-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3516
                   Security updates for the Linux Kernel
                              14 October 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           linux kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Root Compromise          -- Existing Account      
                   Denial of Service        -- Remote/Unauthenticated
                   Access Confidential Data -- Existing Account      
                   Unauthorised Access      -- Existing Account      
                   Reduced Security         -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-26088 CVE-2020-25643 CVE-2020-25641
                   CVE-2020-25284 CVE-2020-25212 CVE-2020-14390
                   CVE-2020-14385 CVE-2020-14381 CVE-2020-0432
                   CVE-2020-0431 CVE-2020-0427 CVE-2020-0404
                   CVE-2019-25643  

Reference:         ESB-2020.3505
                   ESB-2020.3341
                   ESB-2020.3268
                   ESB-2020.3236

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20202908-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202906-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202904-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202907-1
   https://www.suse.com/support/update/announcement/2020/suse-su-20202905-1

Comment: This bulletin contains five (5) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2908-1
Rating:            important
References:        #1055186 #1058115 #1065600 #1065729 #1094244 #1152472
                   #1152489 #1153274 #1154353 #1155518 #1156395 #1167527
                   #1170774 #1171068 #1171688 #1171742 #1172757 #1173017
                   #1173115 #1173746 #1174358 #1174899 #1175749 #1175882
                   #1176019 #1176038 #1176137 #1176235 #1176236 #1176237
                   #1176242 #1176278 #1176357 #1176358 #1176359 #1176360
                   #1176361 #1176362 #1176363 #1176364 #1176365 #1176366
                   #1176367 #1176381 #1176423 #1176449 #1176482 #1176486
                   #1176507 #1176536 #1176537 #1176538 #1176539 #1176540
                   #1176541 #1176542 #1176544 #1176545 #1176546 #1176548
                   #1176558 #1176559 #1176587 #1176659 #1176698 #1176699
                   #1176700 #1176721 #1176722 #1176725 #1176732 #1176763
                   #1176775 #1176788 #1176789 #1176833 #1176869 #1176877
                   #1176925 #1176962 #1176980 #1176990 #1177021 #1177030
Cross-References:  CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432
                   CVE-2020-14385 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284
                   CVE-2020-26088
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 15-SP2
______________________________________________________________________________

An update that solves 9 vulnerabilities and has 75 fixes is now available.

Description:

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:

  o CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation
    could have been used by local attackers to create raw sockets, bypassing
    security mechanisms (bsc#1176990).
  o CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size (bnc#1176235).
  o CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc
    #1176721).
  o CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#
    1176725).
  o CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check
    (bsc#1176722).
  o CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause
    (bsc#1176423).
  o CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#
    1176381).
  o CVE-2020-25284: Fixed an incomplete permission checking for access to rbd
    devices, which could have been leveraged by local attackers to map or unmap
    rbd block devices (bsc#1176482).
  o CVE-2020-14385: Fixed a failure of the file system metadata validator in
    XFS which could have caused an inode with a valid, user-creatable extended
    attribute to be flagged as corrupt (bsc#1176137).


The following non-security bugs were fixed:

  o ALSA: asihpi: fix iounmap in error handler (git-fixes).
  o ALSA: ca0106: fix error code handling (git-fixes).
  o ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  o ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  o ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  o ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    (git-fixes).
  o ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO
    (git-fixes).
  o ALSA: hda: fixup headset for ASUS GX502 laptop (git-fixes).
  o ALSA: hda: hdmi - add Rocketlake support (git-fixes).
  o ALSA: hda/hdmi: always check pin power status in i915 pin fixup
    (git-fixes).
  o ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    (git-fixes).
  o ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged
    (git-fixes).
  o ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation
    P520 (git-fixes).
  o ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    (git-fixes).
  o ALSA: hda/realtek - The Mic on a RedmiBook does not work (git-fixes).
  o ALSA: hda/tegra: Program WAKEEN register for Tegra (git-fixes).
  o ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
    (git-fixes).
  o ALSA: usb-audio: Add basic capture support for Pioneer DJ DJM-250MK2
    (git-fixes).
  o ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes).
  o ALSA: usb-audio: Add implicit feedback quirk for UR22C (git-fixes).
  o ALSA: usb-audio: Disable autosuspend for Lenovo ThinkStation P620
    (git-fixes).
  o arm64: paravirt: Initialize steal time when cpu is online (bsc#1176833).
  o ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt (git-fixes).
  o ASoC: img-parallel-out: Fix a reference count leak (git-fixes).
  o ASoC: meson: axg-toddr: fix channel order on g12 platforms (git-fixes).
  o ASoC: qcom: common: Fix refcount imbalance on error (git-fixes).
  o ASoC: qcom: Set card->owner to avoid warnings (git-fixes).
  o ASoC: SOF: Intel: add PCI ID for CometLake-S (git-fixes).
  o ASoC: tegra: Fix reference count leaks (git-fixes).
  o ata: ahci: use ata_link_info() instead of ata_link_printk() (jsc#
    SLE-14459).
  o batman-adv: Add missing include for in_interrupt() (git-fixes).
  o batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  o batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  o batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
  o batman-adv: Fix own OGM check in aggregated OGMs (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
    (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN
    (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    (git-fixes).
  o batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  o bcache: Convert pr_ uses to a more typical style (git fixes (block
    drivers)).
  o bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes
    (bitfield)).
  o blktrace: fix debugfs use after free (git fixes (block drivers)).
  o block: add docs for gendisk / request_queue refcount helpers (git fixes
    (block drivers)).
  o block: revert back to synchronous request_queue removal (git fixes (block
    drivers)).
  o block: Use non _rcu version of list functions for tag_set_list (git-fixes).
  o Bluetooth: btrtl: Add support for RTL8761B (bsc#1177021).
  o bnxt: do not enable NAPI until rings are ready (git-fixes).
  o bnxt_en: Check for zero dir entries in NVRAM (git-fixes).
  o bnxt_en: Do not query FW when netif_running() is false (git-fixes).
  o bnxt_en: Fix completion ring sizing with TPA enabled
    (networking-stable-20_07_29).
  o bnxt_en: fix HWRM error when querying VF temperature (git-fixes).
  o bnxt_en: Fix PCI AER error recovery flow (git-fixes).
  o bnxt_en: Fix possible crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#
    1153274).
  o bnxt_en: Fix race when modifying pause settings
    (networking-stable-20_07_29).
  o bonding: check error value of register_netdevice() immediately
    (networking-stable-20_07_29).
  o bonding: check return value of register_netdevice() in bond_newlink()
    (networking-stable-20_07_29).
  o bonding: fix a potential double-unregister (git-fixes).
  o bpf: Fix a rcu warning for bpffs map pretty-print (bsc#1155518).
  o bpf: map_seq_next should always increase position index (bsc#1155518).
  o btrfs: add a leak check for roots (bsc#1176019).
  o btrfs: add __cold attribute to more functions (bsc#1176019).
  o btrfs: add dedicated members for start and length of a block group (bsc#
    1176019).
  o btrfs: Add read_backup_root (bsc#1176019).
  o btrfs: block-group: Refactor btrfs_read_block_groups() (bsc#1176019).
  o btrfs: block-group: Reuse the item key from caller of read_one_block_group
    () (bsc#1176019).
  o btrfs: Cleanup and simplify find_newest_super_backup (bsc#1176019).
  o btrfs: clear DEAD_RELOC_TREE before dropping the reloc root (bsc#1176019).
  o btrfs: do not init a reloc root if we are not relocating (bsc#1176019).
  o btrfs: Do not use objectid_mutex during mount (bsc#1176019).
  o btrfs: drop block from cache on error in relocation (bsc#1176019).
  o btrfs: drop create parameter to btrfs_get_extent() (bsc#1176019).
  o btrfs: drop unused parameter is_new from btrfs_iget (bsc#1176019).
  o btrfs: export and rename free_fs_info (bsc#1176019).
  o btrfs: export and use btrfs_read_tree_root for tree-log (bsc#1176019).
  o btrfs: Factor out tree roots initialization during mount (bsc#1176019).
  o btrfs: fix setting last_trans for reloc roots (bsc#1176019).
  o btrfs: free more things in btrfs_free_fs_info (bsc#1176019).
  o btrfs: free the reloc_control in a consistent way (bsc#1176019).
  o btrfs: handle NULL roots in btrfs_put/btrfs_grab_fs_root (bsc#1176019).
  o btrfs: hold a ref for the root in btrfs_find_orphan_roots (bsc#1176019).
  o btrfs: hold a ref on fs roots while they're in the radix tree (bsc#
    1176019).
  o btrfs: hold a ref on the root in btrfs_check_uuid_tree_entry (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_ioctl_get_subvol_info (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_ioctl_send (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_recover_log_trees (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_recover_relocation (bsc#1176019).
  o btrfs: hold a ref on the root in __btrfs_run_defrag_inode (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_search_path_in_tree (bsc#1176019).
  o btrfs: hold a ref on the root in btrfs_search_path_in_tree_user (bsc#
    1176019).
  o btrfs: hold a ref on the root in build_backref_tree (bsc#1176019).
  o btrfs: hold a ref on the root in create_pending_snapshot (bsc#1176019).
  o btrfs: hold a ref on the root in create_reloc_inode (bsc#1176019).
  o btrfs: hold a ref on the root in create_subvol (bsc#1176019).
  o btrfs: hold a ref on the root in find_data_references (bsc#1176019).
  o btrfs: hold a ref on the root in fixup_tree_root_location (bsc#1176019).
  o btrfs: hold a ref on the root in get_subvol_name_from_objectid (bsc#
    1176019).
  o btrfs: hold a ref on the root in merge_reloc_roots (bsc#1176019).
  o btrfs: hold a ref on the root in open_ctree (bsc#1176019).
  o btrfs: hold a ref on the root in prepare_to_merge (bsc#1176019).
  o btrfs: hold a ref on the root in record_reloc_root_in_trans (bsc#1176019).
  o btrfs: hold a ref on the root in resolve_indirect_ref (bsc#1176019).
  o btrfs: hold a ref on the root in scrub_print_warning_inode (bsc#1176019).
  o btrfs: hold a ref on the root in search_ioctl (bsc#1176019).
  o btrfs: hold a ref on the root->reloc_root (bsc#1176019).
  o btrfs: hold a root ref in btrfs_get_dentry (bsc#1176019).
  o btrfs: hold ref on root in btrfs_ioctl_default_subvol (bsc#1176019).
  o btrfs: implement full reflink support for inline extents (bsc#1176019).
  o btrfs: make btrfs_find_orphan_roots use btrfs_get_fs_root (bsc#1176019).
  o btrfs: make relocation use btrfs_read_tree_root() (bsc#1176019).
  o btrfs: make the fs root init functions static (bsc#1176019).
  o btrfs: make the init of static elements in fs_info separate (bsc#1176019).
  o btrfs: move all reflink implementation code into its own file (bsc#
    1176019).
  o btrfs: move block_group_item::flags to block group (bsc#1176019).
  o btrfs: move block_group_item::used to block group (bsc#1176019).
  o btrfs: move fs_info init work into it's own helper function (bsc#1176019).
  o btrfs: move fs root init stuff into btrfs_init_fs_root (bsc#1176019).
  o btrfs: open code btrfs_read_fs_root_no_name (bsc#1176019).
  o btrfs: push btrfs_grab_fs_root into btrfs_get_fs_root (bsc#1176019).
  o btrfs: push grab_fs_root into read_fs_root (bsc#1176019).
  o btrfs: push __setup_root into btrfs_alloc_root (bsc#1176019).
  o btrfs: reloc: clean dirty subvols if we fail to start a transaction (bsc#
    1176019).
  o btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1176019).
  o btrfs: Remove block_rsv parameter from btrfs_drop_snapshot (bsc#1176019).
  o btrfs: remove btrfs_read_fs_root, not used anymore (bsc#1176019).
  o btrfs: remove embedded block_group_cache::item (bsc#1176019).
  o btrfs: Remove newest_gen argument from find_oldest_super_backup (bsc#
    1176019).
  o btrfs: Remove unused next_root_backup function (bsc#1176019).
  o btrfs: rename block_group_item on-stack accessors to follow naming (bsc#
    1176019).
  o btrfs: rename btrfs_block_group_cache (bsc#1176019).
  o btrfs: rename btrfs_put_fs_root and btrfs_grab_fs_root (bsc#1176019).
  o btrfs: rename extent buffer block group item accessors (bsc#1176019).
  o btrfs: Rename find_oldest_super_backup to init_backup_root_slot (bsc#
    1176019).
  o btrfs: require only sector size alignment for parent eb bytenr (bsc#
    1176789).
  o btrfs: reset tree root pointer after error in init_tree_roots (bsc#
    1176019).
  o btrfs: simplify inline extent handling when doing reflinks (bsc#1176019).
  o btrfs: stop clearing EXTENT_DIRTY in inode I/O tree (bsc#1176019).
  o btrfs: Streamline btrfs_fs_info::backup_root_index semantics (bsc#1176019).
  o btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  o btrfs: unset reloc control if we fail to recover (bsc#1176019).
  o btrfs: use bool argument in free_root_pointers() (bsc#1176019).
  o btrfs: use btrfs_block_group_cache_done in update_block_group (bsc#
    1176019).
  o btrfs: use btrfs_put_fs_root to free roots always (bsc#1176019).
  o ceph: do not allow setlease on cephfs (bsc#1176537).
  o ceph: fix potential mdsc use-after-free crash (bsc#1176538).
  o ceph: fix use-after-free for fsc->mdsc (bsc#1176539).
  o ceph: handle zero-length feature mask in session messages (bsc#1176540).
  o ceph: set sec_context xattr on symlink creation (bsc#1176541).
  o ceph: use frag's MDS in either mode (bsc#1176542).
  o cfg80211: regulatory: reject invalid hints (bsc#1176699).
  o cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  o cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  o cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  o clk: davinci: Use the correct size when allocating memory (git-fixes).
  o clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
  o cxgb4: fix thermal zone device registration (git-fixes).
  o debugfs: Fix module state check condition (bsc#1173746).
  o debugfs: Fix module state check condition (git-fixes).
  o dev: Defer free of skbs in flush_backlog (networking-stable-20_07_29).
  o dmaengine: acpi: Put the CSRT table after using it (git-fixes).
  o dmaengine: at_hdmac: check return value of of_find_device_by_node() in
    at_dma_xlate() (git-fixes).
  o dmaengine: dw-edma: Fix scatter-gather address calculation (git-fixes).
  o dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    (git-fixes).
  o dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    (git-fixes).
  o dm: do not call report zones for more than the user requested (git fixes
    (block drivers)).
  o dm integrity: fix integrity recalculation that is improperly skipped (git
    fixes (block drivers)).
  o dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes
    (block drivers)).
  o dm writecache: add cond_resched to loop in persistent_memory_claim() (git
    fixes (block drivers)).
  o dm writecache: correct uncommitted_block when discarding uncommitted entry
    (git fixes (block drivers)).
  o dm zoned: assign max_io_len correctly (git fixes (block drivers)).
  o dpaa2-eth: Fix passing zero to 'PTR_ERR' warning
    (networking-stable-20_08_08).
  o driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW} (bsc#1176486 ltc#188130).
  o Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#
    1176877).
  o Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
  o Drivers: hv: vmbus: hibernation: do not hang forever in vmbus_bus_resume()
    (git-fixes).
  o drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
  o drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
  o drm/amd/display: Switch to immediate mode for updating infopackets
    (git-fixes).
  o drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    (git-fixes).
  o drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
    (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
  o drm/amdgpu/gfx10: refine mgcg setting (git-fixes).
  o drm/amdkfd: Fix reference count leaks (git-fixes).
  o drm/amd/pm: correct the thermal alert temperature limit settings
    (git-fixes).
  o drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega20 swctf limit setting (git-fixes).
  o drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading
    (git-fixes).
  o drm/amd/powerplay: correct Vega20 cached smu feature state (git-fixes).
  o drm/ast: Initialize DRAM type before posting GPU (bsc#1152472) * context
    changes
  o drm/mgag200: Remove declaration of mgag200_mmap() from header file (bsc#
    1152472) * context changes
  o drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    (git-fixes).
  o drm/nouveau: Fix reference count leak in nouveau_connector_detect
    (git-fixes).
  o drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    (git-fixes).
  o drm/radeon: fix multiple reference count leak (git-fixes).
  o drm/radeon: Prefer lower feedback dividers (git-fixes).
  o drm/sched: Fix passing zero to 'PTR_ERR' warning v2 (git-fixes).
  o drm/sun4i: add missing put_device() call in (bsc#1152472)
  o drm/sun4i: backend: Disable alpha on the lowest plane on the A20 (bsc#
    1152472)
  o drm/sun4i: backend: Support alpha property on lowest plane (bsc#1152472)
  o drm/sun4i: Fix dsi dcs long write function (bsc#1152472)
  o drm/virtio: fix missing dma_fence_put() in (bsc#1152489) * context changes
  o EDAC/amd64: Add AMD family 17h model 60h PCI IDs (bsc#1152489).
  o EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1152489).
  o EDAC: Fix reference count leaks (bsc#1152489).
  o enetc: Remove the mdio bus on PF probe bailout
    (networking-stable-20_07_29).
  o epoll: atomically remove wait entry on wake up (bsc#1176236).
  o epoll: call final ep_events_available() check under the lock (bsc#1176237).
  o fbcon: prevent user font height or width change from causing potential
    out-of-bounds access (git-fixes).
  o ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
  o HID: core: Add printk_once variants to hid_warn() etc (bsc#1176775).
  o HID: core: Correctly handle ReportSize being zero (git-fixes).
  o HID: core: fix dmesg flooding if report field larger than 32bit (bsc#
    1176775).
  o HID: core: reformat and reduce hid_printk macros (bsc#1176775).
  o HID: core: Sanitize event code and type when mapping input (git-fixes).
  o HID: elan: Fix memleak in elan_input_configured (git-fixes).
  o HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    (git-fixes).
  o HID: i2c-hid: Always sleep 60ms after I2C_HID_PWR_ON commands (git-fixes).
  o HID: microsoft: Add rumble support for the 8bitdo SN30 Pro+ controller
    (git-fixes).
  o HID: quirks: add NOGET quirk for Logitech GROUP (git-fixes).
  o HID: quirks: Always poll three more Lenovo PixArt mice (git-fixes).
  o HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for all Saitek X52 devices
    (git-fixes).
  o hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
  o hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  o hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  o i2c: algo: pca: Reapply i2c bus settings after reset (git-fixes).
  o i2c: i801: Fix resume bug (git-fixes).
  o i2c: mxs: use MXS_DMA_CTRL_WAIT4END instead of DMA_CTRL_ACK (git-fixes).
  o i40e: Fix crash during removing i40e driver (git-fixes).
  o i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (git-fixes).
  o ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  o iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
  o iio:accel:mma7455: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:accel:mma8452: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
  o iio:adc:max1118 Fix alignment of timestamp and data leak issues
    (git-fixes).
  o iio: adc: mcp3422: fix locking on error path (git-fixes).
  o iio: adc: mcp3422: fix locking scope (git-fixes).
  o iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
  o iio:adc:ti-adc084s021 Fix alignment and data leak issues (git-fixes).
  o iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
  o iio:chemical:ccs811: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw()
    (git-fixes).
  o iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
  o iio:light:max44000 Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
  o iio:proximity:mb1232: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o include/asm-generic/vmlinux.lds.h: align ro_after_init (git-fixes).
  o include/linux/bitops.h: avoid clang shift-count-overflow warnings
    (git-fixes).
  o include/linux/poison.h: remove obsolete comment (git-fixes).
  o initramfs: remove clean_rootfs (git-fixes).
  o initramfs: remove the populate_initrd_image and clean_rootfs stubs
    (git-fixes).
  o Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists
    (git-fixes).
  o Input: trackpoint - add new trackpoint variant IDs (git-fixes).
  o iommu/amd: Do not force direct mapping when SME is active (bsc#1174358).
  o iommu/amd: Do not use IOMMUv2 functionality when SME is active (bsc#
    1174358).
  o iommu/amd: Print extended features in one line to fix divergent log levels
    (bsc#1176357).
  o iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176358).
  o iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176359).
  o iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#
    1176360).
  o iommu/vt-d: Fix PASID devTLB invalidation (bsc#1176361).
  o iommu/vt-d: Handle 36bit addressing for x86-32 (bsc#1176362).
  o iommu/vt-d: Handle non-page aligned address (bsc#1176367).
  o iommu/vt-d: Remove global page support in devTLB flush (bsc#1176363).
  o iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176364).
  o iommu/vt-d: Support flushing more translation cache types (bsc#1176365).
  o ipv4: Silence suspicious RCU usage warning (networking-stable-20_08_08).
  o ipv6: fix memory leaks on IPV6_ADDRFORM path (networking-stable-20_08_08).
  o ipv6: Fix nexthop refcnt leak when creating ipv6 route info
    (networking-stable-20_08_08).
  o irqdomain/treewide: Free firmware node after domain removal (git-fixes).
  o irqdomain/treewide: Keep firmware node unconditionally allocated
    (git-fixes).
  o kABI: net: dsa: microchip: call phy_remove_link_mode during probe (kabi).
  o kernel/cpu_pm: Fix uninitted local in cpu_pm (git fixes (kernel/pm)).
  o kernel-syms.spec.in: Also use bz compression (boo#1175882).
  o libata: implement ATA_HORKAGE_MAX_TRIM_128M and apply to Sandisks (jsc#
    SLE-14459).
  o libbpf: Fix readelf output parsing for Fedora (bsc#1155518).
  o libbpf: Fix readelf output parsing on powerpc with recent binutils (bsc#
    1155518).
  o libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
  o libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  o libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  o libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  o md: raid0/linear: fix dereference before null check on pointer mddev (git
    fixes (block drivers)).
  o media: cedrus: Add missing v4l2_ctrl_request_hdl_put() (git-fixes).
  o media: davinci: vpif_capture: fix potential double free (git-fixes).
  o media: gpio-ir-tx: improve precision of transmitted signal due to
    scheduling (git-fixes).
  o media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA
    value in debiirq() (git-fixes).
  o mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  o mlx4: disable device on shutdown (git-fixes).
  o mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
    (networking-stable-20_07_29).
  o mmc: sdhci-acpi: Clear amd_sdhci_host on reset (git-fixes).
  o mmc: sdhci-msm: Add retries when all tuning phases are found valid
    (git-fixes).
  o mmc: sdhci-of-esdhc: Do not walk device-tree on every interrupt
    (git-fixes).
  o mmc: sdio: Use mmc_pre_req() / mmc_post_req() (git-fixes).
  o mm: limit boost_watermark on small zones (git fixes (mm/pgalloc)).
  o mm, page_alloc: fix core hung in free_pcppages_bulk() (git fixes (mm/
    pgalloc)).
  o mm/page_alloc: silence a KASAN false positive (git fixes (mm/pgalloc)).
  o mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() (git fixes (mm/
    compaction)).
  o mm/shuffle: do not move pages between zones and do not read garbage memmaps
    (git fixes (mm/pgalloc)).
  o mm/sparse: rename pfn_present() to pfn_in_present_section() (git fixes (mm/
    pgalloc)).
  o mm, thp: fix defrag setting if newline is not used (git fixes (mm/thp)).
  o net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual
    configuration (networking-stable-20_07_29).
  o net: dsa: microchip: call phy_remove_link_mode during probe
    (networking-stable-20_07_29).
  o net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    (git-fixes).
  o net: ethernet: mtk_eth_soc: fix MTU warnings (networking-stable-20_08_08).
  o netfilter: ipset: Fix forceadd evaluation path (bsc#1176587).
  o net: Fix potential memory leak in proto_register()
    (networking-stable-20_08_15).
  o net: gre: recompute gre csum for sctp over gre tunnels
    (networking-stable-20_08_08).
  o net: initialize fastreuse on inet_inherit_port
    (networking-stable-20_08_15).
  o net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
  o net: refactor bind_bucket fastreuse into helper
    (networking-stable-20_08_15).
  o net: sched: initialize with 0 before setting erspan md->u (bsc#1154353).
  o net: Set fput_needed iff FDPUT_FPUT is set (networking-stable-20_08_15).
  o net/smc: put slot when connection is killed (git-fixes).
  o net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    (networking-stable-20_07_29).
  o net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task()
    (networking-stable-20_08_08).
  o net/tls: Fix kmap usage (networking-stable-20_08_15).
  o net: udp: Fix wrong clean up for IS_UDPLITE macro
    (networking-stable-20_07_29).
  o NFC: st95hf: Fix memleak in st95hf_in_send_cmd (git-fixes).
  o nvme-fc: set max_segments to lldd max value (bsc#1176038).
  o nvme-pci: override the value of the controller's numa node (bsc#1176507).
  o omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    (git-fixes).
  o openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
    (networking-stable-20_08_08).
  o PCI: Fix pci_create_slot() reference count leak (git-fixes).
  o platform/x86: dcdbas: Check SMBIOS for protected buffer address (jsc#
    SLE-14407).
  o powerpc/64: mark emergency stacks valid to unwind (bsc#1156395).
  o powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#
    168122).
  o powerpc/64s: machine check interrupt update NMI accounting (bsc#1094244 ltc
    #168122).
  o powerpc: Add cputime_to_nsecs() (bsc#1065729).
  o powerpc/book3s64/radix: Add kernel command line option to disable radix
    GTSE (bsc#1055186 ltc#153436 jsc#SLE-13512).
  o powerpc: Do not flush caches when adding memory (bsc#1176980 ltc#187962).
  o powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  o powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  o powerpc/kernel: Enables memory hot-remove after reboot on pseries guests
    (bsc#1177030 ltc#187588).
  o powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436 jsc
    #SLE-13512).
  o powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#
    1177030 ltc#187588).
  o powerpc/mm/radix: Create separate mappings for hot-plugged memory (bsc#
    1055186 ltc#153436).
  o powerpc/mm/radix: Fix PTE/PMD fragment count for early page table mappings
    (bsc#1055186 ltc#153436).
  o powerpc/mm/radix: Free PUD table when freeing pagetable (bsc#1055186 ltc#
    153436).
  o powerpc/mm/radix: Remove split_kernel_mapping() (bsc#1055186 ltc#153436).
  o powerpc/numa: Early request for home node associativity (bsc#1171068 ltc#
    183935).
  o powerpc/numa: Offline memoryless cpuless node 0 (bsc#1171068 ltc#183935).
  o powerpc/numa: Prefer node id queried from vphn (bsc#1171068 ltc#183935).
  o powerpc/numa: Set numa_node for all possible cpus (bsc#1171068 ltc#183935).
  o powerpc/numa: Use cpu node map of first sibling thread (bsc#1171068 ltc#
    183935).
  o powerpc/papr_scm: Limit the readability of 'perf_stats' sysfs attribute
    (bsc#1176486 ltc#188130).
  o powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436
    jsc#SLE-13512).
  o powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  o powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack
    (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#
    168122).
  o powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  o powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244
    ltc#168122).
  o powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S
    (bsc#1065729).
  o qrtr: orphan socket in qrtr_release() (networking-stable-20_07_29).
  o RDMA/bnxt_re: Do not report transparent vlan from QP1 (bsc#1173017).
  o RDMA/bnxt_re: Fix the qp table indexing (bsc#1173017).
  o RDMA/bnxt_re: Remove set but not used variable 'qplib_ctx' (bsc#1170774).
  o RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds (bsc#
    1170774).
  o RDMA/bnxt_re: Restrict the max_gids to 256 (bsc#1173017).
  o RDMA/bnxt_re: Static NQ depth allocation (bsc#1170774).
  o RDMA/mlx4: Read pkey table length instead of hardcoded value (git-fixes).
  o RDMA/siw: Suppress uninitialized var warning (jsc#SLE-8381).
  o Remove patch causing regression (bsc#1094244 ltc#168122).
  o rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869
    ltc#188243).
  o rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  o rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#
    SLE-13618).
  o rpm/kernel-binary.spec.in: pack .ipa-clones files for live patching When
    -fdump-ipa-clones option is enabled, GCC reports about its cloning
    operation during IPA optimizations. We use the information for live patches
    preparation, because it is crucial to know if and how functions are
    optimized. Currently, we create the needed .ipa-clones dump files manually.
    It is unnecessary, because the files may be created automatically during
    our kernel build. Prepare for the step and provide the resulting files in
    -livepatch-devel package.
  o rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To
    avoid the unnecessary key enrollment, when enrolling the signing key of the
    kernel package, "--ca-check" is added to mokutil so that mokutil will
    ignore the request if the CA of the signing key already exists in MokList
    or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only
    defined in a kernel module package (KMP), it's used to determine whether
    the %post script is running in a kernel package, or a kernel module
    package.
  o rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  o rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#
    1176698) The "-c" option wasn't passed down to %_kernel_module_package so
    the ueficert subpackage wasn't generated even if the certificate is
    specified in the spec file.
  o rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  o rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    (networking-stable-20_08_08).
  o rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    (networking-stable-20_07_29).
  o s390: Change s390_kernel_write() return type to match memcpy() (bsc#
    1176449). Prerequisite for bsc#1176449.
  o s390/dasd: fix inability to use DASD with DIAG driver (git-fixes).
  o s390: fix GENERIC_LOCKBREAK dependency typo in Kconfig (git-fixes).
  o s390/maccess: add no DAT mode to kernel_write (bsc#1176449).
  o s390/mm: fix huge pte soft dirty copying (git-fixes).
  o s390/qeth: do not process empty bridge port events (git-fixes).
  o s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  o s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  o s390/setup: init jump labels before command line parsing (git-fixes).
  o sbitmap: Consider cleared bits in sbitmap_bitmap_show() (git fixes (block
    drivers)).
  o scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
  o scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#
    188304).
  o scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()
    (bsc#1176962 ltc#188304).
  o scsi: libfc: Fix for double free() (bsc#1174899).
  o scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#
    1174899).
  o scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  o scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  o scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  o scsi: qla2xxx: Fix the return value (bsc#1171688).
  o scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#
    1171688).
  o scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  o scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  o scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  o scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  o scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Suppress two recently introduced compiler warnings
    (git-fixes).
  o scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    (bsc#1171688).
  o scsi: zfcp: Fix use-after-free in request timeout handlers (git-fixes).
  o sctp: shrink stream outq only when new outcnt < old outcnt
    (networking-stable-20_07_29).
  o sctp: shrink stream outq when fails to do addstream reconf
    (networking-stable-20_07_29).
  o selftests/net: relax cpu affinity requirement in msg_zerocopy test
    (networking-stable-20_08_08).
  o serial: 8250_pci: Add Realtek 816a and 816b (git-fixes).
  o SMB3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558).
  o SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#
    1176546).
  o SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
  o SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  o SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  o soundwire: fix double free of dangling pointer (git-fixes).
  o spi: Fix memory leak on splited transfers (git-fixes).
  o spi: spi-loopback-test: Fix out-of-bounds read (git-fixes).
  o spi: stm32: always perform registers configuration prior to transfer
    (git-fixes).
  o spi: stm32: clear only asserted irq flags on interrupt (git-fixes).
  o spi: stm32: fix fifo threshold level in case of short transfer (git-fixes).
  o spi: stm32: fix pm_runtime_get_sync() error checking (git-fixes).
  o spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate (git-fixes).
  o spi: stm32h7: fix race condition at end of transfer (git-fixes).
  o taprio: Fix using wrong queues in gate mask (bsc#1154353).
  o tcp: apply a floor of 1 for RTT samples from TCP timestamps
    (networking-stable-20_08_08).
  o tcp: correct read of TFO keys on big endian systems
    (networking-stable-20_08_15).
  o test_kmod: avoid potential double free in trigger_config_run_type()
    (git-fixes).
  o tg3: Fix soft lockup when tg3_reset_task() fails (git-fixes).
  o thermal: qcom-spmi-temp-alarm: Do not suppress negative temp (git-fixes).
  o thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    (git-fixes).
  o tracing: fix double free (git-fixes).
  o Update patches.suse/
    btrfs-add-dedicated-members-for-start-and-length-of-.patch (bsc#1176019).
  o USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  o USB: Fix out of sync data toggle if a configured device is reconfigured
    (git-fixes).
  o USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
  o USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  o USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  o USB: lvtest: return proper error code in probe (git-fixes).
  o USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  o USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
    notebook (git-fixes).
  o USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  o USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    (git-fixes).
  o USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  o USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    (git-fixes).
  o USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  o USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  o USB: typec: ucsi: Prevent mode overrun (git-fixes).
  o USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  o USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  o USB: yurex: Fix bad gfp argument (git-fixes).
  o vfio-pci: Avoid recursive read-lock usage (bsc#1176366).
  o virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes
    (block drivers)).
  o vsock/virtio: annotate 'the_virtio_vsock' RCU pointer
    (networking-stable-20_07_29).
  o vt: defer kfree() of vc_screenbuf in vc_do_resize() (git-fixes).
  o vxlan: Ensure FDB dump is performed under RCU (networking-stable-20_08_08).
  o wireguard: noise: take lock when removing handshake entry from table
    (git-fixes).
  o wireguard: peerlookup: take lock before checking hash in replace operation
    (git-fixes).
  o workqueue: require CPU hotplug read exclusion for apply_workqueue_attrs
    (bsc#1176763).
  o x86/hotplug: Silence APIC only after all interrupts are migrated
    (git-fixes).
  o x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1152489).
  o x86, sched: Bail out of frequency invariance if turbo_freq/base_freq gives
    0 (bsc#1176925).
  o x86, sched: Bail out of frequency invariance if turbo frequency is unknown
    (bsc#1176925).
  o x86, sched: check for counters overflow in frequency invariant accounting
    (bsc#1176925).
  o x86/stacktrace: Fix reliable check for empty user task stacks (bsc#
    1058115).
  o x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).
  o xen: do not reschedule in preemption off sections (bsc#1175749).
  o XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt
    XEN data pointer which contains XEN specific information (bsc#1065600).
  o xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2020-2908=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):
       kernel-devel-azure-5.3.18-18.21.1
       kernel-source-azure-5.3.18-18.21.1
  o SUSE Linux Enterprise Module for Public Cloud 15-SP2 (x86_64):
       kernel-azure-5.3.18-18.21.1
       kernel-azure-debuginfo-5.3.18-18.21.1
       kernel-azure-debugsource-5.3.18-18.21.1
       kernel-azure-devel-5.3.18-18.21.1
       kernel-azure-devel-debuginfo-5.3.18-18.21.1
       kernel-syms-azure-5.3.18-18.21.1


References:

  o https://www.suse.com/security/cve/CVE-2020-0404.html
  o https://www.suse.com/security/cve/CVE-2020-0427.html
  o https://www.suse.com/security/cve/CVE-2020-0431.html
  o https://www.suse.com/security/cve/CVE-2020-0432.html
  o https://www.suse.com/security/cve/CVE-2020-14385.html
  o https://www.suse.com/security/cve/CVE-2020-14390.html
  o https://www.suse.com/security/cve/CVE-2020-25212.html
  o https://www.suse.com/security/cve/CVE-2020-25284.html
  o https://www.suse.com/security/cve/CVE-2020-26088.html
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1058115
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1094244
  o https://bugzilla.suse.com/1152472
  o https://bugzilla.suse.com/1152489
  o https://bugzilla.suse.com/1153274
  o https://bugzilla.suse.com/1154353
  o https://bugzilla.suse.com/1155518
  o https://bugzilla.suse.com/1156395
  o https://bugzilla.suse.com/1167527
  o https://bugzilla.suse.com/1170774
  o https://bugzilla.suse.com/1171068
  o https://bugzilla.suse.com/1171688
  o https://bugzilla.suse.com/1171742
  o https://bugzilla.suse.com/1172757
  o https://bugzilla.suse.com/1173017
  o https://bugzilla.suse.com/1173115
  o https://bugzilla.suse.com/1173746
  o https://bugzilla.suse.com/1174358
  o https://bugzilla.suse.com/1174899
  o https://bugzilla.suse.com/1175749
  o https://bugzilla.suse.com/1175882
  o https://bugzilla.suse.com/1176019
  o https://bugzilla.suse.com/1176038
  o https://bugzilla.suse.com/1176137
  o https://bugzilla.suse.com/1176235
  o https://bugzilla.suse.com/1176236
  o https://bugzilla.suse.com/1176237
  o https://bugzilla.suse.com/1176242
  o https://bugzilla.suse.com/1176278
  o https://bugzilla.suse.com/1176357
  o https://bugzilla.suse.com/1176358
  o https://bugzilla.suse.com/1176359
  o https://bugzilla.suse.com/1176360
  o https://bugzilla.suse.com/1176361
  o https://bugzilla.suse.com/1176362
  o https://bugzilla.suse.com/1176363
  o https://bugzilla.suse.com/1176364
  o https://bugzilla.suse.com/1176365
  o https://bugzilla.suse.com/1176366
  o https://bugzilla.suse.com/1176367
  o https://bugzilla.suse.com/1176381
  o https://bugzilla.suse.com/1176423
  o https://bugzilla.suse.com/1176449
  o https://bugzilla.suse.com/1176482
  o https://bugzilla.suse.com/1176486
  o https://bugzilla.suse.com/1176507
  o https://bugzilla.suse.com/1176536
  o https://bugzilla.suse.com/1176537
  o https://bugzilla.suse.com/1176538
  o https://bugzilla.suse.com/1176539
  o https://bugzilla.suse.com/1176540
  o https://bugzilla.suse.com/1176541
  o https://bugzilla.suse.com/1176542
  o https://bugzilla.suse.com/1176544
  o https://bugzilla.suse.com/1176545
  o https://bugzilla.suse.com/1176546
  o https://bugzilla.suse.com/1176548
  o https://bugzilla.suse.com/1176558
  o https://bugzilla.suse.com/1176559
  o https://bugzilla.suse.com/1176587
  o https://bugzilla.suse.com/1176659
  o https://bugzilla.suse.com/1176698
  o https://bugzilla.suse.com/1176699
  o https://bugzilla.suse.com/1176700
  o https://bugzilla.suse.com/1176721
  o https://bugzilla.suse.com/1176722
  o https://bugzilla.suse.com/1176725
  o https://bugzilla.suse.com/1176732
  o https://bugzilla.suse.com/1176763
  o https://bugzilla.suse.com/1176775
  o https://bugzilla.suse.com/1176788
  o https://bugzilla.suse.com/1176789
  o https://bugzilla.suse.com/1176833
  o https://bugzilla.suse.com/1176869
  o https://bugzilla.suse.com/1176877
  o https://bugzilla.suse.com/1176925
  o https://bugzilla.suse.com/1176962
  o https://bugzilla.suse.com/1176980
  o https://bugzilla.suse.com/1176990
  o https://bugzilla.suse.com/1177021
  o https://bugzilla.suse.com/1177030


- --------------------------------------------------------------------------------


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2906-1
Rating:            important
References:        #1055186 #1065600 #1065729 #1094244 #1112178 #1113956
                   #1154366 #1167527 #1169972 #1171688 #1171742 #1173115
                   #1174899 #1175228 #1175749 #1175882 #1176011 #1176022
                   #1176038 #1176235 #1176242 #1176278 #1176316 #1176317
                   #1176318 #1176319 #1176320 #1176321 #1176381 #1176423
                   #1176482 #1176507 #1176536 #1176544 #1176545 #1176546
                   #1176548 #1176659 #1176698 #1176699 #1176700 #1176721
                   #1176722 #1176725 #1176732 #1176788 #1176789 #1176869
                   #1176877 #1176935 #1176950 #1176962 #1176966 #1176990
                   #1177030 #1177041 #1177042 #1177043 #1177044 #1177121
                   #1177206 #1177291 #1177293 #1177294 #1177295 #1177296
Cross-References:  CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432
                   CVE-2020-14381 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284
                   CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
Affected Products:
                   SUSE Linux Enterprise Module for Public Cloud 15-SP1
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 55 fixes is now available.

Description:

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:

  o CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation
    could have been used by local attackers to create raw sockets, bypassing
    security mechanisms (bsc#1176990).
  o CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size (bnc#1176235).
  o CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc
    #1176721).
  o CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#
    1176725).
  o CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check
    (bsc#1176722).
  o CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause
    (bsc#1176423).
  o CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#
    1176381).
  o CVE-2020-25284: Fixed an incomplete permission checking for access to rbd
    devices, which could have been leveraged by local attackers to map or unmap
    rbd block devices (bsc#1176482).
  o CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping
    the references (bsc#1176011).
  o CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr
    function which could have led to memory corruption and read overflow (bsc#
    1177206).
  o CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups
    (bsc#1177121).


The following non-security bugs were fixed:

  o 9p: Fix memory leak in v9fs_mount (git-fixes).
  o ACPI: EC: Reference count query handlers under lock (git-fixes).
  o airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
    (git-fixes).
  o airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
  o airo: Fix read overflows sending packets (git-fixes).
  o ALSA: asihpi: fix iounmap in error handler (git-fixes).
  o ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  o ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  o ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  o ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    (git-fixes).
  o ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    (git-fixes).
  o ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    (git-fixes).
  o altera-stapl: altera_get_note: prevent write beyond end of 'key'
    (git-fixes).
  o ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
  o arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#
    SLE-4084).
  o arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
  o asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
  o ASoC: kirkwood: fix IRQ error handling (git-fixes).
  o ASoC: tegra: Fix reference count leaks (git-fixes).
  o ath10k: fix array out-of-bounds access (git-fixes).
  o ath10k: fix memory leak for tpc_stats_final (git-fixes).
  o ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
  o batman-adv: Add missing include for in_interrupt() (git-fixes).
  o batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  o batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  o batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    (git-fixes).
  o batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  o bcache: Convert pr_ uses to a more typical style (git fixes (block
    drivers)).
  o bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
  o bcm63xx_enet: correct clock usage (git-fixes).
  o bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
  o bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes
    (bitfield)).
  o blktrace: fix debugfs use after free (git fixes (block drivers)).
  o block: add docs for gendisk / request_queue refcount helpers (git fixes
    (block drivers)).
  o block: revert back to synchronous request_queue removal (git fixes (block
    drivers)).
  o block: Use non _rcu version of list functions for tag_set_list (git-fixes).
  o Bluetooth: Fix refcount use-after-free issue (git-fixes).
  o Bluetooth: guard against controllers sending zero'd events (git-fixes).
  o Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
  o Bluetooth: L2CAP: handle l2cap config request during open state
    (git-fixes).
  o Bluetooth: prefetch channel before killing sock (git-fixes).
  o bnxt_en: Fix completion ring sizing with TPA enabled
    (networking-stable-20_07_29).
  o bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM
    (git-fixes).
  o btrfs: require only sector size alignment for parent eb bytenr (bsc#
    1176789).
  o btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  o ceph: do not allow setlease on cephfs (bsc#1177041).
  o ceph: fix potential mdsc use-after-free crash (bsc#1177042).
  o ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
  o ceph: handle zero-length feature mask in session messages (bsc#1177044).
  o cfg80211: regulatory: reject invalid hints (bsc#1176699).
  o cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  o cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  o cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  o clk: Add (devm_)clk_get_optional() functions (git-fixes).
  o clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
  o clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    (git-fixes).
  o clk/ti/adpll: allocate room for terminating null (git-fixes).
  o clocksource/drivers/h8300_timer8: Fix wrong return value in
    h8300_8timer_init() (git-fixes).
  o cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#
    1176966).
  o dmaengine: at_hdmac: check return value of of_find_device_by_node() in
    at_dma_xlate() (git-fixes).
  o dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    (git-fixes).
  o dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    (git-fixes).
  o dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    (git-fixes).
  o dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
  o dm crypt: avoid truncating the logical block size (git fixes (block
    drivers)).
  o dm: fix redundant IO accounting for bios that need splitting (git fixes
    (block drivers)).
  o dm integrity: fix a deadlock due to offloading to an incorrect workqueue
    (git fixes (block drivers)).
  o dm integrity: fix integrity recalculation that is improperly skipped (git
    fixes (block drivers)).
  o dm: report suspended device during destroy (git fixes (block drivers)).
  o dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes
    (block drivers)).
  o dm: use noio when sending kobject event (git fixes (block drivers)).
  o dm writecache: add cond_resched to loop in persistent_memory_claim() (git
    fixes (block drivers)).
  o dm writecache: correct uncommitted_block when discarding uncommitted entry
    (git fixes (block drivers)).
  o dm zoned: assign max_io_len correctly (git fixes (block drivers)).
  o Drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    (git-fixes).
  o Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#
    1176877).
  o Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
  o drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
  o drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    (git-fixes).
  o drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
  o drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    (git-fixes).
  o drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  o drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
  o drm/amdgpu: increase atombios cmd timeout (git-fixes).
  o drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdkfd: fix a memory leak issue (git-fixes).
  o drm/amdkfd: Fix reference count leaks (git-fixes).
  o drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  o drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context
    changes
  o drm/mediatek: Add exception handing in mtk_drm_probe() if component init
    fail (git-fixes).
  o drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    (git-fixes).
  o drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
  o drm/msm: add shutdown support for display platform_driver (git-fixes).
  o drm/msm: Disable preemption on all 5xx targets (git-fixes).
  o drm/msm: fix leaks if initialization fails (git-fixes).
  o drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
  o drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    (git-fixes).
  o drm/nouveau: Fix reference count leak in nouveau_connector_detect
    (git-fixes).
  o drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    (git-fixes).
  o drm/nouveau: fix runtime pm imbalance on error (git-fixes).
  o drm/omap: fix possible object reference leak (git-fixes).
  o drm/radeon: fix multiple reference count leak (git-fixes).
  o drm/radeon: Prefer lower feedback dividers (git-fixes).
  o drm/radeon: revert "Prefer lower feedback dividers" (git-fixes).
  o drm/sun4i: Fix dsi dcs long write function (git-fixes).
  o drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
  o drm/tve200: Stabilize enable/disable (git-fixes).
  o drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
  o e1000: Do not perform reset in reset_task if we are already down
    (git-fixes).
  o fbcon: prevent user font height or width change from causing (bsc#1112178)
    * move from drivers/video/fbdev/fbcon to drivers/video/console * context
    changes
  o Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
  o ftrace: Move RCU is watching check after recursion check (git-fixes).
  o ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
  o gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    (git-fixes).
  o gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
  o gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
    (git-fixes).
  o gtp: fix Illegal context switch in RCU read-side critical section
    (git-fixes).
  o gtp: fix use-after-free in gtp_newlink() (git-fixes).
  o Hide e21a4f3a930c as of its duplication
  o HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    (git-fixes).
  o hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
  o hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  o hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  o hwmon: (applesmc) check status earlier (git-fixes).
  o i2c: core: Do not fail PRP0001 enumeration when no ID table exist
    (git-fixes).
  o i2c: cpm: Fix i2c_ram structure (git-fixes).
  o ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  o ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
  o ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
  o iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
  o iio:accel:mma7455: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
  o iio: adc: mcp3422: fix locking on error path (git-fixes).
  o iio: adc: mcp3422: fix locking scope (git-fixes).
  o iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
  o iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
  o iio: improve IIO_CONCENTRATION channel type description (git-fixes).
  o iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
  o iio:light:max44000 Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
  o include: add additional sizes (bsc#1094244 ltc#168122).
  o iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#
    1177293).
  o iommu/amd: Fix potential @entry null deref (bsc#1177294).
  o iommu/amd: Print extended features in one line to fix divergent log levels
    (bsc#1176316).
  o iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
  o iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
  o iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#
    1177295).
  o iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
  o iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc
    #1177296).
  o iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#
    1176319).
  o iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
  o kernel-syms.spec.in: Also use bz compression (boo#1175882).
  o KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
  o KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and
    non-VHE (jsc#SLE-4084).
  o KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put
    for VHE (jsc#SLE-4084).
  o KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#
    SLE-4084).
  o KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE
    (jsc#SLE-4084).
  o KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#
    SLE-4084).
  o KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
  o KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#
    SLE-4084).
  o KVM: arm64: Factor out fault info population and gic workarounds (jsc#
    SLE-4084).
  o KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
  o KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
  o KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
  o KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#
    SLE-4084).
  o KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions
    (jsc#SLE-4084).
  o KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
  o KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#
    SLE-4084).
  o KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#
    SLE-4084).
  o KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#
    SLE-4084).
  o KVM: arm64: Move userspace system registers into separate function (jsc#
    SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers
    (jsc#SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#
    SLE-4084).
  o KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
  o KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#
    SLE-4084).
  o KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
  o KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
  o KVM: arm64: Rewrite system register accessors to read/write functions (jsc#
    SLE-4084).
  o KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
  o KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc
    #SLE-4084).
  o KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#
    SLE-4084).
  o KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
  o KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE
    (jsc#SLE-4084).
  o KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#
    SLE-4084).
  o KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
  o KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#
    SLE-4084).
  o KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#
    SLE-4084).
  o KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug
    (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#
    SLE-4084).
  o KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#
    SLE-4084).
  o KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#
    SLE-4084).
  o KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
  o KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM
    (bsc#1176321).
  o KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
  o libceph: allow setting abort_on_full for rbd (bsc#1169972).
  o libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
  o libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  o libnvdimm/security, acpi/nfit: unify zero-key for all security commands
    (bsc#1171742).
  o libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  o libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  o lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block
    drivers)).
  o mac802154: tx: fix use-after-free (git-fixes).
  o md: raid0/linear: fix dereference before null check on pointer mddev (git
    fixes (block drivers)).
  o media: davinci: vpif_capture: fix potential double free (git-fixes).
  o media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA
    value in debiirq() (git-fixes).
  o media: smiapp: Fix error handling at NVM reading (git-fixes).
  o media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
  o mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  o mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
  o mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#
    1154366).
  o mmc: cqhci: Add cqhci_deactivate() (git-fixes).
  o mmc: sdhci-msm: Add retries when all tuning phases are found valid
    (git-fixes).
  o mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
    controllers (git-fixes).
  o mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS
    models (git-fixes).
  o mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/
    pgalloc)).
  o mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/
    vmalloc)).
  o mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of
    cfi_amdstd_setup() (git-fixes).
  o mtd: lpddr: Fix a double free in probe() (git-fixes).
  o mtd: phram: fix a double free issue in error path (git-fixes).
  o mtd: properly check all write ioctls for permissions (git-fixes).
  o net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
  o net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
  o net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
  o net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
  o net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
  o net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
    (git-fixes).
  o net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
  o net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
  o net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
  o net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
  o net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    (git-fixes).
  o net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
  o net: initialize fastreuse on inet_inherit_port
    (networking-stable-20_08_15).
  o net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
  o net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
  o net: lio_core: fix potential sign-extension overflow on large shift
    (git-fixes).
  o net/mlx5: Add meaningful return codes to status_to_err function
    (git-fixes).
  o net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
  o net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    (git-fixes).
  o net: mvneta: fix mtu change on port without link (git-fixes).
  o net-next: ax88796: Do not free IRQ in ax_remove() (already freed in
    ax_close()) (git-fixes).
  o net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
  o net: qca_spi: Avoid packet drop during initial sync (git-fixes).
  o net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
  o net: refactor bind_bucket fastreuse into helper
    (networking-stable-20_08_15).
  o net/smc: fix dmb buffer shortage (git-fixes).
  o net/smc: fix restoring of fallback changes (git-fixes).
  o net/smc: fix sock refcounting in case of termination (git-fixes).
  o net/smc: improve close of terminated socket (git-fixes).
  o net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
  o net/smc: remove freed buffer from list (git-fixes).
  o net/smc: reset sndbuf_desc if freed (git-fixes).
  o net/smc: set rx_off for SMCR explicitly (git-fixes).
  o net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
  o net/smc: tolerate future SMCD versions (git-fixes).
  o net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing()
    (git-fixes).
  o net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
  o net: stmmac: do not stop NAPI processing when dropping a packet
    (git-fixes).
  o net: stmmac: dwmac4: fix flow control issue (git-fixes).
  o net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset
    function (git-fixes).
  o net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    (git-fixes).
  o net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
    (git-fixes).
  o net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode
    (git-fixes).
  o net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()'
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()'
    (git-fixes).
  o net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes).
  o net: stmmac: set MSS for each tx DMA channel (git-fixes).
  o net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
  o net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    (networking-stable-20_07_29).
  o net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
  o net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb()
    (git-fixes).
  o net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).
  o net: ucc_geth - fix Oops when changing number of buffers in the ring
    (git-fixes).
  o NFSv4: do not mark all open state for recovery when handling recallable
    state revoked flag (bsc#1176935).
  o nvme-fc: set max_segments to lldd max value (bsc#1176038).
  o nvme-pci: override the value of the controller's numa node (bsc#1176507).
  o ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
  o omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    (git-fixes).
  o PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
  o PCI: Fix pci_create_slot() reference count leak (git-fixes).
  o PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
  o PCI: qcom: Add missing reset for ipq806x (git-fixes).
  o PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
  o PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
  o PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
  o phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
  o pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
  o powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#
    168122).
  o powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Include header file to fix a warning (bsc#1094244 ltc#168122).
  o powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#
    168122).
  o powerpc/64s: sreset panic if there is no debugger or crash dump handlers
    (bsc#1094244 ltc#168122).
  o powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#
    168122).
  o powerpc: Add cputime_to_nsecs() (bsc#1065729).
  o powerpc/book3s64/radix: Add kernel command line option to disable radix
    GTSE (bsc#1055186 ltc#153436).
  o powerpc/book3s64/radix: Fix boot failure with large amount of guest memory
    (bsc#1176022 ltc#187208).
  o powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  o powerpc/init: Do not advertise radix during client-architecture-support
    (bsc#1055186 ltc#153436 ).
  o powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  o powerpc/kernel: Enables memory hot-remove after reboot on pseries guests
    (bsc#1177030 ltc#187588).
  o powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
  o powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#
    1177030 ltc#187588).
  o powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#
    1176022 ltc#187208).
  o powerpc/powernv: Remove real mode access limit for early allocations (bsc#
    1176022 ltc#187208).
  o powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#
    153436).
  o powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
  o powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
  o powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  o powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack
    (bsc#1094244 ltc#168122).
  o powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022
    ltc#187208).
  o powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#
    168122).
  o powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  o powerpc/traps: fix recoverability of machine check handling on book3s/32
    (bsc#1094244 ltc#168122).
  o powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244
    ltc#168122).
  o powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S
    (bsc#1065729).
  o power: supply: max17040: Correct voltage reading (git-fixes).
  o rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes
    (rcu)).
  o regulator: push allocation in set_consumer_device_supply() out of lock
    (git-fixes).
  o rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869
    ltc#188243).
  o rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  o rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#
    SLE-13618).
  o rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To
    avoid the unnecessary key enrollment, when enrolling the signing key of the
    kernel package, "--ca-check" is added to mokutil so that mokutil will
    ignore the request if the CA of the signing key already exists in MokList
    or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only
    defined in a kernel module package (KMP), it's used to determine whether
    the %post script is running in a kernel package, or a kernel module
    package.
  o rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  o rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#
    1176698) The "-c" option wasn't passed down to %_kernel_module_package so
    the ueficert subpackage wasn't generated even if the certificate is
    specified in the spec file.
  o rtc: ds1374: fix possible race condition (git-fixes).
  o rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  o rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    (networking-stable-20_08_08).
  o rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    (networking-stable-20_07_29).
  o s390/mm: fix huge pte soft dirty copying (git-fixes).
  o s390/qeth: do not process empty bridge port events (git-fixes).
  o s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  o s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  o scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
  o scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#
    188304).
  o scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()
    (bsc#1176962 ltc#188304).
  o scsi: libfc: Fix for double free() (bsc#1174899).
  o scsi: libfc: free response frame from GPN_ID (bsc#1174899).
  o scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#
    1174899).
  o scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  o scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  o scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  o scsi: qla2xxx: Fix the return value (bsc#1171688).
  o scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#
    1171688).
  o scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  o scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  o scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  o scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  o scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Suppress two recently introduced compiler warnings
    (git-fixes).
  o scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    (bsc#1171688).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186
    (git-fixes).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210
    (git-fixes).
  o serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    (git-fixes).
  o serial: 8250_omap: Fix sleeping function called from invalid context during
    probe (git-fixes).
  o serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
  o Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).
  o SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#
    1176546).
  o SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  o SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  o tcp: apply a floor of 1 for RTT samples from TCP timestamps
    (networking-stable-20_08_08).
  o thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    (git-fixes).
  o tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#
    1112178).
  o USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  o USB: dwc3: Increase timeout for CmdAct cleared by device controller
    (git-fixes).
  o USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
  o USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    (git-fixes).
  o USB: Fix out of sync data toggle if a configured device is reconfigured
    (git-fixes).
  o USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
  o USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
  o USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  o USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  o USB: hso: check for return value in hso_serial_common_create()
    (networking-stable-20_08_08).
  o usblp: fix race between disconnect() and read() (git-fixes).
  o USB: lvtest: return proper error code in probe (git-fixes).
  o usbnet: ipheth: fix potential null pointer dereference in
    ipheth_carrier_set (git-fixes).
  o USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
  o USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  o USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
    notebook (git-fixes).
  o USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
    (git-fixes).
  o USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  o USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    (git-fixes).
  o USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  o USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    (git-fixes).
  o USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  o USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  o USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  o USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  o USB: yurex: Fix bad gfp argument (git-fixes).
  o vgacon: remove software scrollback support (bsc#1176278).
  o video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).
  o virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes
    (block drivers)).
  o vrf: prevent adding upper devices (git-fixes).
  o vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
  o xen: do not reschedule in preemption off sections (bsc#1175749).
  o xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
  o xen uses irqdesc::irq_data_common::handler_data to store a per interrupt
    XEN data pointer which contains XEN specific information (bsc#1065600).
  o xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
  o yam: fix possible memory leak in yam_init_driver (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2020-2906=1

Package List:

  o SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):
       kernel-devel-azure-4.12.14-8.47.1
       kernel-source-azure-4.12.14-8.47.1
  o SUSE Linux Enterprise Module for Public Cloud 15-SP1 (x86_64):
       kernel-azure-4.12.14-8.47.1
       kernel-azure-base-4.12.14-8.47.1
       kernel-azure-base-debuginfo-4.12.14-8.47.1
       kernel-azure-debuginfo-4.12.14-8.47.1
       kernel-azure-devel-4.12.14-8.47.1
       kernel-syms-azure-4.12.14-8.47.1


References:

  o https://www.suse.com/security/cve/CVE-2020-0404.html
  o https://www.suse.com/security/cve/CVE-2020-0427.html
  o https://www.suse.com/security/cve/CVE-2020-0431.html
  o https://www.suse.com/security/cve/CVE-2020-0432.html
  o https://www.suse.com/security/cve/CVE-2020-14381.html
  o https://www.suse.com/security/cve/CVE-2020-14390.html
  o https://www.suse.com/security/cve/CVE-2020-25212.html
  o https://www.suse.com/security/cve/CVE-2020-25284.html
  o https://www.suse.com/security/cve/CVE-2020-25641.html
  o https://www.suse.com/security/cve/CVE-2020-25643.html
  o https://www.suse.com/security/cve/CVE-2020-26088.html
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1094244
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113956
  o https://bugzilla.suse.com/1154366
  o https://bugzilla.suse.com/1167527
  o https://bugzilla.suse.com/1169972
  o https://bugzilla.suse.com/1171688
  o https://bugzilla.suse.com/1171742
  o https://bugzilla.suse.com/1173115
  o https://bugzilla.suse.com/1174899
  o https://bugzilla.suse.com/1175228
  o https://bugzilla.suse.com/1175749
  o https://bugzilla.suse.com/1175882
  o https://bugzilla.suse.com/1176011
  o https://bugzilla.suse.com/1176022
  o https://bugzilla.suse.com/1176038
  o https://bugzilla.suse.com/1176235
  o https://bugzilla.suse.com/1176242
  o https://bugzilla.suse.com/1176278
  o https://bugzilla.suse.com/1176316
  o https://bugzilla.suse.com/1176317
  o https://bugzilla.suse.com/1176318
  o https://bugzilla.suse.com/1176319
  o https://bugzilla.suse.com/1176320
  o https://bugzilla.suse.com/1176321
  o https://bugzilla.suse.com/1176381
  o https://bugzilla.suse.com/1176423
  o https://bugzilla.suse.com/1176482
  o https://bugzilla.suse.com/1176507
  o https://bugzilla.suse.com/1176536
  o https://bugzilla.suse.com/1176544
  o https://bugzilla.suse.com/1176545
  o https://bugzilla.suse.com/1176546
  o https://bugzilla.suse.com/1176548
  o https://bugzilla.suse.com/1176659
  o https://bugzilla.suse.com/1176698
  o https://bugzilla.suse.com/1176699
  o https://bugzilla.suse.com/1176700
  o https://bugzilla.suse.com/1176721
  o https://bugzilla.suse.com/1176722
  o https://bugzilla.suse.com/1176725
  o https://bugzilla.suse.com/1176732
  o https://bugzilla.suse.com/1176788
  o https://bugzilla.suse.com/1176789
  o https://bugzilla.suse.com/1176869
  o https://bugzilla.suse.com/1176877
  o https://bugzilla.suse.com/1176935
  o https://bugzilla.suse.com/1176950
  o https://bugzilla.suse.com/1176962
  o https://bugzilla.suse.com/1176966
  o https://bugzilla.suse.com/1176990
  o https://bugzilla.suse.com/1177030
  o https://bugzilla.suse.com/1177041
  o https://bugzilla.suse.com/1177042
  o https://bugzilla.suse.com/1177043
  o https://bugzilla.suse.com/1177044
  o https://bugzilla.suse.com/1177121
  o https://bugzilla.suse.com/1177206
  o https://bugzilla.suse.com/1177291
  o https://bugzilla.suse.com/1177293
  o https://bugzilla.suse.com/1177294
  o https://bugzilla.suse.com/1177295
  o https://bugzilla.suse.com/1177296


- --------------------------------------------------------------------------------


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2904-1
Rating:            important
References:        #1055186 #1065600 #1065729 #1094244 #1112178 #1113956
                   #1154366 #1163524 #1167527 #1168468 #1169972 #1171675
                   #1171688 #1171742 #1173115 #1174354 #1174899 #1175228
                   #1175528 #1175716 #1175749 #1175882 #1176011 #1176022
                   #1176038 #1176235 #1176242 #1176278 #1176316 #1176317
                   #1176318 #1176319 #1176320 #1176321 #1176381 #1176423
                   #1176482 #1176507 #1176536 #1176544 #1176545 #1176546
                   #1176548 #1176659 #1176698 #1176699 #1176700 #1176721
                   #1176722 #1176725 #1176732 #1176788 #1176789 #1176869
                   #1176877 #1176935 #1176950 #1176962 #1176966 #1176990
                   #1177030 #1177041 #1177042 #1177043 #1177044 #1177121
                   #1177206 #1177258 #1177291 #1177293 #1177294 #1177295
                   #1177296
Cross-References:  CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432
                   CVE-2020-14381 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284
                   CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
Affected Products:
                   SUSE Linux Enterprise Workstation Extension 12-SP5
                   SUSE Linux Enterprise Software Development Kit 12-SP5
                   SUSE Linux Enterprise Server 12-SP5
                   SUSE Linux Enterprise Live Patching 12-SP5
                   SUSE Linux Enterprise High Availability 12-SP5
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 62 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:

  o CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation
    could have been used by local attackers to create raw sockets, bypassing
    security mechanisms (bsc#1176990).
  o CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size (bnc#1176235).
  o CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc
    #1176721).
  o CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#
    1176725).
  o CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check
    (bsc#1176722).
  o CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause
    (bsc#1176423).
  o CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#
    1176381).
  o CVE-2020-25284: Fixed an incomplete permission checking for access to rbd
    devices, which could have been leveraged by local attackers to map or unmap
    rbd block devices (bsc#1176482).
  o CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping
    the references (bsc#1176011).
  o CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr
    function which could have led to memory corruption and read overflow (bsc#
    1177206).
  o CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups
    (bsc#1177121).


The following non-security bugs were fixed:

  o 9p: Fix memory leak in v9fs_mount (git-fixes).
  o ACPI: EC: Reference count query handlers under lock (git-fixes).
  o airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
    (git-fixes).
  o airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
  o airo: Fix read overflows sending packets (git-fixes).
  o ALSA: asihpi: fix iounmap in error handler (git-fixes).
  o ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  o ALSA: firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  o ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  o ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    (git-fixes).
  o ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    (git-fixes).
  o ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    (git-fixes).
  o altera-stapl: altera_get_note: prevent write beyond end of 'key'
    (git-fixes).
  o ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
  o arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#
    SLE-4084).
  o arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
  o asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
  o ASoC: kirkwood: fix IRQ error handling (git-fixes).
  o ASoC: tegra: Fix reference count leaks (git-fixes).
  o ath10k: fix array out-of-bounds access (git-fixes).
  o ath10k: fix memory leak for tpc_stats_final (git-fixes).
  o ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
  o batman-adv: Add missing include for in_interrupt() (git-fixes).
  o batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  o batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  o batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    (git-fixes).
  o batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  o bcache: Convert pr_ uses to a more typical style (git fixes (block
    drivers)).
  o bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
  o bcm63xx_enet: correct clock usage (git-fixes).
  o bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
  o bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes
    (bitfield)).
  o blktrace: fix debugfs use after free (git fixes (block drivers)).
  o block: add docs for gendisk / request_queue refcount helpers (git fixes
    (block drivers)).
  o block: revert back to synchronous request_queue removal (git fixes (block
    drivers)).
  o block: Use non _rcu version of list functions for tag_set_list (git-fixes).
  o Bluetooth: Fix refcount use-after-free issue (git-fixes).
  o Bluetooth: guard against controllers sending zero'd events (git-fixes).
  o Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
  o Bluetooth: L2CAP: handle l2cap config request during open state
    (git-fixes).
  o Bluetooth: prefetch channel before killing sock (git-fixes).
  o bnxt_en: Fix completion ring sizing with TPA enabled
    (networking-stable-20_07_29).
  o bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM
    (git-fixes).
  o btrfs: avoid possible signal interruption of btrfs_drop_snapshot() on
    relocation tree (bsc#1174354).
  o btrfs: balance: print to system log when balance ends or is paused (bsc#
    1174354).
  o btrfs: relocation: allow signal to cancel balance (bsc#1174354).
  o btrfs: relocation: review the call sites which can be interrupted by signal
    (bsc#1174354).
  o btrfs: require only sector size alignment for parent eb bytenr (bsc#
    1176789).
  o btrfs: take overcommit into account in inc_block_group_ro (bsc#1174354).
  o btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  o ceph: do not allow setlease on cephfs (bsc#1177041).
  o ceph: fix potential mdsc use-after-free crash (bsc#1177042).
  o ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
  o ceph: handle zero-length feature mask in session messages (bsc#1177044).
  o cfg80211: regulatory: reject invalid hints (bsc#1176699).
  o cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  o cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  o cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  o clk: Add (devm_)clk_get_optional() functions (git-fixes).
  o clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
  o clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    (git-fixes).
  o clk/ti/adpll: allocate room for terminating null (git-fixes).
  o clocksource/drivers/h8300_timer8: Fix wrong return value in
    h8300_8timer_init() (git-fixes).
  o cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#
    1176966).
  o crypto: dh - check validity of Z before export (bsc#1175716).
  o crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175716).
  o crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175716).
  o crypto: ecdh - check validity of Z before export (bsc#1175716).
  o dmaengine: at_hdmac: check return value of of_find_device_by_node() in
    at_dma_xlate() (git-fixes).
  o dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    (git-fixes).
  o dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    (git-fixes).
  o dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    (git-fixes).
  o dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
  o dm crypt: avoid truncating the logical block size (git fixes (block
    drivers)).
  o dm: fix redundant IO accounting for bios that need splitting (git fixes
    (block drivers)).
  o dm integrity: fix a deadlock due to offloading to an incorrect workqueue
    (git fixes (block drivers)).
  o dm integrity: fix integrity recalculation that is improperly skipped (git
    fixes (block drivers)).
  o dm: report suspended device during destroy (git fixes (block drivers)).
  o dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes
    (block drivers)).
  o dm: use noio when sending kobject event (git fixes (block drivers)).
  o dm writecache: add cond_resched to loop in persistent_memory_claim() (git
    fixes (block drivers)).
  o dm writecache: correct uncommitted_block when discarding uncommitted entry
    (git fixes (block drivers)).
  o dm zoned: assign max_io_len correctly (git fixes (block drivers)).
  o Drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    (git-fixes).
  o Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#
    1176877).
  o Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
  o drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
  o drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    (git-fixes).
  o drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
  o drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    (git-fixes).
  o drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  o drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
  o drm/amdgpu: increase atombios cmd timeout (git-fixes).
  o drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdkfd: fix a memory leak issue (git-fixes).
  o drm/amdkfd: Fix reference count leaks (git-fixes).
  o drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  o drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context
    changes
  o drm/mediatek: Add exception handing in mtk_drm_probe() if component init
    fail (git-fixes).
  o drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    (git-fixes).
  o drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
  o drm/msm: add shutdown support for display platform_driver (git-fixes).
  o drm/msm: Disable preemption on all 5xx targets (git-fixes).
  o drm/msm: fix leaks if initialization fails (git-fixes).
  o drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
  o drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    (git-fixes).
  o drm/nouveau: Fix reference count leak in nouveau_connector_detect
    (git-fixes).
  o drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    (git-fixes).
  o drm/nouveau: fix runtime pm imbalance on error (git-fixes).
  o drm/omap: fix possible object reference leak (git-fixes).
  o drm/radeon: fix multiple reference count leak (git-fixes).
  o drm/radeon: Prefer lower feedback dividers (git-fixes).
  o drm/radeon: revert "Prefer lower feedback dividers" (git-fixes).
  o drm/sun4i: Fix dsi dcs long write function (git-fixes).
  o drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
  o drm/tve200: Stabilize enable/disable (git-fixes).
  o drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
  o e1000: Do not perform reset in reset_task if we are already down
    (git-fixes).
  o fbcon: prevent user font height or width change from causing (bsc#1112178)
    * move from drivers/video/fbdev/fbcon to drivers/video/console * context
    changes
  o Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
  o ftrace: Move RCU is watching check after recursion check (git-fixes).
  o ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
  o gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    (git-fixes).
  o gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
  o gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
    (git-fixes).
  o gtp: fix Illegal context switch in RCU read-side critical section
    (git-fixes).
  o gtp: fix use-after-free in gtp_newlink() (git-fixes).
  o HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    (git-fixes).
  o hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
  o hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  o hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  o hwmon: (applesmc) check status earlier (git-fixes).
  o i2c: core: Do not fail PRP0001 enumeration when no ID table exist
    (git-fixes).
  o i2c: cpm: Fix i2c_ram structure (git-fixes).
  o ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  o ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
  o ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
  o iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
  o iio:accel:mma7455: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
  o iio: adc: mcp3422: fix locking on error path (git-fixes).
  o iio: adc: mcp3422: fix locking scope (git-fixes).
  o iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
  o iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
  o iio: improve IIO_CONCENTRATION channel type description (git-fixes).
  o iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
  o iio:light:max44000 Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
  o include: add additional sizes (bsc#1094244 ltc#168122).
  o iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#
    1177293).
  o iommu/amd: Fix potential @entry null deref (bsc#1177294).
  o iommu/amd: Print extended features in one line to fix divergent log levels
    (bsc#1176316).
  o iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
  o iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
  o iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#
    1177295).
  o iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
  o iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc
    #1177296).
  o iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#
    1176319).
  o iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
  o kernel-binary.spec.in: SLE12 tar does not understand --verbatim-files-from
  o kernel-syms.spec.in: Also use bz compression (boo#1175882).
  o KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
  o KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and
    non-VHE (jsc#SLE-4084).
  o KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put
    for VHE (jsc#SLE-4084).
  o KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#
    SLE-4084).
  o KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE
    (jsc#SLE-4084).
  o KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#
    SLE-4084).
  o KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
  o KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#
    SLE-4084).
  o KVM: arm64: Factor out fault info population and gic workarounds (jsc#
    SLE-4084).
  o KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
  o KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
  o KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
  o KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#
    SLE-4084).
  o KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions
    (jsc#SLE-4084).
  o KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
  o KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#
    SLE-4084).
  o KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#
    SLE-4084).
  o KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#
    SLE-4084).
  o KVM: arm64: Move userspace system registers into separate function (jsc#
    SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers
    (jsc#SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#
    SLE-4084).
  o KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
  o KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#
    SLE-4084).
  o KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
  o KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
  o KVM: arm64: Rewrite system register accessors to read/write functions (jsc#
    SLE-4084).
  o KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
  o KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc
    #SLE-4084).
  o KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#
    SLE-4084).
  o KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
  o KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE
    (jsc#SLE-4084).
  o KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#
    SLE-4084).
  o KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
  o KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#
    SLE-4084).
  o KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#
    SLE-4084).
  o KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug
    (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#
    SLE-4084).
  o KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#
    SLE-4084).
  o KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#
    SLE-4084).
  o KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
  o KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM
    (bsc#1176321).
  o KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
  o libceph: allow setting abort_on_full for rbd (bsc#1169972).
  o lib/mpi: Add mpi_sub_ui() (bsc#1175716).
  o libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
  o libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  o libnvdimm/security, acpi/nfit: unify zero-key for all security commands
    (bsc#1171742).
  o libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  o libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  o lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block
    drivers)).
  o mac802154: tx: fix use-after-free (git-fixes).
  o md: raid0/linear: fix dereference before null check on pointer mddev (git
    fixes (block drivers)).
  o media: davinci: vpif_capture: fix potential double free (git-fixes).
  o media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA
    value in debiirq() (git-fixes).
  o media: smiapp: Fix error handling at NVM reading (git-fixes).
  o media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
  o mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  o mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
  o mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#
    1154366).
  o mmc: cqhci: Add cqhci_deactivate() (git-fixes).
  o mmc: sdhci-msm: Add retries when all tuning phases are found valid
    (git-fixes).
  o mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
    controllers (git-fixes).
  o mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS
    models (git-fixes).
  o mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/
    pgalloc)).
  o mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/
    vmalloc)).
  o mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of
    cfi_amdstd_setup() (git-fixes).
  o mtd: lpddr: Fix a double free in probe() (git-fixes).
  o mtd: phram: fix a double free issue in error path (git-fixes).
  o mtd: properly check all write ioctls for permissions (git-fixes).
  o net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
  o net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
  o net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
  o net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
  o net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
  o net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
    (git-fixes).
  o net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
  o net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
  o net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
  o net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
  o net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    (git-fixes).
  o net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
  o net: initialize fastreuse on inet_inherit_port
    (networking-stable-20_08_15).
  o net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
  o net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
  o net: lio_core: fix potential sign-extension overflow on large shift
    (git-fixes).
  o net/mlx5: Add meaningful return codes to status_to_err function
    (git-fixes).
  o net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
  o net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    (git-fixes).
  o net: mvneta: fix mtu change on port without link (git-fixes).
  o net-next: ax88796: Do not free IRQ in ax_remove() (already freed in
    ax_close()) (git-fixes).
  o net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
  o net: qca_spi: Avoid packet drop during initial sync (git-fixes).
  o net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
  o net: refactor bind_bucket fastreuse into helper
    (networking-stable-20_08_15).
  o net/smc: fix dmb buffer shortage (git-fixes).
  o net/smc: fix restoring of fallback changes (git-fixes).
  o net/smc: fix sock refcounting in case of termination (git-fixes).
  o net/smc: improve close of terminated socket (git-fixes).
  o net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
  o net/smc: remove freed buffer from list (git-fixes).
  o net/smc: reset sndbuf_desc if freed (git-fixes).
  o net/smc: set rx_off for SMCR explicitly (git-fixes).
  o net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
  o net/smc: tolerate future SMCD versions (git-fixes).
  o net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing()
    (git-fixes).
  o net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
  o net: stmmac: do not stop NAPI processing when dropping a packet
    (git-fixes).
  o net: stmmac: dwmac4: fix flow control issue (git-fixes).
  o net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset
    function (git-fixes).
  o net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    (git-fixes).
  o net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
    (git-fixes).
  o net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode
    (git-fixes).
  o net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()'
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()'
    (git-fixes).
  o net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes).
  o net: stmmac: set MSS for each tx DMA channel (git-fixes).
  o net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
  o net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    (networking-stable-20_07_29).
  o net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
  o net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb()
    (git-fixes).
  o net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).
  o net: ucc_geth - fix Oops when changing number of buffers in the ring
    (git-fixes).
  o NFSv4: do not mark all open state for recovery when handling recallable
    state revoked flag (bsc#1176935).
  o nvme-fc: set max_segments to lldd max value (bsc#1176038).
  o nvme-pci: override the value of the controller's numa node (bsc#1176507).
  o ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
  o omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    (git-fixes).
  o PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
  o PCI: Fix pci_create_slot() reference count leak (git-fixes).
  o PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
  o PCI: qcom: Add missing reset for ipq806x (git-fixes).
  o PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
  o PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
  o PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
  o phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
  o pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
  o powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#
    168122).
  o powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Include header file to fix a warning (bsc#1094244 ltc#168122).
  o powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#
    168122).
  o powerpc/64s: sreset panic if there is no debugger or crash dump handlers
    (bsc#1094244 ltc#168122).
  o powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#
    168122).
  o powerpc: Add cputime_to_nsecs() (bsc#1065729).
  o powerpc/book3s64/radix: Add kernel command line option to disable radix
    GTSE (bsc#1055186 ltc#153436).
  o powerpc/book3s64/radix: Fix boot failure with large amount of guest memory
    (bsc#1176022 ltc#187208).
  o powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  o powerpc/init: Do not advertise radix during client-architecture-support
    (bsc#1055186 ltc#153436 ).
  o powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  o powerpc/kernel: Enables memory hot-remove after reboot on pseries guests
    (bsc#1177030 ltc#187588).
  o powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
  o powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#
    1177030 ltc#187588).
  o powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#
    1176022 ltc#187208).
  o powerpc/powernv: Remove real mode access limit for early allocations (bsc#
    1176022 ltc#187208).
  o powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#
    153436).
  o powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
  o powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
  o powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  o powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack
    (bsc#1094244 ltc#168122).
  o powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022
    ltc#187208).
  o powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#
    168122).
  o powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  o powerpc/traps: fix recoverability of machine check handling on book3s/32
    (bsc#1094244 ltc#168122).
  o powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244
    ltc#168122).
  o powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S
    (bsc#1065729).
  o power: supply: max17040: Correct voltage reading (git-fixes).
  o rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes
    (rcu)).
  o regulator: push allocation in set_consumer_device_supply() out of lock
    (git-fixes).
  o rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869
    ltc#188243).
  o rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  o rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#
    SLE-13618).
  o rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To
    avoid the unnecessary key enrollment, when enrolling the signing key of the
    kernel package, "--ca-check" is added to mokutil so that mokutil will
    ignore the request if the CA of the signing key already exists in MokList
    or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only
    defined in a kernel module package (KMP), it's used to determine whether
    the %post script is running in a kernel package, or a kernel module
    package.
  o rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  o rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#
    1176698) The "-c" option wasn't passed down to %_kernel_module_package so
    the ueficert subpackage wasn't generated even if the certificate is
    specified in the spec file.
  o rtc: ds1374: fix possible race condition (git-fixes).
  o rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  o rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    (networking-stable-20_08_08).
  o rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    (networking-stable-20_07_29).
  o s390/mm: fix huge pte soft dirty copying (git-fixes).
  o s390/qeth: do not process empty bridge port events (git-fixes).
  o s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  o s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  o scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
  o scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468,
    bsc#1171675).
  o scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#
    188304).
  o scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()
    (bsc#1176962 ltc#188304).
  o scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername()
    (bsc#1177258).
  o scsi: libfc: Fix for double free() (bsc#1174899).
  o scsi: libfc: free response frame from GPN_ID (bsc#1174899).
  o scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#
    1174899).
  o scsi: libfc: free skb when receiving invalid flogi resp (bsc#1175528).
  o scsi: libfc: Handling of extra kref (bsc#1175528).
  o scsi: libfc: If PRLI rejected, move rport to PLOGI state (bsc#1175528).
  o scsi: libfc: rport state move to PLOGI if all PRLI retry exhausted (bsc#
    1175528).
  o scsi: libfc: Skip additional kref updating work event (bsc#1175528).
  o scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  o scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  o scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  o scsi: qla2xxx: Fix the return value (bsc#1171688).
  o scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#
    1171688).
  o scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  o scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  o scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  o scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  o scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Suppress two recently introduced compiler warnings
    (git-fixes).
  o scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    (bsc#1171688).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186
    (git-fixes).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210
    (git-fixes).
  o serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    (git-fixes).
  o serial: 8250_omap: Fix sleeping function called from invalid context during
    probe (git-fixes).
  o serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
  o Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).
  o SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#
    1176546).
  o SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  o SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  o stmmac: Do not access tx_q->dirty_tx before netif_tx_lock (git-fixes).
  o tcp: apply a floor of 1 for RTT samples from TCP timestamps
    (networking-stable-20_08_08).
  o thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    (git-fixes).
  o tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#
    1112178).
  o USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  o USB: dwc3: Increase timeout for CmdAct cleared by device controller
    (git-fixes).
  o USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
  o USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    (git-fixes).
  o USB: Fix out of sync data toggle if a configured device is reconfigured
    (git-fixes).
  o USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
  o USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
  o USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  o USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  o USB: hso: check for return value in hso_serial_common_create()
    (networking-stable-20_08_08).
  o usblp: fix race between disconnect() and read() (git-fixes).
  o USB: lvtest: return proper error code in probe (git-fixes).
  o usbnet: ipheth: fix potential null pointer dereference in
    ipheth_carrier_set (git-fixes).
  o USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
  o USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  o USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
    notebook (git-fixes).
  o USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
    (git-fixes).
  o USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  o USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    (git-fixes).
  o USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  o USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    (git-fixes).
  o USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  o USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  o USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  o USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  o USB: yurex: Fix bad gfp argument (git-fixes).
  o vgacon: remove software scrollback support (bsc#1176278).
  o video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).
  o virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes
    (block drivers)).
  o vrf: prevent adding upper devices (git-fixes).
  o vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
  o xen: do not reschedule in preemption off sections (bsc#1175749).
  o xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
  o xen uses irqdesc::irq_data_common::handler_data to store a per interrupt
    XEN data pointer which contains XEN specific information (bsc#1065600).
  o xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
  o yam: fix possible memory leak in yam_init_driver (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Workstation Extension 12-SP5:
    zypper in -t patch SUSE-SLE-WE-12-SP5-2020-2904=1
  o SUSE Linux Enterprise Software Development Kit 12-SP5:
    zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2904=1
  o SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2904=1
  o SUSE Linux Enterprise Live Patching 12-SP5:
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-2904=1
  o SUSE Linux Enterprise High Availability 12-SP5:
    zypper in -t patch SUSE-SLE-HA-12-SP5-2020-2904=1

Package List:

  o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):
       kernel-default-debuginfo-4.12.14-122.41.1
       kernel-default-debugsource-4.12.14-122.41.1
       kernel-default-extra-4.12.14-122.41.1
       kernel-default-extra-debuginfo-4.12.14-122.41.1
  o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
    s390x x86_64):
       kernel-obs-build-4.12.14-122.41.1
       kernel-obs-build-debugsource-4.12.14-122.41.1
  o SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):
       kernel-docs-4.12.14-122.41.1
  o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
       kernel-default-4.12.14-122.41.1
       kernel-default-base-4.12.14-122.41.1
       kernel-default-base-debuginfo-4.12.14-122.41.1
       kernel-default-debuginfo-4.12.14-122.41.1
       kernel-default-debugsource-4.12.14-122.41.1
       kernel-default-devel-4.12.14-122.41.1
       kernel-syms-4.12.14-122.41.1
  o SUSE Linux Enterprise Server 12-SP5 (noarch):
       kernel-devel-4.12.14-122.41.1
       kernel-macros-4.12.14-122.41.1
       kernel-source-4.12.14-122.41.1
  o SUSE Linux Enterprise Server 12-SP5 (x86_64):
       kernel-default-devel-debuginfo-4.12.14-122.41.1
  o SUSE Linux Enterprise Server 12-SP5 (s390x):
       kernel-default-man-4.12.14-122.41.1
  o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
       kernel-default-debuginfo-4.12.14-122.41.1
       kernel-default-debugsource-4.12.14-122.41.1
       kernel-default-kgraft-4.12.14-122.41.1
       kernel-default-kgraft-devel-4.12.14-122.41.1
       kgraft-patch-4_12_14-122_41-default-1-8.3.1
  o SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
       cluster-md-kmp-default-4.12.14-122.41.1
       cluster-md-kmp-default-debuginfo-4.12.14-122.41.1
       dlm-kmp-default-4.12.14-122.41.1
       dlm-kmp-default-debuginfo-4.12.14-122.41.1
       gfs2-kmp-default-4.12.14-122.41.1
       gfs2-kmp-default-debuginfo-4.12.14-122.41.1
       kernel-default-debuginfo-4.12.14-122.41.1
       kernel-default-debugsource-4.12.14-122.41.1
       ocfs2-kmp-default-4.12.14-122.41.1
       ocfs2-kmp-default-debuginfo-4.12.14-122.41.1


References:

  o https://www.suse.com/security/cve/CVE-2020-0404.html
  o https://www.suse.com/security/cve/CVE-2020-0427.html
  o https://www.suse.com/security/cve/CVE-2020-0431.html
  o https://www.suse.com/security/cve/CVE-2020-0432.html
  o https://www.suse.com/security/cve/CVE-2020-14381.html
  o https://www.suse.com/security/cve/CVE-2020-14390.html
  o https://www.suse.com/security/cve/CVE-2020-25212.html
  o https://www.suse.com/security/cve/CVE-2020-25284.html
  o https://www.suse.com/security/cve/CVE-2020-25641.html
  o https://www.suse.com/security/cve/CVE-2020-25643.html
  o https://www.suse.com/security/cve/CVE-2020-26088.html
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1094244
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113956
  o https://bugzilla.suse.com/1154366
  o https://bugzilla.suse.com/1163524
  o https://bugzilla.suse.com/1167527
  o https://bugzilla.suse.com/1168468
  o https://bugzilla.suse.com/1169972
  o https://bugzilla.suse.com/1171675
  o https://bugzilla.suse.com/1171688
  o https://bugzilla.suse.com/1171742
  o https://bugzilla.suse.com/1173115
  o https://bugzilla.suse.com/1174354
  o https://bugzilla.suse.com/1174899
  o https://bugzilla.suse.com/1175228
  o https://bugzilla.suse.com/1175528
  o https://bugzilla.suse.com/1175716
  o https://bugzilla.suse.com/1175749
  o https://bugzilla.suse.com/1175882
  o https://bugzilla.suse.com/1176011
  o https://bugzilla.suse.com/1176022
  o https://bugzilla.suse.com/1176038
  o https://bugzilla.suse.com/1176235
  o https://bugzilla.suse.com/1176242
  o https://bugzilla.suse.com/1176278
  o https://bugzilla.suse.com/1176316
  o https://bugzilla.suse.com/1176317
  o https://bugzilla.suse.com/1176318
  o https://bugzilla.suse.com/1176319
  o https://bugzilla.suse.com/1176320
  o https://bugzilla.suse.com/1176321
  o https://bugzilla.suse.com/1176381
  o https://bugzilla.suse.com/1176423
  o https://bugzilla.suse.com/1176482
  o https://bugzilla.suse.com/1176507
  o https://bugzilla.suse.com/1176536
  o https://bugzilla.suse.com/1176544
  o https://bugzilla.suse.com/1176545
  o https://bugzilla.suse.com/1176546
  o https://bugzilla.suse.com/1176548
  o https://bugzilla.suse.com/1176659
  o https://bugzilla.suse.com/1176698
  o https://bugzilla.suse.com/1176699
  o https://bugzilla.suse.com/1176700
  o https://bugzilla.suse.com/1176721
  o https://bugzilla.suse.com/1176722
  o https://bugzilla.suse.com/1176725
  o https://bugzilla.suse.com/1176732
  o https://bugzilla.suse.com/1176788
  o https://bugzilla.suse.com/1176789
  o https://bugzilla.suse.com/1176869
  o https://bugzilla.suse.com/1176877
  o https://bugzilla.suse.com/1176935
  o https://bugzilla.suse.com/1176950
  o https://bugzilla.suse.com/1176962
  o https://bugzilla.suse.com/1176966
  o https://bugzilla.suse.com/1176990
  o https://bugzilla.suse.com/1177030
  o https://bugzilla.suse.com/1177041
  o https://bugzilla.suse.com/1177042
  o https://bugzilla.suse.com/1177043
  o https://bugzilla.suse.com/1177044
  o https://bugzilla.suse.com/1177121
  o https://bugzilla.suse.com/1177206
  o https://bugzilla.suse.com/1177258
  o https://bugzilla.suse.com/1177291
  o https://bugzilla.suse.com/1177293
  o https://bugzilla.suse.com/1177294
  o https://bugzilla.suse.com/1177295
  o https://bugzilla.suse.com/1177296

- --------------------------------------------------------------------------------


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2907-1
Rating:            important
References:        #1055186 #1065600 #1065729 #1094244 #1112178 #1113956
                   #1154366 #1163524 #1167527 #1169972 #1171688 #1171742
                   #1173115 #1174354 #1174899 #1175228 #1175528 #1175749
                   #1175882 #1176011 #1176022 #1176038 #1176235 #1176242
                   #1176278 #1176316 #1176317 #1176318 #1176319 #1176320
                   #1176321 #1176381 #1176395 #1176410 #1176423 #1176482
                   #1176507 #1176536 #1176544 #1176545 #1176546 #1176548
                   #1176659 #1176698 #1176699 #1176700 #1176721 #1176722
                   #1176725 #1176732 #1176788 #1176789 #1176869 #1176877
                   #1176935 #1176950 #1176962 #1176966 #1176990 #1177027
                   #1177030 #1177041 #1177042 #1177043 #1177044 #1177121
                   #1177206 #1177291 #1177293 #1177294 #1177295 #1177296
Cross-References:  CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432
                   CVE-2020-14381 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284
                   CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
Affected Products:
                   SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 61 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:

  o CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation
    could have been used by local attackers to create raw sockets, bypassing
    security mechanisms (bsc#1176990).
  o CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size (bnc#1176235).
  o CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc
    #1176721).
  o CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#
    1176725).
  o CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check
    (bsc#1176722).
  o CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause
    (bsc#1176423).
  o CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#
    1176381).
  o CVE-2020-25284: Fixed an incomplete permission checking for access to rbd
    devices, which could have been leveraged by local attackers to map or unmap
    rbd block devices (bsc#1176482).
  o CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping
    the references (bsc#1176011).
  o CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr
    function which could have led to memory corruption and read overflow (bsc#
    1177206).
  o CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups
    (bsc#1177121).


The following non-security bugs were fixed:

  o ALSA: asihpi: fix iounmap in error handler (git-fixes).
  o ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  o ALSA: firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  o ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  o ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    (git-fixes).
  o ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    (git-fixes).
  o ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    (git-fixes).
  o altera-stapl: altera_get_note: prevent write beyond end of 'key'
    (git-fixes).
  o ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
  o arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#
    SLE-4084).
  o arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
  o asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
  o ASoC: kirkwood: fix IRQ error handling (git-fixes).
  o ASoC: tegra: Fix reference count leaks (git-fixes).
  o ath10k: fix array out-of-bounds access (git-fixes).
  o ath10k: fix memory leak for tpc_stats_final (git-fixes).
  o ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
  o batman-adv: Add missing include for in_interrupt() (git-fixes).
  o batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  o batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  o batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    (git-fixes).
  o batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  o bcache: Convert pr_ uses to a more typical style (git fixes (block
    drivers)).
  o bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
  o bcm63xx_enet: correct clock usage (git-fixes).
  o bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
  o bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes
    (bitfield)).
  o blktrace: fix debugfs use after free (git fixes (block drivers)).
  o block: add docs for gendisk / request_queue refcount helpers (git fixes
    (block drivers)).
  o block: revert back to synchronous request_queue removal (git fixes (block
    drivers)).
  o block: Use non _rcu version of list functions for tag_set_list (git-fixes).
  o Bluetooth: Fix refcount use-after-free issue (git-fixes).
  o Bluetooth: guard against controllers sending zero'd events (git-fixes).
  o Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
  o Bluetooth: L2CAP: handle l2cap config request during open state
    (git-fixes).
  o Bluetooth: prefetch channel before killing sock (git-fixes).
  o bnxt_en: Fix completion ring sizing with TPA enabled
    (networking-stable-20_07_29).
  o bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM
    (git-fixes).
  o btrfs: avoid possible signal interruption of btrfs_drop_snapshot() on
    relocation tree (bsc#1174354).
  o btrfs: balance: print to system log when balance ends or is paused (bsc#
    1174354).
  o btrfs: relocation: allow signal to cancel balance (bsc#1174354).
  o btrfs: relocation: review the call sites which can be interrupted by signal
    (bsc#1174354).
  o btrfs: require only sector size alignment for parent eb bytenr (bsc#
    1176789).
  o btrfs: take overcommit into account in inc_block_group_ro (bsc#1174354).
  o btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  o ceph: do not allow setlease on cephfs (bsc#1177041).
  o ceph: fix potential mdsc use-after-free crash (bsc#1177042).
  o ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
  o ceph: handle zero-length feature mask in session messages (bsc#1177044).
  o cfg80211: regulatory: reject invalid hints (bsc#1176699).
  o cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  o cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  o cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  o clk: Add (devm_)clk_get_optional() functions (git-fixes).
  o clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
  o clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    (git-fixes).
  o clk/ti/adpll: allocate room for terminating null (git-fixes).
  o clocksource/drivers/h8300_timer8: Fix wrong return value in
    h8300_8timer_init() (git-fixes).
  o cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#
    1176966).
  o dmaengine: at_hdmac: check return value of of_find_device_by_node() in
    at_dma_xlate() (git-fixes).
  o dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    (git-fixes).
  o dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    (git-fixes).
  o dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    (git-fixes).
  o dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
  o dm crypt: avoid truncating the logical block size (git fixes (block
    drivers)).
  o dm: fix redundant IO accounting for bios that need splitting (git fixes
    (block drivers)).
  o dm integrity: fix a deadlock due to offloading to an incorrect workqueue
    (git fixes (block drivers)).
  o dm integrity: fix integrity recalculation that is improperly skipped (git
    fixes (block drivers)).
  o dm: report suspended device during destroy (git fixes (block drivers)).
  o dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes
    (block drivers)).
  o dm: use noio when sending kobject event (git fixes (block drivers)).
  o dm writecache: add cond_resched to loop in persistent_memory_claim() (git
    fixes (block drivers)).
  o dm writecache: correct uncommitted_block when discarding uncommitted entry
    (git fixes (block drivers)).
  o dm zoned: assign max_io_len correctly (git fixes (block drivers)).
  o drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    (git-fixes).
  o Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#
    1176877).
  o Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
  o drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
  o drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    (git-fixes).
  o drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
  o drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    (git-fixes).
  o drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  o drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
  o drm/amdgpu: increase atombios cmd timeout (git-fixes).
  o drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdkfd: fix a memory leak issue (git-fixes).
  o drm/amdkfd: Fix reference count leaks (git-fixes).
  o drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  o drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context
    changes
  o drm/mediatek: Add exception handing in mtk_drm_probe() if component init
    fail (git-fixes).
  o drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    (git-fixes).
  o drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
  o drm/msm: add shutdown support for display platform_driver (git-fixes).
  o drm/msm: Disable preemption on all 5xx targets (git-fixes).
  o drm/msm: fix leaks if initialization fails (git-fixes).
  o drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
  o drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    (git-fixes).
  o drm/nouveau: Fix reference count leak in nouveau_connector_detect
    (git-fixes).
  o drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    (git-fixes).
  o drm/nouveau: fix runtime pm imbalance on error (git-fixes).
  o drm/omap: fix possible object reference leak (git-fixes).
  o drm/radeon: fix multiple reference count leak (git-fixes).
  o drm/radeon: Prefer lower feedback dividers (git-fixes).
  o drm/radeon: revert "Prefer lower feedback dividers" (git-fixes).
  o drm/sun4i: Fix dsi dcs long write function (git-fixes).
  o drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
  o drm/tve200: Stabilize enable/disable (git-fixes).
  o drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
  o e1000: Do not perform reset in reset_task if we are already down
    (git-fixes).
  o fbcon: prevent user font height or width change from causing (bsc#1112178)
  o Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
  o ftrace: Move RCU is watching check after recursion check (git-fixes).
  o ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
  o gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    (git-fixes).
  o gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
  o gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
    (git-fixes).
  o gtp: fix Illegal context switch in RCU read-side critical section
    (git-fixes).
  o gtp: fix use-after-free in gtp_newlink() (git-fixes).
  o Hide e21a4f3a930c as of its duplication
  o HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    (git-fixes).
  o hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
  o hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  o hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  o hwmon: (applesmc) check status earlier (git-fixes).
  o i2c: core: Do not fail PRP0001 enumeration when no ID table exist
    (git-fixes).
  o i2c: cpm: Fix i2c_ram structure (git-fixes).
  o ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  o include: add additional sizes (bsc#1094244 ltc#168122).
  o iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#
    1177293).
  o iommu/amd: Fix potential @entry null deref (bsc#1177294).
  o iommu/amd: Print extended features in one line to fix divergent log levels
    (bsc#1176316).
  o iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
  o iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
  o iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#
    1177295).
  o iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
  o iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc
    #1177296).
  o iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#
    1176319).
  o iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
  o kernel-binary.spec.in: SLE12 tar does not understand --verbatim-files-from
  o kernel-syms.spec.in: Also use bz compression (boo#1175882).
  o KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
  o KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and
    non-VHE (jsc#SLE-4084).
  o KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put
    for VHE (jsc#SLE-4084).
  o KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#
    SLE-4084).
  o KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE
    (jsc#SLE-4084).
  o KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#
    SLE-4084).
  o KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
  o KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#
    SLE-4084).
  o KVM: arm64: Factor out fault info population and gic workarounds (jsc#
    SLE-4084).
  o KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
  o KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
  o KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
  o KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#
    SLE-4084).
  o KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions
    (jsc#SLE-4084).
  o KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
  o KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#
    SLE-4084).
  o KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#
    SLE-4084).
  o KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#
    SLE-4084).
  o KVM: arm64: Move userspace system registers into separate function (jsc#
    SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers
    (jsc#SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#
    SLE-4084).
  o KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
  o KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#
    SLE-4084).
  o KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
  o KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
  o KVM: arm64: Rewrite system register accessors to read/write functions (jsc#
    SLE-4084).
  o KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
  o KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc
    #SLE-4084).
  o KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#
    SLE-4084).
  o KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
  o KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE
    (jsc#SLE-4084).
  o KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#
    SLE-4084).
  o KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
  o KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#
    SLE-4084).
  o KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#
    SLE-4084).
  o KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug
    (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#
    SLE-4084).
  o KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#
    SLE-4084).
  o KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#
    SLE-4084).
  o KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
  o KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM
    (bsc#1176321).
  o KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
  o libceph: allow setting abort_on_full for rbd (bsc#1169972).
  o libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
  o libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  o libnvdimm/security, acpi/nfit: unify zero-key for all security commands
    (bsc#1171742).
  o libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  o libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  o lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block
    drivers)).
  o mac802154: tx: fix use-after-free (git-fixes).
  o md: raid0/linear: fix dereference before null check on pointer mddev (git
    fixes (block drivers)).
  o media: davinci: vpif_capture: fix potential double free (git-fixes).
  o media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA
    value in debiirq() (git-fixes).
  o media: smiapp: Fix error handling at NVM reading (git-fixes).
  o media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
  o mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  o mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
  o mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#
    1154366).
  o mmc: cqhci: Add cqhci_deactivate() (git-fixes).
  o mmc: sdhci-msm: Add retries when all tuning phases are found valid
    (git-fixes).
  o mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
    controllers (git-fixes).
  o mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS
    models (git-fixes).
  o mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/
    pgalloc)).
  o mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/
    vmalloc)).
  o mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of
    cfi_amdstd_setup() (git-fixes).
  o mtd: lpddr: Fix a double free in probe() (git-fixes).
  o mtd: phram: fix a double free issue in error path (git-fixes).
  o mtd: properly check all write ioctls for permissions (git-fixes).
  o net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
  o net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
  o net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
  o net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
  o net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
  o net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
    (git-fixes).
  o net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
  o net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
  o net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
  o net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
  o net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    (git-fixes).
  o net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
  o net: initialize fastreuse on inet_inherit_port
    (networking-stable-20_08_15).
  o net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
  o net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
  o net: lio_core: fix potential sign-extension overflow on large shift
    (git-fixes).
  o net/mlx5: Add meaningful return codes to status_to_err function
    (git-fixes).
  o net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
  o net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    (git-fixes).
  o net: mvneta: fix mtu change on port without link (git-fixes).
  o net-next: ax88796: Do not free IRQ in ax_remove() (already freed in
    ax_close()) (git-fixes).
  o net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
  o net: qca_spi: Avoid packet drop during initial sync (git-fixes).
  o net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
  o net: refactor bind_bucket fastreuse into helper
    (networking-stable-20_08_15).
  o net/smc: fix dmb buffer shortage (git-fixes).
  o net/smc: fix restoring of fallback changes (git-fixes).
  o net/smc: fix sock refcounting in case of termination (git-fixes).
  o net/smc: improve close of terminated socket (git-fixes).
  o net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
  o net/smc: remove freed buffer from list (git-fixes).
  o net/smc: reset sndbuf_desc if freed (git-fixes).
  o net/smc: set rx_off for SMCR explicitly (git-fixes).
  o net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
  o net/smc: tolerate future SMCD versions (git-fixes).
  o net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing()
    (git-fixes).
  o net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
  o net: stmmac: do not stop NAPI processing when dropping a packet
    (git-fixes).
  o net: stmmac: dwmac4: fix flow control issue (git-fixes).
  o net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset
    function (git-fixes).
  o net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    (git-fixes).
  o net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
    (git-fixes).
  o net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode
    (git-fixes).
  o net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()'
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()'
    (git-fixes).
  o net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes).
  o net: stmmac: set MSS for each tx DMA channel (git-fixes).
  o net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
  o net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    (networking-stable-20_07_29).
  o net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
  o net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb()
    (git-fixes).
  o net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).
  o net: ucc_geth - fix Oops when changing number of buffers in the ring
    (git-fixes).
  o NFSv4: do not mark all open state for recovery when handling recallable
    state revoked flag (bsc#1176935).
  o nvme-fc: set max_segments to lldd max value (bsc#1176038).
  o nvme-pci: override the value of the controller's numa node (bsc#1176507).
  o ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
  o omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    (git-fixes).
  o PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
  o PCI: Fix pci_create_slot() reference count leak (git-fixes).
  o PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
  o PCI: qcom: Add missing reset for ipq806x (git-fixes).
  o PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
  o PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
  o PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
  o phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
  o pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
  o powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#
    168122).
  o powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Include header file to fix a warning (bsc#1094244 ltc#168122).
  o powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#
    168122).
  o powerpc/64s: sreset panic if there is no debugger or crash dump handlers
    (bsc#1094244 ltc#168122).
  o powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#
    168122).
  o powerpc: Add cputime_to_nsecs() (bsc#1065729).
  o powerpc/book3s64/radix: Add kernel command line option to disable radix
    GTSE (bsc#1055186 ltc#153436).
  o powerpc/book3s64/radix: Fix boot failure with large amount of guest memory
    (bsc#1176022 ltc#187208).
  o powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  o powerpc/init: Do not advertise radix during client-architecture-support
    (bsc#1055186 ltc#153436 ).
  o powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  o powerpc/kernel: Enables memory hot-remove after reboot on pseries guests
    (bsc#1177030 ltc#187588).
  o powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
  o powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#
    1177030 ltc#187588).
  o powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#
    1176022 ltc#187208).
  o powerpc/powernv: Remove real mode access limit for early allocations (bsc#
    1176022 ltc#187208).
  o powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#
    153436).
  o powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
  o powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
  o powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  o powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack
    (bsc#1094244 ltc#168122).
  o powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022
    ltc#187208).
  o powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#
    168122).
  o powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  o powerpc/traps: fix recoverability of machine check handling on book3s/32
    (bsc#1094244 ltc#168122).
  o powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244
    ltc#168122).
  o powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S
    (bsc#1065729).
  o power: supply: max17040: Correct voltage reading (git-fixes).
  o rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes
    (rcu)).
  o regulator: push allocation in set_consumer_device_supply() out of lock
    (git-fixes).
  o Revert "rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857"
    This reverts commit 971fc3df729b6a7692040f4e7fc7664d8e12c659.
  o Revert "sign also s390x kernel images (bsc#1163524)"
  o rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869
    ltc#188243).
  o rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  o rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#
    SLE-13618).
  o rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To
    avoid the unnecessary key enrollment, when enrolling the signing key of the
    kernel package, "--ca-check" is added to mokutil so that mokutil will
    ignore the request if the CA of the signing key already exists in MokList
    or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only
    defined in a kernel module package (KMP), it's used to determine whether
    the %post script is running in a kernel package, or a kernel module
    package.
  o rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  o rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#
    1176698) The "-c" option wasn't passed down to %_kernel_module_package so
    the ueficert subpackage wasn't generated even if the certificate is
    specified in the spec file.
  o rtc: ds1374: fix possible race condition (git-fixes).
  o rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  o rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    (networking-stable-20_08_08).
  o rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    (networking-stable-20_07_29).
  o s390/mm: fix huge pte soft dirty copying (git-fixes).
  o s390/qeth: do not process empty bridge port events (git-fixes).
  o s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  o s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  o scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
  o scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#
    188304).
  o scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()
    (bsc#1176962 ltc#188304).
  o scsi: libfc: Fix for double free() (bsc#1174899).
  o scsi: libfc: free response frame from GPN_ID (bsc#1174899).
  o scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#
    1174899).
  o scsi: libfc: free skb when receiving invalid flogi resp (bsc#1175528).
  o scsi: libfc: Handling of extra kref (bsc#1175528).
  o scsi: libfc: If PRLI rejected, move rport to PLOGI state (bsc#1175528).
  o scsi: libfc: rport state move to PLOGI if all PRLI retry exhausted (bsc#
    1175528).
  o scsi: libfc: Skip additional kref updating work event (bsc#1175528).
  o scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  o scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  o scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  o scsi: qla2xxx: Fix the return value (bsc#1171688).
  o scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#
    1171688).
  o scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  o scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  o scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  o scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  o scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Suppress two recently introduced compiler warnings
    (git-fixes).
  o scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    (bsc#1171688).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186
    (git-fixes).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210
    (git-fixes).
  o serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    (git-fixes).
  o serial: 8250_omap: Fix sleeping function called from invalid context during
    probe (git-fixes).
  o serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
  o Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).
  o SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#
    1176546).
  o SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  o SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  o tcp: apply a floor of 1 for RTT samples from TCP timestamps
    (networking-stable-20_08_08).
  o thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    (git-fixes).
  o tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#
    1112178).
  o USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  o USB: dwc3: Increase timeout for CmdAct cleared by device controller
    (git-fixes).
  o USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
  o USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    (git-fixes).
  o USB: Fix out of sync data toggle if a configured device is reconfigured
    (git-fixes).
  o USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
  o USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
  o USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  o USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  o USB: hso: check for return value in hso_serial_common_create()
    (networking-stable-20_08_08).
  o usblp: fix race between disconnect() and read() (git-fixes).
  o USB: lvtest: return proper error code in probe (git-fixes).
  o usbnet: ipheth: fix potential null pointer dereference in
    ipheth_carrier_set (git-fixes).
  o USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
  o USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  o USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
    notebook (git-fixes).
  o USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
    (git-fixes).
  o USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  o USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    (git-fixes).
  o USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  o USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    (git-fixes).
  o USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  o USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  o USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  o USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  o USB: yurex: Fix bad gfp argument (git-fixes).
  o vgacon: remove software scrollback support (bsc#1176278).
  o video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).
  o virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes
    (block drivers)).
  o vrf: prevent adding upper devices (git-fixes).
  o vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
  o xen: do not reschedule in preemption off sections (bsc#1175749).
  o xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
  o xen uses irqdesc::irq_data_common::handler_data to store a per interrupt
    XEN data pointer which contains XEN specific information (bsc#1065600).
  o xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
  o yam: fix possible memory leak in yam_init_driver (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2907=1

Package List:

  o SUSE Linux Enterprise Server 12-SP5 (x86_64):
       kernel-azure-4.12.14-16.31.1
       kernel-azure-base-4.12.14-16.31.1
       kernel-azure-base-debuginfo-4.12.14-16.31.1
       kernel-azure-debuginfo-4.12.14-16.31.1
       kernel-azure-debugsource-4.12.14-16.31.1
       kernel-azure-devel-4.12.14-16.31.1
       kernel-syms-azure-4.12.14-16.31.1
  o SUSE Linux Enterprise Server 12-SP5 (noarch):
       kernel-devel-azure-4.12.14-16.31.1
       kernel-source-azure-4.12.14-16.31.1


References:

  o https://www.suse.com/security/cve/CVE-2020-0404.html
  o https://www.suse.com/security/cve/CVE-2020-0427.html
  o https://www.suse.com/security/cve/CVE-2020-0431.html
  o https://www.suse.com/security/cve/CVE-2020-0432.html
  o https://www.suse.com/security/cve/CVE-2020-14381.html
  o https://www.suse.com/security/cve/CVE-2020-14390.html
  o https://www.suse.com/security/cve/CVE-2020-25212.html
  o https://www.suse.com/security/cve/CVE-2020-25284.html
  o https://www.suse.com/security/cve/CVE-2020-25641.html
  o https://www.suse.com/security/cve/CVE-2020-25643.html
  o https://www.suse.com/security/cve/CVE-2020-26088.html
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1094244
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113956
  o https://bugzilla.suse.com/1154366
  o https://bugzilla.suse.com/1163524
  o https://bugzilla.suse.com/1167527
  o https://bugzilla.suse.com/1169972
  o https://bugzilla.suse.com/1171688
  o https://bugzilla.suse.com/1171742
  o https://bugzilla.suse.com/1173115
  o https://bugzilla.suse.com/1174354
  o https://bugzilla.suse.com/1174899
  o https://bugzilla.suse.com/1175228
  o https://bugzilla.suse.com/1175528
  o https://bugzilla.suse.com/1175749
  o https://bugzilla.suse.com/1175882
  o https://bugzilla.suse.com/1176011
  o https://bugzilla.suse.com/1176022
  o https://bugzilla.suse.com/1176038
  o https://bugzilla.suse.com/1176235
  o https://bugzilla.suse.com/1176242
  o https://bugzilla.suse.com/1176278
  o https://bugzilla.suse.com/1176316
  o https://bugzilla.suse.com/1176317
  o https://bugzilla.suse.com/1176318
  o https://bugzilla.suse.com/1176319
  o https://bugzilla.suse.com/1176320
  o https://bugzilla.suse.com/1176321
  o https://bugzilla.suse.com/1176381
  o https://bugzilla.suse.com/1176395
  o https://bugzilla.suse.com/1176410
  o https://bugzilla.suse.com/1176423
  o https://bugzilla.suse.com/1176482
  o https://bugzilla.suse.com/1176507
  o https://bugzilla.suse.com/1176536
  o https://bugzilla.suse.com/1176544
  o https://bugzilla.suse.com/1176545
  o https://bugzilla.suse.com/1176546
  o https://bugzilla.suse.com/1176548
  o https://bugzilla.suse.com/1176659
  o https://bugzilla.suse.com/1176698
  o https://bugzilla.suse.com/1176699
  o https://bugzilla.suse.com/1176700
  o https://bugzilla.suse.com/1176721
  o https://bugzilla.suse.com/1176722
  o https://bugzilla.suse.com/1176725
  o https://bugzilla.suse.com/1176732
  o https://bugzilla.suse.com/1176788
  o https://bugzilla.suse.com/1176789
  o https://bugzilla.suse.com/1176869
  o https://bugzilla.suse.com/1176877
  o https://bugzilla.suse.com/1176935
  o https://bugzilla.suse.com/1176950
  o https://bugzilla.suse.com/1176962
  o https://bugzilla.suse.com/1176966
  o https://bugzilla.suse.com/1176990
  o https://bugzilla.suse.com/1177027
  o https://bugzilla.suse.com/1177030
  o https://bugzilla.suse.com/1177041
  o https://bugzilla.suse.com/1177042
  o https://bugzilla.suse.com/1177043
  o https://bugzilla.suse.com/1177044
  o https://bugzilla.suse.com/1177121
  o https://bugzilla.suse.com/1177206
  o https://bugzilla.suse.com/1177291
  o https://bugzilla.suse.com/1177293
  o https://bugzilla.suse.com/1177294
  o https://bugzilla.suse.com/1177295
  o https://bugzilla.suse.com/1177296

- --------------------------------------------------------------------------------


SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:2905-1
Rating:            important
References:        #1055186 #1065600 #1065729 #1094244 #1112178 #1113956
                   #1154366 #1167527 #1168468 #1169972 #1171675 #1171688
                   #1171742 #1173115 #1174899 #1175228 #1175749 #1175882
                   #1176011 #1176022 #1176038 #1176235 #1176242 #1176278
                   #1176316 #1176317 #1176318 #1176319 #1176320 #1176321
                   #1176381 #1176395 #1176410 #1176423 #1176482 #1176507
                   #1176536 #1176544 #1176545 #1176546 #1176548 #1176659
                   #1176698 #1176699 #1176700 #1176721 #1176722 #1176725
                   #1176732 #1176788 #1176789 #1176869 #1176877 #1176935
                   #1176950 #1176962 #1176966 #1176990 #1177027 #1177030
                   #1177041 #1177042 #1177043 #1177044 #1177121 #1177206
                   #1177258 #1177291 #1177293 #1177294 #1177295 #1177296
Cross-References:  CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432
                   CVE-2020-14381 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284
                   CVE-2020-25641 CVE-2020-25643 CVE-2020-26088
Affected Products:
                   SUSE Linux Enterprise Workstation Extension 15-SP1
                   SUSE Linux Enterprise Module for Live Patching 15-SP1
                   SUSE Linux Enterprise Module for Legacy Software 15-SP1
                   SUSE Linux Enterprise Module for Development Tools 15-SP1
                   SUSE Linux Enterprise Module for Basesystem 15-SP1
                   SUSE Linux Enterprise High Availability 15-SP1
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 61 fixes is now available.

Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:

  o CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation
    could have been used by local attackers to create raw sockets, bypassing
    security mechanisms (bsc#1176990).
  o CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size (bnc#1176235).
  o CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc
    #1176721).
  o CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#
    1176725).
  o CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check
    (bsc#1176722).
  o CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause
    (bsc#1176423).
  o CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#
    1176381).
  o CVE-2020-25284: Fixed an incomplete permission checking for access to rbd
    devices, which could have been leveraged by local attackers to map or unmap
    rbd block devices (bsc#1176482).
  o CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping
    the references (bsc#1176011).
  o CVE-2019-25643: Fixed an improper input validation in ppp_cp_parse_cr
    function which could have led to memory corruption and read overflow (bsc#
    1177206).
  o CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups
    (bsc#1177121).


The following non-security bugs were fixed:

  o 9p: Fix memory leak in v9fs_mount (git-fixes).
  o ACPI: EC: Reference count query handlers under lock (git-fixes).
  o airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE
    (git-fixes).
  o airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
  o airo: Fix read overflows sending packets (git-fixes).
  o ALSA: asihpi: fix iounmap in error handler (git-fixes).
  o ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  o ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  o ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  o ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
    (git-fixes).
  o ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
    (git-fixes).
  o ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
    (git-fixes).
  o altera-stapl: altera_get_note: prevent write beyond end of 'key'
    (git-fixes).
  o ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
  o arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#
    SLE-4084).
  o arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
  o asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
  o ASoC: kirkwood: fix IRQ error handling (git-fixes).
  o ASoC: tegra: Fix reference count leaks (git-fixes).
  o ath10k: fix array out-of-bounds access (git-fixes).
  o ath10k: fix memory leak for tpc_stats_final (git-fixes).
  o ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes).
  o batman-adv: Add missing include for in_interrupt() (git-fixes).
  o batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  o batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  o batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes).
  o batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
    (git-fixes).
  o batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  o bcache: Convert pr_ uses to a more typical style (git fixes (block
    drivers)).
  o bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)).
  o bcm63xx_enet: correct clock usage (git-fixes).
  o bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
  o bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes
    (bitfield)).
  o blktrace: fix debugfs use after free (git fixes (block drivers)).
  o block: add docs for gendisk / request_queue refcount helpers (git fixes
    (block drivers)).
  o block: revert back to synchronous request_queue removal (git fixes (block
    drivers)).
  o block: Use non _rcu version of list functions for tag_set_list (git-fixes).
  o Bluetooth: Fix refcount use-after-free issue (git-fixes).
  o Bluetooth: guard against controllers sending zero'd events (git-fixes).
  o Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
  o Bluetooth: L2CAP: handle l2cap config request during open state
    (git-fixes).
  o Bluetooth: prefetch channel before killing sock (git-fixes).
  o bnxt_en: Fix completion ring sizing with TPA enabled
    (networking-stable-20_07_29).
  o bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM
    (git-fixes).
  o btrfs: require only sector size alignment for parent eb bytenr (bsc#
    1176789).
  o btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  o ceph: do not allow setlease on cephfs (bsc#1177041).
  o ceph: fix potential mdsc use-after-free crash (bsc#1177042).
  o ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
  o ceph: handle zero-length feature mask in session messages (bsc#1177044).
  o cfg80211: regulatory: reject invalid hints (bsc#1176699).
  o cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  o cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  o cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  o clk: Add (devm_)clk_get_optional() functions (git-fixes).
  o clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes).
  o clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED
    (git-fixes).
  o clk/ti/adpll: allocate room for terminating null (git-fixes).
  o clocksource/drivers/h8300_timer8: Fix wrong return value in
    h8300_8timer_init() (git-fixes).
  o cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#
    1176966).
  o dmaengine: at_hdmac: check return value of of_find_device_by_node() in
    at_dma_xlate() (git-fixes).
  o dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling
    (git-fixes).
  o dmaengine: pl330: Fix burst length if burst size is smaller than bus width
    (git-fixes).
  o dmaengine: tegra-apb: Prevent race conditions on channel's freeing
    (git-fixes).
  o dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
  o dm crypt: avoid truncating the logical block size (git fixes (block
    drivers)).
  o dm: fix redundant IO accounting for bios that need splitting (git fixes
    (block drivers)).
  o dm integrity: fix a deadlock due to offloading to an incorrect workqueue
    (git fixes (block drivers)).
  o dm integrity: fix integrity recalculation that is improperly skipped (git
    fixes (block drivers)).
  o dm: report suspended device during destroy (git fixes (block drivers)).
  o dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes
    (block drivers)).
  o dm: use noio when sending kobject event (git fixes (block drivers)).
  o dm writecache: add cond_resched to loop in persistent_memory_claim() (git
    fixes (block drivers)).
  o dm writecache: correct uncommitted_block when discarding uncommitted entry
    (git fixes (block drivers)).
  o dm zoned: assign max_io_len correctly (git fixes (block drivers)).
  o drivers: char: tlclk.c: Avoid data race between init and interrupt handler
    (git-fixes).
  o Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#
    1176877).
  o Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes).
  o drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29).
  o drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic
    (git-fixes).
  o drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes).
  o drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
    (git-fixes).
  o drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  o drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
  o drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes).
  o drm/amdgpu: increase atombios cmd timeout (git-fixes).
  o drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table
    (git-fixes).
  o drm/amdkfd: fix a memory leak issue (git-fixes).
  o drm/amdkfd: Fix reference count leaks (git-fixes).
  o drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  o drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  o drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context
    changes
  o drm/mediatek: Add exception handing in mtk_drm_probe() if component init
    fail (git-fixes).
  o drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata()
    (git-fixes).
  o drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
  o drm/msm: add shutdown support for display platform_driver (git-fixes).
  o drm/msm: Disable preemption on all 5xx targets (git-fixes).
  o drm/msm: fix leaks if initialization fails (git-fixes).
  o drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
  o drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
  o drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
    (git-fixes).
  o drm/nouveau: Fix reference count leak in nouveau_connector_detect
    (git-fixes).
  o drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
    (git-fixes).
  o drm/nouveau: fix runtime pm imbalance on error (git-fixes).
  o drm/omap: fix possible object reference leak (git-fixes).
  o drm/radeon: fix multiple reference count leak (git-fixes).
  o drm/radeon: Prefer lower feedback dividers (git-fixes).
  o drm/radeon: revert "Prefer lower feedback dividers" (git-fixes).
  o drm/sun4i: Fix dsi dcs long write function (git-fixes).
  o drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
  o drm/tve200: Stabilize enable/disable (git-fixes).
  o drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
  o e1000: Do not perform reset in reset_task if we are already down
    (git-fixes).
  o EDAC: Fix reference count leaks (bsc#1112178).
  o fbcon: prevent user font height or width change from causing (bsc#1112178)
  o Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
  o ftrace: Move RCU is watching check after recursion check (git-fixes).
  o ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes).
  o gma/gma500: fix a memory disclosure bug due to uninitialized bytes
    (git-fixes).
  o gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
  o gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
    (git-fixes).
  o gtp: fix Illegal context switch in RCU read-side critical section
    (git-fixes).
  o gtp: fix use-after-free in gtp_newlink() (git-fixes).
  o Hide e21a4f3a930c as of its duplication
  o HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
    (git-fixes).
  o hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659).
  o hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  o hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  o hwmon: (applesmc) check status earlier (git-fixes).
  o i2c: core: Do not fail PRP0001 enumeration when no ID table exist
    (git-fixes).
  o i2c: cpm: Fix i2c_ram structure (git-fixes).
  o ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  o ieee802154/adf7242: check status of adf7242_read_reg (git-fixes).
  o ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes).
  o iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
  o iio:accel:mma7455: Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
  o iio: adc: mcp3422: fix locking on error path (git-fixes).
  o iio: adc: mcp3422: fix locking scope (git-fixes).
  o iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
  o iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
  o iio: improve IIO_CONCENTRATION channel type description (git-fixes).
  o iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
  o iio:light:max44000 Fix timestamp alignment and prevent data leak
    (git-fixes).
  o iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
  o include: add additional sizes (bsc#1094244 ltc#168122).
  o iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#
    1177293).
  o iommu/amd: Fix potential @entry null deref (bsc#1177294).
  o iommu/amd: Print extended features in one line to fix divergent log levels
    (bsc#1176316).
  o iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
  o iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
  o iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#
    1177295).
  o iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
  o iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc
    #1177296).
  o iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#
    1176319).
  o iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
  o kernel-syms.spec.in: Also use bz compression (boo#1175882).
  o KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
  o KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and
    non-VHE (jsc#SLE-4084).
  o KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put
    for VHE (jsc#SLE-4084).
  o KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#
    SLE-4084).
  o KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE
    (jsc#SLE-4084).
  o KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#
    SLE-4084).
  o KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
  o KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#
    SLE-4084).
  o KVM: arm64: Factor out fault info population and gic workarounds (jsc#
    SLE-4084).
  o KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).
  o KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
  o KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
  o KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#
    SLE-4084).
  o KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions
    (jsc#SLE-4084).
  o KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).
  o KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#
    SLE-4084).
  o KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#
    SLE-4084).
  o KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#
    SLE-4084).
  o KVM: arm64: Move userspace system registers into separate function (jsc#
    SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers
    (jsc#SLE-4084).
  o KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#
    SLE-4084).
  o KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084).
  o KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#
    SLE-4084).
  o KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
  o KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
  o KVM: arm64: Rewrite system register accessors to read/write functions (jsc#
    SLE-4084).
  o KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
  o KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc
    #SLE-4084).
  o KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#
    SLE-4084).
  o KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#
    SLE-4084).
  o KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
  o KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE
    (jsc#SLE-4084).
  o KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#
    SLE-4084).
  o KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
  o KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#
    SLE-4084).
  o KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#
    SLE-4084).
  o KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug
    (jsc#SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#
    SLE-4084).
  o KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#
    SLE-4084).
  o KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#
    SLE-4084).
  o KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#
    SLE-4084).
  o KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
  o KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM
    (bsc#1176321).
  o KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#
    1112178).
  o KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
  o libceph: allow setting abort_on_full for rbd (bsc#1169972).
  o libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).
  o libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  o libnvdimm/security, acpi/nfit: unify zero-key for all security commands
    (bsc#1171742).
  o libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  o libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  o lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block
    drivers)).
  o mac802154: tx: fix use-after-free (git-fixes).
  o md: raid0/linear: fix dereference before null check on pointer mddev (git
    fixes (block drivers)).
  o media: davinci: vpif_capture: fix potential double free (git-fixes).
  o media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA
    value in debiirq() (git-fixes).
  o media: smiapp: Fix error handling at NVM reading (git-fixes).
  o media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
  o mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  o mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
  o mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#
    1154366).
  o mmc: cqhci: Add cqhci_deactivate() (git-fixes).
  o mmc: sdhci-msm: Add retries when all tuning phases are found valid
    (git-fixes).
  o mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
    controllers (git-fixes).
  o mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS
    models (git-fixes).
  o mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/
    pgalloc)).
  o mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/
    vmalloc)).
  o mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of
    cfi_amdstd_setup() (git-fixes).
  o mtd: lpddr: Fix a double free in probe() (git-fixes).
  o mtd: phram: fix a double free issue in error path (git-fixes).
  o mtd: properly check all write ioctls for permissions (git-fixes).
  o net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
  o net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
  o net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
  o net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
  o net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
  o net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge()
    (git-fixes).
  o net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
  o net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
  o net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
  o net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
  o net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
    (git-fixes).
  o net: fs_enet: do not call phy_stop() in interrupts (git-fixes).
  o net: initialize fastreuse on inet_inherit_port
    (networking-stable-20_08_15).
  o net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).
  o net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).
  o net: lio_core: fix potential sign-extension overflow on large shift
    (git-fixes).
  o net/mlx5: Add meaningful return codes to status_to_err function
    (git-fixes).
  o net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
  o net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded
    (git-fixes).
  o net: mvneta: fix mtu change on port without link (git-fixes).
  o net-next: ax88796: Do not free IRQ in ax_remove() (already freed in
    ax_close()) (git-fixes).
  o net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).
  o net: qca_spi: Avoid packet drop during initial sync (git-fixes).
  o net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
  o net: refactor bind_bucket fastreuse into helper
    (networking-stable-20_08_15).
  o net/smc: fix dmb buffer shortage (git-fixes).
  o net/smc: fix restoring of fallback changes (git-fixes).
  o net/smc: fix sock refcounting in case of termination (git-fixes).
  o net/smc: improve close of terminated socket (git-fixes).
  o net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).
  o net/smc: remove freed buffer from list (git-fixes).
  o net/smc: reset sndbuf_desc if freed (git-fixes).
  o net/smc: set rx_off for SMCR explicitly (git-fixes).
  o net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).
  o net/smc: tolerate future SMCD versions (git-fixes).
  o net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing()
    (git-fixes).
  o net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
  o net: stmmac: do not stop NAPI processing when dropping a packet
    (git-fixes).
  o net: stmmac: dwmac4: fix flow control issue (git-fixes).
  o net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset
    function (git-fixes).
  o net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration
    (git-fixes).
  o net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
    (git-fixes).
  o net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs
    (git-fixes).
  o net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode
    (git-fixes).
  o net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()'
    (git-fixes).
  o net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()'
    (git-fixes).
  o net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes).
  o net: stmmac: set MSS for each tx DMA channel (git-fixes).
  o net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
  o net-sysfs: add a newline when printing 'tx_timeout' by sysfs
    (networking-stable-20_07_29).
  o net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
  o net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb()
    (git-fixes).
  o net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).
  o net: ucc_geth - fix Oops when changing number of buffers in the ring
    (git-fixes).
  o NFSv4: do not mark all open state for recovery when handling recallable
    state revoked flag (bsc#1176935).
  o nvme-fc: set max_segments to lldd max value (bsc#1176038).
  o nvme-pci: override the value of the controller's numa node (bsc#1176507).
  o ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
  o omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
    (git-fixes).
  o PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
  o PCI: Fix pci_create_slot() reference count leak (git-fixes).
  o PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
  o PCI: qcom: Add missing reset for ipq806x (git-fixes).
  o PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
  o PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
  o PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
  o phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
  o pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
  o powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#
    168122).
  o powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244
    ltc#168122).
  o powerpc/64s: Include header file to fix a warning (bsc#1094244 ltc#168122).
  o powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#
    168122).
  o powerpc/64s: sreset panic if there is no debugger or crash dump handlers
    (bsc#1094244 ltc#168122).
  o powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#
    168122).
  o powerpc: Add cputime_to_nsecs() (bsc#1065729).
  o powerpc/book3s64/radix: Add kernel command line option to disable radix
    GTSE (bsc#1055186 ltc#153436).
  o powerpc/book3s64/radix: Fix boot failure with large amount of guest memory
    (bsc#1176022 ltc#187208).
  o powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  o powerpc/init: Do not advertise radix during client-architecture-support
    (bsc#1055186 ltc#153436 ).
  o powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  o powerpc/kernel: Enables memory hot-remove after reboot on pseries guests
    (bsc#1177030 ltc#187588).
  o powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
  o powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#
    1177030 ltc#187588).
  o powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#
    1176022 ltc#187208).
  o powerpc/powernv: Remove real mode access limit for early allocations (bsc#
    1176022 ltc#187208).
  o powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#
    153436).
  o powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
  o powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
  o powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  o powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack
    (bsc#1094244 ltc#168122).
  o powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022
    ltc#187208).
  o powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  o powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244
    ltc#168122).
  o powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#
    168122).
  o powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  o powerpc/traps: fix recoverability of machine check handling on book3s/32
    (bsc#1094244 ltc#168122).
  o powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244
    ltc#168122).
  o powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S
    (bsc#1065729).
  o power: supply: max17040: Correct voltage reading (git-fixes).
  o rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes
    (rcu)).
  o regulator: push allocation in set_consumer_device_supply() out of lock
    (git-fixes).
  o rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869
    ltc#188243).
  o rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  o rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#
    SLE-13618).
  o rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To
    avoid the unnecessary key enrollment, when enrolling the signing key of the
    kernel package, "--ca-check" is added to mokutil so that mokutil will
    ignore the request if the CA of the signing key already exists in MokList
    or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only
    defined in a kernel module package (KMP), it's used to determine whether
    the %post script is running in a kernel package, or a kernel module
    package.
  o rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  o rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#
    1176698) The "-c" option wasn't passed down to %_kernel_module_package so
    the ueficert subpackage wasn't generated even if the certificate is
    specified in the spec file.
  o rtc: ds1374: fix possible race condition (git-fixes).
  o rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  o rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
    (networking-stable-20_08_08).
  o rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
    (networking-stable-20_07_29).
  o s390/mm: fix huge pte soft dirty copying (git-fixes).
  o s390/qeth: do not process empty bridge port events (git-fixes).
  o s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  o s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  o scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).
  o scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468,
    bsc#1171675).
  o scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#
    188304).
  o scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()
    (bsc#1176962 ltc#188304).
  o scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername()
    (bsc#1177258).
  o scsi: libfc: Fix for double free() (bsc#1174899).
  o scsi: libfc: free response frame from GPN_ID (bsc#1174899).
  o scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#
    1174899).
  o scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  o scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  o scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  o scsi: qla2xxx: Fix the return value (bsc#1171688).
  o scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#
    1171688).
  o scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#
    1171688).
  o scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  o scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  o scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  o scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  o scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle()
    (bsc#1171688).
  o scsi: qla2xxx: Suppress two recently introduced compiler warnings
    (git-fixes).
  o scsi: qla2xxx: Warn if done() or free() are called on an already freed srb
    (bsc#1171688).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186
    (git-fixes).
  o sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210
    (git-fixes).
  o serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout
    (git-fixes).
  o serial: 8250_omap: Fix sleeping function called from invalid context during
    probe (git-fixes).
  o serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
  o Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).
  o SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#
    1176546).
  o SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  o SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  o stmmac: Do not access tx_q->dirty_tx before netif_tx_lock (git-fixes).
  o tcp: apply a floor of 1 for RTT samples from TCP timestamps
    (networking-stable-20_08_08).
  o thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430
    (git-fixes).
  o tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#
    1112178).
  o USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  o USB: dwc3: Increase timeout for CmdAct cleared by device controller
    (git-fixes).
  o USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).
  o USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int
    (git-fixes).
  o USB: Fix out of sync data toggle if a configured device is reconfigured
    (git-fixes).
  o USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).
  o USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
  o USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  o USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  o USB: hso: check for return value in hso_serial_common_create()
    (networking-stable-20_08_08).
  o usblp: fix race between disconnect() and read() (git-fixes).
  o USB: lvtest: return proper error code in probe (git-fixes).
  o usbnet: ipheth: fix potential null pointer dereference in
    ipheth_carrier_set (git-fixes).
  o USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
  o USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  o USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin
    notebook (git-fixes).
  o USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D
    (git-fixes).
  o USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  o USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules
    (git-fixes).
  o USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  o USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
    (git-fixes).
  o USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  o USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  o USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  o USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  o USB: yurex: Fix bad gfp argument (git-fixes).
  o vgacon: remove software scrollback support (bsc#1176278).
  o video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).
  o virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes
    (block drivers)).
  o vrf: prevent adding upper devices (git-fixes).
  o vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
  o x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1112178).
  o xen: do not reschedule in preemption off sections (bsc#1175749).
  o xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
  o xen uses irqdesc::irq_data_common::handler_data to store a per interrupt
    XEN data pointer which contains XEN specific information (bsc#1065600).
  o xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
  o yam: fix possible memory leak in yam_init_driver (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Workstation Extension 15-SP1:
    zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2020-2905=1
  o SUSE Linux Enterprise Module for Live Patching 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-2905=1
  o SUSE Linux Enterprise Module for Legacy Software 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-2905=1
  o SUSE Linux Enterprise Module for Development Tools 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-2905=1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2905=1
  o SUSE Linux Enterprise High Availability 15-SP1:
    zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2020-2905=1

Package List:

  o SUSE Linux Enterprise Workstation Extension 15-SP1 (x86_64):
       kernel-default-debuginfo-4.12.14-197.61.1
       kernel-default-debugsource-4.12.14-197.61.1
       kernel-default-extra-4.12.14-197.61.1
       kernel-default-extra-debuginfo-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
       kernel-default-debuginfo-4.12.14-197.61.1
       kernel-default-debugsource-4.12.14-197.61.1
       kernel-default-livepatch-4.12.14-197.61.1
       kernel-default-livepatch-devel-4.12.14-197.61.1
       kernel-livepatch-4_12_14-197_61-default-1-3.5.1
  o SUSE Linux Enterprise Module for Legacy Software 15-SP1 (aarch64 ppc64le
    s390x x86_64):
       kernel-default-debuginfo-4.12.14-197.61.1
       kernel-default-debugsource-4.12.14-197.61.1
       reiserfs-kmp-default-4.12.14-197.61.1
       reiserfs-kmp-default-debuginfo-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Development Tools 15-SP1 (aarch64 ppc64le
    s390x x86_64):
       kernel-obs-build-4.12.14-197.61.1
       kernel-obs-build-debugsource-4.12.14-197.61.1
       kernel-syms-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Development Tools 15-SP1 (noarch):
       kernel-docs-4.12.14-197.61.1
       kernel-source-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x
    x86_64):
       kernel-default-4.12.14-197.61.1
       kernel-default-base-4.12.14-197.61.1
       kernel-default-base-debuginfo-4.12.14-197.61.1
       kernel-default-debuginfo-4.12.14-197.61.1
       kernel-default-debugsource-4.12.14-197.61.1
       kernel-default-devel-4.12.14-197.61.1
       kernel-default-devel-debuginfo-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (noarch):
       kernel-devel-4.12.14-197.61.1
       kernel-macros-4.12.14-197.61.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP1 (s390x):
       kernel-default-man-4.12.14-197.61.1
       kernel-zfcpdump-debuginfo-4.12.14-197.61.1
       kernel-zfcpdump-debugsource-4.12.14-197.61.1
  o SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x
    x86_64):
       cluster-md-kmp-default-4.12.14-197.61.1
       cluster-md-kmp-default-debuginfo-4.12.14-197.61.1
       dlm-kmp-default-4.12.14-197.61.1
       dlm-kmp-default-debuginfo-4.12.14-197.61.1
       gfs2-kmp-default-4.12.14-197.61.1
       gfs2-kmp-default-debuginfo-4.12.14-197.61.1
       kernel-default-debuginfo-4.12.14-197.61.1
       kernel-default-debugsource-4.12.14-197.61.1
       ocfs2-kmp-default-4.12.14-197.61.1
       ocfs2-kmp-default-debuginfo-4.12.14-197.61.1


References:

  o https://www.suse.com/security/cve/CVE-2020-0404.html
  o https://www.suse.com/security/cve/CVE-2020-0427.html
  o https://www.suse.com/security/cve/CVE-2020-0431.html
  o https://www.suse.com/security/cve/CVE-2020-0432.html
  o https://www.suse.com/security/cve/CVE-2020-14381.html
  o https://www.suse.com/security/cve/CVE-2020-14390.html
  o https://www.suse.com/security/cve/CVE-2020-25212.html
  o https://www.suse.com/security/cve/CVE-2020-25284.html
  o https://www.suse.com/security/cve/CVE-2020-25641.html
  o https://www.suse.com/security/cve/CVE-2020-25643.html
  o https://www.suse.com/security/cve/CVE-2020-26088.html
  o https://bugzilla.suse.com/1055186
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1094244
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1113956
  o https://bugzilla.suse.com/1154366
  o https://bugzilla.suse.com/1167527
  o https://bugzilla.suse.com/1168468
  o https://bugzilla.suse.com/1169972
  o https://bugzilla.suse.com/1171675
  o https://bugzilla.suse.com/1171688
  o https://bugzilla.suse.com/1171742
  o https://bugzilla.suse.com/1173115
  o https://bugzilla.suse.com/1174899
  o https://bugzilla.suse.com/1175228
  o https://bugzilla.suse.com/1175749
  o https://bugzilla.suse.com/1175882
  o https://bugzilla.suse.com/1176011
  o https://bugzilla.suse.com/1176022
  o https://bugzilla.suse.com/1176038
  o https://bugzilla.suse.com/1176235
  o https://bugzilla.suse.com/1176242
  o https://bugzilla.suse.com/1176278
  o https://bugzilla.suse.com/1176316
  o https://bugzilla.suse.com/1176317
  o https://bugzilla.suse.com/1176318
  o https://bugzilla.suse.com/1176319
  o https://bugzilla.suse.com/1176320
  o https://bugzilla.suse.com/1176321
  o https://bugzilla.suse.com/1176381
  o https://bugzilla.suse.com/1176395
  o https://bugzilla.suse.com/1176410
  o https://bugzilla.suse.com/1176423
  o https://bugzilla.suse.com/1176482
  o https://bugzilla.suse.com/1176507
  o https://bugzilla.suse.com/1176536
  o https://bugzilla.suse.com/1176544
  o https://bugzilla.suse.com/1176545
  o https://bugzilla.suse.com/1176546
  o https://bugzilla.suse.com/1176548
  o https://bugzilla.suse.com/1176659
  o https://bugzilla.suse.com/1176698
  o https://bugzilla.suse.com/1176699
  o https://bugzilla.suse.com/1176700
  o https://bugzilla.suse.com/1176721
  o https://bugzilla.suse.com/1176722
  o https://bugzilla.suse.com/1176725
  o https://bugzilla.suse.com/1176732
  o https://bugzilla.suse.com/1176788
  o https://bugzilla.suse.com/1176789
  o https://bugzilla.suse.com/1176869
  o https://bugzilla.suse.com/1176877
  o https://bugzilla.suse.com/1176935
  o https://bugzilla.suse.com/1176950
  o https://bugzilla.suse.com/1176962
  o https://bugzilla.suse.com/1176966
  o https://bugzilla.suse.com/1176990
  o https://bugzilla.suse.com/1177027
  o https://bugzilla.suse.com/1177030
  o https://bugzilla.suse.com/1177041
  o https://bugzilla.suse.com/1177042
  o https://bugzilla.suse.com/1177043
  o https://bugzilla.suse.com/1177044
  o https://bugzilla.suse.com/1177121
  o https://bugzilla.suse.com/1177206
  o https://bugzilla.suse.com/1177258
  o https://bugzilla.suse.com/1177291
  o https://bugzilla.suse.com/1177293
  o https://bugzilla.suse.com/1177294
  o https://bugzilla.suse.com/1177295
  o https://bugzilla.suse.com/1177296

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX4Z77+NLKJtyKPYoAQgfRA//dMXxJNy4u6N17CgXVIwq6UKIXrwSvCWC
e3rXlceT8VQduK4wCLuqh+y8RGWJg/H/RjN6LhZEv+WGAeisBGABmuZLWCPunCGl
xcnFXFuqeRAc3KNHsGfr5y7FgD49k8fjorBWPikLhb2Q1gvL4DNmkZw/sxYEueFg
ZeS0SYavwj7j90IPd4nlHjjSo8WsbProOBP+t00XuonNgON8VtPbgybzu9tKzGYR
trcTxWTXzVumkgi6/lP+by3W6ZnFKJwCVxh95zekz02+0WG5RghcasxKmE10p6Bh
iDij33uNvnzvMZVoTS8SaxebJH3WZt/2NRAzTy3B5izIjux6sJp6sf726g65teyy
FFyTDODwya6FGS5cyaks/tePH6s1coe1l4kgR5H+JhkesuZXxlVy2xEu8kEtY6tx
OX3okAxtRIDnRHrg1N6eikcWNPx39ChQmGWTNvD9gSoMkJvnvCJSlZ1Jv4B2H1z1
4s4hM2eDogjEX7Tc/wJ/Z9jwBfe2GpjxCA2idYXmYBYA70/l3oiab6HnEVYgzRkZ
KnTjGbTZeYokae9G4hy6AHTiFGWkQSqGcyceKauTxjan3E3VdBjhnolcPrXJbF+C
GM3+hAoDnVo90vms+427H0XCkUJkNXtsp65SApLvalceaJjYzgfFlMT4nvYVd7jY
Gz/5lK4359g=
=KnUF
-----END PGP SIGNATURE-----