-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.4252
                   Security update for the Linux Kernel
                             14 November 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           linux kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                   Root Compromise                 -- Existing Account            
                   Access Privileged Data          -- Remote/Unauthenticated      
                   Denial of Service               -- Remote/Unauthenticated      
                   Modify Arbitrary Files          -- Console/Physical            
                   Provide Misleading Information  -- Remote with User Interaction
                   Unauthorised Access             -- Existing Account            
                   Access Confidential Data        -- Console/Physical            
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-18805 CVE-2019-17666 CVE-2019-17133
                   CVE-2019-17056 CVE-2019-17055 CVE-2019-16995
                   CVE-2019-16413 CVE-2019-16234 CVE-2019-16233
                   CVE-2019-16232 CVE-2019-15927 CVE-2019-15926
                   CVE-2019-15924 CVE-2019-15902 CVE-2019-15807
                   CVE-2019-15666 CVE-2019-15505 CVE-2019-15291
                   CVE-2019-15290 CVE-2019-15239 CVE-2019-15221
                   CVE-2019-15220 CVE-2019-15219 CVE-2019-15218
                   CVE-2019-15217 CVE-2019-15216 CVE-2019-15215
                   CVE-2019-15214 CVE-2019-15212 CVE-2019-15211
                   CVE-2019-15118 CVE-2019-15098 CVE-2019-14835
                   CVE-2019-14821 CVE-2019-14816 CVE-2019-14815
                   CVE-2019-14814 CVE-2019-13272 CVE-2019-11477
                   CVE-2019-11135 CVE-2019-10220 CVE-2019-10207
                   CVE-2019-9506 CVE-2019-9456 CVE-2019-0155
                   CVE-2019-0154 CVE-2018-20976 CVE-2018-12207
                   CVE-2017-18595 CVE-2017-18551 CVE-2017-18509
                   CVE-2017-18379 CVE-2016-10906 

Reference:         ASB-2019.0322
                   ASB-2019.0174
                   ESB-2019.4247
                   ESB-2019.4246
                   ESB-2019.4213

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html
   https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2946-1
Rating:            important
References:        #1046299 #1046303 #1046305 #1050244 #1050536 #1050545
                   #1051510 #1055186 #1061840 #1064802 #1065600 #1066129
                   #1073513 #1082635 #1083647 #1086323 #1087092 #1089644
                   #1090631 #1093205 #1096254 #1097583 #1097584 #1097585
                   #1097586 #1097587 #1097588 #1098291 #1101674 #1109158
                   #1114279 #1117665 #1119461 #1119465 #1123034 #1123080
                   #1133140 #1134303 #1135642 #1135854 #1135873 #1135966
                   #1135967 #1137040 #1137799 #1138190 #1139073 #1140090
                   #1140729 #1140845 #1140883 #1141600 #1142635 #1142667
                   #1143706 #1144338 #1144375 #1144449 #1144903 #1145099
                   #1146612 #1148410 #1149119 #1150452 #1150457 #1150465
                   #1150875 #1151508 #1152624 #1152685 #1152788 #1152791
                   #1153112 #1153158 #1153236 #1153263 #1153476 #1153509
                   #1153646 #1153713 #1153717 #1153718 #1153719 #1153811
                   #1153969 #1154108 #1154189 #1154354 #1154372 #1154578
                   #1154607 #1154608 #1154610 #1154611 #1154651 #1154737
                   #1154747 #1154848 #1154858 #1154905 #1155178 #1155179
                   #1155184 #1155186 #1155671
Cross-References:  CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220
                   CVE-2019-11135 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234
                   CVE-2019-16995 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666
Affected Products:
                   SUSE Linux Enterprise Module for Live Patching 15
______________________________________________________________________________

An update that solves 12 vulnerabilities and has 93 fixes is now available.

Description:

The SUSE Linux Enterprise 15 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-0154: Fix a local denial of service via read of unprotected i915
    registers. (bsc#1135966)
  o CVE-2019-0155: Fix privilege escalation in the i915 driver. Batch buffers
    from usermode could have escalated privileges via blitter command stream.
    (bsc#1135967)
  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).
  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).
  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).
  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).
  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465)
  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).
  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).
  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


The following non-security bugs were fixed:

  o 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  o acpi / CPPC: do not require the _PSD method (bsc#1051510).
  o acpi / processor: do not print errors for processorIDs == 0xff (bsc#
    1051510).
  o acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    (bsc#1051510).
  o act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  o alsa: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  o alsa: hda - Apply AMD controller workaround for Raven platform (bsc#
    1051510).
  o alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#
    1051510).
  o alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  o alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#
    1051510).
  o alsa: hda - Inform too slow responses (bsc#1051510).
  o alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  o alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#
    1051510).
  o alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
  o alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
  o alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#
    1051510).
  o alsa: hda/realtek - Check beep whitelist before assigning in all codecs
    (bsc#1051510).
  o alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  o alsa: hda/realtek - Fix alienware headset mic (bsc#1051510).
  o alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#
    1051510).
  o alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#
    1051510).
  o alsa: hda: Add Elkhart Lake pci ID (bsc#1051510).
  o alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510).
  o alsa: hda: Add support of Zhaoxin controller (bsc#1051510).
  o alsa: hda: Flush interrupts on disabling (bsc#1051510).
  o alsa: hda: Set fifo_size for both playback and capture streams (bsc#
    1051510).
  o alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in
    build_adc_controls() (bsc#1051510).
  o alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  o alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  o alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#
    1051510).
  o appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o asoc: Define a set of DAPM pre/post-up events (bsc#1051510).
  o asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
  o asoc: Intel: NHLT: Fix debug print format (bsc#1051510).
  o asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
    (bsc#1051510).
  o asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o asoc: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  o auxdisplay: panel: need to delete scan_timer when misc_register fails in
    panel_attach (bsc#1051510).
  o ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o blk-wbt: abstract out end IO completion handler (bsc#1135873).
  o blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  o blk-wbt: improve waking of tasks (bsc#1135873).
  o blk-wbt: move disable check into get_limit() (bsc#1135873).
  o blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#
    1051510).
  o bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  o boot: Sign non-x86 kernels when possible (boo#1134303)
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  o btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#
    1154651).
  o btrfs: Ensure replaced device does not have pending chunk allocation (bsc#
    1154607).
  o btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o btrfs: check for the full sync flag while holding the inode lock during
    fsync (bsc#1153713).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#
    1154651).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#
    1051510).
  o can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#
    1051510).
  o cdc_ether: fix rndis support for Mediatek based smartphones
    (networking-stable-19_09_15).
  o cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  o ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  o ceph: reconnect connection if session hang in opening state (bsc#1153718).
  o ceph: update the mtime when truncating up (bsc#1153719).
  o cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  o cfg80211: add and use strongly typed element iteration macros (bsc#
    1051510).
  o clk: at91: select parent if main oscillator or bypass is enabled (bsc#
    1051510).
  o clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  o clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  o clk: zx296718: Do not reference clk_init_data after registration (bsc#
    1051510).
  o crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg - remove locking in async callback (bsc#1154737).
  o crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif - return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead - overhaul memory management (bsc#1154737).
  o crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  o crypto: talitos - fix missing break in switch statement (bsc#1142635).
  o cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587
    bsc#1097588 bsc#1097583 bsc#1097584).
  o cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#
    1066129).
  o cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#
    1066129).
  o cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#
    1073513).
  o cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o dasd_fba: Display '00000000' for zero page when dumping sense (bsc#
    1123080).
  o drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  o drm/amdgpu/si: fix ASIC tests (git-fixes).
  o drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  o drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  o drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during command matching (bsc#
    1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
  o drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
  o drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Disable Secure Batches for gen6+
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#
    1135967)
  o drm/i915: Remove Master tables from cmdparser
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
  o drm/msm/dsi: Implement reset correctly (bsc#1051510).
  o drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  o drm/radeon: Fix EEH during kexec (bsc#1051510).
  o drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#
    1051510).
  o drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  o drm: Flush output polling on shutdown (bsc#1051510).
  o e1000e: add workaround for possible stalled packet (bsc#1051510).
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of pcie fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
    (git-fixes).
  o gpu: drm: radeon: Fix a possible null-pointer dereference in
    radeon_connector_set_property() (bsc#1051510).
  o hid: apple: Fix stuck function keys when using FN (bsc#1051510).
  o hid: fix error message in hid_open_report() (bsc#1051510).
  o hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  o hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o hid: logitech: Fix general protection fault caused by Logitech driver (bsc#
    1051510).
  o hid: prodikeys: Fix general protection fault during probe (bsc#1051510).
  o hid: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
    (bsc#1051510).
  o hwrng: core - do not wait on add_early_randomness() (git-fixes).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o i2c: riic: Clear NACK in tend isr (bsc#1051510).
  o ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  o ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  o ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  o ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  o ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o iio: adc: ad799x: fix probe error handling (bsc#1051510).
  o iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  o ima: always return negative code for error (bsc#1051510).
  o input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
  o input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    (bsc#1137799).
  o iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  o iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  o iommu/amd: Remove domain->updated (bsc#1154610).
  o iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#
    1154611).
  o ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#
    1051510).
  o ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    (networking-stable-19_09_15).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#
    1101674).
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_vma_offset_node readonly field addition (bsc#
    1135967)
  o kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
  o kabi/severities: Whitelist functions internal to radix mm. To call these
    functions you have to first detect if you are running in radix mm mode
    which can't be expected of OOT code.
  o kabi: net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578).
  o kernel-binary: check also bzImage on s390/s390x Starting with 4.19-rc1,
    uncompressed image is no longer built on s390x.
  o kernel-subpackage-build: create zero size ghost for uncompressed vmlinux
    (bsc#1154354). It is not strictly necessary to uncompress it so maybe the
    ghost file can be 0 size in this case.
  o kernel/sysctl.c: do not override max_threads provided by userspace (bnc#
    1150875).
  o ksm: cleanup stable_node chain collapse case (bnc#1144338).
  o ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
  o ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#
    1144338).
  o ksm: optimize refile of stable_node_dup at the head of the chain (bnc#
    1144338).
  o ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).
  o kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#
    1061840).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
    1117665).
  o kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
  o kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#
    1117665).
  o kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
  o kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
  o kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o kvm: x86: mmu: Recovery of shattered NX large pages (bsc#1117665,
    CVE-2018-12207).
  o kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
  o lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
  o libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
  o mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o mac80211: Reject malformed SSID elements (bsc#1051510).
  o mac80211: accept deauth frames in ibSS mode (bsc#1051510).
  o mac80211: fix txq null pointer dereference (bsc#1051510).
  o macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
  o md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#
    1140090).
  o md/raid0: fix warning message for parameter default_layout (bsc#1140090).
  o media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
  o media: cpia2_usb: fix memory leaks (bsc#1051510).
  o media: dvb-core: fix a memory leak bug (bsc#1051510).
  o media: exynos4-is: fix leaked of_node references (bsc#1051510).
  o media: gspca: zero usb_buf on error (bsc#1051510).
  o media: hdpvr: Add device num check and handling (bsc#1051510).
  o media: hdpvr: add terminating 0 at end of string (bsc#1051510).
  o media: i2c: ov5645: Fix power sequence (bsc#1051510).
  o media: iguanair: add sanity checks (bsc#1051510).
  o media: omap3isp: Do not set streaming state on random subdevs (bsc#
    1051510).
  o media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
  o media: ov9650: add a sanity check (bsc#1051510).
  o media: radio/si470x: kill urb on error (bsc#1051510).
  o media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
    (bsc#1051510).
  o media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
  o media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
  o media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
  o media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
  o mem: /dev/mem: Bail out upon SIGKILL (git-fixes).
  o memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc
    #1051510).
  o mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
  o mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
  o mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
  o mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
  o mmc: sdhci: improve ADMA error reporting (bsc#1051510).
  o net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495,
    ltc#165544, git-fixes).
  o net/mlx4_en: fix a memory leak bug (bsc#1046299).
  o net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
  o net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
  o net/phy: fix DP83865 10 Mbps HDX loopback disable function
    (networking-stable-19_09_30).
  o net/rds: Fix error handling in rds_ib_add_one()
    (networking-stable-19_10_05).
  o net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
  o net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
  o net/sched: act_sample: do not push mac header on ip6gre ingress
    (networking-stable-19_09_30).
  o net: Fix null de-reference of device refcount (networking-stable-19_09_15).
  o net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
  o net: Unpublish sk from sk_reuseport_cb before call_rcu
    (networking-stable-19_10_05).
  o net: fix skb use after free in netpoll (networking-stable-19_09_05).
  o net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
    linear-headed frag_list (networking-stable-19_09_15).
  o net: openvswitch: free vport unless register_netdevice() succeeds
    (git-fixes).
  o net: qlogic: Fix memory leak in ql_alloc_large_buffers
    (networking-stable-19_10_05).
  o net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
  o net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o net: stmmac: dwmac-rk: Do not fail if phy regulator is absent
    (networking-stable-19_09_05).
  o net_sched: add policy validation for action attributes
    (networking-stable-19_09_30).
  o net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o nfc: enforce CAP_NET_RAW for raw sockets (bsc#1152788 CVE-2019-17056).
  o nfc: fix attrs checks in netlink interface (bsc#1051510).
  o nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
  o nfc: pn533: fix use-after-free and memleaks (bsc#1051510).
  o nfs: NFSv4 Check the return value of update_open_stateid (boo#1154189 bsc#
    1154747).
  o nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
  o nl80211: fix null pointer dereference (bsc#1051510).
  o objtool: Clobber user CFLAGS variable (bsc#1153236).
  o openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
    (networking-stable-19_09_30).
  o packaging: add support for riscv64
  o pci: Correct pci=resource_alignment parameter example (bsc#1051510).
  o pci: PM: Fix pci_power_up() (bsc#1051510).
  o pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
  o pci: hv: Use bytes 4 and 5 from instance ID as the pci domain numbers (bsc#
    1153263).
  o pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
  o platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
  o platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI
    table (bsc#1051510).
  o power: supply: sysfs: ratelimit property read error message (bsc#1051510).
  o powerpc/64s/pseries: radix flush translations before MMU is enabled at boot
    (bsc#1055186).
  o powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates
    (bsc#1055186).
  o powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
  o powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc
    #1055186).
  o powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
  o powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline
    (bsc#1055186).
  o powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#
    1055186).
  o powerpc/mm: Properly invalidate when setting process table base (bsc#
    1055186).
  o powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
  o powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#
    1153112 ltc#181778).
  o powerpc/pseries: Remove confusing warning message (bsc#1109158).
  o powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc
    #181778).
  o qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#
    1050545).
  o qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
  o qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#
    1050536 bsc#1050545).
  o qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).
  o qmi_wwan: add support for Cinterion CLS8 devices
    (networking-stable-19_10_05).
  o r8152: Set macpassthru in reset_resume callback (bsc#1051510).
  o rdma/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (bsc#
    1050244).
  o rdma: Fix goto target to release the allocated memory (bsc#1050244).
  o rds: Fix warning (bsc#1154848).
  o rpm/config.sh: Enable livepatch.
  o rpm/constraints.in: lower disk space required for ARM With a requirement of
    35GB, only 2 slow workers are usable for ARM. Current aarch64 build
    requires 27G and armv6/7 requires 14G. Set requirements respectively to
    30GB and 20GB.
  o rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no
    reason to lock down the dtb directory for ordinary users.
  o rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo.
  o rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE
    kernel RT and Azure variants are excluded for the moment. (bsc#1141600)
  o rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in
    5.2.
  o rpm/kernel-binary.spec.in: support partial rt debug config.
  o rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
    (bsc#1149119).
  o rpm/macros.kernel-source: KMPs should depend on kmod-compat to build.
    kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and
    find-supplements.ksyms in rpm-config-SUSE.
  o rpm/mkspec: Correct tarball URL for rc kernels.
  o rpm/mkspec: Make building DTBs optional.
  o rpm/modflist: Simplify compression support.
  o rpm: raise required disk space for binary packages Current disk space
    constraints (10 GB on s390x, 25 GB on other architectures) no longer
    suffice for 5.3 kernel builds. The statistics show ~30 GB of disk
    consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB
    in general and 14 GB on s390x.
  o rpm: support compressed modules Some of our scripts and scriptlets in rpm/
    do not expect module files not ending with ".ko" which currently leads to
    failure in preuninstall scriptlet of cluster-md-kmp-default (and probably
    also other subpackages). Let those which could be run on compressed module
    files recognize ".ko.xz" in addition to ".ko".
  o rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
  o s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
  o sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
    (networking-stable-19_10_05).
  o sch_dsmark: fix potential NULL deref in dsmark_init()
    (networking-stable-19_10_05).
  o sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    (networking-stable-19_09_15).
  o sch_netem: fix a divide by zero in tabledist()
    (networking-stable-19_09_30).
  o sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
  o scripts/arch-symbols: add missing link.
  o scsi: lpfc: Fix devices that do not return after devloss followed by
    rediscovery (bsc#1137040).
  o scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute
    (bsc#1140845).
  o scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#
    1140883).
  o scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
  o scsi: qedf: Modify abort and tmf handler to handle edge condition and flush
    (bsc#1098291).
  o scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457
    CVE-2019-16233).
  o scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#
    1140729).
  o sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    (networking-stable-19_09_15).
  o sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    (networking-stable-19_09_15).
  o skge: fix checksum byte order (networking-stable-19_09_30).
  o sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
  o sock_diag: request _diag module only when the family or proto has been
    registered (bsc#1152791).
  o staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
  o staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
    1051510).
  o supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
  o tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
  o tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    (networking-stable-19_09_15).
  o tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
  o tcp: remove empty skb from write queue in error cases
    (networking-stable-19_09_05).
  o thermal: Fix use-after-free when unregistering thermal zone device (bsc#
    1051510).
  o thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
  o tipc: add NULL pointer check before calling kfree_rcu
    (networking-stable-19_09_15).
  o tipc: fix unlimited bundling of small messages
    (networking-stable-19_10_05).
  o tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#
    1151508).
  o tun: fix use-after-free when register netdev failed
    (networking-stable-19_09_15).
  o tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
  o usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on release (bsc#1051510).
  o usb: chaoskey: fix use-after-free on release (bsc#1051510).
  o usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
  o usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
  o usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).
  o usb: iowarrior: fix use-after-free on release (bsc#1051510).
  o usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
  o usb: ldusb: fix memleak on disconnect (bsc#1051510).
  o usb: ldusb: fix read info leaks (bsc#1051510).
  o usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
  o usb: legousbtower: fix deadlock on disconnect (bsc#1142635).
  o usb: legousbtower: fix memleak on disconnect (bsc#1051510).
  o usb: legousbtower: fix open after failed reset request (bsc#1142635).
  o usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
  o usb: legousbtower: fix slab info leak at probe (bsc#1142635).
  o usb: legousbtower: fix use-after-free on release (bsc#1051510).
  o usb: microtek: fix info-leak at probe (bsc#1142635).
  o usb: serial: fix runtime PM after driver unbind (bsc#1051510).
  o usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#
    1051510).
  o usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
  o usb: serial: option: add Telit FN980 compositions (bsc#1051510).
  o usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
  o usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
  o usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
  o usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
  o usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
  o usb: usblcd: fix I/O after disconnect (bsc#1142635).
  o usb: usblp: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usblp: fix use-after-free on disconnect (bsc#1051510).
  o usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#
    1051510).
  o usb: yurex: Do not retry on unexpected errors (bsc#1051510).
  o usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).
  o usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
  o usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
  o vfio_pci: Restore original state on release (bsc#1051510).
  o vfs: Make filldir[64]() verify the directory entry filename is valid (bsc#
    1144903).
  o vhost_net: conditionally enable tx polling (bsc#1145099).
  o video: of: display_timing: Add of_node_put() in of_get_display_timing()
    (bsc#1051510).
  o vsock: Fix a lockdep warning in __vsock_release()
    (networking-stable-19_10_05).
  o watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#
    1051510).
  o x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
  o x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
    1153969).
  o x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
  o x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
  o x86/tsx: Add config options to set tsx=on|off|auto (bsc#1139073,
    CVE-2019-11135).
  o xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
  o xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
  o xhci: Check all endpoints for LPM timeout (bsc#1051510).
  o xhci: Fix false warning message about wrong bounce buffer write length (bsc
    #1051510).
  o xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
  o xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
    (bsc#1051510).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Live Patching 15:
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2019-2946=1

Package List:

  o SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):
       kernel-default-debuginfo-4.12.14-150.41.1
       kernel-default-debugsource-4.12.14-150.41.1
       kernel-default-livepatch-4.12.14-150.41.1
       kernel-livepatch-4_12_14-150_41-default-1-1.3.1
       kernel-livepatch-4_12_14-150_41-default-debuginfo-1-1.3.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-0154.html
  o https://www.suse.com/security/cve/CVE-2019-0155.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://bugzilla.suse.com/1046299
  o https://bugzilla.suse.com/1046303
  o https://bugzilla.suse.com/1046305
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1050536
  o https://bugzilla.suse.com/1050545
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1061840
  o https://bugzilla.suse.com/1064802
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1066129
  o https://bugzilla.suse.com/1073513
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1086323
  o https://bugzilla.suse.com/1087092
  o https://bugzilla.suse.com/1089644
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1093205
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1097583
  o https://bugzilla.suse.com/1097584
  o https://bugzilla.suse.com/1097585
  o https://bugzilla.suse.com/1097586
  o https://bugzilla.suse.com/1097587
  o https://bugzilla.suse.com/1097588
  o https://bugzilla.suse.com/1098291
  o https://bugzilla.suse.com/1101674
  o https://bugzilla.suse.com/1109158
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1123080
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1134303
  o https://bugzilla.suse.com/1135642
  o https://bugzilla.suse.com/1135854
  o https://bugzilla.suse.com/1135873
  o https://bugzilla.suse.com/1135966
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1137799
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1140729
  o https://bugzilla.suse.com/1140845
  o https://bugzilla.suse.com/1140883
  o https://bugzilla.suse.com/1141600
  o https://bugzilla.suse.com/1142635
  o https://bugzilla.suse.com/1142667
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144375
  o https://bugzilla.suse.com/1144449
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145099
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1148410
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150875
  o https://bugzilla.suse.com/1151508
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1152791
  o https://bugzilla.suse.com/1153112
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153236
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153646
  o https://bugzilla.suse.com/1153713
  o https://bugzilla.suse.com/1153717
  o https://bugzilla.suse.com/1153718
  o https://bugzilla.suse.com/1153719
  o https://bugzilla.suse.com/1153811
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154108
  o https://bugzilla.suse.com/1154189
  o https://bugzilla.suse.com/1154354
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1154578
  o https://bugzilla.suse.com/1154607
  o https://bugzilla.suse.com/1154608
  o https://bugzilla.suse.com/1154610
  o https://bugzilla.suse.com/1154611
  o https://bugzilla.suse.com/1154651
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154747
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2947-1
Rating:            important
References:        #1046299 #1046303 #1046305 #1050244 #1050536 #1050545
                   #1051510 #1055186 #1061840 #1064802 #1065600 #1066129
                   #1073513 #1082635 #1083647 #1086323 #1087092 #1089644
                   #1090631 #1093205 #1096254 #1097583 #1097584 #1097585
                   #1097586 #1097587 #1097588 #1098291 #1101674 #1109158
                   #1111666 #1112178 #1113994 #1114279 #1117665 #1119461
                   #1119465 #1123034 #1123080 #1133140 #1134303 #1135642
                   #1135854 #1135873 #1135967 #1137040 #1137799 #1137861
                   #1138190 #1139073 #1140090 #1140729 #1140845 #1140883
                   #1141600 #1142635 #1142667 #1143706 #1144338 #1144375
                   #1144449 #1144903 #1145099 #1146612 #1148410 #1149119
                   #1149853 #1150452 #1150457 #1150465 #1150875 #1151508
                   #1151807 #1152033 #1152624 #1152665 #1152685 #1152696
                   #1152697 #1152788 #1152790 #1152791 #1153112 #1153158
                   #1153236 #1153263 #1153476 #1153509 #1153607 #1153646
                   #1153681 #1153713 #1153717 #1153718 #1153719 #1153811
                   #1153969 #1154108 #1154189 #1154242 #1154268 #1154354
                   #1154372 #1154521 #1154578 #1154607 #1154608 #1154610
                   #1154611 #1154651 #1154737 #1154747 #1154848 #1154858
                   #1154905 #1154956 #1155061 #1155178 #1155179 #1155184
                   #1155186 #1155671 #802154 #814594 #919448 #987367 #998153
Cross-References:  CVE-2018-12207 CVE-2019-10220 CVE-2019-11135 CVE-2019-16232
                   CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17056
                   CVE-2019-17133 CVE-2019-17666
Affected Products:
                   SUSE Linux Enterprise Module for Live Patching 15-SP1
______________________________________________________________________________

An update that solves 10 vulnerabilities and has 117 fixes is now available.

Description:


The SUSE Linux Enterprise 15-SP1 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).


  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


The following non-security bugs were fixed:

  o 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  o acpi: cppc: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    (bsc#1051510).
  o acpi: cppc: do not require the _PSD method (bsc#1051510).
  o acpi: processor: do not print errors for processorIDs == 0xff (bsc#
    1051510).
  o act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  o alsa: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o alsa: firewire-motu: add support for MOTU 4pre (bsc#1111666).
  o alsa: hda/hdmi: Do not report spurious jack state changes (bsc#1051510).
  o alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#
    1051510).
  o alsa: hda/realtek: Add support for ALC623 (bsc#1051510).
  o alsa: hda/realtek: Add support for ALC711 (bsc#1051510).
  o alsa: hda/realtek: Check beep whitelist before assigning in all codecs (bsc
    #1051510).
  o alsa: hda/realtek: Enable headset mic on Asus MJ401TA (bsc#1051510).
  o alsa: hda/realtek: Fix 2 front mics of codec 0x623 (bsc#1051510).
  o alsa: hda/realtek: Fix alienware headset mic (bsc#1051510).
  o alsa: hda/realtek: PCI quirk for Medion E4254 (bsc#1051510).
  o alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#
    1051510).
  o alsa: hda/sigmatel: remove unused variable 'stac9200_core_init' (bsc#
    1051510).
  o alsa: hda: Add Elkhart Lake PCI ID (bsc#1051510).
  o alsa: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
  o alsa: hda: Add a quirk model for fixing Huawei Matebook X right speaker
    (bsc#1051510).
  o alsa: hda: Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  o alsa: hda: Add support of Zhaoxin controller (bsc#1051510).
  o alsa: hda: Apply AMD controller workaround for Raven platform (bsc#
    1051510).
  o alsa: hda: Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).
  o alsa: hda: Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  o alsa: hda: Expand pin_match function to match upcoming new tbls (bsc#
    1051510).
  o alsa: hda: Flush interrupts on disabling (bsc#1051510).
  o alsa: hda: Force runtime PM on Nvidia HDMI codecs (bsc#1051510).
  o alsa: hda: Inform too slow responses (bsc#1051510).
  o alsa: hda: Set fifo_size for both playback and capture streams (bsc#
    1051510).
  o alsa: hda: Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  o alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in
    build_adc_controls() (bsc#1051510).
  o alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  o alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o alsa: usb-audio: Add DSD support for EVGA NU Audio (bsc#1051510).
  o alsa: usb-audio: Add DSD support for Gustard U16/X26 USB Interface (bsc#
    1051510).
  o alsa: usb-audio: Add Hiby device family to quirks for native DSD support
    (bsc#1051510).
  o alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  o alsa: usb-audio: Clean up check_input_term() (bsc#1051510).
  o alsa: usb-audio: DSD auto-detection for Playback Designs (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1111666).
  o alsa: usb-audio: Fix copy&paste error in the validator (bsc#1111666).
  o alsa: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk
    () (bsc#1051510).
  o alsa: usb-audio: More validations of descriptor units (bsc#1051510).
  o alsa: usb-audio: Remove superfluous bLength checks (bsc#1051510).
  o alsa: usb-audio: Simplify parse_audio_unit() (bsc#1051510).
  o alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#
    1051510).
  o alsa: usb-audio: Unify audioformat release code (bsc#1051510).
  o alsa: usb-audio: Unify the release of usb_mixer_elem_info objects (bsc#
    1051510).
  o alsa: usb-audio: Update DSD support quirks for Oppo and Rotel (bsc#
    1051510).
  o alsa: usb-audio: fix PCM device order (bsc#1051510).
  o alsa: usb-audio: remove some dead code (bsc#1051510).
  o appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o asoc: Define a set of DAPM pre/post-up events (bsc#1051510).
  o asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
    (bsc#1051510).
  o asoc: intel: Fix use of potentially uninitialized variable (bsc#1051510).
  o asoc: intel: nhlt: Fix debug print format (bsc#1051510).
  o asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o asoc: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  o auxdisplay: panel: need to delete scan_timer when misc_register fails in
    panel_attach (bsc#1051510).
  o ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o blk-wbt: abstract out end IO completion handler (bsc#1135873).
  o blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  o blk-wbt: improve waking of tasks (bsc#1135873).
  o blk-wbt: move disable check into get_limit() (bsc#1135873).
  o blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#
    1051510).
  o bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  o bnxt_en: Add PCI IDs for 57500 series NPAR devices (bsc#1153607).
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o brcmfmac: sdio: Disable auto-tuning around commands expected to fail (bsc#
    1111666).
  o brcmfmac: sdio: Do not tune while the card is off (bsc#1111666).
  o bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  o btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#
    1154651).
  o btrfs: Ensure replaced device does not have pending chunk allocation (bsc#
    1154607).
  o btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o btrfs: check for the full sync flag while holding the inode lock during
    fsync (bsc#1153713).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#
    1154651).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#
    1051510).
  o can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#
    1051510).
  o cdc_ether: fix rndis support for Mediatek based smartphones
    (networking-stable-19_09_15).
  o cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  o ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  o ceph: reconnect connection if session hang in opening state (bsc#1153718).
  o ceph: update the mtime when truncating up (bsc#1153719).
  o cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  o cfg80211: add and use strongly typed element iteration macros (bsc#
    1051510).
  o clk: at91: select parent if main oscillator or bypass is enabled (bsc#
    1051510).
  o clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  o clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  o clk: zx296718: Do not reference clk_init_data after registration (bsc#
    1051510).
  o crypto: af_alg: Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg: Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg: consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg: fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg: remove locking in async callback (bsc#1154737).
  o crypto: af_alg: update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg: wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif: return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead: copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead: fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead: overhaul memory management (bsc#1154737).
  o crypto: algif_aead: skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher: overhaul memory management (bsc#1154737).
  o crypto: talitos: fix missing break in switch statement (bsc#1142635).
  o cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587
    bsc#1097588 bsc#1097583 bsc#1097584).
  o cxgb4: do not dma memory off of the stack (bsc#1152790).
  o cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#
    1066129).
  o cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#
    1066129).
  o cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#
    1073513).
  o cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o drm/amd/display: Restore backlight brightness after system resume (bsc#
    1112178)
  o drm/amd/display: fix issue where 252-255 values are clipped (bsc#1111666).
  o drm/amd/display: reprogram VM config when system resume (bsc#1111666).
  o drm/amd/display: support spdif (bsc#1111666).
  o drm/amd/dm: Understand why attaching path/tile properties are needed (bsc#
    1111666).
  o drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  o drm/amd/pp: Fix truncated clock value when set watermark (bsc#1111666).
  o drm/amdgpu/gfx9: Update gfx9 golden settings (bsc#1111666).
  o drm/amdgpu/si: fix ASIC tests (git-fixes).
  o drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  o drm/amdgpu: Fix KFD-related kernel oops on Hawaii (bsc#1111666).
  o drm/amdgpu: Update gc_9_0 golden settings (bsc#1111666).
  o drm/amdkfd: Add missing Polaris10 ID (bsc#1111666).
  o drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  o drm/atomic_helper: Allow DPMS OnOff changes for unregistered connectors
    (bsc#1111666).
  o drm/atomic_helper: Disallow new modesets on unregistered connectors (bsc#
    1111666).
  o drm/atomic_helper: Stop modesets on unregistered connectors harder (bsc#
    1111666).
  o drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  o drm/bridge: tfp410: fix memleak in get_modes() (bsc#1111666).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during (bsc#1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gvt: update vgpu workload head pointer correctly (bsc#1112178)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Cleanup gt powerstate from gem (bsc#1111666).
  o drm/i915: Disable Secure Batches for gen6+ (bsc#1135967)
  o drm/i915: Fix intel_dp_mst_best_encoder() (bsc#1111666).
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Remove Master tables from cmdparser (bsc#1135967)
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Restore sane defaults for KMS on GEM error load (bsc#1111666).
  o drm/i915: Support ro ppgtt mapped cmdparser shadow (bsc#1135967)
  o drm/mediatek: set DMA max segment size (bsc#1111666).
  o drm/msm/dsi: Fix return value check for clk_get_parent (bsc#1111666).
  o drm/msm/dsi: Implement reset correctly (bsc#1051510).
  o drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling (bsc#1111666).
  o drm/nouveau/kms/nv50-: Do not create MSTMs for eDP connectors (bsc#1112178)
  o drm/nouveau/volt: Fix for some cards having 0 maximum voltage (bsc#
    1111666).
  o drm/omap: fix max fclk divider for omap36xx (bsc#1111666).
  o drm/panel: check failure cases in the probe func (bsc#1111666).
  o drm/panel: make drm_panel.h self-contained (bsc#1111666).
  o drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  o drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed (bsc#
    1111666).
  o drm/radeon: Fix EEH during kexec (bsc#1051510).
  o drm/rockchip: Check for fast link training before enabling psr (bsc#
    1111666).
  o drm/stm: attach gem fence to atomic state (bsc#1111666).
  o drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#
    1051510).
  o drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  o drm: Flush output polling on shutdown (bsc#1051510).
  o drm: add __user attribute to ptr_to_compat() (bsc#1111666).
  o drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
    (bsc#1111666).
  o drm: rcar-du: lvds: Fix bridge_to_rcar_lvds (bsc#1111666).
  o e1000e: add workaround for possible stalled packet (bsc#1051510).
  o efi/arm: Show SMBIOS bank/device location in CPER and GHES error logs (bsc#
    1152033).
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of PCIe fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
    (git-fixes).
  o gpu: drm: radeon: Fix a possible null-pointer dereference in
    radeon_connector_set_property() (bsc#1051510).
  o hid: apple: Fix stuck function keys when using FN (bsc#1051510).
  o hid: fix error message in hid_open_report() (bsc#1051510).
  o hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  o hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o hid: logitech: Fix general protection fault caused by Logitech driver (bsc#
    1051510).
  o hid: prodikeys: Fix general protection fault during probe (bsc#1051510).
  o hid: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
    (bsc#1051510).
  o hwrng: core: do not wait on add_early_randomness() (git-fixes).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o i2c: riic: Clear NACK in tend isr (bsc#1051510).
  o ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  o ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  o ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  o ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  o ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o iio: adc: ad799x: fix probe error handling (bsc#1051510).
  o iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  o ima: always return negative code for error (bsc#1051510).
  o input: da9063: fix capability and drop KEY_SLEEP (bsc#1051510).
  o input: synaptics-rmi4: avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    (bsc#1137799).
  o iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  o iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  o iommu/amd: Remove domain->updated (bsc#1154610).
  o iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#
    1154611).
  o ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#
    1051510).
  o ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    (networking-stable-19_09_15).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (bsc#
    1111666).
  o ixgbe: Fix secpath usage for IPsec TX offload (bsc#1113994 bsc#1151807).
  o ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#
    1101674).
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_connector.registered type changes (bsc#1111666).
  o kABI workaround for mmc_host retune_crc_disable flag addition (bsc#
    1111666).
  o kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
  o kabi/severities: Whitelist functions internal to radix mm. To call these
    functions you have to first detect if you are running in radix mm mode
    which can't be expected of OOT code.
  o kabi: net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).
  o kernel-binary.spec.in: Obsolete kgraft packages only when not building
    them.
  o kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578). Without
    this patch,

/usr/src/linux-@VERSION@-@RELEASE_SHORT@-obj/x86_64/vanilla/.kernel-binary.
spec.buildenv contained rpm %_smp_mflags in a line like export MAKE_ARGS="
- --output-sync -j4" This made it hard to produce bit-identical builds.
kernel-binary: check also bzImage on s390/s390x Starting with 4.19-rc1,
uncompressed image is no longer built on s390x. If file "image" is not found in
arch/s390/boot after the build, try bzImage instead. For now, install bzImage
under the name image-* until we know grub2 and our grub2 scripts can handle
correct name.
kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#
1154354). It is not strictly necessary to uncompress it so maybe the ghost file
can be 0 size in this case.
kernel/sysctl.c: do not override max_threads provided by userspace (bnc#
1150875).
ksm: cleanup stable_node chain collapse case (bnc#1144338).
ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338).
ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338).
ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
kvm: Convert kvm_lock to a mutex (bsc#1117665).
kvm: mmu: drop vcpu param in gpte_access (bsc#1117665).
kvm: ppc: book3s hv: use smp_mb() when setting/clearing host_ipi flag (bsc#
1061840).
kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#
1117665).
kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
1117665).
kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665).
kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
libnvdimm/security: provide fix for secure-erase to use zero-key (bsc#1149853).
lpfc: Add FA-WWN Async Event reporting (bsc#1154521).
lpfc: Add FC-AL support to lpe32000 models (bsc#1154521).
lpfc: Add additional discovery log messages (bsc#1154521).
lpfc: Add log macros to allow print by serverity or verbocity setting (bsc#
1154521).
lpfc: Fix SLI3 hba in loop mode not discovering devices (bsc#1154521).
lpfc: Fix bad ndlp ptr in xri aborted handling (bsc#1154521).
lpfc: Fix hardlockup in lpfc_abort_handler (bsc#1154521).
lpfc: Fix lockdep errors in sli_ringtx_put (bsc#1154521).
lpfc: Fix reporting of read-only fw error errors (bsc#1154521).
lpfc: Make FW logging dynamically configurable (bsc#1154521).
lpfc: Remove lock contention target write path (bsc#1154521).
lpfc: Revise interrupt coalescing for missing scenarios (bsc#1154521).
lpfc: Slight fast-path Performance optimizations (bsc#1154521).
lpfc: Update lpfc version to 12.6.0.0 (bsc#1154521).
lpfc: fix coverity error of dereference after null check (bsc#1154521).
lpfc: fix lpfc_nvmet_mrq to be bound by hdw queue count (bsc#1154521).
mac80211: Reject malformed SSID elements (bsc#1051510).
mac80211: accept deauth frames in IBSS mode (bsc#1051510).
mac80211: fix txq null pointer dereference (bsc#1051510).
macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090).
md/raid0: fix warning message for parameter default_layout (bsc#1140090).
media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
media: cpia2_usb: fix memory leaks (bsc#1051510).
media: dvb-core: fix a memory leak bug (bsc#1051510).
media: exynos4-is: fix leaked of_node references (bsc#1051510).
media: gspca: zero usb_buf on error (bsc#1051510).
media: hdpvr: Add device num check and handling (bsc#1051510).
media: hdpvr: add terminating 0 at end of string (bsc#1051510).
media: i2c: ov5645: Fix power sequence (bsc#1051510).
media: iguanair: add sanity checks (bsc#1051510).
media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510).
media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
media: ov9650: add a sanity check (bsc#1051510).
media: radio/si470x: kill urb on error (bsc#1051510).
media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#
1051510).
media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#
1051510).
mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
misdn: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
mmc: core: API to temporarily disable retuning for SDIO CRC errors (bsc#
1111666).
mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() (bsc#1111666).
mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
mmc: sdhci: improve ADMA error reporting (bsc#1051510).
net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#
165544, git-fixes).
net/mlx4_en: fix a memory leak bug (bsc#1046299).
net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
net/phy: fix DP83865 10 Mbps HDX loopback disable function
(networking-stable-19_09_30).
net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05).
net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
net/sched: act_sample: do not push mac header on ip6gre ingress
(networking-stable-19_09_30).
net: Fix null de-reference of device refcount (networking-stable-19_09_15).
net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
net: Unpublish sk from sk_reuseport_cb before call_rcu
(networking-stable-19_10_05).
net: fix skb use after free in netpoll (networking-stable-19_09_05).
net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
linear-headed frag_list (networking-stable-19_09_15).
net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes).
net: qlogic: Fix memory leak in ql_alloc_large_buffers
(networking-stable-19_10_05).
net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
net: sched: act_sample: fix psample group handling on overwrite
(networking-stable-19_09_05).
net: stmmac: dwmac-rk: Do not fail if phy regulator is absent
(networking-stable-19_09_05).
net_sched: add policy validation for action attributes
(networking-stable-19_09_30).
net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
nfc: fix attrs checks in netlink interface (bsc#1051510).
nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
nfc: pn533: fix use-after-free and memleaks (bsc#1051510).
nfsv4.1: backchannel request should hold ref on xprt (bsc#1152624).
nl80211: fix null pointer dereference (bsc#1051510).
objtool: Clobber user CFLAGS variable (bsc#1153236).
openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
(networking-stable-19_09_30).
packaging: add support for riscv64
pci: Correct pci=resource_alignment parameter example (bsc#1051510).
pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
pci: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#
1153263).
pci: pm: Fix pci_power_up() (bsc#1051510).
pinctrl: cherryview: restore Strago DMI workaround for all versions (bsc#
1111666).
pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
platform/x86: i2c-multi-instantiate: Derive the device name from parent (bsc#
1111666).
platform/x86: i2c-multi-instantiate: Fail the probe if no IRQ provided (bsc#
1111666).
platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI
table (bsc#1051510).
power: supply: sysfs: ratelimit property read error message (bsc#1051510).
powerpc/64s/pseries: radix flush translations before MMU is enabled at boot
(bsc#1055186).
powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#
1055186).
powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#
1055186).
powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc
#1055186).
powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#
1055186).
powerpc/mm: Properly invalidate when setting process table base (bsc#1055186).
powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#
1153112 ltc#181778).
powerpc/pseries: Remove confusing warning message (bsc#1109158).
powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#
181778).
powerplay: Respect units on max dcfclk watermark (bsc#1111666).
qed: iwarp: Fix default window size to be based on chip (bsc#1050536 bsc#
1050545).
qed: iwarp: Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
qed: iwarp: Use READ_ONCE and smp_store_release to access ep->state (bsc#
1050536 bsc#1050545).
qed: iwarp: fix uninitialized callback (bsc#1050536 bsc#1050545).
qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05).
r8152: Set macpassthru in reset_resume callback (bsc#1051510).
rdma/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (bsc#
1050244).
rdma/hns: Add reset process for function-clear (bsc#1155061).
rdma/hns: Remove the some magic number (bsc#1155061).
rdma: Fix goto target to release the allocated memory (bsc#1050244).
rds: Fix warning (bsc#1154848).
rpm/config.sh: Enable livepatch.
rpm/constraints.in: lower disk space required for ARM With a requirement of
35GB, only 2 slow workers are usable for ARM. Current aarch64 build requires
27G and armv6/7 requires 14G. Set requirements respectively to 30GB and 20GB.
rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no reason
to lock down the dtb directory for ordinary users.
rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo.
rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE kernel RT
and Azure variants are excluded for the moment. (bsc#1141600)
rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in 5.2.
rpm/kernel-binary.spec.in: support partial rt debug config.
rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
(bsc#1149119).
rpm/macros.kernel-source: KMPs should depend on kmod-compat to build.
kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and
find-supplements.ksyms in rpm-config-SUSE.
rpm/mkspec: Correct tarball URL for rc kernels.
rpm/mkspec: Make building DTBs optional.
rpm/modflist: Simplify compression support.
rpm: raise required disk space for binary packages Current disk space
constraints (10 GB on s390x, 25 GB on other architectures) no longer suffice
for 5.3 kernel builds. The statistics show ~30 GB of disk consumption on x86_64
and ~11 GB on s390x so raise the constraints to 35 GB in general and 14 GB on
s390x.
rpm: support compressed modules Some of our scripts and scriptlets in rpm/ do
not expect module files not ending with ".ko" which currently leads to failure
in preuninstall scriptlet of cluster-md-kmp-default (and probably also other
subpackages). Let those which could be run on compressed module files recognize
".ko.xz" in addition to ".ko".
rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).
s390/crypto: fix gcm-aes-s390 selftest failures (bsc#1137861 LTC#178091).
s390/pci: add mio_enabled attribute (bsc#1152665 LTC#181729).
s390/pci: correctly handle MIO opt-out (bsc#1152665 LTC#181729).
s390/pci: deal with devices that have no support for MIO instructions (bsc#
1152665 LTC#181729).
s390/pci: fix MSI message data (bsc#1152697 LTC#181730).
s390: add support for IBM z15 machines (bsc#1152696 LTC#181731).
s390: fix setting of mio addressing control (bsc#1152665 LTC#181729).
sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05).
sch_dsmark: fix potential NULL deref in dsmark_init()
(networking-stable-19_10_05).
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
(networking-stable-19_09_15).
sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30).
sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
scripts/arch-symbols: add missing link.
scsi: lpfc: Check queue pointer before use (bsc#1154242).
scsi: lpfc: Complete removal of FCoE T10 PI support on SLI-4 adapters (bsc#
1154521).
scsi: lpfc: Convert existing %pf users to %ps (bsc#1154521).
scsi: lpfc: Fix GPF on scsi command completion (bsc#1154521).
scsi: lpfc: Fix NVME io abort failures causing hangs (bsc#1154521).
scsi: lpfc: Fix NVMe ABTS in response to receiving an ABTS (bsc#1154521).
scsi: lpfc: Fix coverity errors on NULL pointer checks (bsc#1154521).
scsi: lpfc: Fix device recovery errors after PLOGI failures (bsc#1154521).
scsi: lpfc: Fix devices that do not return after devloss followed by
rediscovery (bsc#1137040).
scsi: lpfc: Fix discovery failures when target device connectivity bounces (bsc
#1154521).
scsi: lpfc: Fix hdwq sgl locks and irq handling (bsc#1154521).
scsi: lpfc: Fix host hang at boot or slow boot (bsc#1154521).
scsi: lpfc: Fix list corruption detected in lpfc_put_sgl_per_hdwq (bsc#
1154521).
scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq (bsc#1154521).
scsi: lpfc: Fix locking on mailbox command completion (bsc#1154521).
scsi: lpfc: Fix miss of register read failure check (bsc#1154521).
scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute
(bsc#1140845).
scsi: lpfc: Fix premature re-enabling of interrupts in lpfc_sli_host_down (bsc#
1154521).
scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#
1140883).
scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (bsc#1154521).
scsi: lpfc: Fix rpi release when deleting vport (bsc#1154521).
scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd() (bsc#1154521).
scsi: lpfc: Make function lpfc_defer_pt2pt_acc static (bsc#1154521).
scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
scsi: lpfc: Update async event logging (bsc#1154521).
scsi: lpfc: Update lpfc version to 12.4.0.1 (bsc#1154521).
scsi: lpfc: cleanup: remove unused fcp_txcmlpq_cnt (bsc#1154521).
scsi: lpfc: remove left-over BUILD_NVME defines (bsc#1154268).
scsi: qedf: Modify abort and tmf handler to handle edge condition and flush
(bsc#1098291).
scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#
1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#
1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706
bsc#1082635 bsc#1123034).
scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (bsc#1143706
bsc#1082635 bsc#1123034).
scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635
bsc#1123034).
scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#
1082635 bsc#1123034).
scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
1123034).
scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#
1140729).
scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956 LTC#
182054).
sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
(networking-stable-19_09_15).
sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
(networking-stable-19_09_15).
skge: fix checksum byte order (networking-stable-19_09_30).
sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
sock_diag: request _diag module only when the family or proto has been
registered (bsc#1152791).
staging: bcm2835-audio: Fix draining behavior regression (bsc#1111666).
staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
1051510).
supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
(networking-stable-19_09_15).
tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
tcp: remove empty skb from write queue in error cases
(networking-stable-19_09_05).
thermal: Fix use-after-free when unregistering thermal zone device (bsc#
1051510).
thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
tipc: add NULL pointer check before calling kfree_rcu
(networking-stable-19_09_15).
tipc: fix unlimited bundling of small messages (networking-stable-19_10_05).
tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#
1151508).
tun: fix use-after-free when register netdev failed
(networking-stable-19_09_15).
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).
usb: adutux: fix use-after-free on disconnect (bsc#1142635).
usb: adutux: fix use-after-free on release (bsc#1051510).
usb: chaoskey: fix use-after-free on release (bsc#1051510).
usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).
usb: iowarrior: fix use-after-free on release (bsc#1051510).
usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
usb: ldusb: fix memleak on disconnect (bsc#1051510).
usb: ldusb: fix read info leaks (bsc#1051510).
usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
usb: legousbtower: fix deadlock on disconnect (bsc#1142635).
usb: legousbtower: fix memleak on disconnect (bsc#1051510).
usb: legousbtower: fix open after failed reset request (bsc#1142635).
usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
usb: legousbtower: fix slab info leak at probe (bsc#1142635).
usb: legousbtower: fix use-after-free on release (bsc#1051510).
usb: microtek: fix info-leak at probe (bsc#1142635).
usb: serial: fix runtime PM after driver unbind (bsc#1051510).
usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#
1051510).
usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
usb: serial: option: add Telit FN980 compositions (bsc#1051510).
usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
usb: usblcd: fix I/O after disconnect (bsc#1142635).
usb: usblp: fix runtime PM after driver unbind (bsc#1051510).
usb: usblp: fix use-after-free on disconnect (bsc#1051510).
usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510).
usb: yurex: Do not retry on unexpected errors (bsc#1051510).
usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).
usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
vfio_pci: Restore original state on release (bsc#1051510).
vhost_net: conditionally enable tx polling (bsc#1145099).
video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#
1051510).
vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05).
watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#
1051510).
x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
1153969).
x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
xhci: Check all endpoints for LPM timeout (bsc#1051510).
xhci: Fix false warning message about wrong bounce buffer write length (bsc#
1051510).
xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#
1051510).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Live Patching 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2019-2947=1

Package List:

  o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
       kernel-default-debuginfo-4.12.14-197.26.1
       kernel-default-debugsource-4.12.14-197.26.1
       kernel-default-livepatch-4.12.14-197.26.1
       kernel-default-livepatch-devel-4.12.14-197.26.1
       kernel-livepatch-4_12_14-197_26-default-1-3.5.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://bugzilla.suse.com/1046299
  o https://bugzilla.suse.com/1046303
  o https://bugzilla.suse.com/1046305
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1050536
  o https://bugzilla.suse.com/1050545
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1061840
  o https://bugzilla.suse.com/1064802
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1066129
  o https://bugzilla.suse.com/1073513
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1086323
  o https://bugzilla.suse.com/1087092
  o https://bugzilla.suse.com/1089644
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1093205
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1097583
  o https://bugzilla.suse.com/1097584
  o https://bugzilla.suse.com/1097585
  o https://bugzilla.suse.com/1097586
  o https://bugzilla.suse.com/1097587
  o https://bugzilla.suse.com/1097588
  o https://bugzilla.suse.com/1098291
  o https://bugzilla.suse.com/1101674
  o https://bugzilla.suse.com/1109158
  o https://bugzilla.suse.com/1111666
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113994
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1123080
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1134303
  o https://bugzilla.suse.com/1135642
  o https://bugzilla.suse.com/1135854
  o https://bugzilla.suse.com/1135873
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1137799
  o https://bugzilla.suse.com/1137861
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1140729
  o https://bugzilla.suse.com/1140845
  o https://bugzilla.suse.com/1140883
  o https://bugzilla.suse.com/1141600
  o https://bugzilla.suse.com/1142635
  o https://bugzilla.suse.com/1142667
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144375
  o https://bugzilla.suse.com/1144449
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145099
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1148410
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1149853
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150875
  o https://bugzilla.suse.com/1151508
  o https://bugzilla.suse.com/1151807
  o https://bugzilla.suse.com/1152033
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1152665
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152696
  o https://bugzilla.suse.com/1152697
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1152790
  o https://bugzilla.suse.com/1152791
  o https://bugzilla.suse.com/1153112
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153236
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153607
  o https://bugzilla.suse.com/1153646
  o https://bugzilla.suse.com/1153681
  o https://bugzilla.suse.com/1153713
  o https://bugzilla.suse.com/1153717
  o https://bugzilla.suse.com/1153718
  o https://bugzilla.suse.com/1153719
  o https://bugzilla.suse.com/1153811
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154108
  o https://bugzilla.suse.com/1154189
  o https://bugzilla.suse.com/1154242
  o https://bugzilla.suse.com/1154268
  o https://bugzilla.suse.com/1154354
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1154521
  o https://bugzilla.suse.com/1154578
  o https://bugzilla.suse.com/1154607
  o https://bugzilla.suse.com/1154608
  o https://bugzilla.suse.com/1154610
  o https://bugzilla.suse.com/1154611
  o https://bugzilla.suse.com/1154651
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154747
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1154956
  o https://bugzilla.suse.com/1155061
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671
  o https://bugzilla.suse.com/802154
  o https://bugzilla.suse.com/814594
  o https://bugzilla.suse.com/919448
  o https://bugzilla.suse.com/987367
  o https://bugzilla.suse.com/998153


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2948-1
Rating:            important
References:        #1051510 #1082635 #1083647 #1090631 #1096254 #1117665
                   #1119461 #1119465 #1123034 #1135966 #1135967 #1137040
                   #1138190 #1139073 #1140090 #1143706 #1144338 #1144903
                   #1146612 #1149119 #1150457 #1151225 #1152624 #1153476
                   #1153509 #1153969 #1154737 #1154848 #1154858 #1154905
                   #1154959 #1155178 #1155179 #1155184 #1155186 #1155671
Cross-References:  CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220
                   CVE-2019-11135 CVE-2019-16233
Affected Products:
                   SUSE Linux Enterprise Live Patching 12-SP4
______________________________________________________________________________

An update that solves 6 vulnerabilities and has 30 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race
condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine
Exception during Page Size Change, causing the CPU core to be non-functional.
The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735
CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
Transactional Memory support could be used to facilitate sidechannel
information leaks out of microarchitectural buffers, similar to the previously
described "Microarchitectural Data Sampling" attack.
The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251
Other security fixes:

  o CVE-2019-0154: Fixed a local denial of service via read of unprotected i915
    registers. (bsc#1135966)
  o CVE-2019-0155: Fixed privilege escalation in the i915 driver. Batch buffers
    from usermode could have escalated privileges via blitter command stream.
    (bsc#1135967)
  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).
  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


The following non-security bugs were fixed:

  o alsa: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
  o alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
  o alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  o alsa: hda: Add Elkhart Lake PCI ID (bsc#1051510).
  o alsa: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
  o alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o asoc: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg - remove locking in async callback (bsc#1154737).
  o crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif - return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead - overhaul memory management (bsc#1154737).
  o crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during command matching (bsc#
    1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
  o drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
  o drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Disable Secure Batches for gen6+
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#
    1135967)
  o drm/i915: Remove Master tables from cmdparser
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of PCIe fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o hid: fix error message in hid_open_report() (bsc#1051510).
  o hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_vma_offset_node readonly field addition (bsc#
    1135967)
  o ksm: cleanup stable_node chain collapse case (bnc#1144338).
  o ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
  o ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#
    1144338).
  o ksm: optimize refile of stable_node_dup at the head of the chain (bnc#
    1144338).
  o ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86: mmu: Recovery of shattered NX large pages (bsc#1117665,
    CVE-2018-12207).
  o mac80211: Reject malformed SSID elements (bsc#1051510).
  o mac80211: fix txq null pointer dereference (bsc#1051510).
  o md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#
    1140090).
  o md/raid0: fix warning message for parameter default_layout (bsc#1140090).
  o net/phy: fix DP83865 10 Mbps HDX loopback disable function
    (networking-stable-19_09_30).
  o net/rds: Fix error handling in rds_ib_add_one()
    (networking-stable-19_10_05).
  o net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
  o net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
  o net/sched: act_sample: do not push mac header on ip6gre ingress
    (networking-stable-19_09_30).
  o net/smc: fix SMCD link group creation with VLAN id (bsc#1154959).
  o net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
  o net: Unpublish sk from sk_reuseport_cb before call_rcu
    (networking-stable-19_10_05).
  o net: openvswitch: free vport unless register_netdevice() succeeds
    (git-fixes).
  o net: qlogic: Fix memory leak in ql_alloc_large_buffers
    (networking-stable-19_10_05).
  o net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
  o net_sched: add policy validation for action attributes
    (networking-stable-19_09_30).
  o net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
  o nl80211: fix null pointer dereference (bsc#1051510).
  o openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
    (networking-stable-19_09_30).
  o qmi_wwan: add support for Cinterion CLS8 devices
    (networking-stable-19_10_05).
  o r8152: Set macpassthru in reset_resume callback (bsc#1051510).
  o rds: Fix warning (bsc#1154848).
  o reiserfs: fix extended attributes on the root directory (bsc#1151225).
  o rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
    (bsc#1149119).
  o s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
  o sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
    (networking-stable-19_10_05).
  o sch_dsmark: fix potential NULL deref in dsmark_init()
    (networking-stable-19_10_05).
  o sch_netem: fix a divide by zero in tabledist()
    (networking-stable-19_09_30).
  o sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
  o scsi: lpfc: Fix devices that do not return after devloss followed by
    rediscovery (bsc#1137040).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457
    CVE-2019-16233).
  o scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o skge: fix checksum byte order (networking-stable-19_09_30).
  o staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
    1051510).
  o supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
  o tipc: fix unlimited bundling of small messages
    (networking-stable-19_10_05).
  o usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
  o usb: ldusb: fix memleak on disconnect (bsc#1051510).
  o usb: ldusb: fix read info leaks (bsc#1051510).
  o usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
  o usb: legousbtower: fix memleak on disconnect (bsc#1051510).
  o usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
  o usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
  o usb: usblp: fix use-after-free on disconnect (bsc#1051510).
  o vfs: Make filldir[64]() verify the directory entry filename is valid (bsc#
    1144903, CVE-2019-10220).
  o vsock: Fix a lockdep warning in __vsock_release()
    (networking-stable-19_10_05).
  o x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
    1153969).
  o x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
  o x86/tsx: Add config options to set tsx=on|off|auto (bsc#1139073,
    CVE-2019-11135).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Live Patching 12-SP4:
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2019-2948=1

Package List:

  o SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le x86_64):
       kernel-default-kgraft-4.12.14-95.40.1
       kernel-default-kgraft-devel-4.12.14-95.40.1
       kgraft-patch-4_12_14-95_40-default-1-6.3.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-0154.html
  o https://www.suse.com/security/cve/CVE-2019-0155.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1135966
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1151225
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1154959
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2949-1
Rating:            important
References:        #1051510 #1084878 #1117665 #1131107 #1133140 #1135966
                   #1135967 #1136261 #1137865 #1139073 #1140671 #1141013
                   #1141054 #1142458 #1143187 #1144123 #1144903 #1145477
                   #1146042 #1146163 #1146285 #1146361 #1146378 #1146391
                   #1146413 #1146425 #1146512 #1146514 #1146516 #1146519
                   #1146524 #1146526 #1146529 #1146540 #1146543 #1146547
                   #1146550 #1146584 #1146589 #1147022 #1147122 #1148394
                   #1148938 #1149083 #1149376 #1149522 #1149527 #1149555
                   #1149612 #1150025 #1150112 #1150452 #1150457 #1150465
                   #1150727 #1150942 #1151347 #1151350 #1152685 #1152782
                   #1152788 #1153158 #1153263 #1154103 #1154372 #1155131
                   #1155671
Cross-References:  CVE-2016-10906 CVE-2017-18379 CVE-2017-18509 CVE-2017-18551
                   CVE-2017-18595 CVE-2018-12207 CVE-2018-20976 CVE-2019-0154
                   CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-13272
                   CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821
                   CVE-2019-14835 CVE-2019-15098 CVE-2019-15211 CVE-2019-15212
                   CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217
                   CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221
                   CVE-2019-15239 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505
                   CVE-2019-15666 CVE-2019-15807 CVE-2019-15902 CVE-2019-15924
                   CVE-2019-15926 CVE-2019-15927 CVE-2019-16232 CVE-2019-16233
                   CVE-2019-16234 CVE-2019-16413 CVE-2019-16995 CVE-2019-17055
                   CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-9456
                   CVE-2019-9506
Affected Products:
                   SUSE OpenStack Cloud Crowbar 8
                   SUSE OpenStack Cloud 8
                   SUSE Linux Enterprise Server for SAP 12-SP3
                   SUSE Linux Enterprise Server 12-SP3-LTSS
                   SUSE Linux Enterprise Server 12-SP3-BCL
                   SUSE Linux Enterprise High Availability 12-SP3
                   SUSE Enterprise Storage 5
                   SUSE CaaS Platform 3.0
                   HPE Helion Openstack 8
______________________________________________________________________________

An update that solves 49 vulnerabilities and has 18 fixes is now available.

Description:


The SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735

  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).


  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).


  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17055: The AF_ISDN network module in the Linux kernel did not
    enforce CAP_NET_RAW, which meant that unprivileged users could create a raw
    socket (bnc#1152782).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


  o CVE-2019-16413: The 9p filesystem did not protect i_size_write() properly,
    which caused an i_size_read() infinite loop and denial of service on SMP
    systems (bnc#1151347).


  o CVE-2019-15902: A backporting issue was discovered that re-introduced the
    Spectre vulnerability it had aimed to eliminate. This occurred because the
    backport process depends on cherry picking specific commits, and because
    two (correctly ordered) code lines were swapped (bnc#1149376).


  o CVE-2019-15291: Fixed a NULL pointer dereference issue that could be caused
    by a malicious USB device (bnc#1146519).


  o CVE-2019-15807: Fixed a memory leak in the SCSI module that could be abused
    to cause denial of service (bnc#1148938).


  o CVE-2019-13272: Fixed a mishandled the recording of the credentials of a
    process that wants to create a ptrace relationship, which allowed local
    users to obtain root access by leveraging certain scenarios with a
    parent-child process relationship, where a parent drops privileges and
    calls execve (potentially allowing control by an attacker). (bnc#1140671).


  o CVE-2019-14821: An out-of-bounds access issue was fixed in the kernel's KVM
    hypervisor. An unprivileged host user or process with access to '/dev/kvm'
    device could use this flaw to crash the host kernel, resulting in a denial
    of service or potentially escalating privileges on the system (bnc#
    1151350).


  o CVE-2019-15505: An out-of-bounds issue had been fixed that could be caused
    by crafted USB device traffic (bnc#1147122).


  o CVE-2017-18595: A double free in allocate_trace_buffer was fixed (bnc#
    1149555).


  o CVE-2019-14835: A buffer overflow flaw was found in the kernel's vhost
    functionality that translates virtqueue buffers to IOVs. A privileged guest
    user able to pass descriptors with invalid length to the host could use
    this flaw to increase their privileges on the host (bnc#1150112).


  o CVE-2019-15216: A NULL pointer dereference was fixed that could be
    malicious USB device (bnc#1146361).


  o CVE-2019-15924: A a NULL pointer dereference has been fixed in the drivers/
    net/ethernet/intel/fm10k module (bnc#1149612).


  o CVE-2019-9456: An out-of-bounds write in the USB monitor driver has been
    fixed. This issue could lead to local escalation of privilege with System
    execution privileges needed. (bnc#1150025).


  o CVE-2019-15926: An out-of-bounds access was fixed in the drivers/net/
    wireless/ath/ath6kl module. (bnc#1149527).


  o CVE-2019-15927: An out-of-bounds access was fixed in the sound/usb/mixer
    module (bnc#1149522).


  o CVE-2019-15666: There was an out-of-bounds array access in the net/xfrm
    module that could cause denial of service (bnc#1148394).


  o CVE-2017-18379: An out-of-boundary access was fixed in the drivers/nvme/
    target module (bnc#1143187).


  o CVE-2019-15219: A NULL pointer dereference was fixed that could be abused
    by a malicious USB device (bnc#1146519 1146524).


  o CVE-2019-15220: A use-after-free issue was fixed that could be caused by a
    malicious USB device (bnc#1146519 1146526).


  o CVE-2019-15221: A NULL pointer dereference was fixed that could be caused
    by a malicious USB device (bnc#1146519 1146529).


  o CVE-2019-14814: A heap-based buffer overflow was fixed in the marvell wifi
    chip driver. That issue allowed local users to cause a denial of service
    (system crash) or possibly execute arbitrary code (bnc#1146512).


  o CVE-2019-14815: A missing length check while parsing WMM IEs was fixed (bsc
    #1146512, bsc#1146514, bsc#1146516).


  o CVE-2019-14816: A heap-based buffer overflow in the marvell wifi chip
    driver was fixed. Local users would have abused this issue to cause a
    denial of service (system crash) or possibly execute arbitrary code (bnc#
    1146516).


  o CVE-2017-18509: An issue in net/ipv6 as fixed. By setting a specific socket
    option, an attacker could control a pointer in kernel land and cause an
    inet_csk_listen_stop general protection fault, or potentially execute
    arbitrary code under certain circumstances. The issue can be triggered as
    root (e.g., inside a default LXC container or with the CAP_NET_ADMIN
    capability) or after namespace unsharing. (bnc#1145477)


  o CVE-2019-9506: The Bluetooth BR/EDR specification used to permit
    sufficiently low encryption key length and did not prevent an attacker from
    influencing the key length negotiation. This allowed practical brute-force
    attacks (aka "KNOB") that could decrypt traffic and inject arbitrary
    ciphertext without the victim noticing (bnc#1137865).


  o CVE-2019-15098: A NULL pointer dereference in drivers/net/wireless/ath was
    fixed (bnc#1146378).


  o CVE-2019-15290: A NULL pointer dereference in
    ath6kl_usb_alloc_urb_from_pipe was fixed (bsc#1146378).


  o CVE-2019-15239: A incorrect patch to net/ipv4 was fixed. By adding to a
    write queue between disconnection and re-connection, a local attacker could
    trigger multiple use-after-free conditions. This could result in kernel
    crashes or potentially in privilege escalation. (bnc#1146589)


  o CVE-2019-15212: A double-free issue was fixed in drivers/usb driver (bnc#
    1146391).


  o CVE-2016-10906: A use-after-free issue was fixed in drivers/net/ethernet/
    arc (bnc#1146584).


  o CVE-2019-15211: A use-after-free issue caused by a malicious USB device was
    fixed in the drivers/media/v4l2-core driver (bnc#1146519).


  o CVE-2019-15217: A a NULL pointer dereference issue caused by a malicious
    USB device was fixed in the drivers/media/usb/zr364xx driver (bnc#1146519).


  o CVE-2019-15214: An a use-after-free issue in the sound subsystem was fixed
    (bnc#1146519).


  o CVE-2019-15218: A NULL pointer dereference caused by a malicious USB device
    was fixed in the drivers/media/usb/siano driver (bnc#1146413).


  o CVE-2019-15215: A use-after-free issue caused by a malicious USB device was
    fixed in the drivers/media/usb/cpia2 driver (bnc#1146425).


  o CVE-2018-20976: A use-after-free issue was fixed in the fs/xfs driver (bnc#
    1146285).


  o CVE-2017-18551: An out-of-bounds write was fixed in the drivers/i2c driver
    (bnc#1146163).


  o CVE-2019-0154: An unprotected read access to i915 registers has been fixed
    that could have been abused to facilitate a local denial-of-service attack.
    (bsc#1135966)


  o CVE-2019-0155: A privilege escalation vulnerability has been fixed in the
    i915 module that allowed batch buffers from user mode to gain super user
    privileges. (bsc#1135967)


The following non-security bugs were fixed:

  o array_index_nospec: Sanitize speculative array (bsc#1155671)
  o bonding/802.3ad: fix link_failure_count tracking (bsc#1141013).
  o bonding/802.3ad: fix slave link initialization transition states (bsc#
    1141013).
  o bonding: correctly update link status during mii-commit phase (bsc#
    1141013).
  o bonding: fix active-backup transition (bsc#1141013).
  o bonding: make speed, duplex setting consistent with link state (bsc#
    1141013).
  o bonding: ratelimit failed speed/duplex update warning (bsc#1141013).
  o bonding: require speed/duplex only for 802.3ad, alb and tlb (bsc#1141013).
  o bonding: set default miimon value for non-arp modes if not set (bsc#
    1141013).
  o bonding: speed/duplex update at NETDEV_UP event (bsc#1141013).
  o cifs: fix panic in smb2_reconnect (bsc#1142458).
  o cifs: handle netapp error codes (bsc#1136261).
  o cpu/speculation: Uninline and export CPU mitigations helpers (bnc#1117665).
  o ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154103)
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o kvm: lapic: cap __delay at lapic_timer_advance_ns (bsc#1149083).
  o kvm: mmu: drop vcpu param in gpte_access (bsc#1117665).
  o kvm: mmu: introduce kvm_mmu_gfn_{allow,disallow}_lpage (bsc#1117665).
  o kvm: mmu: rename has_wrprotected_page to mmu_gfn_lpage_is_disallowed (bsc#
    1117665).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
    1117665).
  o kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
  o kvm: x86: MMU: Consolidate quickly_check_mmio_pf() and is_mmio_page_fault()
    (bsc#1117665).
  o kvm: x86: MMU: Encapsulate the type of rmap-chain head in a new struct (bsc
    #1117665).
  o kvm: x86: MMU: Move handle_mmio_page_fault() call to kvm_mmu_page_fault()
    (bsc#1117665).
  o kvm: x86: MMU: Move initialization of parent_ptes out from
    kvm_mmu_alloc_page() (bsc#1117665).
  o kvm: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to
    link_shadow_page() (bsc#1117665).
  o kvm: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page()
    (bsc#1117665).
  o kvm: x86: MMU: always set accessed bit in shadow PTEs (bsc#1117665).
  o kvm: x86: Reduce the overhead when lapic_timer_advance is disabled (bsc#
    1149083).
  o kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#
    1117665).
  o kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
  o kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
  o kvm: x86: extend usage of RET_MMIO_PF_* constants (bsc#1117665).
  o kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT (bnc#
    1117665).
  o kvm: x86: move nsec_to_cycles from x86.c to x86.h (bsc#1149083).
  o kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
  o kvm: x86: simplify ept_misconfig (bsc#1117665).
  o media: smsusb: better handle optional alignment (bsc#1146413).
  o pci: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#
    1153263).
  o powerpc/64s: support nospectre_v2 cmdline option (bsc#1131107).
  o powerpc/pseries: correctly track irq state in default idle (bsc#1150727 bsc
    #1150942 ltc#178925 ltc#181484).
  o powerpc/rtas: use device model APIs and serialization during LPM (bsc#
    1144123 ltc#178840).
  o powerpc/security: Show powerpc_security_features in debugfs (bsc#1131107).
  o scsi: scsi_transport_fc: Drop double list_del() (bsc#1084878) During the
    backport of 260f4aeddb48 ("scsi: scsi_transport_fc: return -EBUSY for
    deleted vport") an additional list_del() was introduced. The list entry
    will be freed in fc_vport_terminate(). Do not free it premature in
    fc_remove_host().
  o swiotlb: Add support for DMA_ATTR_SKIP_CPU_SYNC in Xen-swiotlb unmap path
    (bsc#1133140).
  o vmci: Release resource if the work is already queued (bsc#1051510).
  o x86/cpu: Add Atom Tremont (Jacobsville) (bsc#1117665).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE OpenStack Cloud Crowbar 8:
    zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2019-2949=1
  o SUSE OpenStack Cloud 8:
    zypper in -t patch SUSE-OpenStack-Cloud-8-2019-2949=1
  o SUSE Linux Enterprise Server for SAP 12-SP3:
    zypper in -t patch SUSE-SLE-SAP-12-SP3-2019-2949=1
  o SUSE Linux Enterprise Server 12-SP3-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-2949=1
  o SUSE Linux Enterprise Server 12-SP3-BCL:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2019-2949=1
  o SUSE Linux Enterprise High Availability 12-SP3:
    zypper in -t patch SUSE-SLE-HA-12-SP3-2019-2949=1
  o SUSE Enterprise Storage 5:
    zypper in -t patch SUSE-Storage-5-2019-2949=1
  o SUSE CaaS Platform 3.0:
    To install this update, use the SUSE CaaS Platform Velum dashboard. It will
    inform you if it detects new updates and let you then trigger updating of
    the complete cluster in a controlled way.
  o HPE Helion Openstack 8:
    zypper in -t patch HPE-Helion-OpenStack-8-2019-2949=1

Package List:

  o SUSE OpenStack Cloud Crowbar 8 (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE OpenStack Cloud Crowbar 8 (x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-default-kgraft-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE OpenStack Cloud 8 (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE OpenStack Cloud 8 (x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-default-kgraft-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-default-kgraft-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (ppc64le x86_64):
       kernel-default-kgraft-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x):
       kernel-default-man-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE Linux Enterprise Server 12-SP3-BCL (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):
       cluster-md-kmp-default-4.4.180-94.107.1
       cluster-md-kmp-default-debuginfo-4.4.180-94.107.1
       dlm-kmp-default-4.4.180-94.107.1
       dlm-kmp-default-debuginfo-4.4.180-94.107.1
       gfs2-kmp-default-4.4.180-94.107.1
       gfs2-kmp-default-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       ocfs2-kmp-default-4.4.180-94.107.1
       ocfs2-kmp-default-debuginfo-4.4.180-94.107.1
  o SUSE Enterprise Storage 5 (aarch64 x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1
  o SUSE Enterprise Storage 5 (x86_64):
       kernel-default-kgraft-4.4.180-94.107.1
  o SUSE Enterprise Storage 5 (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o SUSE CaaS Platform 3.0 (x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
  o HPE Helion Openstack 8 (noarch):
       kernel-devel-4.4.180-94.107.1
       kernel-macros-4.4.180-94.107.1
       kernel-source-4.4.180-94.107.1
  o HPE Helion Openstack 8 (x86_64):
       kernel-default-4.4.180-94.107.1
       kernel-default-base-4.4.180-94.107.1
       kernel-default-base-debuginfo-4.4.180-94.107.1
       kernel-default-debuginfo-4.4.180-94.107.1
       kernel-default-debugsource-4.4.180-94.107.1
       kernel-default-devel-4.4.180-94.107.1
       kernel-default-kgraft-4.4.180-94.107.1
       kernel-syms-4.4.180-94.107.1


References:

  o https://www.suse.com/security/cve/CVE-2016-10906.html
  o https://www.suse.com/security/cve/CVE-2017-18379.html
  o https://www.suse.com/security/cve/CVE-2017-18509.html
  o https://www.suse.com/security/cve/CVE-2017-18551.html
  o https://www.suse.com/security/cve/CVE-2017-18595.html
  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2018-20976.html
  o https://www.suse.com/security/cve/CVE-2019-0154.html
  o https://www.suse.com/security/cve/CVE-2019-0155.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-13272.html
  o https://www.suse.com/security/cve/CVE-2019-14814.html
  o https://www.suse.com/security/cve/CVE-2019-14815.html
  o https://www.suse.com/security/cve/CVE-2019-14816.html
  o https://www.suse.com/security/cve/CVE-2019-14821.html
  o https://www.suse.com/security/cve/CVE-2019-14835.html
  o https://www.suse.com/security/cve/CVE-2019-15098.html
  o https://www.suse.com/security/cve/CVE-2019-15211.html
  o https://www.suse.com/security/cve/CVE-2019-15212.html
  o https://www.suse.com/security/cve/CVE-2019-15214.html
  o https://www.suse.com/security/cve/CVE-2019-15215.html
  o https://www.suse.com/security/cve/CVE-2019-15216.html
  o https://www.suse.com/security/cve/CVE-2019-15217.html
  o https://www.suse.com/security/cve/CVE-2019-15218.html
  o https://www.suse.com/security/cve/CVE-2019-15219.html
  o https://www.suse.com/security/cve/CVE-2019-15220.html
  o https://www.suse.com/security/cve/CVE-2019-15221.html
  o https://www.suse.com/security/cve/CVE-2019-15239.html
  o https://www.suse.com/security/cve/CVE-2019-15290.html
  o https://www.suse.com/security/cve/CVE-2019-15291.html
  o https://www.suse.com/security/cve/CVE-2019-15505.html
  o https://www.suse.com/security/cve/CVE-2019-15666.html
  o https://www.suse.com/security/cve/CVE-2019-15807.html
  o https://www.suse.com/security/cve/CVE-2019-15902.html
  o https://www.suse.com/security/cve/CVE-2019-15924.html
  o https://www.suse.com/security/cve/CVE-2019-15926.html
  o https://www.suse.com/security/cve/CVE-2019-15927.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16413.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17055.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://www.suse.com/security/cve/CVE-2019-9456.html
  o https://www.suse.com/security/cve/CVE-2019-9506.html
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1084878
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1131107
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1135966
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1136261
  o https://bugzilla.suse.com/1137865
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1140671
  o https://bugzilla.suse.com/1141013
  o https://bugzilla.suse.com/1141054
  o https://bugzilla.suse.com/1142458
  o https://bugzilla.suse.com/1143187
  o https://bugzilla.suse.com/1144123
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145477
  o https://bugzilla.suse.com/1146042
  o https://bugzilla.suse.com/1146163
  o https://bugzilla.suse.com/1146285
  o https://bugzilla.suse.com/1146361
  o https://bugzilla.suse.com/1146378
  o https://bugzilla.suse.com/1146391
  o https://bugzilla.suse.com/1146413
  o https://bugzilla.suse.com/1146425
  o https://bugzilla.suse.com/1146512
  o https://bugzilla.suse.com/1146514
  o https://bugzilla.suse.com/1146516
  o https://bugzilla.suse.com/1146519
  o https://bugzilla.suse.com/1146524
  o https://bugzilla.suse.com/1146526
  o https://bugzilla.suse.com/1146529
  o https://bugzilla.suse.com/1146540
  o https://bugzilla.suse.com/1146543
  o https://bugzilla.suse.com/1146547
  o https://bugzilla.suse.com/1146550
  o https://bugzilla.suse.com/1146584
  o https://bugzilla.suse.com/1146589
  o https://bugzilla.suse.com/1147022
  o https://bugzilla.suse.com/1147122
  o https://bugzilla.suse.com/1148394
  o https://bugzilla.suse.com/1148938
  o https://bugzilla.suse.com/1149083
  o https://bugzilla.suse.com/1149376
  o https://bugzilla.suse.com/1149522
  o https://bugzilla.suse.com/1149527
  o https://bugzilla.suse.com/1149555
  o https://bugzilla.suse.com/1149612
  o https://bugzilla.suse.com/1150025
  o https://bugzilla.suse.com/1150112
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150727
  o https://bugzilla.suse.com/1150942
  o https://bugzilla.suse.com/1151347
  o https://bugzilla.suse.com/1151350
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152782
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1154103
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1155131
  o https://bugzilla.suse.com/1155671


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2950-1
Rating:            important
References:        #1117665 #1123959 #1137586 #1137865 #1137944 #1139073
                   #1139751 #1142857 #1144903 #1145477 #1145922 #1146042
                   #1146163 #1146285 #1146361 #1146378 #1146391 #1146413
                   #1146425 #1146512 #1146514 #1146516 #1146519 #1146524
                   #1146526 #1146529 #1146540 #1146543 #1146547 #1146584
                   #1146612 #1147122 #1148938 #1149376 #1149522 #1149527
                   #1149555 #1150025 #1150112 #1150452 #1150457 #1150465
                   #1151347 #1151350 #1152782 #1152788 #1153119 #1155671
                   #999278
Cross-References:  CVE-2016-10906 CVE-2017-18509 CVE-2017-18551 CVE-2017-18595
                   CVE-2018-12207 CVE-2018-20976 CVE-2019-10207 CVE-2019-10220
                   CVE-2019-11135 CVE-2019-11477 CVE-2019-14814 CVE-2019-14815
                   CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-15098
                   CVE-2019-15118 CVE-2019-15212 CVE-2019-15215 CVE-2019-15216
                   CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220
                   CVE-2019-15221 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505
                   CVE-2019-15807 CVE-2019-15902 CVE-2019-15926 CVE-2019-15927
                   CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413
                   CVE-2019-17055 CVE-2019-17056 CVE-2019-9456 CVE-2019-9506
Affected Products:
                   SUSE Linux Enterprise Server for SAP 12-SP1
                   SUSE Linux Enterprise Server 12-SP1-LTSS
                   SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________

An update that solves 40 vulnerabilities and has 9 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17055: The AF_ISDN network module in the Linux kernel did not
    enforce CAP_NET_RAW, which meant that unprivileged users could create a raw
    socket (bnc#1152782).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


  o CVE-2019-16413: The 9p filesystem did not protect i_size_write() properly,
    which caused an i_size_read() infinite loop and denial of service on SMP
    systems (bnc#1151347).


  o CVE-2019-15902: A backporting issue was discovered that re-introduced the
    Spectre vulnerability it had aimed to eliminate. This occurred because the
    backport process depends on cherry picking specific commits, and because
    two (correctly ordered) code lines were swapped (bnc#1149376).


  o CVE-2019-15291: Fixed a NULL pointer dereference issue that could be caused
    by a malicious USB device (bnc#11465).


  o CVE-2019-15807: Fixed a memory leak in the SCSI module that could be abused
    to cause denial of service (bnc#1148938).


  o CVE-2019-14821: An out-of-bounds access issue was fixed in the kernel's KVM
    hypervisor. An unprivileged host user or process with access to '/dev/kvm'
    device could use this flaw to crash the host kernel, resulting in a denial
    of service or potentially escalating privileges on the system (bnc#
    1151350).


  o CVE-2019-15505: An out-of-bounds issue had been fixed that could be caused
    by crafted USB device traffic (bnc#1147122).


  o CVE-2017-18595: A double free in allocate_trace_buffer was fixed (bnc#
    1149555).


  o CVE-2019-14835: A buffer overflow flaw was found in the kernel's vhost
    functionality that translates virtqueue buffers to IOVs. A privileged guest
    user able to pass descriptors with invalid length to the host could use
    this flaw to increase their privileges on the host (bnc#1150112).


  o CVE-2019-15216: A NULL pointer dereference was fixed that could be
    malicious USB device (bnc#1146361).


  o CVE-2019-9456: An out-of-bounds write in the USB monitor driver has been
    fixed. This issue could lead to local escalation of privilege with System
    execution privileges needed. (bnc#1150025).


  o CVE-2019-15926: An out-of-bounds access was fixed in the drivers/net/
    wireless/ath/ath6kl module. (bnc#1149527).


  o CVE-2019-15927: An out-of-bounds access was fixed in the sound/usb/mixer
    module (bnc#1149522).


  o CVE-2019-15219: A NULL pointer dereference was fixed that could be abused
    by a malicious USB device (bnc#1146524).


  o CVE-2019-15220: A use-after-free issue was fixed that could be caused by a
    malicious USB device (bnc#1146526).


  o CVE-2019-15221: A NULL pointer dereference was fixed that could be caused
    by a malicious USB device (bnc#1146529).


  o CVE-2019-14814: A heap-based buffer overflow was fixed in the marvell wifi
    chip driver. That issue allowed local users to cause a denial of service
    (system crash) or possibly execute arbitrary code (bnc#1146512).


  o CVE-2019-14815: A missing length check while parsing WMM IEs was fixed (bsc
    #1146512, bsc#1146514, bsc#1146516).


  o CVE-2019-14816: A heap-based buffer overflow in the marvell wifi chip
    driver was fixed. Local users would have abused this issue to cause a
    denial of service (system crash) or possibly execute arbitrary code (bnc#
    1146516).


  o CVE-2017-18509: An issue in net/ipv6 as fixed. By setting a specific socket
    option, an attacker could control a pointer in kernel land and cause an
    inet_csk_listen_stop general protection fault, or potentially execute
    arbitrary code under certain circumstances. The issue can be triggered as
    root (e.g., inside a default LXC container or with the CAP_NET_ADMIN
    capability) or after namespace unsharing. (bnc#1145477)


  o CVE-2019-9506: The Bluetooth BR/EDR specification used to permit
    sufficiently low encryption key length and did not prevent an attacker from
    influencing the key length negotiation. This allowed practical brute-force
    attacks (aka "KNOB") that could decrypt traffic and inject arbitrary
    ciphertext without the victim noticing (bnc#1137865).


  o CVE-2019-15098: A NULL pointer dereference in drivers/net/wireless/ath was
    fixed (bnc#1146378).


  o CVE-2019-15290: A NULL pointer dereference in
    ath6kl_usb_alloc_urb_from_pipe was fixed (bsc#1146378).


  o CVE-2019-15212: A double-free issue was fixed in drivers/usb driver (bnc#
    1146391).


  o CVE-2016-10906: A use-after-free issue was fixed in drivers/net/ethernet/
    arc (bnc#1146584).


  o CVE-2019-15217: A a NULL pointer dereference issue caused by a malicious
    USB device was fixed in the drivers/media/usb/zr364xx driver (bnc#1146519).


  o CVE-2019-15218: A NULL pointer dereference caused by a malicious USB device
    was fixed in the drivers/media/usb/siano driver (bnc#1146413).


  o CVE-2019-15215: A use-after-free issue caused by a malicious USB device was
    fixed in the drivers/media/usb/cpia2 driver (bnc#1146425).


  o CVE-2018-20976: A use-after-free issue was fixed in the fs/xfs driver (bnc#
    1146285).


  o CVE-2017-18551: An out-of-bounds write was fixed in the drivers/i2c driver
    (bnc#1146163).


  o CVE-2019-10207: Add checks for missing tty operations to prevent
    unprivileged user to execute 0x0 address (bsc#1142857 bsc#1123959)


  o CVE-2019-15118: ALSA: usb-audio: Fix a stack buffer overflow bug in
    check_input_term leading to kernel stack exhaustion (bsc#1145922).


The following non-security bugs were fixed:

  o array_index_nospec: Sanitize speculative array (bsc#1155671)
  o hpsa: move lockup_detected attribute to host attr (bsc#999278, bsc#
    1153119).
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o kvm: MMU: drop read-only large sptes when creating lower level sptes (bsc#
    1117665).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o media: smsusb: better handle optional alignment (bsc#1146413).
  o mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1137944).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o tcp: Be more careful in tcp_fragment() (bsc#1137586 bsc#1139751).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server for SAP 12-SP1:
    zypper in -t patch SUSE-SLE-SAP-12-SP1-2019-2950=1
  o SUSE Linux Enterprise Server 12-SP1-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2019-2950=1
  o SUSE Linux Enterprise Module for Public Cloud 12:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2019-2950=1

Package List:

  o SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
       kernel-default-3.12.74-60.64.124.1
       kernel-default-base-3.12.74-60.64.124.1
       kernel-default-base-debuginfo-3.12.74-60.64.124.1
       kernel-default-debuginfo-3.12.74-60.64.124.1
       kernel-default-debugsource-3.12.74-60.64.124.1
       kernel-default-devel-3.12.74-60.64.124.1
       kernel-syms-3.12.74-60.64.124.1
       kernel-xen-3.12.74-60.64.124.1
       kernel-xen-base-3.12.74-60.64.124.1
       kernel-xen-base-debuginfo-3.12.74-60.64.124.1
       kernel-xen-debuginfo-3.12.74-60.64.124.1
       kernel-xen-debugsource-3.12.74-60.64.124.1
       kernel-xen-devel-3.12.74-60.64.124.1
       kgraft-patch-3_12_74-60_64_124-default-1-2.3.1
       kgraft-patch-3_12_74-60_64_124-xen-1-2.3.1
  o SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):
       kernel-devel-3.12.74-60.64.124.1
       kernel-macros-3.12.74-60.64.124.1
       kernel-source-3.12.74-60.64.124.1
  o SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):
       kernel-default-3.12.74-60.64.124.1
       kernel-default-base-3.12.74-60.64.124.1
       kernel-default-base-debuginfo-3.12.74-60.64.124.1
       kernel-default-debuginfo-3.12.74-60.64.124.1
       kernel-default-debugsource-3.12.74-60.64.124.1
       kernel-default-devel-3.12.74-60.64.124.1
       kernel-syms-3.12.74-60.64.124.1
  o SUSE Linux Enterprise Server 12-SP1-LTSS (noarch):
       kernel-devel-3.12.74-60.64.124.1
       kernel-macros-3.12.74-60.64.124.1
       kernel-source-3.12.74-60.64.124.1
  o SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
       kernel-xen-3.12.74-60.64.124.1
       kernel-xen-base-3.12.74-60.64.124.1
       kernel-xen-base-debuginfo-3.12.74-60.64.124.1
       kernel-xen-debuginfo-3.12.74-60.64.124.1
       kernel-xen-debugsource-3.12.74-60.64.124.1
       kernel-xen-devel-3.12.74-60.64.124.1
       kgraft-patch-3_12_74-60_64_124-default-1-2.3.1
       kgraft-patch-3_12_74-60_64_124-xen-1-2.3.1
  o SUSE Linux Enterprise Server 12-SP1-LTSS (s390x):
       kernel-default-man-3.12.74-60.64.124.1
  o SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
       kernel-ec2-3.12.74-60.64.124.1
       kernel-ec2-debuginfo-3.12.74-60.64.124.1
       kernel-ec2-debugsource-3.12.74-60.64.124.1
       kernel-ec2-devel-3.12.74-60.64.124.1
       kernel-ec2-extra-3.12.74-60.64.124.1
       kernel-ec2-extra-debuginfo-3.12.74-60.64.124.1


References:

  o https://www.suse.com/security/cve/CVE-2016-10906.html
  o https://www.suse.com/security/cve/CVE-2017-18509.html
  o https://www.suse.com/security/cve/CVE-2017-18551.html
  o https://www.suse.com/security/cve/CVE-2017-18595.html
  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2018-20976.html
  o https://www.suse.com/security/cve/CVE-2019-10207.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-11477.html
  o https://www.suse.com/security/cve/CVE-2019-14814.html
  o https://www.suse.com/security/cve/CVE-2019-14815.html
  o https://www.suse.com/security/cve/CVE-2019-14816.html
  o https://www.suse.com/security/cve/CVE-2019-14821.html
  o https://www.suse.com/security/cve/CVE-2019-14835.html
  o https://www.suse.com/security/cve/CVE-2019-15098.html
  o https://www.suse.com/security/cve/CVE-2019-15118.html
  o https://www.suse.com/security/cve/CVE-2019-15212.html
  o https://www.suse.com/security/cve/CVE-2019-15215.html
  o https://www.suse.com/security/cve/CVE-2019-15216.html
  o https://www.suse.com/security/cve/CVE-2019-15217.html
  o https://www.suse.com/security/cve/CVE-2019-15218.html
  o https://www.suse.com/security/cve/CVE-2019-15219.html
  o https://www.suse.com/security/cve/CVE-2019-15220.html
  o https://www.suse.com/security/cve/CVE-2019-15221.html
  o https://www.suse.com/security/cve/CVE-2019-15290.html
  o https://www.suse.com/security/cve/CVE-2019-15291.html
  o https://www.suse.com/security/cve/CVE-2019-15505.html
  o https://www.suse.com/security/cve/CVE-2019-15807.html
  o https://www.suse.com/security/cve/CVE-2019-15902.html
  o https://www.suse.com/security/cve/CVE-2019-15926.html
  o https://www.suse.com/security/cve/CVE-2019-15927.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16413.html
  o https://www.suse.com/security/cve/CVE-2019-17055.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-9456.html
  o https://www.suse.com/security/cve/CVE-2019-9506.html
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1123959
  o https://bugzilla.suse.com/1137586
  o https://bugzilla.suse.com/1137865
  o https://bugzilla.suse.com/1137944
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1139751
  o https://bugzilla.suse.com/1142857
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145477
  o https://bugzilla.suse.com/1145922
  o https://bugzilla.suse.com/1146042
  o https://bugzilla.suse.com/1146163
  o https://bugzilla.suse.com/1146285
  o https://bugzilla.suse.com/1146361
  o https://bugzilla.suse.com/1146378
  o https://bugzilla.suse.com/1146391
  o https://bugzilla.suse.com/1146413
  o https://bugzilla.suse.com/1146425
  o https://bugzilla.suse.com/1146512
  o https://bugzilla.suse.com/1146514
  o https://bugzilla.suse.com/1146516
  o https://bugzilla.suse.com/1146519
  o https://bugzilla.suse.com/1146524
  o https://bugzilla.suse.com/1146526
  o https://bugzilla.suse.com/1146529
  o https://bugzilla.suse.com/1146540
  o https://bugzilla.suse.com/1146543
  o https://bugzilla.suse.com/1146547
  o https://bugzilla.suse.com/1146584
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1147122
  o https://bugzilla.suse.com/1148938
  o https://bugzilla.suse.com/1149376
  o https://bugzilla.suse.com/1149522
  o https://bugzilla.suse.com/1149527
  o https://bugzilla.suse.com/1149555
  o https://bugzilla.suse.com/1150025
  o https://bugzilla.suse.com/1150112
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1151347
  o https://bugzilla.suse.com/1151350
  o https://bugzilla.suse.com/1152782
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1153119
  o https://bugzilla.suse.com/1155671
  o https://bugzilla.suse.com/999278


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2951-1
Rating:            important
References:        #1046299 #1046303 #1046305 #1050244 #1050536 #1050545
                   #1051510 #1055186 #1061840 #1064802 #1065600 #1066129
                   #1073513 #1082635 #1083647 #1086323 #1087092 #1089644
                   #1090631 #1093205 #1096254 #1097583 #1097584 #1097585
                   #1097586 #1097587 #1097588 #1098291 #1101674 #1109158
                   #1114279 #1117665 #1119461 #1119465 #1123034 #1123080
                   #1133140 #1134303 #1135642 #1135854 #1135873 #1135967
                   #1137040 #1137799 #1138190 #1140090 #1140729 #1140845
                   #1140883 #1141600 #1142635 #1142667 #1143706 #1144338
                   #1144375 #1144449 #1144903 #1145099 #1146612 #1148410
                   #1149119 #1150452 #1150457 #1150465 #1150875 #1151508
                   #1152624 #1152685 #1152782 #1152788 #1152791 #1153112
                   #1153158 #1153236 #1153263 #1153476 #1153509 #1153646
                   #1153681 #1153713 #1153717 #1153718 #1153719 #1153811
                   #1153969 #1154108 #1154189 #1154354 #1154372 #1154578
                   #1154607 #1154608 #1154610 #1154611 #1154651 #1154737
                   #1154747 #1154848 #1154858 #1154905 #1154956 #1155178
                   #1155179 #1155184 #1155186 #1155671 #1155692 #1155836
                   #1155982 #1156187
Cross-References:  CVE-2018-12207 CVE-2019-10220 CVE-2019-11135 CVE-2019-16232
                   CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17055
                   CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18805
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 15
                   SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
______________________________________________________________________________

An update that solves 12 vulnerabilities and has 98 fixes is now available.

Description:

The SUSE Linux Enterprise 15 Azure kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as needed.
More information can be found on https://www.suse.com/support/kb/doc/id=
7023735

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).


  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


  o CVE-2019-18805: Fix signed integer overflow in tcp_ack_update_rtt() that
    could have lead to a denial of service or possibly unspecified other impact
    (bsc#1156187)
  o CVE-2019-17055: The AF_ISDN network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bnc#1152782)


The following non-security bugs were fixed:

  o 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  o Add kernel module compression support (bsc#1135854) For enabling the kernel
    module compress, add the item COMPRESS_MODULES="xz" in config.sh, then
    mkspec will pass it to the spec file.
  o acpi / CPPC: do not require the _PSD method (bsc#1051510).
  o acpi / processor: do not print errors for processorIDs == 0xff (bsc#
    1051510).
  o acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    (bsc#1051510).
  o act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  o alsa: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  o alsa: hda - Apply AMD controller workaround for Raven platform (bsc#
    1051510).
  o alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#
    1051510).
  o alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  o alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#
    1051510).
  o alsa: hda - Inform too slow responses (bsc#1051510).
  o alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  o alsa: hda/ca0132 - Fix possible workqueue stall (bsc#1155836).
  o alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#
    1051510).
  o alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
  o alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
  o alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#
    1051510).
  o alsa: hda/realtek - Check beep whitelist before assigning in all codecs
    (bsc#1051510).
  o alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  o alsa: hda/realtek - Fix alienware headset mic (bsc#1051510).
  o alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#
    1051510).
  o alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#
    1051510).
  o alsa: hda: Add Elkhart Lake pci ID (bsc#1051510).
  o alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510).
  o alsa: hda: Add support of Zhaoxin controller (bsc#1051510).
  o alsa: hda: Flush interrupts on disabling (bsc#1051510).
  o alsa: hda: Set fifo_size for both playback and capture streams (bsc#
    1051510).
  o alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in
    build_adc_controls() (bsc#1051510).
  o alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  o alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  o alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#
    1051510).
  o appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o asoc: Define a set of DAPM pre/post-up events (bsc#1051510).
  o asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
  o asoc: Intel: NHLT: Fix debug print format (bsc#1051510).
  o asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
    (bsc#1051510).
  o asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o asoc: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  o auxdisplay: panel: need to delete scan_timer when misc_register fails in
    panel_attach (bsc#1051510).
  o ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o blk-wbt: abstract out end IO completion handler (bsc#1135873).
  o blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  o blk-wbt: improve waking of tasks (bsc#1135873).
  o blk-wbt: move disable check into get_limit() (bsc#1135873).
  o blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#
    1051510).
  o bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  o boot: Sign non-x86 kernels when possible (boo#1134303)
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  o btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#
    1154651).
  o btrfs: Ensure replaced device does not have pending chunk allocation (bsc#
    1154607).
  o btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o btrfs: check for the full sync flag while holding the inode lock during
    fsync (bsc#1153713).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#
    1154651).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o can: dev: call netif_carrier_off() in register_candev() (bsc#1051510).
  o can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#
    1051510).
  o can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#
    1051510).
  o cdc_ether: fix rndis support for Mediatek based smartphones
    (networking-stable-19_09_15).
  o cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  o ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  o ceph: reconnect connection if session hang in opening state (bsc#1153718).
  o ceph: update the mtime when truncating up (bsc#1153719).
  o cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  o cfg80211: add and use strongly typed element iteration macros (bsc#
    1051510).
  o clk: at91: select parent if main oscillator or bypass is enabled (bsc#
    1051510).
  o clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  o clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  o clk: zx296718: Do not reference clk_init_data after registration (bsc#
    1051510).
  o crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg - remove locking in async callback (bsc#1154737).
  o crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif - return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead - overhaul memory management (bsc#1154737).
  o crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  o crypto: talitos - fix missing break in switch statement (bsc#1142635).
  o cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587
    bsc#1097588 bsc#1097583 bsc#1097584).
  o cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#
    1066129).
  o cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#
    1066129).
  o cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#
    1073513).
  o cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o dasd_fba: Display '00000000' for zero page when dumping sense (bsc#
    1123080).
  o dmaengine: bcm2835: Print error in case setting DMA mask fails (bsc#
    1051510).
  o dmaengine: imx-sdma: fix size check for sdma script_number (bsc#1051510).
  o drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  o drm/amdgpu/si: fix ASIC tests (git-fixes).
  o drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  o drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  o drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during command matching (bsc#
    1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
  o drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
  o drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Disable Secure Batches for gen6+
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#
    1135967)
  o drm/i915: Remove Master tables from cmdparser
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
  o drm/msm/dsi: Implement reset correctly (bsc#1051510).
  o drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  o drm/radeon: Fix EEH during kexec (bsc#1051510).
  o drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#
    1051510).
  o drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  o drm: Flush output polling on shutdown (bsc#1051510).
  o e1000e: add workaround for possible stalled packet (bsc#1051510).
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of pcie fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
    (git-fixes).
  o gpu: drm: radeon: Fix a possible null-pointer dereference in
    radeon_connector_set_property() (bsc#1051510).
  o hid: apple: Fix stuck function keys when using FN (bsc#1051510).
  o hid: fix error message in hid_open_report() (bsc#1051510).
  o hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  o hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o hid: logitech: Fix general protection fault caused by Logitech driver (bsc#
    1051510).
  o hid: prodikeys: Fix general protection fault during probe (bsc#1051510).
  o hid: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
    (bsc#1051510).
  o hwrng: core - do not wait on add_early_randomness() (git-fixes).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o i2c: riic: Clear NACK in tend isr (bsc#1051510).
  o ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  o ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  o ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  o ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  o ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o iio: adc: ad799x: fix probe error handling (bsc#1051510).
  o iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  o ima: always return negative code for error (bsc#1051510).
  o input: Revert synaptics-rmi4 patch due to regression (bsc#1155982)
  o input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
  o input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    (bsc#1137799).
  o iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  o iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  o iommu/amd: Remove domain->updated (bsc#1154610).
  o iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#
    1154611).
  o ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#
    1051510).
  o ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    (networking-stable-19_09_15).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o iwlwifi: do not panic in error path on non-msix systems (bsc#1155692).
  o ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#
    1101674).
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_vma_offset_node readonly field addition (bsc#
    1135967)
  o kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
  o kabi/severities: Whitelist functions internal to radix mm. To call these
    functions you have to first detect if you are running in radix mm mode
    which can't be expected of OOT code.
  o kabi: net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).
  o kernel-subpackage-build: create zero size ghost for uncompressed vmlinux
    (bsc#1154354). It is not strictly necessary to uncompress it so maybe the
    ghost file can be 0 size in this case.
  o kernel/sysctl.c: do not override max_threads provided by userspace (bnc#
    1150875).
  o ksm: cleanup stable_node chain collapse case (bnc#1144338).
  o ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
  o ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#
    1144338).
  o ksm: optimize refile of stable_node_dup at the head of the chain (bnc#
    1144338).
  o ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).
  o kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#
    1061840).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
    1117665).
  o kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
  o kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#
    1117665).
  o kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
  o kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
  o kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
  o lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
  o libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
  o mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o mac80211: Reject malformed SSID elements (bsc#1051510).
  o mac80211: accept deauth frames in IBSS mode (bsc#1051510).
  o mac80211: fix txq null pointer dereference (bsc#1051510).
  o macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
  o md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#
    1140090).
  o md/raid0: fix warning message for parameter default_layout (bsc#1140090).
  o media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
  o media: cpia2_usb: fix memory leaks (bsc#1051510).
  o media: dvb-core: fix a memory leak bug (bsc#1051510).
  o media: exynos4-is: fix leaked of_node references (bsc#1051510).
  o media: gspca: zero usb_buf on error (bsc#1051510).
  o media: hdpvr: Add device num check and handling (bsc#1051510).
  o media: hdpvr: add terminating 0 at end of string (bsc#1051510).
  o media: i2c: ov5645: Fix power sequence (bsc#1051510).
  o media: iguanair: add sanity checks (bsc#1051510).
  o media: omap3isp: Do not set streaming state on random subdevs (bsc#
    1051510).
  o media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
  o media: ov9650: add a sanity check (bsc#1051510).
  o media: radio/si470x: kill urb on error (bsc#1051510).
  o media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
    (bsc#1051510).
  o media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
  o media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
  o media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
  o media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
  o memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc
    #1051510).
  o mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
  o mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
  o mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
  o mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
  o mmc: sdhci: improve ADMA error reporting (bsc#1051510).
  o net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495,
    ltc#165544, git-fixes).
  o net/mlx4_en: fix a memory leak bug (bsc#1046299).
  o net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
  o net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
  o net/phy: fix DP83865 10 Mbps HDX loopback disable function
    (networking-stable-19_09_30).
  o net/rds: Fix error handling in rds_ib_add_one()
    (networking-stable-19_10_05).
  o net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
  o net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
  o net/sched: act_sample: do not push mac header on ip6gre ingress
    (networking-stable-19_09_30).
  o net: Fix null de-reference of device refcount (networking-stable-19_09_15).
  o net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
  o net: Unpublish sk from sk_reuseport_cb before call_rcu
    (networking-stable-19_10_05).
  o net: fix skb use after free in netpoll (networking-stable-19_09_05).
  o net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
    linear-headed frag_list (networking-stable-19_09_15).
  o net: openvswitch: free vport unless register_netdevice() succeeds
    (git-fixes).
  o net: qlogic: Fix memory leak in ql_alloc_large_buffers
    (networking-stable-19_10_05).
  o net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
  o net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o net: stmmac: dwmac-rk: Do not fail if phy regulator is absent
    (networking-stable-19_09_05).
  o net_sched: add policy validation for action attributes
    (networking-stable-19_09_30).
  o net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o nfc: fix attrs checks in netlink interface (bsc#1051510).
  o nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
  o nfc: pn533: fix use-after-free and memleaks (bsc#1051510).
  o nfs: fix regression (boo#1154189 bsc#1154747).
  o nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
  o nl80211: fix null pointer dereference (bsc#1051510).
  o objtool: Clobber user CFLAGS variable (bsc#1153236).
  o openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
    (networking-stable-19_09_30).
  o packaging: add support for riscv64
  o pci: Correct pci=resource_alignment parameter example (bsc#1051510).
  o pci: PM: Fix pci_power_up() (bsc#1051510).
  o pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
  o pci: hv: Use bytes 4 and 5 from instance ID as the pci domain numbers (bsc#
    1153263).
  o pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
  o platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
  o platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI
    table (bsc#1051510).
  o power: supply: sysfs: ratelimit property read error message (bsc#1051510).
  o powerpc/64s/pseries: radix flush translations before MMU is enabled at boot
    (bsc#1055186).
  o powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates
    (bsc#1055186).
  o powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
  o powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc
    #1055186).
  o powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
  o powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline
    (bsc#1055186).
  o powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#
    1055186).
  o powerpc/mm: Properly invalidate when setting process table base (bsc#
    1055186).
  o powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
  o powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#
    1153112 ltc#181778).
  o powerpc/pseries: Remove confusing warning message (bsc#1109158).
  o powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc
    #181778).
  o qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#
    1050545).
  o qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
  o qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#
    1050536 bsc#1050545).
  o qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).
  o qmi_wwan: add support for Cinterion CLS8 devices
    (networking-stable-19_10_05).
  o r8152: Set macpassthru in reset_resume callback (bsc#1051510).
  o rdma/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (bsc#
    1050244).
  o rdma: Fix goto target to release the allocated memory (bsc#1050244).
  o rds: Fix warning (bsc#1154848).
  o rpm/config.sh: Enable livepatch.
  o rpm/constraints.in: lower disk space required for ARM With a requirement of
    35GB, only 2 slow workers are usable for ARM. Current aarch64 build
    requires 27G and armv6/7 requires 14G. Set requirements respectively to
    30GB and 20GB.
  o rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no
    reason to lock down the dtb directory for ordinary users.
  o rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo.
  o rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE
    kernel RT and Azure variants are excluded for the moment. (bsc#1141600)
  o rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in
    5.2.
  o rpm/kernel-binary.spec.in: support partial rt debug config.
  o rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
    (bsc#1149119).
  o rpm/macros.kernel-source: KMPs should depend on kmod-compat to build.
    kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and
    find-supplements.ksyms in rpm-config-SUSE.
  o rpm/mkspec: Correct tarball URL for rc kernels.
  o rpm/mkspec: Make building DTBs optional.
  o rpm/modflist: Simplify compression support.
  o rpm: raise required disk space for binary packages Current disk space
    constraints (10 GB on s390x, 25 GB on other architectures) no longer
    suffice for 5.3 kernel builds. The statistics show ~30 GB of disk
    consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB
    in general and 14 GB on s390x.
  o rpm: support compressed modules Some of our scripts and scriptlets in rpm/
    do not expect module files not ending with ".ko" which currently leads to
    failure in preuninstall scriptlet of cluster-md-kmp-default (and probably
    also other subpackages). Let those which could be run on compressed module
    files recognize ".ko.xz" in addition to ".ko".
  o rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
  o s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
  o s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).
  o sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
    (networking-stable-19_10_05).
  o sch_dsmark: fix potential NULL deref in dsmark_init()
    (networking-stable-19_10_05).
  o sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    (networking-stable-19_09_15).
  o sch_netem: fix a divide by zero in tabledist()
    (networking-stable-19_09_30).
  o sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
  o scripts/arch-symbols: add missing link.
  o scsi: lpfc: Fix devices that do not return after devloss followed by
    rediscovery (bsc#1137040).
  o scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute
    (bsc#1140845).
  o scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#
    1140883).
  o scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
  o scsi: qedf: Modify abort and tmf handler to handle edge condition and flush
    (bsc#1098291).
  o scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#
    1140729).
  o scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956
    LTC#182054).
  o sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    (networking-stable-19_09_15).
  o sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    (networking-stable-19_09_15).
  o skge: fix checksum byte order (networking-stable-19_09_30).
  o sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
  o sock_diag: request _diag module only when the family or proto has been
    registered (bsc#1152791).
  o staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
  o staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
    1051510).
  o supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
  o tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
  o tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    (networking-stable-19_09_15).
  o tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
  o tcp: remove empty skb from write queue in error cases
    (networking-stable-19_09_05).
  o thermal: Fix use-after-free when unregistering thermal zone device (bsc#
    1051510).
  o thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
  o tipc: add NULL pointer check before calling kfree_rcu
    (networking-stable-19_09_15).
  o tipc: fix unlimited bundling of small messages
    (networking-stable-19_10_05).
  o tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#
    1151508).
  o tun: fix use-after-free when register netdev failed
    (networking-stable-19_09_15).
  o tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
  o usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on release (bsc#1051510).
  o usb: chaoskey: fix use-after-free on release (bsc#1051510).
  o usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
  o usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bsc#1051510).
  o usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
  o usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).
  o usb: iowarrior: fix use-after-free on release (bsc#1051510).
  o usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
  o usb: ldusb: fix control-message timeout (bsc#1051510).
  o usb: ldusb: fix memleak on disconnect (bsc#1051510).
  o usb: ldusb: fix read info leaks (bsc#1051510).
  o usb: ldusb: fix ring-buffer locking (bsc#1051510).
  o usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
  o usb: legousbtower: fix deadlock on disconnect (bsc#1142635).
  o usb: legousbtower: fix memleak on disconnect (bsc#1051510).
  o usb: legousbtower: fix open after failed reset request (bsc#1142635).
  o usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
  o usb: legousbtower: fix slab info leak at probe (bsc#1142635).
  o usb: legousbtower: fix use-after-free on release (bsc#1051510).
  o usb: microtek: fix info-leak at probe (bsc#1142635).
  o usb: serial: fix runtime PM after driver unbind (bsc#1051510).
  o usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#
    1051510).
  o usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
  o usb: serial: option: add Telit FN980 compositions (bsc#1051510).
  o usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
  o usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
  o usb: serial: whiteheat: fix potential slab corruption (bsc#1051510).
  o usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
  o usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
  o usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
  o usb: usblcd: fix I/O after disconnect (bsc#1142635).
  o usb: usblp: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usblp: fix use-after-free on disconnect (bsc#1051510).
  o usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#
    1051510).
  o usb: yurex: Do not retry on unexpected errors (bsc#1051510).
  o usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).
  o usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
  o usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
  o vfio_pci: Restore original state on release (bsc#1051510).
  o vhost_net: conditionally enable tx polling (bsc#1145099).
  o video: of: display_timing: Add of_node_put() in of_get_display_timing()
    (bsc#1051510).
  o vsock: Fix a lockdep warning in __vsock_release()
    (networking-stable-19_10_05).
  o watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#
    1051510).
  o x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
  o x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
    1153969).
  o x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
  o x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
  o xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
  o xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
  o xhci: Check all endpoints for LPM timeout (bsc#1051510).
  o xhci: Fix false warning message about wrong bounce buffer write length (bsc
    #1051510).
  o xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
  o xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
    (bsc#1051510).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 15:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2019-2951=1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15-SP1:
    zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2951=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 15 (x86_64):
       kernel-azure-4.12.14-5.44.1
       kernel-azure-base-4.12.14-5.44.1
       kernel-azure-base-debuginfo-4.12.14-5.44.1
       kernel-azure-debuginfo-4.12.14-5.44.1
       kernel-azure-devel-4.12.14-5.44.1
       kernel-syms-azure-4.12.14-5.44.1
  o SUSE Linux Enterprise Module for Public Cloud 15 (noarch):
       kernel-devel-azure-4.12.14-5.44.1
       kernel-source-azure-4.12.14-5.44.1
  o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
    (noarch):
       kernel-devel-azure-4.12.14-5.44.1
       kernel-source-azure-4.12.14-5.44.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17055.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://www.suse.com/security/cve/CVE-2019-18805.html
  o https://bugzilla.suse.com/1046299
  o https://bugzilla.suse.com/1046303
  o https://bugzilla.suse.com/1046305
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1050536
  o https://bugzilla.suse.com/1050545
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1061840
  o https://bugzilla.suse.com/1064802
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1066129
  o https://bugzilla.suse.com/1073513
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1086323
  o https://bugzilla.suse.com/1087092
  o https://bugzilla.suse.com/1089644
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1093205
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1097583
  o https://bugzilla.suse.com/1097584
  o https://bugzilla.suse.com/1097585
  o https://bugzilla.suse.com/1097586
  o https://bugzilla.suse.com/1097587
  o https://bugzilla.suse.com/1097588
  o https://bugzilla.suse.com/1098291
  o https://bugzilla.suse.com/1101674
  o https://bugzilla.suse.com/1109158
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1123080
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1134303
  o https://bugzilla.suse.com/1135642
  o https://bugzilla.suse.com/1135854
  o https://bugzilla.suse.com/1135873
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1137799
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1140729
  o https://bugzilla.suse.com/1140845
  o https://bugzilla.suse.com/1140883
  o https://bugzilla.suse.com/1141600
  o https://bugzilla.suse.com/1142635
  o https://bugzilla.suse.com/1142667
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144375
  o https://bugzilla.suse.com/1144449
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145099
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1148410
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150875
  o https://bugzilla.suse.com/1151508
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152782
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1152791
  o https://bugzilla.suse.com/1153112
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153236
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153646
  o https://bugzilla.suse.com/1153681
  o https://bugzilla.suse.com/1153713
  o https://bugzilla.suse.com/1153717
  o https://bugzilla.suse.com/1153718
  o https://bugzilla.suse.com/1153719
  o https://bugzilla.suse.com/1153811
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154108
  o https://bugzilla.suse.com/1154189
  o https://bugzilla.suse.com/1154354
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1154578
  o https://bugzilla.suse.com/1154607
  o https://bugzilla.suse.com/1154608
  o https://bugzilla.suse.com/1154610
  o https://bugzilla.suse.com/1154611
  o https://bugzilla.suse.com/1154651
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154747
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1154956
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671
  o https://bugzilla.suse.com/1155692
  o https://bugzilla.suse.com/1155836
  o https://bugzilla.suse.com/1155982
  o https://bugzilla.suse.com/1156187


===============================================================================


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2952-1
Rating:            important
References:        #1046299 #1046303 #1046305 #1050244 #1050536 #1050545
                   #1051510 #1055186 #1061840 #1064802 #1065600 #1066129
                   #1073513 #1082635 #1083647 #1086323 #1087092 #1089644
                   #1090631 #1093205 #1096254 #1097583 #1097584 #1097585
                   #1097586 #1097587 #1097588 #1098291 #1101674 #1109158
                   #1111666 #1112178 #1113994 #1114279 #1117665 #1119461
                   #1119465 #1123034 #1123080 #1133140 #1134303 #1135642
                   #1135854 #1135873 #1135967 #1137040 #1137799 #1137861
                   #1138190 #1140090 #1140729 #1140845 #1140883 #1141600
                   #1142635 #1142667 #1143706 #1144338 #1144375 #1144449
                   #1144903 #1145099 #1146612 #1148410 #1149119 #1149853
                   #1150452 #1150457 #1150465 #1150875 #1151508 #1151807
                   #1152033 #1152624 #1152665 #1152685 #1152696 #1152697
                   #1152788 #1152790 #1152791 #1153112 #1153158 #1153236
                   #1153263 #1153476 #1153509 #1153607 #1153646 #1153681
                   #1153713 #1153717 #1153718 #1153719 #1153811 #1153969
                   #1154108 #1154189 #1154242 #1154268 #1154354 #1154372
                   #1154521 #1154578 #1154607 #1154608 #1154610 #1154611
                   #1154651 #1154737 #1154747 #1154848 #1154858 #1154905
                   #1154956 #1155061 #1155178 #1155179 #1155184 #1155186
                   #1155671
Cross-References:  CVE-2018-12207 CVE-2019-10220 CVE-2019-11135 CVE-2019-16232
                   CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17056
                   CVE-2019-17133 CVE-2019-17666
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 15-SP1
______________________________________________________________________________

An update that solves 10 vulnerabilities and has 111 fixes is now available.

Description:

The SUSE Linux Enterprise 15-SP1 Azure kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as More
information can be found on https://www.suse.com/support/kb/doc/id=7023735

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251

  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).


  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


The following non-security bugs were fixed:

  o 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  o Add kernel module compression support (bsc#1135854)
  o acpi / CPPC: do not require the _PSD method (bsc#1051510).
  o acpi / processor: do not print errors for processorIDs == 0xff (bsc#
    1051510).
  o acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    (bsc#1051510).
  o act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  o alsa: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o alsa: firewire-motu: add support for MOTU 4pre (bsc#1111666).
  o alsa: hda - Add a quirk model for fixing Huawei Matebook X right speaker
    (bsc#1051510).
  o alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  o alsa: hda - Apply AMD controller workaround for Raven platform (bsc#
    1051510).
  o alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#
    1051510).
  o alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  o alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#
    1051510).
  o alsa: hda - Force runtime PM on Nvidia HDMI codecs (bsc#1051510).
  o alsa: hda - Inform too slow responses (bsc#1051510).
  o alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  o alsa: hda/hdmi - Do not report spurious jack state changes (bsc#1051510).
  o alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#
    1051510).
  o alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
  o alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
  o alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#
    1051510).
  o alsa: hda/realtek - Check beep whitelist before assigning in all codecs
    (bsc#1051510).
  o alsa: hda/realtek - Enable headset mic on Asus MJ401TA (bsc#1051510).
  o alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  o alsa: hda/realtek - Fix alienware headset mic (bsc#1051510).
  o alsa: hda/realtek - pci quirk for Medion E4254 (bsc#1051510).
  o alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#
    1051510).
  o alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#
    1051510).
  o alsa: hda: Add Elkhart Lake pci ID (bsc#1051510).
  o alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510).
  o alsa: hda: Add support of Zhaoxin controller (bsc#1051510).
  o alsa: hda: Flush interrupts on disabling (bsc#1051510).
  o alsa: hda: Set fifo_size for both playback and capture streams (bsc#
    1051510).
  o alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in
    build_adc_controls() (bsc#1051510).
  o alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  o alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o alsa: usb-audio: Add DSD support for EVGA NU Audio (bsc#1051510).
  o alsa: usb-audio: Add DSD support for Gustard U16/X26 USB Interface (bsc#
    1051510).
  o alsa: usb-audio: Add Hiby device family to quirks for native DSD support
    (bsc#1051510).
  o alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  o alsa: usb-audio: Clean up check_input_term() (bsc#1051510).
  o alsa: usb-audio: DSD auto-detection for Playback Designs (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  o alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1111666).
  o alsa: usb-audio: Fix copy&paste error in the validator (bsc#1111666).
  o alsa: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk
    () (bsc#1051510).
  o alsa: usb-audio: More validations of descriptor units (bsc#1051510).
  o alsa: usb-audio: Remove superfluous bLength checks (bsc#1051510).
  o alsa: usb-audio: Simplify parse_audio_unit() (bsc#1051510).
  o alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#
    1051510).
  o alsa: usb-audio: Unify audioformat release code (bsc#1051510).
  o alsa: usb-audio: Unify the release of usb_mixer_elem_info objects (bsc#
    1051510).
  o alsa: usb-audio: Update DSD support quirks for Oppo and Rotel (bsc#
    1051510).
  o alsa: usb-audio: fix PCM device order (bsc#1051510).
  o alsa: usb-audio: remove some dead code (bsc#1051510).
  o appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o arm64/cpufeature: Convert hook_lock to raw_spin_lock_t in cpu_enable_ssbs()
    (jsc#ECO-561).
  o arm64: Add decoding macros for CP15_32 and CP15_64 traps (jsc#ECO-561).
  o arm64: Add part number for Neoverse N1 (jsc#ECO-561).
  o arm64: Add silicon-errata.txt entry for ARM erratum 1188873 (jsc#ECO-561).
  o arm64: Apply ARM64_ERRATUM_1188873 to Neoverse-N1 (jsc#ECO-561).
  o arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419
    (jsc#ECO-561,jsc#SLE-10671).
  o arm64: Fix mismatched cache line size detection (jsc#ECO-561,jsc#
    SLE-10671).
  o arm64: Fix silly typo in comment (jsc#ECO-561).
  o arm64: Force SSBS on context switch (jsc#ECO-561).
  o arm64: Introduce sysreg_clear_set() (jsc#ECO-561).
  o arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT (jsc#ECO-561).
  o arm64: Restrict ARM64_ERRATUM_1188873 mitigation to AArch32 (jsc#ECO-561).
  o arm64: arch_timer: avoid unused function warning (jsc#ECO-561).
  o arm64: compat: Add CNTFRQ trap handler (jsc#ECO-561).
  o arm64: compat: Add CNTVCT trap handler (jsc#ECO-561).
  o arm64: compat: Add condition code checks and IT advance (jsc#ECO-561).
  o arm64: compat: Add cp15_32 and cp15_64 handler arrays (jsc#ECO-561).
  o arm64: compat: Add separate CP15 trapping hook (jsc#ECO-561).
  o arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (jsc#
    ECO-561,jsc#SLE-10671).
  o arm64: cpu: Move errata and feature enable callbacks closer to callers (jsc
    #ECO-561).
  o arm64: cpu_errata: Remove ARM64_MISMATCHED_CACHE_LINE_SIZE (jsc#ECO-561,jsc
    #SLE-10671).
  o arm64: cpufeature: Fix handling of CTR_EL0.IDC field (jsc#ECO-561,jsc#
    SLE-10671).
  o arm64: cpufeature: Trap CTR_EL0 access only where it is necessary (jsc#
    ECO-561,jsc#SLE-10671).
  o arm64: cpufeature: ctr: Fix cpu capability check for late CPUs (jsc#
    ECO-561,jsc#SLE-10671).
  o arm64: entry: Allow handling of undefined instructions from EL1 (jsc#
    ECO-561).
  o arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419
    (jsc#ECO-561,jsc#SLE-10671).
  o arm64: fix SSBS sanitization (jsc#ECO-561).
  o arm64: force_signal_inject: WARN if called from kernel context (jsc#
    ECO-561).
  o arm64: kill change_cpacr() (jsc#ECO-561).
  o arm64: kill config_sctlr_el1() (jsc#ECO-561).
  o arm64: kvm: Add invalidate_icache_range helper (jsc#ECO-561,jsc#SLE-10671).
  o arm64: kvm: PTE/PMD S2 XN bit definition (jsc#ECO-561,jsc#SLE-10671).
  o arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h> (jsc#ECO-561).
  o arm64: ssbd: Drop #ifdefs for PR_SPEC_STORE_BYPASS (jsc#ECO-561).
  o arm: kvm: Add optimized PIPT icache flushing (jsc#ECO-561,jsc#SLE-10671).
  o asoc: Define a set of DAPM pre/post-up events (bsc#1051510).
  o asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
  o asoc: Intel: NHLT: Fix debug print format (bsc#1051510).
  o asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
    (bsc#1051510).
  o asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o asoc: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  o auxdisplay: panel: need to delete scan_timer when misc_register fails in
    panel_attach (bsc#1051510).
  o ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o blk-wbt: abstract out end IO completion handler (bsc#1135873).
  o blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  o blk-wbt: improve waking of tasks (bsc#1135873).
  o blk-wbt: move disable check into get_limit() (bsc#1135873).
  o blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#
    1051510).
  o bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  o bnxt_en: Add pci IDs for 57500 series NPAR devices (bsc#1153607).
  o boot: Sign non-x86 kernels when possible (boo#1134303)
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o brcmfmac: sdio: Disable auto-tuning around commands expected to fail (bsc#
    1111666).
  o brcmfmac: sdio: Do not tune while the card is off (bsc#1111666).
  o bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  o btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#
    1154651).
  o btrfs: Ensure replaced device does not have pending chunk allocation (bsc#
    1154607).
  o btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o btrfs: check for the full sync flag while holding the inode lock during
    fsync (bsc#1153713).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#
    1154651).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#
    1051510).
  o can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#
    1051510).
  o cdc_ether: fix rndis support for Mediatek based smartphones
    (networking-stable-19_09_15).
  o cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  o ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  o ceph: reconnect connection if session hang in opening state (bsc#1153718).
  o ceph: update the mtime when truncating up (bsc#1153719).
  o cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  o cfg80211: add and use strongly typed element iteration macros (bsc#
    1051510).
  o clk: at91: select parent if main oscillator or bypass is enabled (bsc#
    1051510).
  o clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  o clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  o clk: zx296718: Do not reference clk_init_data after registration (bsc#
    1051510).
  o config: arm64: enable erratum 1418040 and 1542419
  o crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg - remove locking in async callback (bsc#1154737).
  o crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif - return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead - overhaul memory management (bsc#1154737).
  o crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  o crypto: talitos - fix missing break in switch statement (bsc#1142635).
  o cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587
    bsc#1097588 bsc#1097583 bsc#1097584).
  o cxgb4: do not dma memory off of the stack (bsc#1152790).
  o cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#
    1066129).
  o cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#
    1066129).
  o cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#
    1073513).
  o cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o dasd_fba: Display '00000000' for zero page when dumping sense (bsc#
    1123080).
  o drm/amd/display: Restore backlight brightness after system resume (bsc#
    1112178)
  o drm/amd/display: fix issue where 252-255 values are clipped (bsc#1111666).
  o drm/amd/display: reprogram VM config when system resume (bsc#1111666).
  o drm/amd/display: support spdif (bsc#1111666).
  o drm/amd/dm: Understand why attaching path/tile properties are needed (bsc#
    1111666).
  o drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  o drm/amd/pp: Fix truncated clock value when set watermark (bsc#1111666).
  o drm/amdgpu/gfx9: Update gfx9 golden settings (bsc#1111666).
  o drm/amdgpu/si: fix ASIC tests (git-fixes).
  o drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  o drm/amdgpu: Fix KFD-related kernel oops on Hawaii (bsc#1111666).
  o drm/amdgpu: Update gc_9_0 golden settings (bsc#1111666).
  o drm/amdkfd: Add missing Polaris10 ID (bsc#1111666).
  o drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  o drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors
    (bsc#1111666).
  o drm/atomic_helper: Disallow new modesets on unregistered connectors (bsc#
    1111666).
  o drm/atomic_helper: Stop modesets on unregistered connectors harder (bsc#
    1111666).
  o drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  o drm/bridge: tfp410: fix memleak in get_modes() (bsc#1111666).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during (bsc#1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gvt: update vgpu workload head pointer correctly (bsc#1112178)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Cleanup gt powerstate from gem (bsc#1111666).
  o drm/i915: Disable Secure Batches for gen6+ (bsc#1135967)
  o drm/i915: Fix intel_dp_mst_best_encoder() (bsc#1111666).
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Remove Master tables from cmdparser (bsc#1135967)
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Restore sane defaults for KMS on GEM error load (bsc#1111666).
  o drm/i915: Support ro ppgtt mapped cmdparser shadow (bsc#1135967)
  o drm/mediatek: set DMA max segment size (bsc#1111666).
  o drm/msm/dsi: Fix return value check for clk_get_parent (bsc#1111666).
  o drm/msm/dsi: Implement reset correctly (bsc#1051510).
  o drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling (bsc#1111666).
  o drm/nouveau/kms/nv50-: Do not create MSTMs for eDP connectors (bsc#1112178)
  o drm/nouveau/volt: Fix for some cards having 0 maximum voltage (bsc#
    1111666).
  o drm/omap: fix max fclk divider for omap36xx (bsc#1111666).
  o drm/panel: check failure cases in the probe func (bsc#1111666).
  o drm/panel: make drm_panel.h self-contained (bsc#1111666).
  o drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  o drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed (bsc#
    1111666).
  o drm/radeon: Fix EEH during kexec (bsc#1051510).
  o drm/rockchip: Check for fast link training before enabling psr (bsc#
    1111666).
  o drm/stm: attach gem fence to atomic state (bsc#1111666).
  o drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#
    1051510).
  o drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  o drm: Flush output polling on shutdown (bsc#1051510).
  o drm: add __user attribute to ptr_to_compat() (bsc#1111666).
  o drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC
    (bsc#1111666).
  o drm: rcar-du: lvds: Fix bridge_to_rcar_lvds (bsc#1111666).
  o e1000e: add workaround for possible stalled packet (bsc#1051510).
  o efi/arm: Show SMBIOS bank/device location in CPER and GHES error logs (bsc#
    1152033).
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of pcie fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
    (git-fixes).
  o gpu: drm: radeon: Fix a possible null-pointer dereference in
    radeon_connector_set_property() (bsc#1051510).
  o hid: apple: Fix stuck function keys when using FN (bsc#1051510).
  o hid: fix error message in hid_open_report() (bsc#1051510).
  o hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  o hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o hid: logitech: Fix general protection fault caused by Logitech driver (bsc#
    1051510).
  o hid: prodikeys: Fix general protection fault during probe (bsc#1051510).
  o hid: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
    (bsc#1051510).
  o hwrng: core - do not wait on add_early_randomness() (git-fixes).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o i2c: riic: Clear NACK in tend isr (bsc#1051510).
  o ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  o ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  o ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  o ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  o ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  o ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  o ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o iio: adc: ad799x: fix probe error handling (bsc#1051510).
  o iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  o ima: always return negative code for error (bsc#1051510).
  o input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
  o input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    (bsc#1137799).
  o iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  o iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  o iommu/amd: Remove domain->updated (bsc#1154610).
  o iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#
    1154611).
  o ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#
    1051510).
  o ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    (networking-stable-19_09_15).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o irqchip/gic-v3-its: Fix LPI release for Multi-MSI devices (jsc#ECO-561).
  o irqchip/gic-v3-its: Fix command queue pointer comparison bug (jsc#ECO-561).
  o irqchip/gic-v3-its: Fix misuse of GENMASK macro (jsc#ECO-561).
  o iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (bsc#
    1111666).
  o ixgbe: Fix secpath usage for IPsec TX offload (bsc#1113994 bsc#1151807).
  o ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#
    1101674).
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_connector.registered type changes (bsc#1111666).
  o kABI workaround for mmc_host retune_crc_disable flag addition (bsc#
    1111666).
  o kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
  o kabi/severities: Whitelist functions internal to radix mm. To call these
    functions you have to first detect if you are running in radix mm mode
    which can't be expected of OOT code.
  o kabi: net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).
  o kernel/sysctl.c: do not override max_threads provided by userspace (bnc#
    1150875).
  o ksm: cleanup stable_node chain collapse case (bnc#1144338).
  o ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
  o ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#
    1144338).
  o ksm: optimize refile of stable_node_dup at the head of the chain (bnc#
    1144338).
  o ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).
  o kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#
    1061840).
  o kvm: arm/arm64: Clean dcache to PoC when changing PTE due to CoW (jsc#
    ECO-561,jsc#SLE-10671).
  o kvm: arm/arm64: Detangle kvm_mmu.h from kvm_hyp.h (jsc#ECO-561,jsc#
    SLE-10671).
  o kvm: arm/arm64: Drop vcpu parameter from guest cache maintenance
    operartions (jsc#ECO-561,jsc#SLE-10671).
  o kvm: arm/arm64: Limit icache invalidation to prefetch aborts (jsc#
    ECO-561,jsc#SLE-10671).
  o kvm: arm/arm64: Only clean the dcache on translation fault (jsc#ECO-561,jsc
    #SLE-10671).
  o kvm: arm/arm64: Preserve Exec permission across R/W permission faults (jsc#
    ECO-561,jsc#SLE-10671).
  o kvm: arm/arm64: Split dcache/icache flushing (jsc#ECO-561,jsc#SLE-10671).
  o kvm: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
    (jsc#ECO-561).
  o kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
    1117665).
  o kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
  o kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#
    1117665).
  o kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
  o kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
  o kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
  o lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
  o libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
  o libnvdimm/security: provide fix for secure-erase to use zero-key (bsc#
    1149853).
  o lpfc: Add FA-WWN Async Event reporting (bsc#1154521).
  o lpfc: Add FC-AL support to lpe32000 models (bsc#1154521).
  o lpfc: Add additional discovery log messages (bsc#1154521).
  o lpfc: Add log macros to allow print by serverity or verbocity setting (bsc#
    1154521).
  o lpfc: Fix SLI3 hba in loop mode not discovering devices (bsc#1154521).
  o lpfc: Fix bad ndlp ptr in xri aborted handling (bsc#1154521).
  o lpfc: Fix hardlockup in lpfc_abort_handler (bsc#1154521).
  o lpfc: Fix lockdep errors in sli_ringtx_put (bsc#1154521).
  o lpfc: Fix reporting of read-only fw error errors (bsc#1154521).
  o lpfc: Make FW logging dynamically configurable (bsc#1154521).
  o lpfc: Remove lock contention target write path (bsc#1154521).
  o lpfc: Revise interrupt coalescing for missing scenarios (bsc#1154521).
  o lpfc: Slight fast-path Performance optimizations (bsc#1154521).
  o lpfc: Update lpfc version to 12.6.0.0 (bsc#1154521).
  o lpfc: fix coverity error of dereference after null check (bsc#1154521).
  o lpfc: fix lpfc_nvmet_mrq to be bound by hdw queue count (bsc#1154521).
  o mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o mac80211: Reject malformed SSID elements (bsc#1051510).
  o mac80211: accept deauth frames in IBSS mode (bsc#1051510).
  o mac80211: fix txq null pointer dereference (bsc#1051510).
  o macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
  o md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#
    1140090).
  o md/raid0: fix warning message for parameter default_layout (bsc#1140090).
  o media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
  o media: cpia2_usb: fix memory leaks (bsc#1051510).
  o media: dvb-core: fix a memory leak bug (bsc#1051510).
  o media: exynos4-is: fix leaked of_node references (bsc#1051510).
  o media: gspca: zero usb_buf on error (bsc#1051510).
  o media: hdpvr: Add device num check and handling (bsc#1051510).
  o media: hdpvr: add terminating 0 at end of string (bsc#1051510).
  o media: i2c: ov5645: Fix power sequence (bsc#1051510).
  o media: iguanair: add sanity checks (bsc#1051510).
  o media: omap3isp: Do not set streaming state on random subdevs (bsc#
    1051510).
  o media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
  o media: ov9650: add a sanity check (bsc#1051510).
  o media: radio/si470x: kill urb on error (bsc#1051510).
  o media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
    (bsc#1051510).
  o media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
  o media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
  o media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
  o media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
  o memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc
    #1051510).
  o mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
  o mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
  o mmc: core: API to temporarily disable retuning for SDIO CRC errors (bsc#
    1111666).
  o mmc: core: Add sdio_retune_hold_now() and sdio_retune_release() (bsc#
    1111666).
  o mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
  o mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
  o mmc: sdhci: improve ADMA error reporting (bsc#1051510).
  o net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495,
    ltc#165544, git-fixes).
  o net/mlx4_en: fix a memory leak bug (bsc#1046299).
  o net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
  o net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
  o net/phy: fix DP83865 10 Mbps HDX loopback disable function
    (networking-stable-19_09_30).
  o net/rds: Fix error handling in rds_ib_add_one()
    (networking-stable-19_10_05).
  o net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
  o net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
  o net/sched: act_sample: do not push mac header on ip6gre ingress
    (networking-stable-19_09_30).
  o net: Fix null de-reference of device refcount (networking-stable-19_09_15).
  o net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
  o net: Unpublish sk from sk_reuseport_cb before call_rcu
    (networking-stable-19_10_05).
  o net: fix skb use after free in netpoll (networking-stable-19_09_05).
  o net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
    linear-headed frag_list (networking-stable-19_09_15).
  o net: openvswitch: free vport unless register_netdevice() succeeds
    (git-fixes).
  o net: qlogic: Fix memory leak in ql_alloc_large_buffers
    (networking-stable-19_10_05).
  o net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
  o net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o net: stmmac: dwmac-rk: Do not fail if phy regulator is absent
    (networking-stable-19_09_05).
  o net_sched: add policy validation for action attributes
    (networking-stable-19_09_30).
  o net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o nfc: fix attrs checks in netlink interface (bsc#1051510).
  o nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
  o nfc: pn533: fix use-after-free and memleaks (bsc#1051510).
  o nfs: fix incorrectly backported patch (boo#1154189 bsc#1154747).
  o nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
  o nl80211: fix null pointer dereference (bsc#1051510).
  o objtool: Clobber user CFLAGS variable (bsc#1153236).
  o openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
    (networking-stable-19_09_30).
  o packaging: add support for riscv64
  o pci: Correct pci=resource_alignment parameter example (bsc#1051510).
  o pci: PM: Fix pci_power_up() (bsc#1051510).
  o pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
  o pci: hv: Use bytes 4 and 5 from instance ID as the pci domain numbers (bsc#
    1153263).
  o pinctrl: cherryview: restore Strago DMI workaround for all versions (bsc#
    1111666).
  o pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
  o platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
  o platform/x86: i2c-multi-instantiate: Derive the device name from parent
    (bsc#1111666).
  o platform/x86: i2c-multi-instantiate: Fail the probe if no IRQ provided (bsc
    #1111666).
  o platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI
    table (bsc#1051510).
  o power: supply: sysfs: ratelimit property read error message (bsc#1051510).
  o powerpc/64s/pseries: radix flush translations before MMU is enabled at boot
    (bsc#1055186).
  o powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates
    (bsc#1055186).
  o powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
  o powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc
    #1055186).
  o powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
  o powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline
    (bsc#1055186).
  o powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#
    1055186).
  o powerpc/mm: Properly invalidate when setting process table base (bsc#
    1055186).
  o powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
  o powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#
    1153112 ltc#181778).
  o powerpc/pseries: Remove confusing warning message (bsc#1109158).
  o powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc
    #181778).
  o powerplay: Respect units on max dcfclk watermark (bsc#1111666).
  o qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#
    1050545).
  o qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
  o qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#
    1050536 bsc#1050545).
  o qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).
  o qmi_wwan: add support for Cinterion CLS8 devices
    (networking-stable-19_10_05).
  o r8152: Set macpassthru in reset_resume callback (bsc#1051510).
  o rdma/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (bsc#
    1050244).
  o rdma/hns: Add reset process for function-clear (bsc#1155061).
  o rdma/hns: Remove the some magic number (bsc#1155061).
  o rdma: Fix goto target to release the allocated memory (bsc#1050244).
  o rds: Fix warning (bsc#1154848).
  o rpm/constraints.in: lower disk space required for ARM With a requirement of
    35GB, only 2 slow workers are usable for ARM. Current aarch64 build
    requires 27G and armv6/7 requires 14G. Set requirements respectively to
    30GB and 20GB.
  o rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no
    reason to lock down the dtb directory for ordinary users.
  o rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE
    kernel RT and Azure variants are excluded for the moment. (bsc#1141600)
  o rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in
    5.2.
  o rpm/kernel-binary.spec.in: support partial rt debug config.
  o rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
    (bsc#1149119).
  o rpm/macros.kernel-source: KMPs should depend on kmod-compat to build.
    kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and
    find-supplements.ksyms in rpm-config-SUSE.
  o rpm/mkspec: Correct tarball URL for rc kernels.
  o rpm/mkspec: Make building DTBs optional.
  o rpm/modflist: Simplify compression support.
  o rpm: raise required disk space for binary packages Current disk space
    constraints (10 GB on s390x, 25 GB on other architectures) no longer
    suffice for 5.3 kernel builds. The statistics show ~30 GB of disk
    consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB
    in general and 14 GB on s390x.
  o rpm: support compressed modules Some of our scripts and scriptlets in rpm/
    do not expect module files not ending with ".ko" which currently leads to
    failure in preuninstall scriptlet of cluster-md-kmp-default (and probably
    also other subpackages). Let those which could be run on compressed module
    files recognize ".ko.xz" in addition to ".ko".
  o rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
  o s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
  o s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).
  o s390/crypto: fix gcm-aes-s390 selftest failures (bsc#1137861 LTC#178091).
  o s390/pci: add mio_enabled attribute (bsc#1152665 LTC#181729).
  o s390/pci: correctly handle MIO opt-out (bsc#1152665 LTC#181729).
  o s390/pci: deal with devices that have no support for MIO instructions (bsc#
    1152665 LTC#181729).
  o s390/pci: fix MSI message data (bsc#1152697 LTC#181730).
  o s390: add support for IBM z15 machines (bsc#1152696 LTC#181731).
  o s390: fix setting of mio addressing control (bsc#1152665 LTC#181729).
  o sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
    (networking-stable-19_10_05).
  o sch_dsmark: fix potential NULL deref in dsmark_init()
    (networking-stable-19_10_05).
  o sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    (networking-stable-19_09_15).
  o sch_netem: fix a divide by zero in tabledist()
    (networking-stable-19_09_30).
  o sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
  o scripts/arch-symbols: add missing link.
  o scsi: lpfc: Check queue pointer before use (bsc#1154242).
  o scsi: lpfc: Complete removal of FCoE T10 PI support on SLI-4 adapters (bsc#
    1154521).
  o scsi: lpfc: Convert existing %pf users to %ps (bsc#1154521).
  o scsi: lpfc: Fix GPF on scsi command completion (bsc#1154521).
  o scsi: lpfc: Fix NVME io abort failures causing hangs (bsc#1154521).
  o scsi: lpfc: Fix NVMe ABTS in response to receiving an ABTS (bsc#1154521).
  o scsi: lpfc: Fix coverity errors on NULL pointer checks (bsc#1154521).
  o scsi: lpfc: Fix device recovery errors after PLOGI failures (bsc#1154521).
  o scsi: lpfc: Fix devices that do not return after devloss followed by
    rediscovery (bsc#1137040).
  o scsi: lpfc: Fix discovery failures when target device connectivity bounces
    (bsc#1154521).
  o scsi: lpfc: Fix hdwq sgl locks and irq handling (bsc#1154521).
  o scsi: lpfc: Fix host hang at boot or slow boot (bsc#1154521).
  o scsi: lpfc: Fix list corruption detected in lpfc_put_sgl_per_hdwq (bsc#
    1154521).
  o scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq (bsc#1154521).
  o scsi: lpfc: Fix locking on mailbox command completion (bsc#1154521).
  o scsi: lpfc: Fix miss of register read failure check (bsc#1154521).
  o scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute
    (bsc#1140845).
  o scsi: lpfc: Fix premature re-enabling of interrupts in lpfc_sli_host_down
    (bsc#1154521).
  o scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#
    1140883).
  o scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (bsc#1154521).
  o scsi: lpfc: Fix rpi release when deleting vport (bsc#1154521).
  o scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd() (bsc#1154521).
  o scsi: lpfc: Make function lpfc_defer_pt2pt_acc static (bsc#1154521).
  o scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
  o scsi: lpfc: Update async event logging (bsc#1154521).
  o scsi: lpfc: Update lpfc version to 12.4.0.1 (bsc#1154521).
  o scsi: lpfc: cleanup: remove unused fcp_txcmlpq_cnt (bsc#1154521).
  o scsi: lpfc: remove left-over BUILD_NVME defines (bsc#1154268).
  o scsi: qedf: Modify abort and tmf handler to handle edge condition and flush
    (bsc#1098291).
  o scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#
    1140729).
  o scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956
    LTC#182054).
  o sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    (networking-stable-19_09_15).
  o sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    (networking-stable-19_09_15).
  o skge: fix checksum byte order (networking-stable-19_09_30).
  o sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
  o sock_diag: request _diag module only when the family or proto has been
    registered (bsc#1152791).
  o staging: bcm2835-audio: Fix draining behavior regression (bsc#1111666).
  o staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
  o staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
    1051510).
  o supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
  o tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
  o tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    (networking-stable-19_09_15).
  o tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
  o tcp: remove empty skb from write queue in error cases
    (networking-stable-19_09_05).
  o thermal: Fix use-after-free when unregistering thermal zone device (bsc#
    1051510).
  o thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
  o tipc: add NULL pointer check before calling kfree_rcu
    (networking-stable-19_09_15).
  o tipc: fix unlimited bundling of small messages
    (networking-stable-19_10_05).
  o tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#
    1151508).
  o tun: fix use-after-free when register netdev failed
    (networking-stable-19_09_15).
  o tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
  o usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on disconnect (bsc#1142635).
  o usb: adutux: fix use-after-free on release (bsc#1051510).
  o usb: chaoskey: fix use-after-free on release (bsc#1051510).
  o usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
  o usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
  o usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).
  o usb: iowarrior: fix use-after-free on release (bsc#1051510).
  o usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
  o usb: ldusb: fix memleak on disconnect (bsc#1051510).
  o usb: ldusb: fix read info leaks (bsc#1051510).
  o usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
  o usb: legousbtower: fix deadlock on disconnect (bsc#1142635).
  o usb: legousbtower: fix memleak on disconnect (bsc#1051510).
  o usb: legousbtower: fix open after failed reset request (bsc#1142635).
  o usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
  o usb: legousbtower: fix slab info leak at probe (bsc#1142635).
  o usb: legousbtower: fix use-after-free on release (bsc#1051510).
  o usb: microtek: fix info-leak at probe (bsc#1142635).
  o usb: serial: fix runtime PM after driver unbind (bsc#1051510).
  o usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#
    1051510).
  o usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
  o usb: serial: option: add Telit FN980 compositions (bsc#1051510).
  o usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
  o usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
  o usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
  o usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
  o usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
  o usb: usblcd: fix I/O after disconnect (bsc#1142635).
  o usb: usblp: fix runtime PM after driver unbind (bsc#1051510).
  o usb: usblp: fix use-after-free on disconnect (bsc#1051510).
  o usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#
    1051510).
  o usb: yurex: Do not retry on unexpected errors (bsc#1051510).
  o usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).
  o usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
  o usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
  o vfio_pci: Restore original state on release (bsc#1051510).
  o vhost_net: conditionally enable tx polling (bsc#1145099).
  o video: of: display_timing: Add of_node_put() in of_get_display_timing()
    (bsc#1051510).
  o vsock: Fix a lockdep warning in __vsock_release()
    (networking-stable-19_10_05).
  o watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#
    1051510).
  o x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
  o x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
    1153969).
  o x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
  o x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
  o xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
  o xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
  o xhci: Check all endpoints for LPM timeout (bsc#1051510).
  o xhci: Fix false warning message about wrong bounce buffer write length (bsc
    #1051510).
  o xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
  o xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
    (bsc#1051510).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2019-2952=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):
       kernel-devel-azure-4.12.14-8.19.1
       kernel-source-azure-4.12.14-8.19.1
  o SUSE Linux Enterprise Module for Public Cloud 15-SP1 (x86_64):
       kernel-azure-4.12.14-8.19.1
       kernel-azure-base-4.12.14-8.19.1
       kernel-azure-base-debuginfo-4.12.14-8.19.1
       kernel-azure-debuginfo-4.12.14-8.19.1
       kernel-azure-devel-4.12.14-8.19.1
       kernel-syms-azure-4.12.14-8.19.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://bugzilla.suse.com/1046299
  o https://bugzilla.suse.com/1046303
  o https://bugzilla.suse.com/1046305
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1050536
  o https://bugzilla.suse.com/1050545
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1061840
  o https://bugzilla.suse.com/1064802
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1066129
  o https://bugzilla.suse.com/1073513
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1086323
  o https://bugzilla.suse.com/1087092
  o https://bugzilla.suse.com/1089644
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1093205
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1097583
  o https://bugzilla.suse.com/1097584
  o https://bugzilla.suse.com/1097585
  o https://bugzilla.suse.com/1097586
  o https://bugzilla.suse.com/1097587
  o https://bugzilla.suse.com/1097588
  o https://bugzilla.suse.com/1098291
  o https://bugzilla.suse.com/1101674
  o https://bugzilla.suse.com/1109158
  o https://bugzilla.suse.com/1111666
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113994
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1123080
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1134303
  o https://bugzilla.suse.com/1135642
  o https://bugzilla.suse.com/1135854
  o https://bugzilla.suse.com/1135873
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1137799
  o https://bugzilla.suse.com/1137861
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1140729
  o https://bugzilla.suse.com/1140845
  o https://bugzilla.suse.com/1140883
  o https://bugzilla.suse.com/1141600
  o https://bugzilla.suse.com/1142635
  o https://bugzilla.suse.com/1142667
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144375
  o https://bugzilla.suse.com/1144449
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145099
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1148410
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1149853
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150875
  o https://bugzilla.suse.com/1151508
  o https://bugzilla.suse.com/1151807
  o https://bugzilla.suse.com/1152033
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1152665
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152696
  o https://bugzilla.suse.com/1152697
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1152790
  o https://bugzilla.suse.com/1152791
  o https://bugzilla.suse.com/1153112
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153236
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153607
  o https://bugzilla.suse.com/1153646
  o https://bugzilla.suse.com/1153681
  o https://bugzilla.suse.com/1153713
  o https://bugzilla.suse.com/1153717
  o https://bugzilla.suse.com/1153718
  o https://bugzilla.suse.com/1153719
  o https://bugzilla.suse.com/1153811
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154108
  o https://bugzilla.suse.com/1154189
  o https://bugzilla.suse.com/1154242
  o https://bugzilla.suse.com/1154268
  o https://bugzilla.suse.com/1154354
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1154521
  o https://bugzilla.suse.com/1154578
  o https://bugzilla.suse.com/1154607
  o https://bugzilla.suse.com/1154608
  o https://bugzilla.suse.com/1154610
  o https://bugzilla.suse.com/1154611
  o https://bugzilla.suse.com/1154651
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154747
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1154956
  o https://bugzilla.suse.com/1155061
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671


===============================================================================

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2019:2953-1
Rating:            important
References:        #1046299 #1046303 #1046305 #1050244 #1050536 #1050545
                   #1051510 #1055186 #1061840 #1064802 #1065600 #1066129
                   #1073513 #1082635 #1083647 #1086323 #1087092 #1089644
                   #1090631 #1093205 #1096254 #1097583 #1097584 #1097585
                   #1097586 #1097587 #1097588 #1098291 #1101674 #1109158
                   #1114279 #1117665 #1119461 #1119465 #1122363 #1123034
                   #1123080 #1127155 #1133140 #1134303 #1135642 #1135854
                   #1135873 #1135967 #1137040 #1137799 #1137861 #1138190
                   #1139073 #1140090 #1140729 #1140845 #1140883 #1141600
                   #1142635 #1142667 #1143706 #1144338 #1144375 #1144449
                   #1144903 #1145099 #1146612 #1148410 #1149119 #1150452
                   #1150457 #1150465 #1150875 #1151225 #1151508 #1151680
                   #1152497 #1152505 #1152506 #1152624 #1152685 #1152782
                   #1152788 #1152791 #1153108 #1153112 #1153158 #1153236
                   #1153263 #1153476 #1153509 #1153646 #1153681 #1153713
                   #1153717 #1153718 #1153719 #1153811 #1153969 #1154108
                   #1154189 #1154354 #1154372 #1154578 #1154607 #1154608
                   #1154610 #1154611 #1154651 #1154737 #1154747 #1154848
                   #1154858 #1154905 #1154956 #1154959 #1155178 #1155179
                   #1155184 #1155186 #1155671 #1155692 #1155812 #1155817
                   #1155836 #1155945 #1155982 #1156187 #919448 #987367 #998153
Cross-References:  CVE-2018-12207 CVE-2019-10220 CVE-2019-11135 CVE-2019-16232
                   CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17055
                   CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18805
Affected Products:
                   SUSE Linux Enterprise Server 12-SP4
______________________________________________________________________________

An update that solves 12 vulnerabilities and has 115 fixes is now available.

Description:

The SUSE Linux Enterprise 15-SP1 Azure Kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:

  o CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a
    race condition in the Instruction Fetch Unit of the Intel CPU to cause a
    Machine Exception during Page Size Change, causing the CPU core to be
    non-functional.


The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in
executable pages by splitting / merging huge pages into small pages as More
information can be found on https://www.suse.com/support/kb/doc/id=7023735
(bnc#1117665 1152505 1155812 1155817 1155945)

  o CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with
    Transactional Memory support could be used to facilitate sidechannel
    information leaks out of microarchitectural buffers, similar to the
    previously described "Microarchitectural Data Sampling" attack.


The Linux kernel was supplemented with the option to disable TSX operation
altogether (requiring CPU Microcode updates on older systems) and better
flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/
support/kb/doc/id=7024251 (bnc#1139073 1152497 1152505 1152506).

  o CVE-2019-18805: There was a signed integer overflow in tcp_ack_update_rtt()
    when userspace writes a very large integer to /proc/sys/net/ipv4/
    tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified
    other impact, aka CID-19fad20d15a6 (bnc#1156187).


  o CVE-2019-17055: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bnc#
    1152782).


  o CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port
    failed to add a port, which may have caused denial of service (bsc#
    1152685).


  o CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the
    alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#
    1150457).


  o CVE-2019-10220: Added sanity checks on the pathnames passed to the user
    space. (bsc#1144903).


  o CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).


  o CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell
    libertas driver (bsc#1150465).


  o CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue
    return value, leading to a NULL pointer dereference. (bsc#1150452).


  o CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE,
    leading to a Buffer Overflow (bsc#1153158).


  o CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,
    which meant that unprivileged users could create a raw socket (bsc#
    1152788).


The following non-security bugs were fixed:

  o /dev/mem: Bail out upon SIGKILL (git-fixes).
  o 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  o ACPI / CPPC: do not require the _PSD method (bsc#1051510).
  o ACPI / processor: do not print errors for processorIDs == 0xff (bsc#
    1051510).
  o ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    (bsc#1051510).
  o act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  o Add kernel module compression support (bsc#1135854) For enabling the kernel
    module compress, add the item COMPRESS_MODULES="xz" in config.sh, then
    mkspec will pass it to the spec file.
  o alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680).
  o ALSA: bebob: Fix prototype of helper function to return negative value (bsc
    #1051510).
  o ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  o ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#
    1051510).
  o ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#
    1051510).
  o ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  o ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#
    1051510).
  o ALSA: hda - Inform too slow responses (bsc#1051510).
  o ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  o ALSA: hda/ca0132 - Fix possible workqueue stall (bsc#1155836).
  o ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#
    1051510).
  o ALSA: hda/realtek - Add support for ALC623 (bsc#1051510).
  o ALSA: hda/realtek - Add support for ALC711 (bsc#1051510).
  o ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#
    1051510).
  o ALSA: hda/realtek - Check beep whitelist before assigning in all codecs
    (bsc#1051510).
  o ALSA: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  o ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).
  o ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#
    1051510).
  o ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#
    1051510).
  o ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).
  o ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).
  o ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
  o ALSA: hda: Flush interrupts on disabling (bsc#1051510).
  o ALSA: hda: Set fifo_size for both playback and capture streams (bsc#
    1051510).
  o ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in
    build_adc_controls() (bsc#1051510).
  o ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  o ALSA: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  o ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  o ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  o ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#
    1051510).
  o appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o arcnet: provide a buffer big enough to actually receive packets
    (networking-stable-19_09_30).
  o ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).
  o ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set
    (bsc#1051510).
  o ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
  o ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).
  o ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  o ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
    (bsc#1051510).
  o ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  o auxdisplay: panel: need to delete scan_timer when misc_register fails in
    panel_attach (bsc#1051510).
  o ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o Blacklist "signal: Correct namespace fixups of si_pid and si_uid" (bsc#
    1142667)
  o blk-wbt: abstract out end IO completion handler (bsc#1135873).
  o blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  o blk-wbt: improve waking of tasks (bsc#1135873).
  o blk-wbt: move disable check into get_limit() (bsc#1135873).
  o blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  o block: add io timeout to sysfs (bsc#1148410).
  o block: do not show io_timeout if driver has no timeout handler (bsc#
    1148410).
  o Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#
    1051510).
  o bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  o bpf: fix use after free in prog symbol exposure (bsc#1083647).
  o bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  o Btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  o btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group
    () (bsc#1155178).
  o Btrfs: check for the full sync flag while holding the inode lock during
    fsync (bsc#1153713).
  o btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#
    1154651).
  o btrfs: Ensure replaced device does not have pending chunk allocation (bsc#
    1154607).
  o btrfs: qgroup: Always free PREALLOC META reserve in
    btrfs_delalloc_release_extents() (bsc#1155179).
  o btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#
    1154651).
  o btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  o btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#
    1155184).
  o can: dev: call netif_carrier_off() in register_candev() (bsc#1051510).
  o can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#
    1051510).
  o can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#
    1051510).
  o cdc_ether: fix rndis support for Mediatek based smartphones
    (networking-stable-19_09_15).
  o cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  o ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  o ceph: reconnect connection if session hang in opening state (bsc#1153718).
  o ceph: update the mtime when truncating up (bsc#1153719).
  o cfg80211: add and use strongly typed element iteration macros (bsc#
    1051510).
  o cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  o clk: at91: select parent if main oscillator or bypass is enabled (bsc#
    1051510).
  o clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  o clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  o clk: zx296718: Do not reference clk_init_data after registration (bsc#
    1051510).
  o crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  o crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  o crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#
    1154737).
  o crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  o crypto: af_alg - remove locking in async callback (bsc#1154737).
  o crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  o crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  o crypto: algif - return error code when no data was processed (bsc#1154737).
  o crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  o crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  o crypto: algif_aead - overhaul memory management (bsc#1154737).
  o crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  o crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  o crypto: talitos - fix missing break in switch statement (bsc#1142635).
  o cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#
    1066129).
  o cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#
    1066129).
  o cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#
    1073513).
  o cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587
    bsc#1097588 bsc#1097583 bsc#1097584).
  o cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  o cxgb4:Fix out-of-bounds MSI-X info array access
    (networking-stable-19_10_05).
  o dmaengine: bcm2835: Print error in case setting DMA mask fails (bsc#
    1051510).
  o dmaengine: imx-sdma: fix size check for sdma script_number (bsc#1051510).
  o drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  o drm/amdgpu/si: fix ASIC tests (git-fixes).
  o drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  o drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  o drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  o drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  o drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  o drm/i915/cmdparser: Ignore Length operands during command matching (bsc#
    1135967)
  o drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  o drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  o drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
  o drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
  o drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
  o drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  o drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  o drm/i915: Allow parsing of unsized batches (bsc#1135967)
  o drm/i915: Disable Secure Batches for gen6+
  o drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  o drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#
    1135967)
  o drm/i915: Remove Master tables from cmdparser
  o drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  o drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
  o drm/msm/dsi: Implement reset correctly (bsc#1051510).
  o drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  o drm/radeon: Fix EEH during kexec (bsc#1051510).
  o drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#
    1051510).
  o drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  o drm: Flush output polling on shutdown (bsc#1051510).
  o e1000e: add workaround for possible stalled packet (bsc#1051510).
  o efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#
    1051510).
  o efi: cper: print AER info of PCIe fatal error (bsc#1051510).
  o efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified
    (bsc#1051510).
  o firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices
    (git-fixes).
  o gpu: drm: radeon: Fix a possible null-pointer dereference in
    radeon_connector_set_property() (bsc#1051510).
  o HID: apple: Fix stuck function keys when using FN (bsc#1051510).
  o HID: fix error message in hid_open_report() (bsc#1051510).
  o HID: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  o HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  o HID: logitech: Fix general protection fault caused by Logitech driver (bsc#
    1051510).
  o HID: prodikeys: Fix general protection fault during probe (bsc#1051510).
  o HID: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  o hso: fix NULL-deref on tty open (bsc#1051510).
  o hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
    (bsc#1051510).
  o hwrng: core - do not wait on add_early_randomness() (git-fixes).
  o hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221,
    jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  o i2c: riic: Clear NACK in tend isr (bsc#1051510).
  o IB/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  o IB/core: Add mitigation for Spectre V1 (bsc#1155671)
  o IB/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  o IB/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  o IB/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  o IB/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  o ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  o ieee802154: ca8210: prevent memory leak (bsc#1051510).
  o ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o iio: adc: ad799x: fix probe error handling (bsc#1051510).
  o iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  o ima: always return negative code for error (bsc#1051510).
  o Input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
  o Input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  o integrity: prevent deadlock during digsig verification (bsc#1090631).
  o iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    (bsc#1137799).
  o iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  o iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  o iommu/amd: Remove domain->updated (bsc#1154610).
  o iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#
    1154611).
  o ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#
    1051510).
  o ipv6: drop incoming packets having a v4mapped source address
    (networking-stable-19_10_05).
  o ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
    (networking-stable-19_09_15).
  o ipv6: Handle missing host route in __ipv6_ifa_notify
    (networking-stable-19_10_05).
  o iwlwifi: do not panic in error path on non-msix systems (bsc#1155692).
  o ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#
    1101674).
  o ixgbe: sync the first fragment unconditionally (bsc#1133140).
  o kABI workaround for crypto/af_alg changes (bsc#1154737).
  o kABI workaround for drm_vma_offset_node readonly field addition (bsc#
    1135967)
  o kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).
  o kabi/severities: Whitelist functions internal to radix mm. To call these
    functions you have to first detect if you are running in radix mm mode
    which can't be expected of OOT code.
  o kabi: net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).
  o kernel-binary.spec.in: Obsolete kgraft packages only when not building
    them.
  o kernel-binary: check also bzImage on s390/s390x Starting with 4.19-rc1,
    uncompressed image is no longer built on s390x. If file "image" is not
    found in arch/s390/boot after the build, try bzImage instead. For now,
    install bzImage under the name image-* until we know grub2 and our grub2
    scripts can handle correct name.
  o kernel-subpackage-build: create zero size ghost for uncompressed vmlinux
    (bsc#1154354). It is not strictly necessary to uncompress it so maybe the
    ghost file can be 0 size in this case.
  o kernel/sysctl.c: do not override max_threads provided by userspace (bnc#
    1150875).
  o ksm: cleanup stable_node chain collapse case (bnc#1144338).
  o ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
  o ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#
    1144338).
  o ksm: optimize refile of stable_node_dup at the head of the chain (bnc#
    1144338).
  o ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
  o kvm: Convert kvm_lock to a mutex (bsc#1117665).
  o KVM: MMU: drop vcpu param in gpte_access (bsc#1117665).
  o KVM: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#
    1061840).
  o KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc
    #1117665).
  o kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#
    1117665).
  o KVM: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#
    1117665).
  o KVM: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).
  o KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).
  o kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).
  o KVM: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).
  o KVM: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).
  o lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).
  o libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).
  o mac80211: accept deauth frames in IBSS mode (bsc#1051510).
  o mac80211: fix txq null pointer dereference (bsc#1051510).
  o mac80211: Reject malformed SSID elements (bsc#1051510).
  o macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).
  o md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#
    1140090).
  o md/raid0: fix warning message for parameter default_layout (bsc#1140090).
  o media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).
  o media: cpia2_usb: fix memory leaks (bsc#1051510).
  o media: dvb-core: fix a memory leak bug (bsc#1051510).
  o media: exynos4-is: fix leaked of_node references (bsc#1051510).
  o media: gspca: zero usb_buf on error (bsc#1051510).
  o media: hdpvr: Add device num check and handling (bsc#1051510).
  o media: hdpvr: add terminating 0 at end of string (bsc#1051510).
  o media: i2c: ov5645: Fix power sequence (bsc#1051510).
  o media: iguanair: add sanity checks (bsc#1051510).
  o media: omap3isp: Do not set streaming state on random subdevs (bsc#
    1051510).
  o media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).
  o media: ov9650: add a sanity check (bsc#1051510).
  o media: radio/si470x: kill urb on error (bsc#1051510).
  o media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate()
    (bsc#1051510).
  o media: saa7146: add cleanup in hexium_attach() (bsc#1051510).
  o media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).
  o media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).
  o media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).
  o memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc
    #1051510).
  o mfd: intel-lpss: Remove D3cold delay (bsc#1051510).
  o mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  o mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).
  o mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).
  o mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).
  o mmc: sdhci: improve ADMA error reporting (bsc#1051510).
  o Move the upstreamed ath6kl fix into the sorted section
  o Move the upstreamed cfg80211 fix into the sorted section
  o net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495,
    ltc#165544, git-fixes).
  o net/mlx4_en: fix a memory leak bug (bsc#1046299).
  o net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).
  o net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).
  o net/phy: fix DP83865 10 Mbps HDX loopback disable function
    (networking-stable-19_09_30).
  o net/rds: Fix error handling in rds_ib_add_one()
    (networking-stable-19_10_05).
  o net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
  o net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
  o net/sched: act_sample: do not push mac header on ip6gre ingress
    (networking-stable-19_09_30).
  o net/smc: fix SMCD link group creation with VLAN id (bsc#1154959).
  o net: Fix null de-reference of device refcount (networking-stable-19_09_15).
  o net: fix skb use after free in netpoll (networking-stable-19_09_05).
  o net: gso: Fix skb_segment splat when splitting gso_size mangled skb having
    linear-headed frag_list (networking-stable-19_09_15).
  o net: openvswitch: free vport unless register_netdevice() succeeds
    (git-fixes).
  o net: qlogic: Fix memory leak in ql_alloc_large_buffers
    (networking-stable-19_10_05).
  o net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
  o net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
  o net: sched: act_sample: fix psample group handling on overwrite
    (networking-stable-19_09_05).
  o net: stmmac: dwmac-rk: Do not fail if phy regulator is absent
    (networking-stable-19_09_05).
  o net: Unpublish sk from sk_reuseport_cb before call_rcu
    (networking-stable-19_10_05).
  o netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
  o net_sched: add policy validation for action attributes
    (networking-stable-19_09_30).
  o net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
  o NFC: fix attrs checks in netlink interface (bsc#1051510).
  o nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).
  o NFC: pn533: fix use-after-free and memleaks (bsc#1051510).
  o NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
  o nl80211: fix null pointer dereference (bsc#1051510).
  o objtool: Clobber user CFLAGS variable (bsc#1153236).
  o openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC
    (networking-stable-19_09_30).
  o packaging: add support for riscv64
  o Parametrize kgraft vs livepatch.
  o PCI: Correct pci=resource_alignment parameter example (bsc#1051510).
  o PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).
  o PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#
    1153263).
  o PCI: PM: Fix pci_power_up() (bsc#1051510).
  o pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).
  o platform/x86: classmate-laptop: remove unused variable (bsc#1051510).
  o platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI
    table (bsc#1051510).
  o power: supply: sysfs: ratelimit property read error message (bsc#1051510).
  o powerpc/64s/pseries: radix flush translations before MMU is enabled at boot
    (bsc#1055186).
  o powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates
    (bsc#1055186).
  o powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).
  o powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc
    #1055186).
  o powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).
  o powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#
    1055186).
  o powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline
    (bsc#1055186).
  o powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).
  o powerpc/mm: Properly invalidate when setting process table base (bsc#
    1055186).
  o powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#
    1153112 ltc#181778).
  o powerpc/pseries: Export maximum memory value (bsc#1122363).
  o powerpc/pseries: Export raw per-CPU VPA data via debugfs ().
  o powerpc/pseries: Remove confusing warning message (bsc#1109158).
  o powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc
    #181778).
  o Pull packaging cleanup from mkubecek.
  o qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#
    1050545).
  o qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).
  o qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).
  o qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#
    1050536 bsc#1050545).
  o qmi_wwan: add support for Cinterion CLS8 devices
    (networking-stable-19_10_05).
  o r8152: Set macpassthru in reset_resume callback (bsc#1051510).
  o RDMA/bnxt_re: Fix spelling mistake "missin_resp" -> "missing_resp" (bsc#
    1050244).
  o RDMA: Fix goto target to release the allocated memory (bsc#1050244).
  o rds: Fix warning (bsc#1154848).
  o README.BRANCH: Add Denis as branch maintainer
  o reiserfs: fix extended attributes on the root directory (bsc#1151225).
  o Revert "ALSA: hda: Flush interrupts on disabling" (bsc#1051510).
  o Revert "drm/radeon: Fix EEH during kexec" (bsc#1051510).
  o Revert "Revert "rpm/kernel-binary.spec.in: rename kGraft to KLP ()"" This
    reverts commit 468af43c8fd8509820798b6d8ed363fc417ca939 Should get this
    rename again with next SLE15 merge.
  o Revert synaptics-rmi4 patch due to regression (bsc#1155982) Also
    blacklisting it
  o rpm/constraints.in: lower disk space required for ARM With a requirement of
    35GB, only 2 slow workers are usable for ARM. Current aarch64 build
    requires 27G and armv6/7 requires 14G. Set requirements respectively to
    30GB and 20GB.
  o rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no
    reason to lock down the dtb directory for ordinary users.
  o rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE
    kernel RT and Azure variants are excluded for the moment. (bsc#1141600)
  o rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo.
  o rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in
    5.2.
  o rpm/kernel-binary.spec.in: support partial rt debug config.
  o rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description
    (bsc#1149119).
  o rpm/macros.kernel-source: KMPs should depend on kmod-compat to build.
    kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and
    find-supplements.ksyms in rpm-config-SUSE.
  o rpm/mkspec: Correct tarball URL for rc kernels.
  o rpm/mkspec: Make building DTBs optional.
  o rpm/modflist: Simplify compression support.
  o rpm: raise required disk space for binary packages Current disk space
    constraints (10 GB on s390x, 25 GB on other architectures) no longer
    suffice for 5.3 kernel builds. The statistics show ~30 GB of disk
    consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB
    in general and 14 GB on s390x.
  o rpm: support compressed modules Some of our scripts and scriptlets in rpm/
    do not expect module files not ending with ".ko" which currently leads to
    failure in preuninstall scriptlet of cluster-md-kmp-default (and probably
    also other subpackages). Let those which could be run on compressed module
    files recognize ".ko.xz" in addition to ".ko".
  o rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).
  o s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
  o s390/cpumsf: Check for CPU Measurement sampling (bsc#1153681 LTC#181855).
  o s390/crypto: fix gcm-aes-s390 selftest failures (bsc#1137861 LTC#178091).
  o sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
  o sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
    (networking-stable-19_10_05).
  o sch_dsmark: fix potential NULL deref in dsmark_init()
    (networking-stable-19_10_05).
  o sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
    (networking-stable-19_09_15).
  o sch_netem: fix a divide by zero in tabledist()
    (networking-stable-19_09_30).
  o scripts/arch-symbols: add missing link.
  o scsi: lpfc: Fix devices that do not return after devloss followed by
    rediscovery (bsc#1137040).
  o scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute
    (bsc#1140845).
  o scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#
    1140883).
  o scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).
  o scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).
  o scsi: qedf: Modify abort and tmf handler to handle edge condition and flush
    (bsc#1098291).
  o scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706
    bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc
    #1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635
    bsc#1123034).
  o scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#
    1143706 bsc#1082635 bsc#1123034).
  o scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc
    #1082635 bsc#1123034).
  o scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc
    #1123034).
  o scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#
    1123034).
  o scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#
    1082635 bsc#1123034).
  o scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#
    1140729).
  o scsi: zfcp: fix reaction on bit error threshold notification (bsc#1154956
    LTC#182054).
  o sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
    (networking-stable-19_09_15).
  o sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
    (networking-stable-19_09_15).
  o Sign non-x86 kernels when possible (boo#1134303)
  o skge: fix checksum byte order (networking-stable-19_09_30).
  o sock_diag: fix autoloading of the raw_diag module (bsc#1152791).
  o sock_diag: request _diag module only when the family or proto has been
    registered (bsc#1152791).
  o staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).
  o staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#
    1051510).
  o supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
  o tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).
  o tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
    (networking-stable-19_09_15).
  o tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).
  o tcp: remove empty skb from write queue in error cases
    (networking-stable-19_09_05).
  o thermal: Fix use-after-free when unregistering thermal zone device (bsc#
    1051510).
  o thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).
  o tipc: add NULL pointer check before calling kfree_rcu
    (networking-stable-19_09_15).
  o tipc: fix unlimited bundling of small messages
    (networking-stable-19_10_05).
  o tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#
    1151508).
  o tun: fix use-after-free when register netdev failed
    (networking-stable-19_09_15).
  o tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
  o tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).
  o USB: adutux: fix NULL-derefs on disconnect (bsc#1142635).
  o USB: adutux: fix use-after-free on disconnect (bsc#1142635).
  o USB: adutux: fix use-after-free on release (bsc#1051510).
  o USB: chaoskey: fix use-after-free on release (bsc#1051510).
  o USB: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).
  o usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bsc#1051510).
  o USB: iowarrior: fix use-after-free after driver unbind (bsc#1051510).
  o USB: iowarrior: fix use-after-free on disconnect (bsc#1051510).
  o USB: iowarrior: fix use-after-free on release (bsc#1051510).
  o USB: ldusb: fix control-message timeout (bsc#1051510).
  o USB: ldusb: fix memleak on disconnect (bsc#1051510).
  o USB: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
  o USB: ldusb: fix read info leaks (bsc#1051510).
  o USB: ldusb: fix ring-buffer locking (bsc#1051510).
  o USB: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
  o USB: legousbtower: fix deadlock on disconnect (bsc#1142635).
  o USB: legousbtower: fix memleak on disconnect (bsc#1051510).
  o USB: legousbtower: fix open after failed reset request (bsc#1142635).
  o USB: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).
  o USB: legousbtower: fix slab info leak at probe (bsc#1142635).
  o USB: legousbtower: fix use-after-free on release (bsc#1051510).
  o USB: microtek: fix info-leak at probe (bsc#1142635).
  o USB: serial: fix runtime PM after driver unbind (bsc#1051510).
  o USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#
    1051510).
  o USB: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).
  o USB: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).
  o USB: serial: option: add Telit FN980 compositions (bsc#1051510).
  o USB: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
  o USB: serial: whiteheat: fix potential slab corruption (bsc#1051510).
  o usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
  o USB: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).
  o USB: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).
  o USB: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).
  o USB: usblcd: fix I/O after disconnect (bsc#1142635).
  o USB: usblp: fix runtime PM after driver unbind (bsc#1051510).
  o USB: usblp: fix use-after-free on disconnect (bsc#1051510).
  o usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#
    1051510).
  o USB: yurex: Do not retry on unexpected errors (bsc#1051510).
  o USB: yurex: fix NULL-derefs on disconnect (bsc#1051510).
  o usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).
  o usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).
  o vfio_pci: Restore original state on release (bsc#1051510).
  o vhost_net: conditionally enable tx polling (bsc#1145099).
  o vhost_net: conditionally enable tx polling (bsc#1145099).
  o video: of: display_timing: Add of_node_put() in of_get_display_timing()
    (bsc#1051510).
  o vsock: Fix a lockdep warning in __vsock_release()
    (networking-stable-19_10_05).
  o watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#
    1051510).
  o x86/asm: Fix MWAITX C-state hint value (bsc#1114279).
  o x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#
    1153969).
  o x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
  o x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).
  o xen-netfront: do not use ~0U as error return value for xennet_fill_frags()
    (bsc#1065600).
  o xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).
  o xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).
  o xen/xenbus: fix self-deadlock after killing user process (bsc#1065600).
  o xhci: Check all endpoints for LPM timeout (bsc#1051510).
  o xhci: Fix false warning message about wrong bounce buffer write length (bsc
    #1051510).
  o xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).
  o xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
    (bsc#1051510).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server 12-SP4:
    zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2953=1

Package List:

  o SUSE Linux Enterprise Server 12-SP4 (noarch):
       kernel-devel-azure-4.12.14-6.29.1
       kernel-source-azure-4.12.14-6.29.1
  o SUSE Linux Enterprise Server 12-SP4 (x86_64):
       kernel-azure-4.12.14-6.29.1
       kernel-azure-base-4.12.14-6.29.1
       kernel-azure-base-debuginfo-4.12.14-6.29.1
       kernel-azure-debuginfo-4.12.14-6.29.1
       kernel-azure-debugsource-4.12.14-6.29.1
       kernel-azure-devel-4.12.14-6.29.1
       kernel-syms-azure-4.12.14-6.29.1


References:

  o https://www.suse.com/security/cve/CVE-2018-12207.html
  o https://www.suse.com/security/cve/CVE-2019-10220.html
  o https://www.suse.com/security/cve/CVE-2019-11135.html
  o https://www.suse.com/security/cve/CVE-2019-16232.html
  o https://www.suse.com/security/cve/CVE-2019-16233.html
  o https://www.suse.com/security/cve/CVE-2019-16234.html
  o https://www.suse.com/security/cve/CVE-2019-16995.html
  o https://www.suse.com/security/cve/CVE-2019-17055.html
  o https://www.suse.com/security/cve/CVE-2019-17056.html
  o https://www.suse.com/security/cve/CVE-2019-17133.html
  o https://www.suse.com/security/cve/CVE-2019-17666.html
  o https://www.suse.com/security/cve/CVE-2019-18805.html
  o https://bugzilla.suse.com/1046299
  o https://bugzilla.suse.com/1046303
  o https://bugzilla.suse.com/1046305
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1050536
  o https://bugzilla.suse.com/1050545
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1061840
  o https://bugzilla.suse.com/1064802
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1066129
  o https://bugzilla.suse.com/1073513
  o https://bugzilla.suse.com/1082635
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1086323
  o https://bugzilla.suse.com/1087092
  o https://bugzilla.suse.com/1089644
  o https://bugzilla.suse.com/1090631
  o https://bugzilla.suse.com/1093205
  o https://bugzilla.suse.com/1096254
  o https://bugzilla.suse.com/1097583
  o https://bugzilla.suse.com/1097584
  o https://bugzilla.suse.com/1097585
  o https://bugzilla.suse.com/1097586
  o https://bugzilla.suse.com/1097587
  o https://bugzilla.suse.com/1097588
  o https://bugzilla.suse.com/1098291
  o https://bugzilla.suse.com/1101674
  o https://bugzilla.suse.com/1109158
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1117665
  o https://bugzilla.suse.com/1119461
  o https://bugzilla.suse.com/1119465
  o https://bugzilla.suse.com/1122363
  o https://bugzilla.suse.com/1123034
  o https://bugzilla.suse.com/1123080
  o https://bugzilla.suse.com/1127155
  o https://bugzilla.suse.com/1133140
  o https://bugzilla.suse.com/1134303
  o https://bugzilla.suse.com/1135642
  o https://bugzilla.suse.com/1135854
  o https://bugzilla.suse.com/1135873
  o https://bugzilla.suse.com/1135967
  o https://bugzilla.suse.com/1137040
  o https://bugzilla.suse.com/1137799
  o https://bugzilla.suse.com/1137861
  o https://bugzilla.suse.com/1138190
  o https://bugzilla.suse.com/1139073
  o https://bugzilla.suse.com/1140090
  o https://bugzilla.suse.com/1140729
  o https://bugzilla.suse.com/1140845
  o https://bugzilla.suse.com/1140883
  o https://bugzilla.suse.com/1141600
  o https://bugzilla.suse.com/1142635
  o https://bugzilla.suse.com/1142667
  o https://bugzilla.suse.com/1143706
  o https://bugzilla.suse.com/1144338
  o https://bugzilla.suse.com/1144375
  o https://bugzilla.suse.com/1144449
  o https://bugzilla.suse.com/1144903
  o https://bugzilla.suse.com/1145099
  o https://bugzilla.suse.com/1146612
  o https://bugzilla.suse.com/1148410
  o https://bugzilla.suse.com/1149119
  o https://bugzilla.suse.com/1150452
  o https://bugzilla.suse.com/1150457
  o https://bugzilla.suse.com/1150465
  o https://bugzilla.suse.com/1150875
  o https://bugzilla.suse.com/1151225
  o https://bugzilla.suse.com/1151508
  o https://bugzilla.suse.com/1151680
  o https://bugzilla.suse.com/1152497
  o https://bugzilla.suse.com/1152505
  o https://bugzilla.suse.com/1152506
  o https://bugzilla.suse.com/1152624
  o https://bugzilla.suse.com/1152685
  o https://bugzilla.suse.com/1152782
  o https://bugzilla.suse.com/1152788
  o https://bugzilla.suse.com/1152791
  o https://bugzilla.suse.com/1153108
  o https://bugzilla.suse.com/1153112
  o https://bugzilla.suse.com/1153158
  o https://bugzilla.suse.com/1153236
  o https://bugzilla.suse.com/1153263
  o https://bugzilla.suse.com/1153476
  o https://bugzilla.suse.com/1153509
  o https://bugzilla.suse.com/1153646
  o https://bugzilla.suse.com/1153681
  o https://bugzilla.suse.com/1153713
  o https://bugzilla.suse.com/1153717
  o https://bugzilla.suse.com/1153718
  o https://bugzilla.suse.com/1153719
  o https://bugzilla.suse.com/1153811
  o https://bugzilla.suse.com/1153969
  o https://bugzilla.suse.com/1154108
  o https://bugzilla.suse.com/1154189
  o https://bugzilla.suse.com/1154354
  o https://bugzilla.suse.com/1154372
  o https://bugzilla.suse.com/1154578
  o https://bugzilla.suse.com/1154607
  o https://bugzilla.suse.com/1154608
  o https://bugzilla.suse.com/1154610
  o https://bugzilla.suse.com/1154611
  o https://bugzilla.suse.com/1154651
  o https://bugzilla.suse.com/1154737
  o https://bugzilla.suse.com/1154747
  o https://bugzilla.suse.com/1154848
  o https://bugzilla.suse.com/1154858
  o https://bugzilla.suse.com/1154905
  o https://bugzilla.suse.com/1154956
  o https://bugzilla.suse.com/1154959
  o https://bugzilla.suse.com/1155178
  o https://bugzilla.suse.com/1155179
  o https://bugzilla.suse.com/1155184
  o https://bugzilla.suse.com/1155186
  o https://bugzilla.suse.com/1155671
  o https://bugzilla.suse.com/1155692
  o https://bugzilla.suse.com/1155812
  o https://bugzilla.suse.com/1155817
  o https://bugzilla.suse.com/1155836
  o https://bugzilla.suse.com/1155945
  o https://bugzilla.suse.com/1155982
  o https://bugzilla.suse.com/1156187
  o https://bugzilla.suse.com/919448
  o https://bugzilla.suse.com/987367
  o https://bugzilla.suse.com/998153

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXcymRWaOgq3Tt24GAQgijA/9Gg++TgiQiL5uX6E5bHPrCmuQtg0Ussgr
xuKqxqCAV3boaLL2Vo22T++hU80MNCqfDFpOBcmYHG3cFyrWzKEpS75FJLANhSFC
phYLpgatWpA25DM/RO3D6Ms30v1YGiQwzyRHabG1IddrgpBo4XbEEvuv23spDlSl
2RglBiet6ndrCJ9DUzD6qK6QHBOsiayNNRb9TorNnPNt62I7kGlEBkSou1nZv9Gk
Lh+xRafW7bSRg20M4+13gTsfF0F2gJFKGzsbGDTvn0KUh96RLmJy0roDND2TQPmI
YdeLaqMw0XKny7cEnW9ecGDErHqoXP2OIAzmL5nqmYwVgMTHdfnZUEj1HipA+177
mRnI/yiK23hRYu3p514sltqmpj39gv0SxqfAI9d4VPmJ2aDhVo8nv2cs35KwkUK0
P3sqg9ZTW+3IsVqb2Klf4tg+rmR7HldaVNvB0y5fDJQuyDKQmnSLOnm8lsEXG410
YTuiccrLHzJZ53m6o5QZuUK03eU57TyxM24Tv+/XEJpVHLqTv89OybWbHEjudHEx
S7PyMOTSjqVd3SHv0vJvnWfIeiHXAhhJtVKohu/RFUTDO4l2ybM0xyrxp8B1obP7
ENmCdLw9WSjIDL7sgtxugHbTfyix0y+oPi7udUmGqyvDFC59/lIly5+NdjLxC5sY
cT5dc9tyYyA=
=/Bcx
-----END PGP SIGNATURE-----