Lucene search

HistorySep 15, 2021 - 12:00 a.m.

Security update for the Linux Kernel (important)






An update that solves 15 vulnerabilities and has 92 fixes
is now available.


The openSUSE Leap 15.2 kernel was updated to receive various security and

The following security bugs were fixed:

  • CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead
    to breaking memcg limits and DoS attacks (bsc#1190115).
  • CVE-2021-38160: Data corruption or loss could be triggered by an
    untrusted device that supplies a buf->len value exceeding the buffer
    size in drivers/char/virtio_console.c (bsc#1190117)
  • CVE-2021-3640: Fixed a Use-After-Free vulnerability in function
    sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).
  • CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling
  • CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883).
  • CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by
    invalid id (bsc#1189832 ).
  • CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace
    can reveal files (bsc#1189706).
  • CVE-2021-3653: Missing validation of the int_ctl VMCB field and allows
    a malicious L1 guest to enable AVIC support for the L2 guest.
  • CVE-2021-3656: Missing validation of the the virt_ext VMCB field and
    allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and
    VLS for the L2 guest (bsc#1189400).
  • CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the
    access permissions of a shadow page, leading to a missing guest
    protection page fault (bnc#1189262).
  • CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed
    remote attackers to cause a denial of service (buffer overflow and
    lockup) by sending heavy network traffic for about ten minutes
  • CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it
    easier for attackers to defeat an ASLR protection mechanism because it
    prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292).
  • CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically
    proximate attackers to cause a denial of service (use-after-free and
    panic) by removing a MAX-3421 USB device in certain situations
  • CVE-2021-3640: A Use-After-Free vulnerability in function
    sco_sock_sendmsg() was fixed (bnc#1188172).
  • CVE-2021-34556: An unprivileged BPF program can obtain sensitive
    information from kernel memory via a Speculative Store Bypass
    side-channel attack because the protection mechanism neglects the
    possibility of uninitialized memory locations on the BPF stack
  • CVE-2021-35477: An unprivileged BPF program can obtain sensitive
    information from kernel memory via a Speculative Store Bypass
    side-channel attack because a certain preempting store operation did not
    necessarily occur before a store operation that has an
    attacker-controlled value (bnc#1188985).

The following non-security bugs were fixed:

  • ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes).
  • ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543)
  • ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543)
  • ACPI: processor: Export function to claim _CST control (bsc#1175543)
  • ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543)
  • Add alt-commit for a BT fix patch (git-fixes)
  • ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes).
  • ALSA: hda - fix the ‘Capture Switch’ value change notifications
  • ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop
  • ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
  • ALSA: hda/via: Apply runtime PM workaround for ASUS B23E (git-fixes).
  • ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes).
  • ALSA: usb-audio: Add registration quirk for JBL Quantum 800 (git-fixes).
  • ALSA: usb-audio: fix incorrect clock source setting (git-fixes).
  • ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (git-fixes).
  • ASoC: cs42l42: Correct definition of ADC Volume control (git-fixes).
  • ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes).
  • ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes).
  • ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes).
  • ASoC: cs42l42: Remove duplicate control for WNF filter frequency
  • ASoC: intel: atom: Fix breakage for PCM buffer address setup (git-fixes).
  • ASoC: intel: atom: Fix reference to PCM buffer address (git-fixes).
  • ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
  • ASoC: ti: delete some dead code in omap_abe_probe() (git-fixes).
  • ASoC: tlv320aic31xx: Fix jack detection after suspend (git-fixes).
  • ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (git-fixes).
  • ASoC: wcd9335: Disable irq on slave ports in the remove function
  • ASoC: wcd9335: Fix a double irq free in the remove function (git-fixes).
  • ASoC: wcd9335: Fix a memory leak in the error handling path of the probe
    function (git-fixes).
  • ASoC: xilinx: Fix reference to PCM buffer address (git-fixes).
  • ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes).
  • ath9k: Clear key cache explicitly on disabling hardware (git-fixes).
  • ath: Use safer key clearing with key cache entries (git-fixes).
  • bcma: Fix memory leak for internally-handled cores (git-fixes).
  • bdi: Do not use freezable workqueue (bsc#1189573).
  • blk-cgroup-kABI-fixes-for-new-fc_app_id-definition.patch
  • blk-iolatency: error out if blk_get_queue() failed in
    iolatency_set_limit() (bsc#1189507).
  • blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506).
  • blk-wbt: introduce a new disable state to prevent false positive by
    rwb_enabled() (bsc#1189503).
  • blk-wbt: make sure throttle is enabled properly (bsc#1189504).
  • block: fix trace completion for chained bio (bsc#1189505).
  • Bluetooth: add timeout sanity check to hci_inquiry (git-fixes).
  • Bluetooth: fix repeated calls to sco_sock_kill (git-fixes).
  • Bluetooth: hidp: use correct wait queue when removing ctrl_wait
  • Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer
    overflow (git-fixes).
  • Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
  • brcmfmac: pcie: fix oops on failure to resume and reprobe (git-fixes).
  • btrfs: account for new extents being deleted in total_bytes_pinned
  • btrfs: add a comment explaining the data flush steps (bsc#1135481).
  • btrfs: add a trace class for dumping the current ENOSPC state
  • btrfs: add a trace point for reserve tickets (bsc#1135481).
  • btrfs: add btrfs_reserve_data_bytes and use it (bsc#1135481).
  • btrfs: add flushing states for handling data reservations (bsc#1135481).
  • btrfs: add the data transaction commit logic into may_commit_transaction
  • btrfs: adjust the flush trace point to include the source (bsc#1135481).
  • btrfs: call btrfs_try_granting_tickets when freeing reserved bytes
  • btrfs: call btrfs_try_granting_tickets when reserving space
  • btrfs: call btrfs_try_granting_tickets when unpinning anything
  • btrfs: change nr to u64 in btrfs_start_delalloc_roots (bsc#1135481).
  • btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481).
  • btrfs: check tickets after waiting on ordered extents (bsc#1135481).
  • btrfs: do async reclaim for data reservations (bsc#1135481).
  • btrfs: do not force commit if we are data (bsc#1135481).
  • btrfs: drop the commit_cycles stuff for data reservations (bsc#1135481).
  • btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481).
  • btrfs: fix possible infinite loop in data async reclaim (bsc#1135481).
  • btrfs: flush delayed refs when trying to reserve data space
  • btrfs: handle space_info::total_bytes_pinned inside the delayed ref
    itself (bsc#1135481).
  • btrfs: handle U64_MAX for shrink_delalloc (bsc#1135481).
  • btrfs: implement space clamping for preemptive flushing (bsc#1135481).
  • btrfs: improve preemptive background space flushing (bsc#1135481).
  • btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481).
  • btrfs: make ALLOC_CHUNK use the space info flags (bsc#1135481).
  • btrfs: make flush_space take a enum btrfs_flush_state instead of int
  • btrfs: make shrink_delalloc take space_info as an arg (bsc#1135481).
  • btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481).
  • btrfs: remove orig from shrink_delalloc (bsc#1135481).
  • btrfs: rename need_do_async_reclaim (bsc#1135481).
  • btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481).
  • btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481).
  • btrfs: rip out may_commit_transaction (bsc#1135481).
  • btrfs: rip the first_ticket_bytes logic from fail_all_tickets
  • btrfs: run delayed iputs before committing the transaction for data
  • btrfs: serialize data reservations if we are flushing (bsc#1135481).
  • btrfs: shrink delalloc pages instead of full inodes (bsc#1135481).
  • btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481).
  • btrfs: tracepoints: convert flush states to using EM macros
  • btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags
  • btrfs: track ordered bytes instead of just dio ordered bytes
  • btrfs: use btrfs_start_delalloc_roots in shrink_delalloc (bsc#1135481).
  • btrfs: use the btrfs_space_info_free_bytes_may_use helper for delalloc
  • btrfs: use the same helper for data and metadata reservations
  • btrfs: use ticketing for data space reservations (bsc#1135481).
  • can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN
    RX and TX error counters (git-fixes).
  • ceph: clean up and optimize ceph_check_delayed_caps() (bsc#1187468).
  • ceph: reduce contention in ceph_check_delayed_caps() (bsc#1187468).
  • ceph: take snap_empty_lock atomically with snaprealm refcount change
  • cgroup1: fix leaked context root causing sporadic NULL deref in LTP
  • cgroup: verify that source is a string (bsc#1190131).
  • clk: kirkwood: Fix a clocking boot regression (git-fixes).
  • cpuidle: Allow idle states to be disabled by default (bsc#1175543)
  • cpuidle: Consolidate disabled state checks (bsc#1175543)
  • cpuidle: cpuidle_state kABI fix (bsc#1175543)
  • cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543)
  • cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543)
  • cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks
  • crypto: ccp - Annotate SEV Firmware file names (bsc#1189212).
  • crypto: qat - use proper type for vf_mask (git-fixes).
  • crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit
  • dmaengine: acpi: Avoid comparison GSI with Linux vIRQ (git-fixes).
  • dmaengine: imx-dma: configure the generic DMA type to make it work
  • dmaengine: imx-sdma: remove duplicated sdma_load_context (git-fixes).
  • dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is
    not yet available (git-fixes).
  • dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
  • dmaengine: xilinx_dma: Fix read-after-free bug when terminating
    transfers (git-fixes).
  • dm integrity: fix missing goto in bitmap_flush_interval error handling
  • dm rq: fix double free of blk_mq_tag_set in dev remove after table load
    fails (git-fixes).
  • dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes).
  • Documentation: admin-guide: PM: Add intel_idle document (bsc#1175543)
  • drivers/block/null_blk/main: Fix a double free in null_init (git-fixes).
  • drm/amdgpu/acp: Make PM domain really work (git-fixes).
  • drm: Copy drm_wait_vblank to user before returning (git-fixes).
  • drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes).
  • drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs
  • drm/msm/dsi: Fix some reference counted resource leaks (git-fixes).
  • drm/nouveau/disp: power down unused DP links during init (git-fixes).
  • drm/panfrost: Fix missing clk_disable_unprepare() on error in
    panfrost_clk_init() (git-fixes).
  • drm/panfrost: Simplify lock_region calculation (git-fixes).
  • ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
    transaction handle (bsc#1189568).
  • ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
  • ext4: fix avefreec in find_group_orlov (bsc#1189566).
  • ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562).
  • ext4: fix potential htree corruption when growing large_dir directories
  • ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565).
  • ext4: return error code when ext4_fill_flex_info() fails (bsc#1189563).
  • ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567).
  • fanotify: fix copy_event_to_user() fid error clean up (bsc#1189574).
  • firmware_loader: fix use-after-free in firmware_fallback_sysfs
  • firmware_loader: use -ETIMEDOUT instead of -EAGAIN in
    fw_load_sysfs_fallback (git-fixes).
  • Fix breakage of swap over NFS (bsc#1188924).
  • Fix kabi of prepare_to_wait_exclusive() (bsc#1189575).
  • fixup “rpm: support gz and zst compression methods”
  • fpga: altera-freeze-bridge: Address warning about unused variable
  • fpga: xiilnx-spi: Address warning about unused variable (git-fixes).
  • fpga: zynqmp-fpga: Address warning about unused variable (git-fixes).
  • gpio: eic-sprd: break loop when getting NULL device resource (git-fixes).
  • gpio: mpc8xxx: Fix a resources leak in the error handling path of
    ‘mpc8xxx_probe()’ (git-fixes).
  • gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V
    formats (git-fixes).
  • HID: i2c-hid: Fix Elan touchpad regression (git-fixes).
  • HID: input: do not report stylus battery state as “full” (git-fixes).
  • i2c: dev: zero out array used for i2c reads from userspace (git-fixes).
  • i2c: highlander: add IRQ check (git-fixes).
  • i2c: iop3xx: fix deferred probing (git-fixes).
  • i2c: mt65xx: fix IRQ check (git-fixes).
  • i2c: s3c2410: fix IRQ check (git-fixes).
  • iio: adc: Fix incorrect exit of for-loop (git-fixes).
  • iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
  • iio: humidity: hdc100x: Add margin to the conversion time (git-fixes).
  • intel_idle: Add module parameter to prevent ACPI _CST from being used
  • intel_idle: Allow ACPI _CST to be used for selected known processors
  • intel_idle: Annotate init time data structures (bsc#1175543)
  • intel_idle: Customize IceLake server support (bsc#1175543)
  • intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399,
    bsc#1180347, bsc#1180141)
  • intel_idle: Fix max_cstate for processor models without C-state tables
  • intel_idle: Ignore _CST if control cannot be taken from the platform
  • intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543)
  • intel_idle: Use ACPI _CST for processor models without C-state tables
  • intel_idle: Use ACPI _CST on server systems (bsc#1175543)
  • iommu/amd: Fix extended features logging (bsc#1189213).
  • iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189209).
  • iommu/arm-smmu-v3: Decrease the queue size of evtq and priq
  • iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229).
  • iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214).
  • iommu/vt-d: Check for allocation failure in aux_detach_device()
  • iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189216).
  • iommu/vt-d: Do not set then clear private data in prq_event_thread()
  • iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218).
  • iommu/vt-d: Force to flush iotlb before creating superpage (bsc#1189219).
  • iommu/vt-d: Global devTLB flush when present context entry changed
  • iommu/vt-d: Invalidate PASID cache when root/context entry changed
  • iommu/vt-d: Reject unsupported page request modes (bsc#1189222).
  • ipc: remove memcg accounting for sops objects in do_semtimedop()
  • iwlwifi: rs-fw: do not support stbc for HE 160 (git-fixes).
  • kabi fix for SUNRPC: defer slow parts of rpc_free_client() to a
    workqueue (bsc#1168202 bsc#1188924).
  • kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes).
  • kABI fix of usb_dcd_config_params (git-fixes).
  • kernel-binary.spec: Define $image as rpm macro (bsc#1189841).
  • kernel-cert-subpackage: Fix certificate location in scriptlets
  • kernel, fs: Introduce and use set_restart_fn() and
    arch_set_restart_data() (bsc#1189153).
  • leds: trigger: audio: Add an activate callback to ensure the initial
    brightness is set (git-fixes).
  • libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
  • libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes).
  • lib/mpi: use kcalloc in mpi_resize (git-fixes).
  • lockd: Fix invalid lockowner cast after vfs_test_lock (git-fixes).
  • mac80211: Fix insufficient headroom issue for AMSDU (git-fixes).
  • mailbox: sti: quieten kernel-doc warnings (git-fixes).
  • md/raid10: properly indicate failure when ending a failed write request
  • media: cxd2880-spi: Fix an error handling path (git-fixes).
  • media: drivers/media/usb: fix memory leak in zr364xx_probe (git-fixes).
  • media: dvb-usb: Fix error handling in dvb_usb_i2c_init (git-fixes).
  • media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (git-fixes).
  • media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (git-fixes).
  • media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
  • media: go7007: fix memory leak in go7007_usb_probe (git-fixes).
  • media: go7007: remove redundant initialization (git-fixes).
  • media: stkwebcam: fix memory leak in stk_camera_probe (git-fixes).
  • media: TDA1997x: enable EDID support (git-fixes).
  • media: venus: venc: Fix potential null pointer dereference on pointer
    fmt (git-fixes).
  • media: zr364xx: fix memory leaks in probe() (git-fixes).
  • media: zr364xx: propagate errors from zr364xx_start_readpipe()
  • memcg: enable accounting for file lock caches (bsc#1190115).
  • mfd: axp20x: Update AXP288 volatile ranges (git-fixes).
  • mfd: lpc_sch: Rename GPIOBASE to prevent build error (git-fixes).
  • mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set (git-fixes).
  • misc: atmel-ssc: lock with mutex instead of spinlock (git-fixes).
  • misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp()
  • mmc: dw_mmc: Fix hang on data CRC error (git-fixes).
  • mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes).
  • mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes).
  • mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (git-fixes).
  • mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
  • mm: swap: properly update readahead statistics in unuse_pte_range()
  • mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page()
  • mm/vmscan: fix infinite loop in drop_slab_node (VM Functionality,
  • mm, vmscan: guarantee drop_slab_node() termination (VM Functionality,
  • mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards
  • mtd: rawnand: cafe: Fix a resource leak in the error handling path of
    ‘cafe_nand_probe()’ (git-fixes).
  • nbd: Aovid double completion of a request (git-fixes).
  • nbd: do not update block size after device is started (git-fixes).
  • nbd: Fix NULL pointer in flush_workqueue (git-fixes).
  • nfs: Correct size calculation for create reply length (bsc#1189870).
  • nfsd4: Fix forced-expiry locking (git-fixes).
  • nfs: fix acl memory leak of posix_acl_create() (git-fixes).
  • nfsv4: Initialise connection to the server in nfs4_alloc_client()
  • nfsv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times
  • NFSv4/pNFS: Fix a layoutget livelock loop (git-fixes).
  • nvme: avoid possible double fetch in handling CQE (bsc#1181972).
  • nvme: code command_id with a genctr for use-after-free validation
  • nvme-multipath: revalidate paths during rescan (bsc#1187211)
  • nvme: only call synchronize_srcu when clearing current path
  • nvme-pci: fix NULL req in completion handler (bsc#1181972).
  • nvme-pci: limit maximum queue depth to 4095 (bsc#1181972).
  • nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth
  • nvme-pci: use unsigned for io queue depth (bsc#1181972).
  • nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data
  • nvme-tcp: Do not reset transport on data digest errors (bsc#1188418).
  • nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384).
  • ocfs2: fix snprintf() checking (bsc#1189581).
  • ocfs2: fix zero out valid data (bsc#1189579).
  • ocfs2: initialize ip_next_orphan (bsc#1186731).
  • ocfs2: issue zeroout to EOF blocks (bsc#1189582).
  • ocfs2: ocfs2_downconvert_lock failure results in deadlock (bsc#1188439).
  • overflow: Correct check_shl_overflow() comment (git-fixes).
  • ovl: allow upperdir inside lowerdir (bsc#1189323).
  • ovl: expand warning in ovl_d_real() (bsc#1189323).
  • ovl: fix missing revert_creds() on error path (bsc#1189323).
  • ovl: perform vfs_getxattr() with mounter creds (bsc#1189323).
  • ovl: skip getxattr of security labels (bsc#1189323).
  • params: lift param_set_uint_minmax to common code (bsc#1181972).
  • PCI: Call Max Payload Size-related fixup quirks early (git-fixes).
  • PCI: Fix pci_dev_str_match_path() alloc while atomic bug (git-fixes).
  • PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes).
  • PCI: iproc: Fix BCMA probe resource handling (git-fixes).
  • PCI/MSI: Correct misleading comments (git-fixes).
  • PCI/MSI: Do not set invalid bits in MSI mask (git-fixes).
  • PCI/MSI: Enable and mask MSI-X early (git-fixes).
  • PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes).
  • PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes).
  • PCI/MSI: Mask all unused MSI-X entries (git-fixes).
  • PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes).
  • PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes).
  • PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
  • PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes).
  • PCI/portdrv: Enable Bandwidth Notification only if port supports it
  • PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
  • PCI: xilinx-nwl: Enable the clock through CCF (git-fixes).
  • pcmcia: i82092: fix a null pointer dereference bug (git-fixes).
  • pinctrl: samsung: Fix pinctrl bank pin count (git-fixes).
  • pinctrl: single: Fix error return code in
    pcs_parse_bits_in_pinctrl_entry() (git-fixes).
  • pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (git-fixes).
  • platform/x86: pcengines-apuv2: Add missing terminating entries to
    gpio-lookup tables (git-fixes).
  • powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148
    ltc#190702 git-fixes).
  • powerpc/papr_scm: Make ‘perf_stats’ invisible if perf-stats unavailable
    (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes).
  • powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible
    (bsc#1189197 ltc#193906).
  • powerpc/pseries: Fix regression while building external modules
    (bsc#1160010 ltc#183046 git-fixes).
  • powerpc/pseries: Fix update of LPAR security flavor after LPM
    (bsc#1188885 ltc#193722 git-fixes).
  • power: supply: max17042: handle fails of reading status register
  • pwm: lpc32xx: Do not modify HW state in .probe() after the PWM chip was
    registered (git-fixes).
  • README: Modernize build instructions.
  • regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes).
  • regulator: vctrl: Avoid lockdep warning in enable/disable ops
  • regulator: vctrl: Use locked regulator_get_voltage in probe path
  • reset: reset-zynqmp: Fixed the argument data type (git-fixes).
  • Revert “ACPICA: Fix memory leak caused by _CID repair function”
  • Revert “dmaengine: imx-sdma: refine to load context only once”
  • Revert “gpio: eic-sprd: Use devm_platform_ioremap_resource()”
  • Revert “memcg: enable accounting for file lock caches (bsc#1190115).”
  • Revert “mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on
    BCM2711” (git-fixes).
  • Revert “USB: serial: ch341: fix character loss at high transfer rates”
  • rpm: Abolish image suffix (bsc#1189841).
  • rpm: Define $certs as rpm macro (bsc#1189841).
  • rpm: Fold kernel-devel and kernel-source scriptlets into spec files
  • rpm/ make builds reproducible (bsc#1189305)
  • rq-qos: fix missed wake-ups in rq_qos_throttle try two (bsc#1189575).
  • rsi: fix an error code in rsi_probe() (git-fixes).
  • rsi: fix error code in rsi_load_9116_firmware() (git-fixes).
  • s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982
  • s390/boot: fix use of expolines in the DMA code (bsc#1188878 ltc#193771).
  • sched/fair: Correctly insert cfs_rq’s to list on unthrottle (git-fixes)
  • sched/fair: Ensure that the CFS parent is added after unthrottling
  • sched/rt: Fix RT utilization tracking during policy change (git-fixes)
  • scsi: blkcg: Add app identifier support for blkcg (bsc#1189385
  • scsi: blkcg: Fix application ID config options (bsc#1189385
  • scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970).
  • scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392).
  • scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650).
  • scsi: libfc: Fix array index out of bound exception (bsc#1188616).
  • scsi: lpfc: Add 256 Gb link speed support (bsc#1189385).
  • scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters
  • scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC
    completions (bsc#1189385).
  • scsi: lpfc: Clear outstanding active mailbox during PCI function reset
  • scsi: lpfc: Copyright updates for patches (bsc#1189385).
  • scsi: lpfc: Copyright updates for patches (bsc#1189385).
  • scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC
    completes (bsc#1189385).
  • scsi: lpfc: Discovery state machine fixes for LOGO handling
  • scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385).
  • scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385).
  • scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385).
  • scsi: lpfc: Fix function description comments for vmid routines
  • scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine
  • scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR
    request (bsc#1189385).
  • scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling
  • scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385).
  • scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted()
  • scsi: lpfc: Fix target reset handler from falsely returning FAILURE
  • scsi: lpfc: Improve firmware download logging (bsc#1189385).
  • scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS
    handling (bsc#1189385).
  • scsi: lpfc: Move initialization of phba->poll_list earlier to avoid
    crash (git-fixes).
  • scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385).
  • scsi: lpfc: Remove redundant assignment to pointer temp_hdr
  • scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF
  • scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385).
  • scsi: lpfc: Revise Topology and RAS support checks for new adapters
  • scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385).
  • scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path
  • scsi: lpfc: Update lpfc version to (bsc#1189385).
  • scsi: lpfc: Update lpfc version to (bsc#1189385).
  • scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail()
  • scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support
  • scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc
    (bsc#1189385 jsc#SLE-18970).
  • scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread
    (bsc#1189385 jsc#SLE-18970).
  • scsi: lpfc: vmid: Add support for VMID in mailbox command (bsc#1189385
  • scsi: lpfc: vmid: Append the VMID to the wqe before sending (bsc#1189385
  • scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970).
  • scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385
  • scsi: lpfc: vmid: Implement ELS commands for appid (bsc#1189385
  • scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970).
  • scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385
  • scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385
  • scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006).
  • scsi: qla2xxx: Add heartbeat check (bsc#1189392).
  • scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189392).
  • scsi: qla2xxx: edif: Add detection of secure device (bsc#1189392).
  • scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189392).
  • scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392).
  • scsi: qla2xxx: edif: Add extraction of auth_els from the wire
  • scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189392).
  • scsi: qla2xxx: edif: Add key update (bsc#1189392).
  • scsi: qla2xxx: edif: Add send, receive, and accept for auth_els
  • scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392).
  • scsi: qla2xxx: edif: Increment command and completion counts
  • scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
  • scsi: qla2xxx: Fix spelling mistakes “allloc” -> “alloc” (bsc#1189392).
  • scsi: qla2xxx: Fix use after free in debug code (bsc#1189392).
  • scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port()
  • scsi: qla2xxx: Remove duplicate declarations (bsc#1189392).
  • scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392).
  • scsi: qla2xxx: Remove redundant continue statement in a for-loop
  • scsi: qla2xxx: Remove redundant initialization of variable num_cnt
  • scsi: qla2xxx: Remove unused variable ‘status’ (bsc#1189392).
  • scsi: qla2xxx: Update version to (bsc#1189392).
  • scsi: qla2xxx: Use list_move_tail() instead of
    list_del()/list_add_tail() (bsc#1189392).
  • scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI
  • scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state
  • scsi: sg: add sg_remove_request in sg_write (bsc#1171420 CVE2020-12770).
  • scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392).
  • scsi: zfcp: Report port fc_security as unknown early during remote cable
    pull (git-fixes).
  • serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes).
  • serial: 8250_mtk: fix uart corruption issue when rx power off
  • serial: tegra: Only print FIFO error message when an error occurs
  • slimbus: messaging: check for valid transaction id (git-fixes).
  • slimbus: messaging: start transaction ids from 1 instead of zero
  • slimbus: ngd: reset dma setup during runtime pm (git-fixes).
  • soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes).
  • soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes).
  • soc: ixp4xx: fix printing resources (git-fixes).
  • soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes).
  • soc: qcom: rpmhpd: Use corner in power_off (git-fixes).
  • soc: qcom: smsm: Fix missed interrupts if state changes while masked
  • spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes).
  • spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation
  • spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (git-fixes).
  • spi: mediatek: Fix fifo transfer (git-fixes).
  • spi: meson-spicc: fix memory leak in meson_spicc_remove (git-fixes).
  • spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
  • spi: spi-pic32: Fix issue with uninitialized dma_slave_config
  • spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes).
  • spi: stm32h7: fix full duplex irq handler handling (git-fixes).
  • staging: rtl8192u: Fix bitwise vs logical operator in
    TranslateRxSignalStuff819xUsb() (git-fixes).
  • staging: rtl8712: get rid of flush_scheduled_work (git-fixes).
  • staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes).
  • SUNRPC: defer slow parts of rpc_free_client() to a workqueue
    (bsc#1168202 bsc#1188924).
  • SUNRPC: ‘Directory with parent ‘rpc_clnt’ already present!’ (bsc#1168202
  • SUNRPC: Fix potential memory corruption (git-fixes).
  • SUNRPC: Fix the batch tasks count wraparound (git-fixes).
  • SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202
  • SUNRPC: improve error response to over-size gss credential (bsc#1190022).
  • SUNRPC: Should wake up the privileged task firstly (git-fixes).
  • SUNRPC: Simplify socket shutdown when not reusing TCP ports (git-fixes).
  • thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
  • tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL
    event name (git-fixes).
  • tracing / histogram: Give calculation hist_fields a size (git-fixes).
  • tracing: Reject string operand in the histogram expression (git-fixes).
  • tty: serial: fsl_lpuart: fix the wrong mapbase value (git-fixes).
  • ubifs: Fix error return code in alloc_wbufs() (bsc#1189585).
  • ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583).
  • ubifs: journal: Fix error return code in ubifs_jnl_write_inode()
  • ubifs: Only check replay with inode type to judge if inode linked
  • ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
  • Update
    (bsc#1167032 ltc#184087 bsc#1184114 ltc#192237).
  • usb: bdc: Fix an error handling path in ‘bdc_probe()’ when no suitable
    DMA config is available (git-fixes).
  • USB: core: Avoid WARNings for 0-length descriptor requests (git-fixes).
  • usb: dwc2: Postponed gadget registration to the udc class driver
  • usb: dwc3: Add support for DWC_usb32 IP (git-fixes).
  • usb: dwc3: core: do not do suspend for device mode if already suspended
  • usb: dwc3: core: Properly default unspecified speed (git-fixes).
  • usb: dwc3: debug: Remove newline printout (git-fixes).
  • usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
  • usb: dwc3: gadget: Check MPS of the request length (git-fixes).
  • usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set (git-fixes).
  • usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable
  • usb: dwc3: gadget: Disable gadget IRQ during pullup disable (git-fixes).
  • usb: dwc3: gadget: Do not send unintended link state change (git-fixes).
  • usb: dwc3: gadget: Do not setup more than requested (git-fixes).
  • usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes).
  • usb: dwc3: gadget: Fix handling ZLP (git-fixes).
  • usb: dwc3: gadget: Give back staled requests (git-fixes).
  • usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes).
  • usb: dwc3: gadget: Prevent EP queuing while stopping transfers
  • usb: dwc3: gadget: Properly track pending and queued SG (git-fixes).
  • usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (git-fixes).
  • usb: dwc3: gadget: Set BESL config parameter (git-fixes).
  • usb: dwc3: gadget: Set link state to RX_Detect on disconnect (git-fixes).
  • usb: dwc3: gadget: Stop EP0 transfers during pullup disable (git-fixes).
  • usb: dwc3: gadget: Workaround Mirosoft’s BESL check (git-fixes).
  • usb: dwc3: meson-g12a: add IRQ check (git-fixes).
  • usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init
  • usb: dwc3: of-simple: add a shutdown (git-fixes).
  • usb: dwc3: Separate field holding multiple properties (git-fixes).
  • usb: dwc3: st: Add of_dev_put() in probe function (git-fixes).
  • usb: dwc3: st: Add of_node_put() before return in probe function
  • usb: dwc3: Stop active transfers before halting the controller
  • usb: dwc3: support continuous runtime PM with dual role (git-fixes).
  • usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes).
  • usb: dwc3: Use devres to get clocks (git-fixes).
  • USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes).
  • usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
  • usb: gadget: Export recommended BESL values (git-fixes).
  • usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (git-fixes).
  • usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes).
  • usb: gadget: f_hid: idle uses the highest byte for duration (git-fixes).
  • usb: gadget: mv_u3d: request_irq() after initializing UDC (git-fixes).
  • usb: gadget: udc: at91: add IRQ check (git-fixes).
  • usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (git-fixes).
  • usb: host: ohci-tmio: add IRQ check (git-fixes).
  • usb: host: xhci-rcar: Do not reload firmware after the completion
  • usb: mtu3: fix the wrong HS mult value (git-fixes).
  • usb: mtu3: use @mult for HS isoc or intr (git-fixes).
  • usb: phy: fsl-usb: add IRQ check (git-fixes).
  • usb: phy: tahvo: add IRQ check (git-fixes).
  • usb: phy: twl6030: add IRQ checks (git-fixes).
  • USB: serial: ch341: fix character loss at high transfer rates
  • USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes).
  • USB: serial: option: add new VID/PID to support Fibocom FG150
  • USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes).
  • USB: usbtmc: Fix RCU stall warning (git-fixes).
  • virtio_pci: Support surprise removal of virtio pci device (git-fixes).
  • virt_wifi: fix error on connect (git-fixes).
  • VMCI: fix NULL pointer dereference when unmapping queue pair (git-fixes).
  • wireguard: allowedips: allocate nodes in kmem_cache (git-fixes).
  • wireguard: allowedips: free empty intermediate nodes when removing
    single node (git-fixes).
  • wireguard: allowedips: remove nodes in O(1) (git-fixes).
  • writeback: fix obtain a reference to a freeing memcg css (bsc#1189577).
  • x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1152489).
  • x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1152489).
  • x86/fpu: Reset state for all signal restore failures (bsc#1152489).
  • x86/kvm: fix vcpu-id indexed array sizes (git-fixes).
  • x86/signal: Detect and prevent an alternate signal stack overflow
  • xen/events: Fix race in set_evtchn_to_irq (git-fixes).
  • xprtrdma: Pad optimization, revisited (bsc#1189760).
  • usb: dwc2: Fix error path in gadget registration (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.2:

    zypper in -t patch openSUSE-2021-1271=1

openSUSE Leap15.2noarch< - openSUSE Leap 15.2 (noarch):- openSUSE Leap 15.2 (noarch):.noarch.rpm
openSUSE Leap15.2x86_64< - openSUSE Leap 15.2 (x86_64):- openSUSE Leap 15.2 (x86_64):.x86_64.rpm