\"4.15.0-1059.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1067-aws\", ver:\"4.15.0-1067.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1079-snapdragon\", ver:\"4.15.0-1079.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1081-oem\", ver:\"4.15.0-1081.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1067.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1059.63\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1059.63\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1081.85\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1039.48\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1079.82\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic-lpae\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-lowlatency\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1039-oracle\", ver:\"4.15.0-1039.43~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1067-aws\", ver:\"4.15.0-1067.71~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1071-gcp\", ver:\"4.15.0-1071.81~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1067.67\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1071.77\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1071.77\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1039.32\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-15T15:55:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-06-10T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4389-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-12659", "CVE-2020-12114", "CVE-2020-0543", "CVE-2020-12464", "CVE-2020-10751", "CVE-2020-0067"], "modified": "2020-06-12T00:00:00", "id": "OPENVAS:1361412562310844464", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844464", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844464\");\n script_version(\"2020-06-12T07:11:22+0000\");\n script_cve_id(\"CVE-2020-0067\", \"CVE-2020-0543\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12659\", \"CVE-2020-10751\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-12 07:11:22 +0000 (Fri, 12 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-10 03:01:55 +0000 (Wed, 10 Jun 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4389-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU20\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4389-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-June/005471.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4389-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the F2FS file system implementation in the Linux\nkernel did not properly perform bounds checking on xattrs in some\nsituations. A local attacker could possibly use this to expose sensitive\ninformation (kernel memory). (CVE-2020-0067)\n\nIt was discovered that memory contents previously stored in\nmicroarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY\nread operations on Intel client and Xeon E3 processors may be briefly\nexposed to processes on the same or different processor cores. A local\nattacker could use this to expose sensitive information. (CVE-2020-0543)\n\nPiotr Krysiuk discovered that race conditions existed in the file system\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2020-12114)\n\nIt was discovered that the USB susbsystem's scatter-gather implementation\nin the Linux kernel did not properly take data references in some\nsituations, leading to a use-after-free. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2020-12464)\n\nBui Quang Minh discovered that the XDP socket implementation in the Linux\nkernel did not properly validate meta-data passed from user space, leading\nto an out-of-bounds write vulnerability. A local attacker with the\nCAP_NET_ADMIN capability could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2020-12659)\n\nDmitry Vyukov discovered that the SELinux netlink security hook in the\nLinux kernel did not validate messages in some situations. A privileged\nattacker could use this to bypass SELinux netlink restrictions.\n(CVE-2020-10751)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 20.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-1015-aws\", ver:\"5.4.0-1015.15\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-1015-gcp\", ver:\"5.4.0-1015.15\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-1015-kvm\", ver:\"5.4.0-1015.15\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-1015-oracle\", ver:\"5.4.0-1015.15\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-1016-azure\", ver:\"5.4.0-1016.16\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-37-generic\", ver:\"5.4.0-37.41\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-37-generic-lpae\", ver:\"5.4.0-37.41\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.4.0-37-lowlatency\", ver:\"5.4.0-37.41\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.4.0.1015.16\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.4.0.1016.16\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.4.0.1015.14\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-20.04\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-20.04\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.4.0.1015.14\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.4.0.1015.14\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-20.04\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.4.0.1015.14\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-20.04\", ver:\"5.4.0.37.40\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that the mitigation for CVE-2020-0543 requires a processor\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"or\", ver:\"via the intel-microcode package. The kernel update for this issue\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"vulnerability\", ver:\"status.\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)

Description

Related