openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:0388-1
Rating:             important
References:         #1044231 #1051510 #1056686 #1065729 #1111666 
                    #1111974 #1112178 #1113956 #1114279 #1119680 
                    #1141895 #1156510 #1158187 #1159285 #1161561 
                    #1162929 #1162931 #1164078 #1164507 #1164632 
                    #1165111 #1165741 #1165873 #1165929 #1165950 
                    #1165980 #1165984 #1165985 #1166003 #1166101 
                    #1166102 #1166103 #1166104 #1166632 #1166658 
                    #1166730 #1166731 #1166732 #1166733 #1166734 
                    #1166735 
Cross-References:   CVE-2019-19768 CVE-2020-8647 CVE-2020-8649
                    CVE-2020-9383
Affected Products:
                    openSUSE Leap 15.1
______________________________________________________________________________

   An update that solves four vulnerabilities and has 37 fixes
   is now available.

Description:



   The openSUSE Leap 15.1 kernel was updated to receive various security and
   bugfixes.

   The following security bugs were fixed:

   - CVE-2020-8647: There was a use-after-free vulnerability in the
     vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).
   - CVE-2020-8649: There was a use-after-free vulnerability in the
     vgacon_invert_region function in drivers/video/console/vgacon.c
     (bnc#1162929 1162931).
   - CVE-2020-9383: An issue was discovered in the set_fdc in
     drivers/block/floppy.c that lead to a wait_til_ready out-of-bounds read
     because the FDC index is not checked for errors before assigning it, aka
     CID-2e90ca68b0d2 (bnc#1165111).
   - CVE-2019-19768: There was a use-after-free (read) in the __blk_add_trace
     function in kernel/trace/blktrace.c (which is used to fill out a
     blk_io_trace structure and place it in a per-cpu sub-buffer)
     (bnc#1159285).

   The following non-security bugs were fixed:

   - ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1
     (bsc#1111666).
   - ALSA: hda/realtek - Add Headset Mic supported (bsc#1111666).
   - ALSA: hda/realtek - Add more codec supported Headset Button
     (bsc#1111666).
   - ALSA: hda/realtek - Apply quirk for MSI GP63, too (bsc#1111666).
   - ALSA: hda/realtek - Apply quirk for yet another MSI laptop (bsc#1111666).
   - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
     (bsc#1111666).
   - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1
     (bsc#1111666).
   - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
     (bsc#1111666).
   - ALSA: usb-audio: Add boot quirk for MOTU M Series (bsc#1111666).
   - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000
     (bsc#1111666).
   - ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65
     headset (bsc#1111666).
   - ALSA: usb-audio: Fix UAC2/3 effect unit parsing (bsc#1111666).
   - ALSA: usb-audio: Use lower hex numbers for IDs (bsc#1111666).
   - ALSA: usb-audio: add implicit fb quirk for MOTU M Series (bsc#1111666).
   - ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82
     (bsc#1111666).
   - ALSA: usb-audio: fix Corsair Virtuoso mixer label collision
     (bsc#1111666).
   - ALSA: usb-audio: unlock on error in probe (bsc#1111666).
   - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
     (bsc#1051510).
   - ASoC: dapm: Correct DAPM handling of active widgets during shutdown
     (bsc#1051510).
   - ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
     (bsc#1051510).
   - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
     (bsc#1051510).
   - ASoC: pcm: update FE/BE trigger order based on the command (bsc#1051510).
   - ASoC: topology: Fix memleak in soc_tplg_link_elems_load() (bsc#1051510).
   - Add CONFIG_RAID6_PQ_BENCHMARK=y in following config files for the above
     change,
   - EDAC, ghes: Make platform-based whitelisting x86-only (bsc#1158187).
   - EDAC/mc: Fix use-after-free and memleaks during device removal
     (bsc#1114279).
   - Enable the following two patches in series.conf, and refresh the KABI
     patch due to previous md commit (bsc#1119680),
   - HID: core: fix off-by-one memset in hid_report_raw_event() (bsc#1051510).
   - Input: edt-ft5x06 - work around first register access error
     (bsc#1051510).
   - Input: synaptics - enable SMBus on ThinkPad L470 (bsc#1051510).
   - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
     (bsc#1051510).
   - Input: synaptics - switch T470s to RMI4 by default (bsc#1051510).
   - KVM: VMX: check descriptor table exits on instruction emulation
     (bsc#1166104).
   - NFC: pn544: Fix a typo in a debug message (bsc#1051510).
   - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use
     le16_add_cpu() (bsc#1051510).
   - PCI/AER: Clear device status bits during ERR_COR handling (bsc#1161561).
   - PCI/AER: Clear device status bits during ERR_FATAL and ERR_NONFATAL
     (bsc#1161561).
   - PCI/AER: Clear only ERR_FATAL status bits during fatal recovery
     (bsc#1161561).
   - PCI/AER: Clear only ERR_NONFATAL bits during non-fatal recovery
     (bsc#1161561).
   - PCI/AER: Do not clear AER bits if error handling is Firmware-First
     (bsc#1161561).
   - PCI/AER: Do not read upstream ports below fatal errors (bsc#1161561).
   - PCI/AER: Factor out ERR_NONFATAL status bit clearing (bsc#1161561).
   - PCI/AER: Take reference on error devices (bsc#1161561).
   - PCI/ERR: Run error recovery callbacks for all affected devices
     (bsc#1161561).
   - PCI/ERR: Use slot reset if available (bsc#1161561).
   - Update "drm/i915: Wean off drm_pci_alloc/drm_pci_free" (bsc#1114279)
     This patch fixes ../drivers/gpu/drm/i915/i915_gem.c: In function
     'i915_gem_object_get_pages_phys':
     ../drivers/gpu/drm/i915/i915_gem.c:232:2: warning: return makes pointer
     from integer without a cast [enabled by default] introduced by commit
     cde29f21f04985905600b14e6936f4f023329a99.
   - Update config files. CONFIG_IPX was set on ARM. Disable as on other
     archs.
   - [1/2,media] uvcvideo: Refactor teardown of uvc on USB disconnect
     (https://patchwork.kernel.org/patch/9683663/) (bsc#1164507)
   - amdgpu/gmc_v9: save/restore sdpif regs during S3 (bsc#1113956)
   - atm: zatm: Fix empty body Clang warnings (bsc#1051510).
   - b43legacy: Fix -Wcast-function-type (bsc#1051510).
   - blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285).
   - blktrace: fix dereference after null check (bsc#1159285).
   - blktrace: fix trace mutex deadlock (bsc#1159285).
   - bonding/alb: properly access headers in bond_alb_xmit()
     (networking-stable-20_02_09).
   - config: enable BLK_DEV_SR_VENDOR on armv7hl (bsc#1164632)
   - cpufreq: powernv: Fix unsafe notifiers (bsc#1065729).
   - cpufreq: powernv: Fix use-after-free (bsc#1065729).
   - crypto: pcrypt - Fix user-after-free on module unload (git-fixes).
   - dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
     (bsc#1051510).
   - driver core: Print device when resources present in really_probe()
     (bsc#1051510).
   - driver core: platform: Prevent resouce overflow from causing infinite
     loops (bsc#1051510).
   - driver core: platform: fix u32 greater or equal to zero comparison
     (bsc#1051510).
   - drivers/md/raid5-ppl.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET
     (bsc#1166003).
   - drivers/md/raid5.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET
     (bsc#1166003).
   - drm/amd/dm/mst: Ignore payload update failures (bsc#1112178)
   - drm/gma500: Fixup fbdev stolen size usage evaluation (bsc#1051510).
   - drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime (git-fixes).
   - drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits
     (git-fixes).
   - drm/i915/selftests: Fix return in assert_mmap_offset() (bsc#1114279)
   - drm/i915/userptr: Try to acquire the page lock around (bsc#1114279)
   - drm/i915: Program MBUS with rmw during initialization (git-fixes).
   - drm/mediatek: handle events when enabling/disabling crtc (bsc#1051510).
   - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
     (bsc#1051510).
   - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from
     fw (bsc#1051510).
   - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets
     (git-fixes).
   - drm/sun4i: Fix DE2 VI layer format support (git-fixes).
   - drm/sun4i: de2/de3: Remove unsupported VI layer formats (git-fixes).
   - drm: remove the newline for CRC source name (bsc#1051510).
   - fcntl: fix typo in RWH_WRITE_LIFE_NOT_SET r/w hint name (bsc#1166003).
   - firmware: imx: misc: Align imx sc msg structs to 4 (git-fixes).
   - firmware: imx: scu-pd: Align imx sc msg structs to 4 (git-fixes).
   - firmware: imx: scu: Ensure sequential TX (git-fixes).
   - fs/xfs: fix f_ffree value for statfs when project quota is set
     (bsc#1165985).
   - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() (bsc#1051510).
   - ibmvnic: Do not process device remove during device reset (bsc#1065729).
   - ibmvnic: Warn unknown speed message only when carrier is present
     (bsc#1065729).
   - iommu/amd: Check feature support bit before accessing MSI capability
     registers (bsc#1166101).
   - iommu/amd: Only support x2APIC with IVHD type 11h/40h (bsc#1166102).
   - iommu/amd: Remap the IOMMU device table with the memory encryption mask
     for kdump (bsc#1141895).
   - iommu/dma: Fix MSI reservation allocation (bsc#1166730).
   - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
     (bsc#1166732).
   - iommu/vt-d: Fix compile warning from intel-svm.h (bsc#1166103).
   - iommu/vt-d: Fix the wrong printing in RHSA parsing (bsc#1166733).
   - iommu/vt-d: Ignore devices with out-of-spec domain number (bsc#1166734).
   - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
     (bsc#1166731).
   - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn
     + add_taint (bsc#1166735).
   - iwlegacy: Fix -Wcast-function-type (bsc#1051510).
   - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
     (bsc#1166632).
   - iwlwifi: mvm: Fix thermal zone registration (bsc#1051510).
   - kdump, proc/vmcore: Enable kdumping encrypted memory with SME enabled
     (bsc#1141895).
   - kexec: Allocate decrypted control pages for kdump if SME is enabled
     (bsc#1141895).
   - lib/raid6: add missing include for raid6test (bsc#1166003).
   - lib/raid6: add option to skip algo benchmarking (bsc#1166003).
   - lib/raid6: avoid __attribute_const__ redefinition (bsc#1166003).
   - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
     (bsc#1165929).
   - libnvdimm/pfn_dev: Do not clear device memmap area during generic
     namespace probe (bsc#1165929 bsc#1165950).
   - libnvdimm: remove redundant __func__ in dev_dbg (bsc#1165929).
   - md raid0/linear: Mark array as 'broken' and fail BIOs if a member is
     gone (bsc#1166003).
   - md-batch-flush-requests-kabi.patch
   - md-batch-flush-requests.patch
   - md-bitmap: create and destroy wb_info_pool with the change of backlog
     (bsc#1166003).
   - md-bitmap: create and destroy wb_info_pool with the change of bitmap
     (bsc#1166003).
   - md-bitmap: small cleanups (bsc#1166003).
   - md-cluster/bitmap: do not call md_bitmap_sync_with_cluster during
     reshaping stage (bsc#1166003).
   - md-cluster/raid10: call update_size in md_reap_sync_thread (bsc#1166003).
   - md-cluster/raid10: do not call remove_and_add_spares during reshaping
     stage (bsc#1166003).
   - md-cluster/raid10: resize all the bitmaps before start reshape
     (bsc#1166003).
   - md-cluster/raid10: support add disk under grow mode (bsc#1166003).
   - md-cluster: introduce resync_info_get interface for sanity check
     (bsc#1166003).
   - md-cluster: remove suspend_info (bsc#1166003).
   - md-cluster: send BITMAP_NEEDS_SYNC message if reshaping is interrupted
     (bsc#1166003).
   - md-linear: use struct_size() in kzalloc() (bsc#1166003).
   - md/bitmap: avoid race window between md_bitmap_resize and
     bitmap_file_clear_bit (bsc#1166003).
   - md/bitmap: use mddev_suspend/resume instead of ->quiesce() (bsc#1166003).
   - md/raid0: Fix an error message in raid0_make_request() (bsc#1166003).
   - md/raid10: Fix raid10 replace hang when new added disk faulty
     (bsc#1166003).
   - md/raid10: end bio when the device faulty (bsc#1166003).
   - md/raid10: prevent access of uninitialized resync_pages offset
     (bsc#1166003).
   - md/raid10: read balance chooses idlest disk for SSD (bsc#1166003).
   - md/raid1: Fix a warning message in remove_wb() (bsc#1166003).
   - md/raid1: avoid soft lockup under high load (bsc#1166003).
   - md/raid1: end bio when the device faulty (bsc#1166003).
   - md/raid1: fail run raid1 array when active disk less than one
     (bsc#1166003).
   - md/raid1: fix potential data inconsistency issue with write behind
     device (bsc#1166003).
   - md/raid1: get rid of extra blank line and space (bsc#1166003).
   - md/raid5: use bio_end_sector to calculate last_sector (bsc#1166003).
   - md/raid6: fix algorithm choice under larger PAGE_SIZE (bsc#1166003).
   - md: Make bio_alloc_mddev use bio_alloc_bioset (bsc#1166003).
   - md: add __acquires/__releases annotations to (un)lock_two_stripes
     (bsc#1166003).
   - md: add __acquires/__releases annotations to handle_active_stripes
     (bsc#1166003).
   - md: add a missing endianness conversion in check_sb_changes
     (bsc#1166003).
   - md: add bitmap_abort label in md_run (bsc#1166003).
   - md: add feature flag MD_FEATURE_RAID0_LAYOUT (bsc#1166003).
   - md: allow last device to be forcibly removed from RAID1/RAID10
     (bsc#1166003).
   - md: avoid invalid memory access for array sb->dev_roles (bsc#1166003).
   - md: change kabi fix patch name, from
     patches.kabi/md-batch-flush-requests-kabi.patch to
     patches.kabi/md-backport-kabi.patch
   - md: convert to kvmalloc (bsc#1166003).
   - md: do not call spare_active in md_reap_sync_thread if all member
     devices can't work (bsc#1166003).
   - md: do not set In_sync if array is frozen (bsc#1166003).
   - md: fix a typo s/creat/create (bsc#1166003).
   - md: fix for divide error in status_resync (bsc#1166003).
   - md: fix spelling typo and add necessary space (bsc#1166003).
   - md: introduce mddev_create/destroy_wb_pool for the change of member
     device (bsc#1166003).
   - md: make sure desc_nr less than MD_SB_DISKS (bsc#1166003).
   - md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show
     (bsc#1166003).
   - md: no longer compare spare disk superblock events in super_load
     (bsc#1166003).
   - md: raid10: Use struct_size() in kmalloc() (bsc#1166003).
   - md: raid1: check rdev before reference in raid1_sync_request func
     (bsc#1166003).
   - md: remove set but not used variable 'bi_rdev' (bsc#1166003).
   - md: rename wb stuffs (bsc#1166003).
   - md: return -ENODEV if rdev has no mddev assigned (bsc#1166003).
   - md: use correct type in super_1_load (bsc#1166003).
   - md: use correct type in super_1_sync (bsc#1166003).
   - md: use correct types in md_bitmap_print_sb (bsc#1166003).
   - media: uvcvideo: Refactor teardown of uvc on USB disconnect
     (bsc#1164507).
   - net/smc: add fallback check to connect() (git-fixes).
   - net/smc: fix cleanup for linkgroup setup failures (git-fixes).
   - net/smc: no peer ID in CLC decline for SMCD (git-fixes).
   - net/smc: transfer fasync_list in case of fallback (git-fixes).
   - net: macb: Limit maximum GEM TX length in TSO
     (networking-stable-20_02_09).
   - net: macb: Remove unnecessary alignment check for TSO
     (networking-stable-20_02_09).
   - net: mvneta: move rx_dropped and rx_errors in per-cpu stats
     (networking-stable-20_02_09).
   - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
     (networking-stable-20_02_09).
   - net_sched: fix a resource leak in tcindex_set_parms()
     (networking-stable-20_02_09).
   - nvme: Fix parsing of ANA log page (bsc#1166658).
   - nvme: Translate more status codes to blk_status_t (bsc#1156510).
   - nvme: resync include/linux/nvme.h with nvmecli (bsc#1156510).
   - orinoco: avoid assertion in case of NULL pointer (bsc#1051510).
   - padata: always acquire cpu_hotplug_lock before pinst->lock (git-fixes).
   - pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
     (bsc#1051510).
   - pinctrl: imx: scu: Align imx sc msg structs to 4 (git-fixes).
   - pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs (bsc#1051510).
   - pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs (bsc#1051510).
   - powerpc/pseries: fix of_read_drc_info_cell() to point at next record
     (bsc#1165980 ltc#183834).
   - powerpc: fix hardware PMU exception bug on PowerVM compatibility mode
     systems (bsc#1056686).
   - qmi_wwan: re-add DW5821e pre-production variant (bsc#1051510).
   - raid10: refactor common wait code from regular read/write request
     (bsc#1166003).
   - raid1: factor out a common routine to handle the completion of sync
     write (bsc#1166003).
   - raid1: simplify raid1_error function (bsc#1166003).
   - raid1: use an int as the return value of raise_barrier() (bsc#1166003).
   - raid5 improve too many read errors msg by adding limits (bsc#1166003).
   - raid5: block failing device if raid will be failed (bsc#1166003).
   - raid5: do not increment read_errors on EILSEQ return (bsc#1166003).
   - raid5: do not set STRIPE_HANDLE to stripe which is in batch list
     (bsc#1166003).
   - raid5: need to set STRIPE_HANDLE for batch head (bsc#1166003).
   - raid5: remove STRIPE_OPS_REQ_PENDING (bsc#1166003).
   - raid5: remove worker_cnt_per_group argument from alloc_thread_groups
     (bsc#1166003).
   - raid5: set write hint for PPL (bsc#1166003).
   - raid5: use bio_end_sector in r5_next_bio (bsc#1166003).
   - raid6/test: fix a compilation error (bsc#1166003).
   - raid6/test: fix a compilation warning (bsc#1166003).
   - remoteproc: Initialize rproc_class before use (bsc#1051510).
   - rtlwifi: rtl_pci: Fix -Wcast-function-type (bsc#1051510).
   - s390/pci: Fix unexpected write combine on resource (git-fixes).
   - s390/uv: Fix handling of length extensions (git-fixes).
   - staging: rtl8188eu: Fix potential overuse of kernel memory (bsc#1051510).
   - staging: rtl8188eu: Fix potential security hole (bsc#1051510).
   - staging: rtl8723bs: Fix potential overuse of kernel memory (bsc#1051510).
   - staging: rtl8723bs: Fix potential security hole (bsc#1051510).
   - tick: broadcast-hrtimer: Fix a race in bc_set_next (bsc#1044231).
   - tools: Update include/uapi/linux/fcntl.h copy from the kernel
     (bsc#1166003).
   - usb: host: xhci: update event ring dequeue pointer on purpose
     (git-fixes).
   - vgacon: Fix a UAF in vgacon_invert_region (bsc#1114279)
   - virtio-blk: fix hw_queue stopped on arbitrary error (git-fixes).
   - x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF
     (bsc#1114279).
   - x86/ioremap: Add an ioremap_encrypted() helper (bsc#1141895).
   - x86/kdump: Export the SME mask to vmcoreinfo (bsc#1141895).
   - x86/mce/amd: Fix kobject lifetime (bsc#1114279).
   - x86/mce/amd: Publish the bank pointer only after setup has succeeded
     (bsc#1114279).
   - x86/mm: Split vmalloc_sync_all() (bsc#1165741).
   - xfs: also remove cached ACLs when removing the underlying attr
     (bsc#1165873).
   - xfs: bulkstat should copy lastip whenever userspace supplies one
     (bsc#1165984).
   - xhci: Force Maximum Packet size for Full-speed bulk devices to valid
     range (bsc#1051510).
   - xhci: fix runtime pm enabling for quirky Intel hosts (bsc#1051510).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:

      zypper in -t patch openSUSE-2020-388=1



Package List:

   - openSUSE Leap 15.1 (noarch):

      kernel-devel-4.12.14-lp151.28.44.1
      kernel-docs-4.12.14-lp151.28.44.1
      kernel-docs-html-4.12.14-lp151.28.44.1
      kernel-macros-4.12.14-lp151.28.44.1
      kernel-source-4.12.14-lp151.28.44.1
      kernel-source-vanilla-4.12.14-lp151.28.44.1

   - openSUSE Leap 15.1 (x86_64):

      kernel-debug-4.12.14-lp151.28.44.1
      kernel-debug-base-4.12.14-lp151.28.44.1
      kernel-debug-base-debuginfo-4.12.14-lp151.28.44.1
      kernel-debug-debuginfo-4.12.14-lp151.28.44.1
      kernel-debug-debugsource-4.12.14-lp151.28.44.1
      kernel-debug-devel-4.12.14-lp151.28.44.1
      kernel-debug-devel-debuginfo-4.12.14-lp151.28.44.1
      kernel-default-4.12.14-lp151.28.44.1
      kernel-default-base-4.12.14-lp151.28.44.1
      kernel-default-base-debuginfo-4.12.14-lp151.28.44.1
      kernel-default-debuginfo-4.12.14-lp151.28.44.1
      kernel-default-debugsource-4.12.14-lp151.28.44.1
      kernel-default-devel-4.12.14-lp151.28.44.1
      kernel-default-devel-debuginfo-4.12.14-lp151.28.44.1
      kernel-kvmsmall-4.12.14-lp151.28.44.1
      kernel-kvmsmall-base-4.12.14-lp151.28.44.1
      kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.44.1
      kernel-kvmsmall-debuginfo-4.12.14-lp151.28.44.1
      kernel-kvmsmall-debugsource-4.12.14-lp151.28.44.1
      kernel-kvmsmall-devel-4.12.14-lp151.28.44.1
      kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.44.1
      kernel-obs-build-4.12.14-lp151.28.44.1
      kernel-obs-build-debugsource-4.12.14-lp151.28.44.1
      kernel-obs-qa-4.12.14-lp151.28.44.1
      kernel-syms-4.12.14-lp151.28.44.1
      kernel-vanilla-4.12.14-lp151.28.44.1
      kernel-vanilla-base-4.12.14-lp151.28.44.1
      kernel-vanilla-base-debuginfo-4.12.14-lp151.28.44.1
      kernel-vanilla-debuginfo-4.12.14-lp151.28.44.1
      kernel-vanilla-debugsource-4.12.14-lp151.28.44.1
      kernel-vanilla-devel-4.12.14-lp151.28.44.1
      kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.44.1


References:

   https://www.suse.com/security/cve/CVE-2019-19768.html
   https://www.suse.com/security/cve/CVE-2020-8647.html
   https://www.suse.com/security/cve/CVE-2020-8649.html
   https://www.suse.com/security/cve/CVE-2020-9383.html
   https://bugzilla.suse.com/1044231
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1056686
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1111974
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1113956
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1119680
   https://bugzilla.suse.com/1141895
   https://bugzilla.suse.com/1156510
   https://bugzilla.suse.com/1158187
   https://bugzilla.suse.com/1159285
   https://bugzilla.suse.com/1161561
   https://bugzilla.suse.com/1162929
   https://bugzilla.suse.com/1162931
   https://bugzilla.suse.com/1164078
   https://bugzilla.suse.com/1164507
   https://bugzilla.suse.com/1164632
   https://bugzilla.suse.com/1165111
   https://bugzilla.suse.com/1165741
   https://bugzilla.suse.com/1165873
   https://bugzilla.suse.com/1165929
   https://bugzilla.suse.com/1165950
   https://bugzilla.suse.com/1165980
   https://bugzilla.suse.com/1165984
   https://bugzilla.suse.com/1165985
   https://bugzilla.suse.com/1166003
   https://bugzilla.suse.com/1166101
   https://bugzilla.suse.com/1166102
   https://bugzilla.suse.com/1166103
   https://bugzilla.suse.com/1166104
   https://bugzilla.suse.com/1166632
   https://bugzilla.suse.com/1166658
   https://bugzilla.suse.com/1166730
   https://bugzilla.suse.com/1166731
   https://bugzilla.suse.com/1166732
   https://bugzilla.suse.com/1166733
   https://bugzilla.suse.com/1166734
   https://bugzilla.suse.com/1166735

--

openSUSE: 2020:0388-1: important: the Linux Kernel

March 27, 2020
An update that solves four vulnerabilities and has 37 fixes is now available.

Description

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078). - CVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162929 1162931). - CVE-2020-9383: An issue was discovered in the set_fdc in drivers/block/floppy.c that lead to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2 (bnc#1165111). - CVE-2019-19768: There was a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer) (bnc#1159285). The following non-security bugs were fixed: - ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1 (bsc#1111666). - ALSA: hda/realtek - Add Headset Mic supported (bsc#1111666). - ALSA: hda/realtek - Add more codec supported Headset Button (bsc#1111666). - ALSA: hda/realtek - Apply quirk for MSI GP63, too (bsc#1111666). - ALSA: hda/realtek - Apply quirk for yet another MSI laptop (bsc#1111666). - ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 (bsc#1111666). - ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 (bsc#1111666). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master (bsc#1111666). - ALSA: usb-audio: Add boot quirk for MOTU M Series (bsc#1111666). - ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 (bsc#1111666). - ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65 headset (bsc#1111666). - ALSA: usb-audio: Fix UAC2/3 effect unit parsing (bsc#1111666). - ALSA: usb-audio: Use lower hex numbers for IDs (bsc#1111666). - ALSA: usb-audio: add implicit fb quirk for MOTU M Series (bsc#1111666). - ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82 (bsc#1111666). - ALSA: usb-audio: fix Corsair Virtuoso mixer label collision (bsc#1111666). - ALSA: usb-audio: unlock on error in probe (bsc#1111666). - ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status (bsc#1051510). - ASoC: dapm: Correct DAPM handling of active widgets during shutdown (bsc#1051510). - ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path (bsc#1051510). - ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output (bsc#1051510). - ASoC: pcm: update FE/BE trigger order based on the command (bsc#1051510). - ASoC: topology: Fix memleak in soc_tplg_link_elems_load() (bsc#1051510). - Add CONFIG_RAID6_PQ_BENCHMARK=y in following config files for the above change, - EDAC, ghes: Make platform-based whitelisting x86-only (bsc#1158187). - EDAC/mc: Fix use-after-free and memleaks during device removal (bsc#1114279). - Enable the following two patches in series.conf, and refresh the KABI patch due to previous md commit (bsc#1119680), - HID: core: fix off-by-one memset in hid_report_raw_event() (bsc#1051510). - Input: edt-ft5x06 - work around first register access error (bsc#1051510). - Input: synaptics - enable SMBus on ThinkPad L470 (bsc#1051510). - Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list (bsc#1051510). - Input: synaptics - switch T470s to RMI4 by default (bsc#1051510). - KVM: VMX: check descriptor table exits on instruction emulation (bsc#1166104). - NFC: pn544: Fix a typo in a debug message (bsc#1051510). - NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu() (bsc#1051510). - PCI/AER: Clear device status bits during ERR_COR handling (bsc#1161561). - PCI/AER: Clear device status bits during ERR_FATAL and ERR_NONFATAL (bsc#1161561). - PCI/AER: Clear only ERR_FATAL status bits during fatal recovery (bsc#1161561). - PCI/AER: Clear only ERR_NONFATAL bits during non-fatal recovery (bsc#1161561). - PCI/AER: Do not clear AER bits if error handling is Firmware-First (bsc#1161561). - PCI/AER: Do not read upstream ports below fatal errors (bsc#1161561). - PCI/AER: Factor out ERR_NONFATAL status bit clearing (bsc#1161561). - PCI/AER: Take reference on error devices (bsc#1161561). - PCI/ERR: Run error recovery callbacks for all affected devices (bsc#1161561). - PCI/ERR: Use slot reset if available (bsc#1161561). - Update "drm/i915: Wean off drm_pci_alloc/drm_pci_free" (bsc#1114279) This patch fixes ../drivers/gpu/drm/i915/i915_gem.c: In function 'i915_gem_object_get_pages_phys': ../drivers/gpu/drm/i915/i915_gem.c:232:2: warning: return makes pointer from integer without a cast [enabled by default] introduced by commit cde29f21f04985905600b14e6936f4f023329a99. - Update config files. CONFIG_IPX was set on ARM. Disable as on other archs. - [1/2,media] uvcvideo: Refactor teardown of uvc on USB disconnect (https://patchwork.kernel.org/patch/9683663/) (bsc#1164507) - amdgpu/gmc_v9: save/restore sdpif regs during S3 (bsc#1113956) - atm: zatm: Fix empty body Clang warnings (bsc#1051510). - b43legacy: Fix -Wcast-function-type (bsc#1051510). - blk: Fix kabi due to blk_trace_mutex addition (bsc#1159285). - blktrace: fix dereference after null check (bsc#1159285). - blktrace: fix trace mutex deadlock (bsc#1159285). - bonding/alb: properly access headers in bond_alb_xmit() (networking-stable-20_02_09). - config: enable BLK_DEV_SR_VENDOR on armv7hl (bsc#1164632) - cpufreq: powernv: Fix unsafe notifiers (bsc#1065729). - cpufreq: powernv: Fix use-after-free (bsc#1065729). - crypto: pcrypt - Fix user-after-free on module unload (git-fixes). - dmaengine: coh901318: Fix a double lock bug in dma_tc_handle() (bsc#1051510). - driver core: Print device when resources present in really_probe() (bsc#1051510). - driver core: platform: Prevent resouce overflow from causing infinite loops (bsc#1051510). - driver core: platform: fix u32 greater or equal to zero comparison (bsc#1051510). - drivers/md/raid5-ppl.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET (bsc#1166003). - drivers/md/raid5.c: use the new spelling of RWH_WRITE_LIFE_NOT_SET (bsc#1166003). - drm/amd/dm/mst: Ignore payload update failures (bsc#1112178) - drm/gma500: Fixup fbdev stolen size usage evaluation (bsc#1051510). - drm/i915/gvt: Fix orphan vgpu dmabuf_objs' lifetime (git-fixes). - drm/i915/gvt: Fix unnecessary schedule timer when no vGPU exits (git-fixes). - drm/i915/selftests: Fix return in assert_mmap_offset() (bsc#1114279) - drm/i915/userptr: Try to acquire the page lock around (bsc#1114279) - drm/i915: Program MBUS with rmw during initialization (git-fixes). - drm/mediatek: handle events when enabling/disabling crtc (bsc#1051510). - drm/nouveau/disp/nv50-: prevent oops when no channel method map provided (bsc#1051510). - drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw (bsc#1051510). - drm/nouveau/kms/gv100-: Re-set LUT after clearing for modesets (git-fixes). - drm/sun4i: Fix DE2 VI layer format support (git-fixes). - drm/sun4i: de2/de3: Remove unsupported VI layer formats (git-fixes). - drm: remove the newline for CRC source name (bsc#1051510). - fcntl: fix typo in RWH_WRITE_LIFE_NOT_SET r/w hint name (bsc#1166003). - firmware: imx: misc: Align imx sc msg structs to 4 (git-fixes). - firmware: imx: scu-pd: Align imx sc msg structs to 4 (git-fixes). - firmware: imx: scu: Ensure sequential TX (git-fixes). - fs/xfs: fix f_ffree value for statfs when project quota is set (bsc#1165985). - hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT() (bsc#1051510). - ibmvnic: Do not process device remove during device reset (bsc#1065729). - ibmvnic: Warn unknown speed message only when carrier is present (bsc#1065729). - iommu/amd: Check feature support bit before accessing MSI capability registers (bsc#1166101). - iommu/amd: Only support x2APIC with IVHD type 11h/40h (bsc#1166102). - iommu/amd: Remap the IOMMU device table with the memory encryption mask for kdump (bsc#1141895). - iommu/dma: Fix MSI reservation allocation (bsc#1166730). - iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page (bsc#1166732). - iommu/vt-d: Fix compile warning from intel-svm.h (bsc#1166103). - iommu/vt-d: Fix the wrong printing in RHSA parsing (bsc#1166733). - iommu/vt-d: Ignore devices with out-of-spec domain number (bsc#1166734). - iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint (bsc#1166731). - iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint (bsc#1166735). - iwlegacy: Fix -Wcast-function-type (bsc#1051510). - iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices (bsc#1166632). - iwlwifi: mvm: Fix thermal zone registration (bsc#1051510). - kdump, proc/vmcore: Enable kdumping encrypted memory with SME enabled (bsc#1141895). - kexec: Allocate decrypted control pages for kdump if SME is enabled (bsc#1141895). - lib/raid6: add missing include for raid6test (bsc#1166003). - lib/raid6: add option to skip algo benchmarking (bsc#1166003). - lib/raid6: avoid __attribute_const__ redefinition (bsc#1166003). - libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields (bsc#1165929). - libnvdimm/pfn_dev: Do not clear device memmap area during generic namespace probe (bsc#1165929 bsc#1165950). - libnvdimm: remove redundant __func__ in dev_dbg (bsc#1165929). - md raid0/linear: Mark array as 'broken' and fail BIOs if a member is gone (bsc#1166003). - md-batch-flush-requests-kabi.patch - md-batch-flush-requests.patch - md-bitmap: create and destroy wb_info_pool with the change of backlog (bsc#1166003). - md-bitmap: create and destroy wb_info_pool with the change of bitmap (bsc#1166003). - md-bitmap: small cleanups (bsc#1166003). - md-cluster/bitmap: do not call md_bitmap_sync_with_cluster during reshaping stage (bsc#1166003). - md-cluster/raid10: call update_size in md_reap_sync_thread (bsc#1166003). - md-cluster/raid10: do not call remove_and_add_spares during reshaping stage (bsc#1166003). - md-cluster/raid10: resize all the bitmaps before start reshape (bsc#1166003). - md-cluster/raid10: support add disk under grow mode (bsc#1166003). - md-cluster: introduce resync_info_get interface for sanity check (bsc#1166003). - md-cluster: remove suspend_info (bsc#1166003). - md-cluster: send BITMAP_NEEDS_SYNC message if reshaping is interrupted (bsc#1166003). - md-linear: use struct_size() in kzalloc() (bsc#1166003). - md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit (bsc#1166003). - md/bitmap: use mddev_suspend/resume instead of ->quiesce() (bsc#1166003). - md/raid0: Fix an error message in raid0_make_request() (bsc#1166003). - md/raid10: Fix raid10 replace hang when new added disk faulty (bsc#1166003). - md/raid10: end bio when the device faulty (bsc#1166003). - md/raid10: prevent access of uninitialized resync_pages offset (bsc#1166003). - md/raid10: read balance chooses idlest disk for SSD (bsc#1166003). - md/raid1: Fix a warning message in remove_wb() (bsc#1166003). - md/raid1: avoid soft lockup under high load (bsc#1166003). - md/raid1: end bio when the device faulty (bsc#1166003). - md/raid1: fail run raid1 array when active disk less than one (bsc#1166003). - md/raid1: fix potential data inconsistency issue with write behind device (bsc#1166003). - md/raid1: get rid of extra blank line and space (bsc#1166003). - md/raid5: use bio_end_sector to calculate last_sector (bsc#1166003). - md/raid6: fix algorithm choice under larger PAGE_SIZE (bsc#1166003). - md: Make bio_alloc_mddev use bio_alloc_bioset (bsc#1166003). - md: add __acquires/__releases annotations to (un)lock_two_stripes (bsc#1166003). - md: add __acquires/__releases annotations to handle_active_stripes (bsc#1166003). - md: add a missing endianness conversion in check_sb_changes (bsc#1166003). - md: add bitmap_abort label in md_run (bsc#1166003). - md: add feature flag MD_FEATURE_RAID0_LAYOUT (bsc#1166003). - md: allow last device to be forcibly removed from RAID1/RAID10 (bsc#1166003). - md: avoid invalid memory access for array sb->dev_roles (bsc#1166003). - md: change kabi fix patch name, from patches.kabi/md-batch-flush-requests-kabi.patch to patches.kabi/md-backport-kabi.patch - md: convert to kvmalloc (bsc#1166003). - md: do not call spare_active in md_reap_sync_thread if all member devices can't work (bsc#1166003). - md: do not set In_sync if array is frozen (bsc#1166003). - md: fix a typo s/creat/create (bsc#1166003). - md: fix for divide error in status_resync (bsc#1166003). - md: fix spelling typo and add necessary space (bsc#1166003). - md: introduce mddev_create/destroy_wb_pool for the change of member device (bsc#1166003). - md: make sure desc_nr less than MD_SB_DISKS (bsc#1166003). - md: md.c: Return -ENODEV when mddev is NULL in rdev_attr_show (bsc#1166003). - md: no longer compare spare disk superblock events in super_load (bsc#1166003). - md: raid10: Use struct_size() in kmalloc() (bsc#1166003). - md: raid1: check rdev before reference in raid1_sync_request func (bsc#1166003). - md: remove set but not used variable 'bi_rdev' (bsc#1166003). - md: rename wb stuffs (bsc#1166003). - md: return -ENODEV if rdev has no mddev assigned (bsc#1166003). - md: use correct type in super_1_load (bsc#1166003). - md: use correct type in super_1_sync (bsc#1166003). - md: use correct types in md_bitmap_print_sb (bsc#1166003). - media: uvcvideo: Refactor teardown of uvc on USB disconnect (bsc#1164507). - net/smc: add fallback check to connect() (git-fixes). - net/smc: fix cleanup for linkgroup setup failures (git-fixes). - net/smc: no peer ID in CLC decline for SMCD (git-fixes). - net/smc: transfer fasync_list in case of fallback (git-fixes). - net: macb: Limit maximum GEM TX length in TSO (networking-stable-20_02_09). - net: macb: Remove unnecessary alignment check for TSO (networking-stable-20_02_09). - net: mvneta: move rx_dropped and rx_errors in per-cpu stats (networking-stable-20_02_09). - net: systemport: Avoid RBUF stuck in Wake-on-LAN mode (networking-stable-20_02_09). - net_sched: fix a resource leak in tcindex_set_parms() (networking-stable-20_02_09). - nvme: Fix parsing of ANA log page (bsc#1166658). - nvme: Translate more status codes to blk_status_t (bsc#1156510). - nvme: resync include/linux/nvme.h with nvmecli (bsc#1156510). - orinoco: avoid assertion in case of NULL pointer (bsc#1051510). - padata: always acquire cpu_hotplug_lock before pinst->lock (git-fixes). - pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins (bsc#1051510). - pinctrl: imx: scu: Align imx sc msg structs to 4 (git-fixes). - pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs (bsc#1051510). - pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs (bsc#1051510). - powerpc/pseries: fix of_read_drc_info_cell() to point at next record (bsc#1165980 ltc#183834). - powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems (bsc#1056686). - qmi_wwan: re-add DW5821e pre-production variant (bsc#1051510). - raid10: refactor common wait code from regular read/write request (bsc#1166003). - raid1: factor out a common routine to handle the completion of sync write (bsc#1166003). - raid1: simplify raid1_error function (bsc#1166003). - raid1: use an int as the return value of raise_barrier() (bsc#1166003). - raid5 improve too many read errors msg by adding limits (bsc#1166003). - raid5: block failing device if raid will be failed (bsc#1166003). - raid5: do not increment read_errors on EILSEQ return (bsc#1166003). - raid5: do not set STRIPE_HANDLE to stripe which is in batch list (bsc#1166003). - raid5: need to set STRIPE_HANDLE for batch head (bsc#1166003). - raid5: remove STRIPE_OPS_REQ_PENDING (bsc#1166003). - raid5: remove worker_cnt_per_group argument from alloc_thread_groups (bsc#1166003). - raid5: set write hint for PPL (bsc#1166003). - raid5: use bio_end_sector in r5_next_bio (bsc#1166003). - raid6/test: fix a compilation error (bsc#1166003). - raid6/test: fix a compilation warning (bsc#1166003). - remoteproc: Initialize rproc_class before use (bsc#1051510). - rtlwifi: rtl_pci: Fix -Wcast-function-type (bsc#1051510). - s390/pci: Fix unexpected write combine on resource (git-fixes). - s390/uv: Fix handling of length extensions (git-fixes). - staging: rtl8188eu: Fix potential overuse of kernel memory (bsc#1051510). - staging: rtl8188eu: Fix potential security hole (bsc#1051510). - staging: rtl8723bs: Fix potential overuse of kernel memory (bsc#1051510). - staging: rtl8723bs: Fix potential security hole (bsc#1051510). - tick: broadcast-hrtimer: Fix a race in bc_set_next (bsc#1044231). - tools: Update include/uapi/linux/fcntl.h copy from the kernel (bsc#1166003). - usb: host: xhci: update event ring dequeue pointer on purpose (git-fixes). - vgacon: Fix a UAF in vgacon_invert_region (bsc#1114279) - virtio-blk: fix hw_queue stopped on arbitrary error (git-fixes). - x86/cpu/amd: Enable the fixed Instructions Retired counter IRPERF (bsc#1114279). - x86/ioremap: Add an ioremap_encrypted() helper (bsc#1141895). - x86/kdump: Export the SME mask to vmcoreinfo (bsc#1141895). - x86/mce/amd: Fix kobject lifetime (bsc#1114279). - x86/mce/amd: Publish the bank pointer only after setup has succeeded (bsc#1114279). - x86/mm: Split vmalloc_sync_all() (bsc#1165741). - xfs: also remove cached ACLs when removing the underlying attr (bsc#1165873). - xfs: bulkstat should copy lastip whenever userspace supplies one (bsc#1165984). - xhci: Force Maximum Packet size for Full-speed bulk devices to valid range (bsc#1051510). - xhci: fix runtime pm enabling for quirky Intel hosts (bsc#1051510). Special Instructions and Notes: Please reboot the system after installing this update.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-388=1


Package List

- openSUSE Leap 15.1 (noarch): kernel-devel-4.12.14-lp151.28.44.1 kernel-docs-4.12.14-lp151.28.44.1 kernel-docs-html-4.12.14-lp151.28.44.1 kernel-macros-4.12.14-lp151.28.44.1 kernel-source-4.12.14-lp151.28.44.1 kernel-source-vanilla-4.12.14-lp151.28.44.1 - openSUSE Leap 15.1 (x86_64): kernel-debug-4.12.14-lp151.28.44.1 kernel-debug-base-4.12.14-lp151.28.44.1 kernel-debug-base-debuginfo-4.12.14-lp151.28.44.1 kernel-debug-debuginfo-4.12.14-lp151.28.44.1 kernel-debug-debugsource-4.12.14-lp151.28.44.1 kernel-debug-devel-4.12.14-lp151.28.44.1 kernel-debug-devel-debuginfo-4.12.14-lp151.28.44.1 kernel-default-4.12.14-lp151.28.44.1 kernel-default-base-4.12.14-lp151.28.44.1 kernel-default-base-debuginfo-4.12.14-lp151.28.44.1 kernel-default-debuginfo-4.12.14-lp151.28.44.1 kernel-default-debugsource-4.12.14-lp151.28.44.1 kernel-default-devel-4.12.14-lp151.28.44.1 kernel-default-devel-debuginfo-4.12.14-lp151.28.44.1 kernel-kvmsmall-4.12.14-lp151.28.44.1 kernel-kvmsmall-base-4.12.14-lp151.28.44.1 kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.44.1 kernel-kvmsmall-debuginfo-4.12.14-lp151.28.44.1 kernel-kvmsmall-debugsource-4.12.14-lp151.28.44.1 kernel-kvmsmall-devel-4.12.14-lp151.28.44.1 kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.44.1 kernel-obs-build-4.12.14-lp151.28.44.1 kernel-obs-build-debugsource-4.12.14-lp151.28.44.1 kernel-obs-qa-4.12.14-lp151.28.44.1 kernel-syms-4.12.14-lp151.28.44.1 kernel-vanilla-4.12.14-lp151.28.44.1 kernel-vanilla-base-4.12.14-lp151.28.44.1 kernel-vanilla-base-debuginfo-4.12.14-lp151.28.44.1 kernel-vanilla-debuginfo-4.12.14-lp151.28.44.1 kernel-vanilla-debugsource-4.12.14-lp151.28.44.1 kernel-vanilla-devel-4.12.14-lp151.28.44.1 kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.44.1


References

https://www.suse.com/security/cve/CVE-2019-19768.html https://www.suse.com/security/cve/CVE-2020-8647.html https://www.suse.com/security/cve/CVE-2020-8649.html https://www.suse.com/security/cve/CVE-2020-9383.html https://bugzilla.suse.com/1044231 https://bugzilla.suse.com/1051510 https://bugzilla.suse.com/1056686 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1111666 https://bugzilla.suse.com/1111974 https://bugzilla.suse.com/1112178 https://bugzilla.suse.com/1113956 https://bugzilla.suse.com/1114279 https://bugzilla.suse.com/1119680 https://bugzilla.suse.com/1141895 https://bugzilla.suse.com/1156510 https://bugzilla.suse.com/1158187 https://bugzilla.suse.com/1159285 https://bugzilla.suse.com/1161561 https://bugzilla.suse.com/1162929 https://bugzilla.suse.com/1162931 https://bugzilla.suse.com/1164078 https://bugzilla.suse.com/1164507 https://bugzilla.suse.com/1164632 https://bugzilla.suse.com/1165111 https://bugzilla.suse.com/1165741 https://bugzilla.suse.com/1165873 https://bugzilla.suse.com/1165929 https://bugzilla.suse.com/1165950 https://bugzilla.suse.com/1165980 https://bugzilla.suse.com/1165984 https://bugzilla.suse.com/1165985 https://bugzilla.suse.com/1166003 https://bugzilla.suse.com/1166101 https://bugzilla.suse.com/1166102 https://bugzilla.suse.com/1166103 https://bugzilla.suse.com/1166104 https://bugzilla.suse.com/1166632 https://bugzilla.suse.com/1166658 https://bugzilla.suse.com/1166730 https://bugzilla.suse.com/1166731 https://bugzilla.suse.com/1166732 https://bugzilla.suse.com/1166733 https://bugzilla.suse.com/1166734 https://bugzilla.suse.com/1166735--


Severity
Announcement ID: openSUSE-SU-2020:0388-1
Rating: important
Affected Products: openSUSE Leap 15.1 le.

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved