{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\n\nThe SUSE Linux Enterprise 12 SP3 Realtime kernel was updated to 4.4.120 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n  The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver. (bnc#1072865).\n- CVE-2017-15129: A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel. The function get_net_ns_by_id() in net/core/net_namespace.c did not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely (bnc#1074839).\n- CVE-2017-15951: The KEYS subsystem in the Linux kernel did not correctly synchronize the actions of updating versus finding a key in the 'negative' state to avoid a race condition, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls (bnc#1065615).\n- CVE-2017-16912: The 'get_pipe()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel allowed attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet (bnc#1078673).\n- CVE-2017-16913: The 'stub_recv_cmd_submit()' function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel when handling CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2017-17712: The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allowed a local user to execute code and gain privileges (bnc#1073229 1073230).\n- CVE-2017-17862: kernel/bpf/verifier.c in the Linux kernel ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (bnc#1073928).\n- CVE-2017-17864: kernel/bpf/verifier.c in the Linux kernel mishandled states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allowed local users to obtain potentially sensitive address information, aka a 'pointer leak (bnc#1073928).\n- CVE-2017-17975: Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c allowed attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure (bnc#1074426).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2017-18174: In the Linux kernel the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free (bnc#1080533).\n- CVE-2017-18208: The madvise_willneed function in mm/madvise.c allowed local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping (bnc#1083494).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability existed in the sound system, which could lead to a deadlock and denial of service condition (bnc#1076017).\n- CVE-2018-1000026: Linux kernel version contained a insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via an attacker that must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM. (bnc#1079384).\n- CVE-2018-5332: In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2018-5333: In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2018-8087: Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c allowed local users to cause a denial of service (memory consumption) by triggering an out-of-array error case (bnc#1085053).\n- CVE-2017-16644: The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c allowed local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1067118).\n\nThe following non-security bugs were fixed:\n\n- 509: fix printing uninitialized stack memory when OID is empty (bsc#1075078).\n- 8021q: fix a memory leak for VLAN 0 device (bnc#1012382).\n- acpi / bus: Leave modalias empty for devices which are not present (bnc#1012382).\n- acpi, nfit: fix health event notification (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).\n- acpi, nfit: fix register dimm error handling (FATE#321135, FATE#321217, FATE#321256, FATE#321391, FATE#321393).\n- acpi: sbshc: remove raw pointer from printk() message (bnc#1012382).\n- acpi / scan: Prefer devices without _HID/_CID for _ADR matching (bnc#1012382).\n- Add delay-init quirk for Corsair K70 RGB keyboards (bnc#1012382).\n- add ip6_make_flowinfo helper (bsc#1042286).\n- af_key: fix buffer overread in parse_exthdrs() (bnc#1012382).\n- af_key: fix buffer overread in verify_address_len() (bnc#1012382).\n- afs: Adjust mode bits processing (bnc#1012382).\n- afs: Connect up the CB.ProbeUuid (bnc#1012382).\n- afs: Fix afs_kill_pages() (bnc#1012382).\n- afs: Fix missing put_page() (bnc#1012382).\n- afs: Fix page leak in afs_write_begin() (bnc#1012382).\n- afs: Fix the maths in afs_fs_store_data() (bnc#1012382).\n- afs: Flush outstanding writes when an fd is closed (bnc#1012382).\n- afs: Migrate vlocation fields to 64-bit (bnc#1012382).\n- afs: Populate and use client modification time (bnc#1012382).\n- afs: Populate group ID from vnode status (bnc#1012382).\n- afs: Prevent callback expiry timer overflow (bnc#1012382).\n- ahci: Add Intel Cannon Lake PCH-H PCI ID (bnc#1012382).\n- ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI (bnc#1012382).\n- ahci: Annotate PCI ids for mobile Intel chipsets as such (bnc#1012382).\n- alpha: fix build failures (bnc#1012382).\n- alpha: fix crash if pthread_create races with signal delivery (bnc#1012382).\n- alpha: fix reboot on Avanti platform (bnc#1012382).\n- alsa: aloop: Fix inconsistent format due to incomplete rule (bsc#1031717).\n- alsa: aloop: Fix racy hw constraints adjustment (bsc#1031717).\n- alsa: aloop: Release cable upon open error path (bsc#1031717).\n- alsa: hda - Apply headphone noise quirk for another Dell XPS 13 variant (bsc#1031717).\n- alsa: hda - Apply the existing quirk to iMac 14,1 (bsc#1031717).\n- alsa: hda/ca0132 - fix possible NULL pointer use (bnc#1012382).\n- alsa: hda - Fix headset mic detection problem for two Dell machines (bnc#1012382).\n- alsa: hda/realtek - Add headset mode support for Dell laptop (bsc#1031717).\n- alsa: hda/realtek: PCI quirk for Fujitsu U7x7 (bnc#1012382).\n- alsa: hda - Reduce the suspend time consumption for ALC256 (bsc#1031717).\n- alsa: hda - Use IS_REACHABLE() for dependency on input (bsc#1031717).\n- alsa: pcm: Abort properly at pending signal in OSS read/write loops (bsc#1031717).\n- alsa: pcm: Add missing error checks in OSS emulation plugin builder (bsc#1031717).\n- alsa: pcm: Allow aborting mutex lock at OSS read/write loops (bsc#1031717).\n- alsa: pcm: Remove incorrect snd_BUG_ON() usages (bsc#1031717).\n- alsa: pcm: Remove yet superfluous WARN_ON() (bsc#1031717).\n- alsa: seq: Fix racy pool initializations (bnc#1012382).\n- alsa: seq: Fix regression by incorrect ioctl_mutex usages (bnc#1012382).\n- alsa: usb-audio: add implicit fb quirk for Behringer UFX1204 (bnc#1012382).\n- alsa: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute (bnc#1012382).\n- amd-xgbe: Fix unused suspend handlers build warning (bnc#1012382).\n- arc: uaccess: dont use 'l' gcc inline asm constraint modifier (bnc#1012382).\n- arm64: add PTE_ADDR_MASK (bsc#1068032).\n- arm64: Add skeleton to harden the branch predictor against aliasing attacks (bsc#1068032).\n- arm64: Add trace_hardirqs_off annotation in ret_to_user (bsc#1068032).\n- arm64: barrier: Add CSDB macros to control data-value prediction (bsc#1068032).\n- arm64: Branch predictor hardening for Cavium ThunderX2 (bsc#1068032).\n- arm64/cpufeature: do not use mutex in bringup path (bsc#1068032).\n- arm64: cpufeature: Pass capability structure to ->enable callback (bsc#1068032).\n- arm64: cputype: Add MIDR values for Cavium ThunderX2 CPUs (bsc#1068032).\n- arm64: cputype: Add missing MIDR values for Cortex-A72 and Cortex-A75 (bsc#1068032).\n- arm64: debug: remove unused local_dbg_{enable, disable} macros (bsc#1068032).\n- arm64: define BUG() instruction without CONFIG_BUG (bnc#1012382).\n- arm64: Define cputype macros for Falkor CPU (bsc#1068032).\n- arm64: Disable TTBR0_EL1 during normal kernel execution (bsc#1068032).\n- arm64: Disable unhandled signal log messages by default (bnc#1012382).\n- arm64: Do not force KPTI for CPUs that are not vulnerable (bsc#1076187).\n- arm64: do not pull uaccess.h into *.S (bsc#1068032).\n- arm64: dts: add #cooling-cells to CPU nodes (bnc#1012382).\n- arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: entry: Add exception trampoline page for exceptions from EL0 (bsc#1068032).\n- arm64: entry: Add fake CPU feature for unmapping the kernel at EL0 (bsc#1068032).\n- arm64: entry: Apply BP hardening for high-priority synchronous exceptions (bsc#1068032).\n- arm64: entry: Apply BP hardening for suspicious interrupts from EL0 (bsc#1068032).\n- arm64: entry: Ensure branch through syscall table is bounded under speculation (bsc#1068032).\n- arm64: entry: Explicitly pass exception level to kernel_ventry macro (bsc#1068032).\n- arm64: entry: Hook up entry trampoline to exception vectors (bsc#1068032).\n- arm64: entry: remove pointless SPSR mode check (bsc#1068032).\n- arm64: entry: Reword comment about post_ttbr_update_workaround (bsc#1068032).\n- arm64: entry.S convert el0_sync (bsc#1068032).\n- arm64: entry.S: convert el1_sync (bsc#1068032).\n- arm64: entry.S: convert elX_irq (bsc#1068032).\n- arm64: entry.S: move SError handling into a C function for future expansion (bsc#1068032).\n- arm64: entry.S: Remove disable_dbg (bsc#1068032).\n- arm64: erratum: Work around Falkor erratum #E1003 in trampoline code (bsc#1068032).\n- arm64: explicitly mask all exceptions (bsc#1068032).\n- arm64: factor out entry stack manipulation (bsc#1068032).\n- arm64: factor out PAGE_* and CONT_* definitions (bsc#1068032).\n- arm64: Factor out PAN enabling/disabling into separate uaccess_* macros (bsc#1068032).\n- arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro (bsc#1068032).\n- arm64: factor work_pending state machine to C (bsc#1068032).\n- arm64: Force KPTI to be disabled on Cavium ThunderX (bsc#1068032).\n- arm64: fpsimd: Prevent registers leaking from dead tasks (bnc#1012382).\n- arm64: futex: Mask __user pointers prior to dereference (bsc#1068032).\n- arm64: Handle el1 synchronous instruction aborts cleanly (bsc#1068032).\n- arm64: Handle faults caused by inadvertent user access with PAN enabled (bsc#1068032).\n- arm64: head.S: get rid of x25 and x26 with 'global' scope (bsc#1068032).\n- arm64: idmap: Use 'awx' flags for .idmap.text .pushsection directives (bsc#1068032).\n- arm64: Implement array_index_mask_nospec() (bsc#1068032).\n- arm64: Implement branch predictor hardening for affected Cortex-A CPUs (bsc#1068032).\n- arm64: Implement branch predictor hardening for Falkor (bsc#1068032).\n- arm64: Initialise high_memory global variable earlier (bnc#1012382).\n- arm64: introduce an order for exceptions (bsc#1068032).\n- arm64: introduce mov_q macro to move a constant into a 64-bit register (bsc#1068032).\n- arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 (bsc#1068032).\n- arm64: kaslr: Put kernel vectors address in separate data page (bsc#1068032).\n- arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0 (bsc#1068032).\n- arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry (bsc#1068032).\n- arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set (bnc#1012382).\n- arm64: kill ESR_LNX_EXEC (bsc#1068032).\n- arm64: kpti: Add ->enable callback to remap swapper using nG mappings (bsc#1068032).\n- arm64: kpti: Fix the interaction between ASID switching and software PAN (bsc#1068032).\n- arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0() (bsc#1068032).\n- arm64: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bsc#1076232).\n- arm64: kvm: fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm64: kvm: Make PSCI_VERSION a fast path (bsc#1068032).\n- arm64: kvm: Use per-CPU vector when BP hardening is enabled (bsc#1068032).\n- arm64: Make USER_DS an inclusive limit (bsc#1068032).\n- arm64: Mask all exceptions during kernel_exit (bsc#1068032).\n- arm64: mm: Add arm64_kernel_unmapped_at_el0 helper (bsc#1068032).\n- arm64: mm: Allocate ASIDs in pairs (bsc#1068032).\n- arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: hardcode rodata=true (bsc#1068032).\n- arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR (bsc#1068032).\n- arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI (bsc#1068032).\n- arm64: mm: Map entry trampoline into trampoline and kernel page tables (bsc#1068032).\n- arm64: mm: Move ASID from TTBR0 to TTBR1 (bsc#1068032).\n- arm64: mm: Permit transitioning from Global to Non-Global without BBM (bsc#1068032).\n- arm64: mm: Remove pre_ttbr0_update_workaround for Falkor erratum #E1003 (bsc#1068032).\n- arm64: mm: Rename post_ttbr0_update_workaround (bsc#1068032).\n- arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN (bsc#1068032).\n- arm64: mm: Use non-global mappings for kernel space (bsc#1068032).\n- arm64: Move BP hardening to check_and_switch_context (bsc#1068032).\n- arm64: Move post_ttbr_update_workaround to C code (bsc#1068032).\n- arm64: move TASK_* definitions to <asm/processor.h> (bsc#1068032).\n- arm64: Move the async/fiq helpers to explicitly set process context flags (bsc#1068032).\n- arm64: Run enable method for errata work arounds on late CPUs (bsc#1085045).\n- arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm (bsc#1068032).\n- arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb (bsc#1068032).\n- arm64: swp emulation: bound LL/SC retries before rescheduling (bsc#1068032).\n- arm64: sysreg: Fix unprotected macro argmuent in write_sysreg (bsc#1068032).\n- arm64: Take into account ID_AA64PFR0_EL1.CSV3 (bsc#1068032).\n- arm64: thunderx2: remove branch predictor hardening References: bsc#1076232 This causes undefined instruction abort on the smc call from guest kernel. Disable until kvm is fixed.\n- arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks (bsc#1068032).\n- arm64: Turn on KPTI only on CPUs that need it (bsc#1076187).\n- arm64: uaccess: Do not bother eliding access_ok checks in __{get, put}_user (bsc#1068032).\n- arm64: uaccess: Mask __user pointers for __arch_{clear, copy_*}_user (bsc#1068032).\n- arm64: uaccess: Prevent speculative use of the current addr_limit (bsc#1068032).\n- arm64: use alternative auto-nop (bsc#1068032).\n- arm64: Use pointer masking to limit uaccess speculation (bsc#1068032).\n- arm64: use RET instruction for exiting the trampoline (bsc#1068032).\n- arm64: xen: Enable user access before a privcmd hvc call (bsc#1068032).\n- arm: 8731/1: Fix csum_partial_copy_from_user() stack mismatch (bnc#1012382).\n- arm: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function (bnc#1012382).\n- arm/arm64: kvm: Make default HYP mappings non-excutable (bsc#1068032).\n- arm: avoid faulting on qemu (bnc#1012382).\n- arm: BUG if jumping to usermode address in kernel mode (bnc#1012382).\n- arm-ccn: perf: Prevent module unload while PMU is in use (bnc#1012382).\n- arm: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory (bnc#1012382).\n- arm: dts: am335x-evmsk: adjust mmc2 param to allow suspend (bnc#1012382).\n- arm: dts: am4372: Correct the interrupts_properties of McASP (bnc#1012382).\n- arm: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen (bnc#1012382).\n- arm: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7 (bnc#1012382).\n- arm: dts: ls1021a: fix incorrect clock references (bnc#1012382).\n- arm: dts: s5pv210: add interrupt-parent for ohci (bnc#1012382).\n- arm: dts: STi: Add gpio polarity for 'hdmi,hpd-gpio' property (bnc#1012382).\n- arm: dts: ti: fix PCI bus dtc warnings (bnc#1012382).\n- arm: kprobes: Align stack to 8-bytes in test code (bnc#1012382).\n- arm: kprobes: Fix the return address of multiple kretprobes (bnc#1012382).\n- arm: kvm: Fix SMCCC handling of unimplemented SMC/HVC calls (bnc#1012382).\n- arm: kvm: Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bnc#1012382).\n- arm: OMAP1: DMA: Correct the number of logical channels (bnc#1012382).\n- arm: OMAP2+: Fix device node reference counts (bnc#1012382).\n- arm: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context (bnc#1012382).\n- arm: OMAP2+: gpmc-onenand: propagate error on initialization failure (bnc#1012382).\n- arm: omap2: hide omap3_save_secure_ram on non-OMAP3 builds (git-fixes).\n- arm: OMAP2+: Release device node after it is no longer needed (bnc#1012382).\n- arm: pxa/tosa-bt: add MODULE_LICENSE tag (bnc#1012382).\n- arm: spear13xx: Fix dmas cells (bnc#1012382).\n- arm: spear13xx: Fix spics gpio controller's warning (bnc#1012382).\n- arm: spear600: Add missing interrupt-parent of rtc (bnc#1012382).\n- arm: tegra: select USB_ULPI from EHCI rather than platform (bnc#1012382).\n- asm-prototypes: Clear any CPP defines before declaring the functions (git-fixes).\n- asn.1: check for error from ASN1_OP_END__ACT actions (bnc#1012382).\n- asn.1: fix out-of-bounds read when parsing indefinite length item (bnc#1012382).\n- ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() (bsc#1031717).\n- ASoC: Intel: Kconfig: fix build when ACPI is not enabled (bnc#1012382).\n- ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' (bsc#1031717).\n- ASoC: mediatek: add i2c dependency (bnc#1012382).\n- ASoC: nuc900: Fix a loop timeout test (bsc#1031717).\n- asoc: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- ASoC: rockchip: disable clock on error (bnc#1012382).\n- asoc: rsnd: avoid duplicate free_irq() (bnc#1012382).\n- asoc: rsnd: do not call free_irq() on Parent SSI (bnc#1012382).\n- asoc: simple-card: Fix misleading error message (bnc#1012382).\n- ASoC: ux500: add MODULE_LICENSE tag (bnc#1012382).\n- ata: ahci_xgene: free structure returned by acpi_get_object_info() (bsc#1082979).\n- ata: pata_artop: remove redundant initialization of pio (bsc#1082979).\n- ata: sata_dwc_460ex: remove incorrect locking (bsc#1082979).\n- ath9k: fix tx99 potential info leak (bnc#1012382).\n- atm: horizon: Fix irq release error (bnc#1012382).\n- audit: ensure that 'audit=1' actually enables audit for PID 1 (bnc#1012382).\n- axonram: Fix gendisk handling (bnc#1012382).\n- b2c2: flexcop: avoid unused function warnings (bnc#1012382).\n- backlight: pwm_bl: Fix overflow condition (bnc#1012382).\n- bcache: add a comment in journal bucket reading (bsc#1076110).\n- bcache: Avoid nested function definition (bsc#1076110).\n- bcache: bch_allocator_thread() is not freezable (bsc#1076110).\n- bcache: bch_writeback_thread() is not freezable (bsc#1076110).\n- bcache: check return value of register_shrinker (bsc#1076110).\n- bcache: documentation formatting, edited for clarity, stripe alignment notes (bsc#1076110).\n- bcache: documentation updates and corrections (bsc#1076110).\n- bcache: Do not reinvent the wheel but use existing llist API (bsc#1076110).\n- bcache: do not write back data if reading it failed (bsc#1076110).\n- bcache: explicitly destroy mutex while exiting (bnc#1012382).\n- bcache: fix a comments typo in bch_alloc_sectors() (bsc#1076110).\n- bcache: fix sequential large write IO bypass (bsc#1076110).\n- bcache: fix wrong cache_misses statistics (bnc#1012382).\n- bcache: gc does not work when triggering by manual command (bsc#1076110, bsc#1038078).\n- bcache: implement PI controller for writeback rate (bsc#1076110).\n- bcache: increase the number of open buckets (bsc#1076110).\n- bcache: only permit to recovery read error when cache device is clean (bnc#1012382 bsc#1043652).\n- bcache: partition support: add 16 minors per bcacheN device (bsc#1076110, bsc#1019784).\n- bcache: rearrange writeback main thread ratelimit (bsc#1076110).\n- bcache: recover data from backing when data is clean (bnc#1012382 bsc#1043652).\n- bcache: Remove redundant set_capacity (bsc#1076110).\n- bcache: remove unused parameter (bsc#1076110).\n- bcache: rewrite multiple partitions support (bsc#1076110, bsc#1038085).\n- bcache: safeguard a dangerous addressing in closure_queue (bsc#1076110).\n- bcache: silence static checker warning (bsc#1076110).\n- bcache: smooth writeback rate control (bsc#1076110).\n- bcache.txt: standardize document format (bsc#1076110).\n- bcache: update bio->bi_opf bypass/writeback REQ_ flag hints (bsc#1076110).\n- bcache: update bucket_in_use in real time (bsc#1076110).\n- bcache: Update continue_at() documentation (bsc#1076110).\n- bcache: use kmalloc to allocate bio in bch_data_verify() (bsc#1076110).\n- bcache: use llist_for_each_entry_safe() in __closure_wake_up() (bsc#1076110).\n- bcache: writeback rate clamping: make 32 bit safe (bsc#1076110).\n- bcache: writeback rate shouldn't artifically clamp (bsc#1076110).\n- be2net: restore properly promisc mode after queues reconfiguration (bsc#963844 FATE#320192).\n- binder: add missing binder_unlock() (bnc#1012382).\n- binder: check for binder_thread allocation failure in binder_poll() (bnc#1012382).\n- binfmt_elf: compat: avoid unused function warning (bnc#1012382).\n- blacklist acb1feab320e powerpc/64: Do not trace irqs-off at interrupt return to soft-disabled context\n- blacklist.conf: Blacklist 9d25e3cc83d731ae4eeb017fd07562fde3f80bef Exynos IOMMU is not enabled in any config.\n- blacklist.conf: blacklist d207af2eab3f8668b95ad02b21930481c42806fd\n- blacklist.conf: blacklist too intrusive patches (bsc#1082979)\n- blacklist.conf: commit fd5f7cde1b85d4c8e09 ('printk: Never set console_may_schedule in console_trylock()')\n- blacklist.conf: da391d640c528bc5bb227ea5b39c882b75ac3167 Comment-only fix\n- blk-mq: add warning to __blk_mq_run_hw_queue() for ints disabled (bsc#1084772).\n- blk-mq: stop 'delayed_run_work' in blk_mq_stop_hw_queue() (bsc#1084967).\n- blk-mq: turn WARN_ON in __blk_mq_run_hw_queue into printk (bsc#1084772).\n- blktrace: fix unlocked registration of tracepoints (bnc#1012382).\n- block: fix an error code in add_partition() (bsc#1082979).\n- block: Fix __bio_integrity_endio() documentation (bsc#1082979).\n- block: wake up all tasks blocked in get_request() (bnc#1012382).\n- bluetooth: btsdio: Do not bind to non-removable BCM43341 (bnc#1012382).\n- bluetooth: btusb: driver to enable the usb-wakeup feature (bnc#1012382).\n- bluetooth: btusb: Restore QCA Rome suspend/resume fix with a 'rewritten' version (bnc#1012382).\n- bnx2x: do not rollback VF MAC/VLAN filters we did not configure (bnc#1012382).\n- bnx2x: fix possible overrun of VFPF multicast addresses array (bnc#1012382).\n- bnx2x: Improve reliability in case of nested PCI errors (bnc#1012382).\n- bnx2x: prevent crash when accessing PTP with interface down (bnc#1012382).\n- bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine (bnc#1012382).\n- bpf: arsh is not supported in 32 bit alu thus reject it (bnc#1012382).\n- bpf: avoid false sharing of map refcount with max_entries (bnc#1012382).\n- bpf: fix 32-bit divide by zero (bnc#1012382).\n- bpf: fix bpf_tail_call() x64 JIT (bnc#1012382).\n- bpf: fix divides by zero (bnc#1012382).\n- bpf: introduce BPF_JIT_ALWAYS_ON config (bnc#1012382).\n- bpf: reject stores into ctx via st and xadd (bnc#1012382).\n- bridge: implement missing ndo_uninit() (bsc#1042286).\n- bridge: move bridge multicast cleanup to ndo_uninit (bsc#1042286).\n- btrfs: add missing memset while reading compressed inline extents (bnc#1012382).\n- btrfs: copy fsid to super_block s_uuid (bsc#1080774).\n- btrfs: fix crash due to not cleaning up tree log block's dirty bits (bnc#1012382).\n- btrfs: fix deadlock in run_delalloc_nocow (bnc#1012382).\n- btrfs: fix deadlock when writing out space cache (bnc#1012382).\n- btrfs: Fix possible off-by-one in btrfs_search_path_in_tree (bnc#1012382).\n- btrfs: Fix quota reservation leak on preallocated files (bsc#1079989).\n- btrfs: fix unexpected -EEXIST when creating new inode (bnc#1012382).\n- btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker (bnc#1012382).\n- can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once (bnc#1012382).\n- can: ems_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: esd_usb2: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: flex_can: Correct the checking for frame length in flexcan_start_xmit() (bnc#1012382).\n- can: gs_usb: fix return value of the 'set_bittiming' callback (bnc#1012382).\n- can: kvaser_usb: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() (bnc#1012382).\n- can: kvaser_usb: free buf in error paths (bnc#1012382).\n- can: kvaser_usb: ratelimit errors if incomplete messages are received (bnc#1012382).\n- can: peak: fix potential bug in packet fragmentation (bnc#1012382).\n- can: ti_hecc: Fix napi poll return value for repoll (bnc#1012382).\n- can: usb_8dev: cancel urb on -EPIPE and -EPROTO (bnc#1012382).\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- cdrom: factor out common open_for_* code (bsc#1048585).\n- cdrom: turn off autoclose by default (bsc#1080813).\n- cdrom: wait for tray to close (bsc#1048585).\n- ceph: fix incorrect snaprealm when adding caps (bsc#1081735).\n- ceph: fix un-balanced fsc->writeback_count update (bsc#1081735).\n- ceph: more accurate statfs (bsc#1077068).\n- cfg80211: check dev_set_name() return value (bnc#1012382).\n- cfg80211: fix cfg80211_beacon_dup (bnc#1012382).\n- cifs: dump IPC tcon in debug proc file (bsc#1071306).\n- cifs: Fix autonegotiate security settings mismatch (bnc#1012382).\n- cifs: Fix missing put_xid in cifs_file_strict_mmap (bnc#1012382).\n- cifs: make IPC a regular tcon (bsc#1071306).\n- cifs: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (bsc#1071306).\n- cifs: zero sensitive data when freeing (bnc#1012382).\n- clk: fix a panic error caused by accessing NULL pointer (bnc#1012382).\n- clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU (bnc#1012382).\n- clk: mediatek: add the option for determining PLL source clock (bnc#1012382).\n- clk: tegra: Fix cclk_lp divisor register (bnc#1012382).\n- config: arm64: enable HARDEN_BRANCH_PREDICTOR\n- config: arm64: enable UNMAP_KERNEL_AT_EL0\n- console/dummy: leave .con_font_get set to NULL (bnc#1012382).\n- cpufreq: Add Loongson machine dependencies (bnc#1012382).\n- cpuidle: fix broadcast control when broadcast can not be entered (bnc#1012382).\n- cpuidle: powernv: Pass correct drv->cpumask for registration (bnc#1012382).\n- cpuidle: Validate cpu_dev in cpuidle_add_sysfs() (bnc#1012382).\n- crypto: aesni - handle zero length dst buffer (bnc#1012382).\n- crypto: af_alg - whitelist mask and type (bnc#1012382).\n- crypto: algapi - fix NULL dereference in crypto_remove_spawns() (bnc#1012382).\n- crypto: caam - fix endless loop when DECO acquire fails (bnc#1012382).\n- crypto: chacha20poly1305 - validate the digest size (bnc#1012382).\n- crypto: chelsio - select CRYPTO_GF128MUL (bsc#1048325).\n- crypto: cryptd - pass through absence of ->setkey() (bnc#1012382).\n- crypto: crypto4xx - increase context and scatter ring buffer elements (bnc#1012382).\n- crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex (bnc#1012382).\n- crypto: hash - introduce crypto_hash_alg_has_setkey() (bnc#1012382).\n- crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012382).\n- crypto: n2 - cure use after free (bnc#1012382).\n- crypto: pcrypt - fix freeing pcrypt instances (bnc#1012382).\n- crypto: poly1305 - remove ->setkey() method (bnc#1012382).\n- crypto: s5p-sss - Fix completing crypto request in IRQ handler (bnc#1012382).\n- crypto: s5p-sss - Fix kernel Oops in AES-ECB mode (bnc#1012382).\n- crypto: tcrypt - fix buffer lengths in test_aead_speed() (bnc#1012382).\n- crypto: tcrypt - fix S/G table for test_aead_speed() (bnc#1012382).\n- crypto: x86/twofish-3way - Fix %rbp usage (bnc#1012382).\n- cw1200: fix bogus maybe-uninitialized warning (bnc#1012382).\n- cxl: Check if vphb exists before iterating over AFU devices (bsc#1066223).\n- dax: Pass detailed error code from __dax_fault() (bsc#1072484).\n- dccp: do not restart ccid2_hc_tx_rto_expire() if sk in closed state (bnc#1012382).\n- dccp: limit sk_filter trim to payload (bsc#1042286).\n- Deadly BUG_ON() had not been removed after all, merely relocated. (bnc#1083056)\n- delay: add poll_event_interruptible (bsc#1048585).\n- dell-wmi, dell-laptop: depends DMI (bnc#1012382).\n- direct-io: Fix sleep in atomic due to sync AIO (bsc#1084888).\n- dlm: fix double list_del() (bsc#1082795).\n- dlm: fix malfunction of dlm_tool caused by debugfs changes (bsc#1077704).\n- dlm: fix NULL pointer dereference in send_to_sock() (bsc#1082795).\n- dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved (bnc#1012382).\n- dmaengine: dmatest: fix container_of member in dmatest_callback (bnc#1012382).\n- dmaengine: dmatest: move callback wait queue to thread context (bnc#1012382).\n- dmaengine: Fix array index out of bounds warning in __get_unmap_pool() (bnc#1012382).\n- dmaengine: ioat: Fix error handling path (bnc#1012382).\n- dmaengine: jz4740: disable/unprepare clk if probe fails (bnc#1012382).\n- dmaengine: pl330: fix double lock (bnc#1012382).\n- dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type (bnc#1012382).\n- dmaengine: zx: fix build warning (bnc#1012382).\n- dm btree: fix serious bug in btree_split_beneath() (bnc#1012382).\n- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) (bnc#1012382).\n- dm: correctly handle chained bios in dec_pending() (bnc#1012382).\n- dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6 (bnc#1012382).\n- dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock (bnc#1012382).\n- do not put symlink bodies in pagecache into highmem (bnc#1012382).\n- dpt_i2o: fix build warning (bnc#1012382).\n- driver-core: use 'dev' argument in dev_dbg_ratelimited stub (bnc#1012382).\n- drivers/firmware: Expose psci_get_version through psci_ops structure (bsc#1068032).\n- drivers: hv: balloon: Correctly update onlined page count (fate#315887, bsc#1082632).\n- drivers: hv: balloon: Initialize last_post_time on startup (fate#315887, bsc#1082632).\n- drivers: hv: balloon: Show the max dynamic memory assigned (fate#315887, bsc#1082632).\n- drivers: hv: kvp: Use MAX_ADAPTER_ID_SIZE for translating adapter id (fate#315887, bsc#1082632).\n- drivers: hv: Turn off write permission on the hypercall page (fate#315887, bsc#1082632).\n- drivers: hv: vmbus: Fix rescind handling (fate#315887, bsc#1082632).\n- drivers: hv: vmbus: Fix rescind handling issues (fate#315887, bsc#1082632).\n- drivers/net: fix eisa_driver probe section mismatch (bnc#1012382).\n- drm/amd/amdgpu: fix console deadlock if late init failed (bnc#1012382).\n- drm/amdgpu: Avoid leaking PM domain on driver unbind (v2) (bnc#1012382).\n- drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode (bnc#1012382).\n- drm/amdkfd: Fix SDMA oversubsription handling (bnc#1012382).\n- drm/amdkfd: Fix SDMA ring buffer size calculation (bnc#1012382).\n- drm/armada: fix leak of crtc structure (bnc#1012382).\n- drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA (bnc#1012382).\n- drm: extra printk() wrapper macros (bnc#1012382).\n- drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement (bnc#1012382).\n- drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU (bnc#1012382).\n- drm/gma500: remove helper function (bnc#1012382).\n- drm/gma500: Sanity-check pipe index (bnc#1012382).\n- drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized (bnc#1012382).\n- drm/nouveau/pci: do a msi rearm on init (bnc#1012382).\n- drm/omap: fix dmabuf mmap for dma_alloc'ed buffers (bnc#1012382).\n- drm/radeon: adjust tested variable (bnc#1012382).\n- drm/radeon: reinstate oland workaround for sclk (bnc#1012382).\n- drm/radeon/si: add dpm quirk for Oland (bnc#1012382).\n- drm: rcar-du: Fix race condition when disabling planes at CRTC stop (bnc#1012382).\n- drm: rcar-du: Use the VBK interrupt for vblank events (bnc#1012382).\n- drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all (bnc#1012382).\n- drm/ttm: check the return value of kzalloc (bnc#1012382).\n- drm/vmwgfx: Potential off by one in vmw_view_add() (bnc#1012382).\n- drm/vmwgfx: use *_32_bits() macros (bnc#1012382).\n- dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 (bnc#1012382).\n- e1000: fix disabling already-disabled warning (bnc#1012382).\n- edac, i5000, i5400: Fix definition of NRECMEMB register (bnc#1012382).\n- edac, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro (bnc#1012382).\n- edac, octeon: Fix an uninitialized variable warning (bnc#1012382).\n- edac, sb_edac: Fix missing break in switch (bnc#1012382).\n- efi/esrt: Cleanup bad memory map log messages (bnc#1012382).\n- efi: Move some sysfs files to be read-only by root (bnc#1012382).\n- em28xx: only use mt9v011 if camera support is enabled (bnc#1012382).\n- enable DST_CACHE in non-vanilla configs except s390x/zfcpdump\n- eventpoll.h: add missing epoll event masks (bnc#1012382).\n- ext4: correct documentation for grpid mount option (bnc#1012382).\n- ext4: do not unnecessarily allocate buffer in recently_deleted() (bsc#1080344).\n- ext4: fix crash when a directory's i_size is too small (bnc#1012382).\n- ext4: Fix data exposure after failed AIO DIO (bsc#1069135 bsc#1082864).\n- ext4: Fix ENOSPC handling in DAX page fault handle (bsc#1072484).\n- ext4: fix fdatasync(2) after fallocate(2) operation (bnc#1012382).\n- ext4: save error to disk in __ext4_grp_locked_error() (bnc#1012382).\n- f2fs: fix a bug caused by NULL extent tree (bsc#1082478).\n- fbdev: auo_k190x: avoid unused function warnings (bnc#1012382).\n- fbdev: controlfb: Add missing modes to fix out of bounds access (bnc#1012382).\n- fbdev: s6e8ax0: avoid unused function warnings (bnc#1012382).\n- fbdev: sis: enforce selection of at least one backend (bnc#1012382).\n- fbdev: sm712fb: avoid unused function warnings (bnc#1012382).\n- Fix build error in vma.c (bnc#1012382).\n- Fixup hang when calling 'nvme list' on all paths down (bsc#1070052).\n- fjes: Fix wrong netdevice feature flags (bnc#1012382).\n- flow_dissector: properly cap thoff field (bnc#1012382).\n- fm10k: ensure we process SM mbx when processing VF mbx (bnc#1012382).\n- fork: clear thread stack upon allocation (bsc#1077560).\n- fs: Avoid invalidation in interrupt context in dio_complete() (bsc#1073407 bsc#1069135).\n- fscache: Fix the default for fscache_maybe_release_page() (bnc#1012382).\n- fs: Fix page cache inconsistency when mixing buffered and AIO DIO (bsc#1073407 bsc#1069135).\n- fs: invalidate page cache after end_io() in dio completion (bsc#1073407 bsc#1069135).\n- ftrace: Remove incorrect setting of glob search field (bnc#1012382).\n- futex: Prevent overflow by strengthen input validation (bnc#1012382).\n- gcov: disable for COMPILE_TEST (bnc#1012382).\n- geneve: fix populating tclass in geneve_get_v6_dst (bsc#1042286).\n- genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg (bnc#1012382).\n- genirq/msi: Fix populating multiple interrupts (bsc#1085047).\n- genirq: Restore trigger settings in irq_modify_status() (bsc#1085056).\n- genksyms: Fix segfault with invalid declarations (bnc#1012382).\n- gfs2: Take inode off order_write list when setting jdata flag (bnc#1012382).\n- gianfar: fix a flooded alignment reports because of padding issue (bnc#1012382).\n- go7007: add MEDIA_CAMERA_SUPPORT dependency (bnc#1012382).\n- gpio: altera: Use handle_level_irq when configured as a level_high (bnc#1012382).\n- gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE (bnc#1012382).\n- gpio: intel-mid: Fix build warning when !CONFIG_PM (bnc#1012382).\n- gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- gpio: xgene: mark PM functions as __maybe_unused (bnc#1012382).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (bnc#1012382).\n- gre: build header correctly for collect metadata tunnels (bsc#1042286).\n- gre: do not assign header_ops in collect metadata mode (bsc#1042286).\n- gre: do not keep the GRE header around in collect medata mode (bsc#1042286).\n- gre: reject GUE and FOU in collect metadata mode (bsc#1042286).\n- hdpvr: hide unused variable (bnc#1012382).\n- hid: chicony: Add support for another ASUS Zen AiO keyboard (bnc#1012382).\n- hid: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working (bnc#1012382).\n- hid: xinmo: fix for out of range for THT 2P arcade controller (bnc#1012382).\n- hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close (bnc#1012382).\n- hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) (bnc#1012382).\n- hrtimer: Reset hrtimer cpu base proper on CPU hotplug (bnc#1012382).\n- hv: kvp: Avoid reading past allocated blocks from KVP file (bnc#1012382).\n- hv_netvsc: Add ethtool handler to set and get TCP hash levels (fate#315887, bsc#1082632).\n- hv_netvsc: Add ethtool handler to set and get UDP hash levels (fate#315887, bsc#1082632).\n- hv_netvsc: Add initialization of tx_table in netvsc_device_add() (fate#315887, bsc#1082632).\n- hv_netvsc: Change the hash level variable to bit flags (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up an unused parameter in rndis_filter_set_rss_param() (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up unused parameter from netvsc_get_hash() (fate#315887, bsc#1082632).\n- hv_netvsc: Clean up unused parameter from netvsc_get_rss_hash_opts() (fate#315887, bsc#1082632).\n- hv_netvsc: copy_to_send buf can be void (fate#315887, bsc#1082632).\n- hv_netvsc: do not need local xmit_more (fate#315887, bsc#1082632).\n- hv_netvsc: drop unused macros (fate#315887, bsc#1082632).\n- hv_netvsc: empty current transmit aggregation if flow blocked (fate#315887, bsc#1082632).\n- hv_netvsc: Fix rndis_filter_close error during netvsc_remove (fate#315887, bsc#1082632).\n- hv_netvsc: fix send buffer failure on MTU change (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the channel limit in netvsc_set_rxfh() (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the real number of queues of non-vRSS cases (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the receive buffer size limit (fate#315887, bsc#1082632).\n- hv_netvsc: Fix the TX/RX buffer default sizes (fate#315887, bsc#1082632).\n- hv_netvsc: hide warnings about uninitialized/missing rndis device (fate#315887, bsc#1082632).\n- hv_netvsc: make const array ver_list static, reduces object code size (fate#315887, bsc#1082632).\n- hv_netvsc: optimize initialization of RNDIS header (fate#315887, bsc#1082632).\n- hv_netvsc: pass netvsc_device to receive callback (fate#315887, bsc#1082632).\n- hv_netvsc: remove open_cnt reference count (fate#315887, bsc#1082632).\n- hv_netvsc: Rename ind_table to rx_table (fate#315887, bsc#1082632).\n- hv_netvsc: Rename tx_send_table to tx_table (fate#315887, bsc#1082632).\n- hv_netvsc: replace divide with mask when computing padding (fate#315887, bsc#1082632).\n- hv_netvsc: report stop_queue and wake_queue (fate#315887, bsc#1082632).\n- hv_netvsc: simplify function args in receive status path (fate#315887, bsc#1082632).\n- hv_netvsc: Simplify the limit check in netvsc_set_channels() (fate#315887, bsc#1082632).\n- hv_netvsc: track memory allocation failures in ethtool stats (fate#315887, bsc#1082632).\n- hv: preserve kabi by keeping hv_do_hypercall (bnc#1082632).\n- hwmon: (asus_atk0110) fix uninitialized data access (bnc#1012382).\n- hwmon: (pmbus) Use 64bit math for DIRECT format values (bnc#1012382).\n- hwrng: exynos - use __maybe_unused to hide pm functions (bnc#1012382).\n- hyper-v: trace vmbus_ongpadl_created() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_ongpadl_torndown() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_on_message() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_on_msg_dpc() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onoffer() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onoffer_rescind() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onopen_result() (fate#315887, bsc#1082632).\n- hyper-v: trace vmbus_onversion_response() (fate#315887, bsc#1082632).\n- hyper-v: Use fast hypercall for HVCALL_SIGNAL_EVENT (fate#315887, bsc#1082632).\n- i2c: remove __init from i2c_register_board_info() (bnc#1012382).\n- i40iw: Account for IPv6 header when setting MSS (bsc#1024376 FATE#321249).\n- i40iw: Allocate a sdbuf per CQP WQE (bsc#1024376 FATE#321249).\n- i40iw: Cleanup AE processing (bsc#1024376 FATE#321249).\n- i40iw: Clear CQP Head/Tail during initialization (bsc#1024376 FATE#321249).\n- i40iw: Correct ARP index mask (bsc#1024376 FATE#321249).\n- i40iw: Correct Q1/XF object count equation (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Do not allow posting WR after QP is flushed (bsc#1024376 FATE#321249).\n- i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE (bsc#1024376 FATE#321249).\n- i40iw: Do not generate CQE for RTR on QP flush (bsc#1024376 FATE#321249).\n- i40iw: Do not retransmit MPA request after it is ACKed (bsc#1024376 FATE#321249).\n- i40iw: Fixes for static checker warnings (bsc#1024376 FATE#321249).\n- i40iw: Fix sequence number for the first partial FPDU (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Fix the connection ORD value for loopback (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Ignore AE source field in AEQE for some AEs (bsc#1024376 FATE#321249).\n- i40iw: Move cqp_cmd_head init to CQP initialization (bsc#1024376 FATE#321249).\n- i40iw: Move exception_lan_queue to VSI structure (bsc#1024376 FATE#321249).\n- i40iw: Move MPA request event for loopback after connect (bsc#1024376 FATE#321249).\n- i40iw: Notify user of established connection after QP in RTS (bsc#1024376 FATE#321249).\n- i40iw: Reinitialize IEQ on MTU change (bsc#1024376 FATE#321249).\n- i40iw: Remove limit on re-posting AEQ entries to HW (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- i40iw: Selectively teardown QPs on IP addr change event (bsc#1024376 FATE#321249).\n- i40iw: Validate correct IRD/ORD connection parameters (bsc#969476 FATE#319648 bsc#969477 FATE#319816).\n- ib/hfi1: Fix for potential refcount leak in hfi1_open_file() (FATE#321231 FATE#321473).\n- ib/hfi1: Fix misspelling in comment (bsc#973818, fate#319242).\n- ib/hfi1: Prevent kernel QP post send hard lockups (bsc#973818 FATE#319242).\n- ib/ipoib: Fix lockdep issue found on ipoib_ib_dev_heavy_flush (git-fixes).\n- ib/ipoib: Fix race condition in neigh creation (bsc#1022595 FATE#322350).\n- ib/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop (bnc#1012382).\n- ib/iser: Handle lack of memory management extentions correctly (bsc#1082979).\n- ib/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports (bnc#1012382).\n- ib/mlx4: Fix mlx4_ib_alloc_mr error flow (bnc#1012382).\n- ib/mlx4: Increase maximal message size under UD QP (bnc#1012382).\n- ib/mlx5: Assign send CQ and recv CQ of UMR QP (bnc#1012382).\n- ib/mlx5: Serialize access to the VMA list (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- ibmvnic: Account for VLAN header length in TX buffers (bsc#1085239).\n- ibmvnic: Account for VLAN tag in L2 Header descriptor (bsc#1085239).\n- ibmvnic: Allocate and request vpd in init_resources (bsc#1076872).\n- ibmvnic: Allocate max queues stats buffers (bsc#1081498).\n- ibmvnic: Allocate statistics buffers during probe (bsc#1082993).\n- ibmvnic: Check for NULL skb's in NAPI poll routine (bsc#1081134, git-fixes).\n- ibmvnic: Clean RX pool buffers during device close (bsc#1081134).\n- ibmvnic: Clean up device close (bsc#1084610).\n- ibmvnic: Correct goto target for tx irq initialization failure (bsc#1082223).\n- ibmvnic: Do not attempt to login if RX or TX queues are not allocated (bsc#1082993).\n- ibmvnic: Do not disable device during failover or partition migration (bsc#1084610).\n- ibmvnic: Do not handle RX interrupts when not up (bsc#1075066).\n- ibmvnic: Ensure that buffers are NULL after free (bsc#1080014).\n- ibmvnic: Fix early release of login buffer (bsc#1081134, git-fixes).\n- ibmvnic: fix empty firmware version and errors cleanup (bsc#1079038).\n- ibmvnic: fix firmware version when no firmware level has been provided by the VIOS server (bsc#1079038).\n- ibmvnic: Fix IP offload control buffer (bsc#1076899).\n- ibmvnic: Fix IPv6 packet descriptors (bsc#1076899).\n- ibmvnic: Fix login buffer memory leaks (bsc#1081134).\n- ibmvnic: Fix NAPI structures memory leak (bsc#1081134).\n- ibmvnic: Fix pending MAC address changes (bsc#1075627).\n- ibmvnic: Fix recent errata commit (bsc#1085239).\n- ibmvnic: Fix rx queue cleanup for non-fatal resets (bsc#1080014).\n- ibmvnic: Fix TX descriptor tracking again (bsc#1082993).\n- ibmvnic: Fix TX descriptor tracking (bsc#1081491).\n- ibmvnic: Free and re-allocate scrqs when tx/rx scrqs change (bsc#1081498).\n- ibmvnic: Free RX socket buffer in case of adapter error (bsc#1081134).\n- ibmvnic: Generalize TX pool structure (bsc#1085224).\n- ibmvnic: Handle TSO backing device errata (bsc#1085239).\n- ibmvnic: Harden TX/RX pool cleaning (bsc#1082993).\n- ibmvnic: Improve TX buffer accounting (bsc#1085224).\n- ibmvnic: Keep track of supplementary TX descriptors (bsc#1081491).\n- ibmvnic: Make napi usage dynamic (bsc#1081498).\n- ibmvnic: Modify buffer size and number of queues on failover (bsc#1076872).\n- ibmvnic: Move active sub-crq count settings (bsc#1081498).\n- ibmvnic: Pad small packets to minimum MTU size (bsc#1085239).\n- ibmvnic: queue reset when CRQ gets closed during reset (bsc#1080263).\n- ibmvnic: Remove skb->protocol checks in ibmvnic_xmit (bsc#1080384).\n- ibmvnic: Rename active queue count variables (bsc#1081498).\n- ibmvnic: Reorganize device close (bsc#1084610).\n- ibmvnic: Report queue stops and restarts as debug output (bsc#1082993).\n- ibmvnic: Reset long term map ID counter (bsc#1080364).\n- ibmvnic: Revert to previous mtu when unsupported value requested (bsc#1076872).\n- ibmvnic: Split counters for scrq/pools/napi (bsc#1082223).\n- ibmvnic: Update and clean up reset TX pool routine (bsc#1085224).\n- ibmvnic: Update release RX pool routine (bsc#1085224).\n- ibmvnic: Update TX and TX completion routines (bsc#1085224).\n- ibmvnic: Update TX pool initialization routine (bsc#1085224).\n- ibmvnic: Wait for device response when changing MAC (bsc#1078681).\n- ibmvnic: Wait until reset is complete to set carrier on (bsc#1081134).\n- ib/qib: Fix comparison error with qperf compare/swap test (FATE#321231 FATE#321473).\n- ib/rdmavt: restore IRQs on error path in rvt_create_ah() (bsc#973818, fate#319242).\n- ib/srpt: Disable RDMA access by the initiator (bnc#1012382).\n- ib/srpt: Fix ACL lookup during login (bsc#1024296 FATE#321265).\n- ib/srpt: Remove an unused structure member (bsc#1082979).\n- idle: i7300: add PCI dependency (bnc#1012382).\n- igb: check memory allocation failure (bnc#1012382).\n- igb: Free IRQs when device is hotplugged (bnc#1012382).\n- iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels (bnc#1012382).\n- iio: adis_lib: Initialize trigger before requesting interrupt (bnc#1012382).\n- iio: buffer: check if a buffer has been set up when poll is called (bnc#1012382).\n- ima: fix hash algorithm initialization (bnc#1012382).\n- inet: frag: release spinlock before calling icmp_send() (bnc#1012382).\n- input: 88pm860x-ts - fix child-node lookup (bnc#1012382).\n- input: elantech - add new icbody type 15 (bnc#1012382).\n- input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list (bnc#1012382).\n- input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning (bnc#1012382).\n- input: tca8418_keypad - remove double read of key event register (git-fixes).\n- input: trackpoint - force 3 buttons if 0 button is reported (bnc#1012382).\n- input: twl4030-vibra - fix sibling-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix child-node lookup (bnc#1012382).\n- input: twl6040-vibra - fix DT node memory management (bnc#1012382).\n- intel_th: pci: Add Gemini Lake support (bnc#1012382).\n- iommu/amd: Add align parameter to alloc_irq_index() (bsc#975772).\n- iommu/amd: Enforce alignment for MSI IRQs (bsc#975772).\n- iommu/amd: Fix alloc_irq_index() increment (bsc#975772).\n- iommu/amd: Limit the IOVA page range to the specified addresses (fate#321026).\n- iommu/arm-smmu-v3: Cope with duplicated Stream IDs (bsc#1084926).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bnc#1012382).\n- iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range (bsc#1084928).\n- iommu/vt-d: Fix scatterlist offset handling (bnc#1012382).\n- iommu/vt-d: Use domain instead of cache fetching (bsc#975772).\n- ip6_gre: remove the incorrect mtu limit for ipgre tap (bsc#1022912 FATE#321246).\n- ip6mr: fix stale iterator (bnc#1012382).\n- ip6_tunnel: disable dst caching if tunnel is dual-stack (bnc#1012382).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- ipmi: Stop timers before cleaning up the module (bnc#1012382).\n- ip_tunnel: fix preempt warning in ip tunnel creation/updating (bnc#1012382).\n- ip_tunnel: replace dst_cache with generic implementation (bnc#1012382).\n- ipv4: allow local fragmentation in ip_finish_output_gso() (bsc#1042286).\n- ipv4: fix checksum annotation in udp4_csum_init (bsc#1042286).\n- ipv4: Fix use-after-free when flushing FIB tables (bnc#1012382).\n- ipv4: igmp: guard against silly MTU values (bnc#1012382).\n- ipv4: ipconfig: avoid unused ic_proto_used symbol (bnc#1012382).\n- ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY (bnc#1012382).\n- ipv4: update comment to document GSO fragmentation cases (bsc#1042286).\n- ipv6: datagram: Refactor dst lookup and update codes to a new function (bsc#1042286).\n- ipv6: datagram: Refactor flowi6 init codes to a new function (bsc#1042286).\n- ipv6: datagram: Update dst cache of a connected datagram sk during pmtu update (bsc#1042286).\n- ipv6: fix checksum annotation in udp6_csum_init (bsc#1042286).\n- ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL (bnc#1012382).\n- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012382).\n- ipv6: fix udpv6 sendmsg crash caused by too small MTU (bnc#1012382).\n- ipv6: icmp6: Allow icmp messages to be looped back (bnc#1012382).\n- ipv6/ila: fix nlsize calculation for lwtunnel (bsc#1042286).\n- ipv6: ip6_make_skb() needs to clear cork.base.dst (git-fixes).\n- ipv6: mcast: better catch silly mtu values (bnc#1012382).\n- ipv6: remove unused in6_addr struct (bsc#1042286).\n- ipv6: reorder icmpv6_init() and ip6_mr_init() (bnc#1012382).\n- ipv6: tcp: fix endianness annotation in tcp_v6_send_response (bsc#1042286).\n- ipv6: udp: Do a route lookup and update during release_cb (bsc#1042286).\n- ipvlan: Add the skb->mark as flow4's member to lookup route (bnc#1012382).\n- ipvlan: fix ipv6 outbound device (bnc#1012382).\n- ipvlan: fix multicast processing (bsc#1042286).\n- ipvlan: fix various issues in ipvlan_process_multicast() (bsc#1042286).\n- ipvlan: remove excessive packet scrubbing (bsc#1070799).\n- irda: vlsi_ir: fix check for DMA mapping errors (bnc#1012382).\n- irqchip/crossbar: Fix incorrect type of register size (bnc#1012382).\n- irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq() (bnc#1012382).\n- iscsi_iser: Re-enable 'iser_pi_guard' module parameter (bsc#1062129).\n- iscsi-target: fix memory leak in lio_target_tiqn_addtpg() (bnc#1012382).\n- iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref (bnc#1012382).\n- isdn: eicon: reduce stack size of sig_ind function (bnc#1012382).\n- isdn: icn: remove a #warning (bnc#1012382).\n- isdn: kcapi: avoid uninitialized data (bnc#1012382).\n- isdn: sc: work around type mismatch warning (bnc#1012382).\n- iser-target: Fix possible use-after-free in connection establishment error (FATE#321732).\n- iw_cxgb4: Only validate the MSN for successful completions (bnc#1012382).\n- ixgbe: fix use of uninitialized padding (bnc#1012382).\n- jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path (git-fixes).\n- jump_label: Invoke jump_label_test() via early_initcall() (bnc#1012382).\n- Kabi: Keep KVM stable after enable s390 wire up bpb feature (bsc#1076805).\n- kABI: protect struct bpf_map (kabi).\n- kABI: protect struct cpuinfo_x86 (kabi).\n- kABI: protect struct ethtool_link_settings (bsc#1085050).\n- kABI: protect struct ip_tunnel and reintroduce ip_tunnel_dst_reset_all (kabi).\n- kABI: protect struct ipv6_pinfo (kabi).\n- kABI: protect struct t10_alua_tg_pt_gp (kabi).\n- kABI: protect struct usbip_device (kabi).\n- kABI: reintroduce crypto_poly1305_setkey (kabi).\n- kabi: restore kabi after 'net: replace dst_cache ip6_tunnel implementation with the generic one' (bsc#1082897).\n- kabi: restore nft_set_elem_destroy() signature (bsc#1042286).\n- kabi: restore rhashtable_insert_slow() signature (bsc#1042286).\n- kabi/severities: add sclp to KABI ignore list\n- kabi/severities: add __x86_indirect_thunk_rsp\n- kabi/severities: arm64: ignore cpu capability array\n- kabi/severities: as per bsc#1068569 we can ignore XFS kabi The gods have spoken, let there be light.\n- kabi/severities: do not care about stuff_RSB\n- kabi/severities: Ignore kvm for KABI severities\n- kabi: uninline sk_receive_skb() (bsc#1042286).\n- kaiser: fix compile error without vsyscall (bnc#1012382).\n- kaiser: fix intel_bts perf crashes (bnc#1012382).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382).\n- kasan: rework Kconfig settings (bnc#1012382).\n- kbuild: add '-fno-stack-check' to kernel build options (bnc#1012382).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- kbuild: pkg: use --transform option to prefix paths in tar (bnc#1012382).\n- kdb: Fix handling of kallsyms_symbol_next() return value (bnc#1012382).\n- kernel/acct.c: fix the acct->needcheck check in check_free_space() (bnc#1012382).\n- kernel/async.c: revert 'async: simplify lowest_in_progress()' (bnc#1012382).\n- kernel: fix rwlock implementation (bnc#1079886, LTC#164371).\n- kernel: make groups_sort calling a responsibility group_info allocators (bnc#1012382).\n- kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals (bnc#1012382).\n- kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL (bnc#1012382).\n- kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() (bnc#1012382).\n- kernfs: fix regression in kernfs_fop_write caused by wrong type (bnc#1012382).\n- keys: add missing permission check for request_key() destination (bnc#1012382).\n- keys: encrypted: fix buffer overread in valid_master_desc() (bnc#1012382).\n- kmemleak: add scheduling point to kmemleak_scan() (bnc#1012382).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bnc#1012382).\n- kpti: Rename to PAGE_TABLE_ISOLATION (bnc#1012382).\n- kpti: Report when enabled (bnc#1012382).\n- kvm: add X86_LOCAL_APIC dependency (bnc#1012382).\n- kvm: ARM64: fix phy counter access failure in guest (bsc#1085015).\n- kvm: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 (bsc#1079029).\n- kvm: Fix stack-out-of-bounds read in write_mmio (bnc#1012382).\n- kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types (bnc#1012382).\n- kvm: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bnc#1012382).\n- kvm: nVMX: invvpid handling improvements (bnc#1012382).\n- kvm: nVMX: kmap() can't fail (bnc#1012382).\n- kvm: nVMX: reset nested_run_pending if the vCPU is going to be reset (bnc#1012382).\n- kvm: nVMX: VMCLEAR should not cause the vCPU to shut down (bnc#1012382).\n- kvm: nVMX: vmx_complete_nested_posted_interrupt() can't fail (bnc#1012382).\n- kvm: pci-assign: do not map smm memory slot pages in vt-d page tables (bnc#1012382).\n- kvm: PPC: Book3S PR: Fix svcpu copying with preemption enabled (bsc#1066223).\n- kvm: s390: Add operation exception interception handler (FATE#324070, LTC#158959).\n- kvm: s390: Add sthyi emulation (FATE#324070, LTC#158959).\n- kvm: s390: Enable all facility bits that are known good for passthrough (bsc#1076805).\n- kvm: s390: Enable all facility bits that are known good for passthrough (FATE#324071, LTC#158956).\n- kvm: s390: Extend diag 204 fields (FATE#324070, LTC#158959).\n- kvm: s390: Fix STHYI buffer alignment for diag224 (FATE#324070, LTC#158959).\n- kvm: s390: instruction-execution-protection support (LTC#162428).\n- kvm: s390: Introduce BCD Vector Instructions to the guest (FATE#324072, LTC#158953).\n- kvm: s390: Introduce Vector Enhancements facility 1 to the guest (FATE#324072, LTC#158953).\n- kvm: s390: Limit sthyi execution (FATE#324070, LTC#158959).\n- kvm: s390: Populate mask of non-hypervisor managed facility bits (FATE#324071, LTC#158956).\n- kvm: s390: wire up bpb feature (bsc#1076805).\n- kvm: VMX: clean up declaration of VPID/EPT invalidation types (bnc#1012382).\n- kvm: VMX: Fix enable VPID conditions (bnc#1012382).\n- kvm: VMX: Fix rflags cache during vCPU reset (bnc#1012382).\n- kvm: VMX: Make indirect call speculation safe (bnc#1012382).\n- kvm: VMX: remove I/O port 0x80 bypass on Intel hosts (bnc#1012382).\n- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012382 bsc#1068032).\n- kvm: x86: Add memory barrier on vmcs field lookup (bnc#1012382).\n- kvm: x86: correct async page present tracepoint (bnc#1012382).\n- kvm: x86: Do not re-execute instruction when not passing CR2 value (bnc#1012382).\n- kvm: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure (bnc#1012382).\n- kvm: x86: fix escape of guest dr6 to the host (bnc#1012382).\n- kvm: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012382).\n- kvm: X86: Fix operand/address-size during instruction decoding (bnc#1012382).\n- kvm: x86: fix RSM when PCID is non-zero (bnc#1012382).\n- kvm: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered (bnc#1012382).\n- kvm: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race (bnc#1012382).\n- kvm: x86: ioapic: Preserve read-only values in the redirection table (bnc#1012382).\n- kvm: x86: Make indirect calls in emulator speculation safe (bnc#1012382).\n- kvm/x86: Reduce retpoline performance impact in slot_handle_level_range(), by always inlining iterator helper methods (bnc#1012382).\n- l2tp: cleanup l2tp_tunnel_delete calls (bnc#1012382).\n- l2tp: fix use-after-free during module unload (bsc#1042286).\n- lan78xx: Fix failure in USB Full Speed (bnc#1012382).\n- led: core: Fix brightness setting when setting delay_off=0 (bnc#1012382).\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (bnc#1012382).\n- libata: drop WARN from protocol error in ata_sff_qc_issue() (bnc#1012382).\n- libceph: check kstrndup() return value (bsc#1081735).\n- lib/genalloc.c: make the avail variable an atomic_long_t (bnc#1012382).\n- lib/mpi: Fix umul_ppmm() for MIPS64r6 (bnc#1012382).\n- lib/uuid.c: introduce a few more generic helpers (fate#315887, bsc#1082632).\n- lib/uuid.c: use correct offset in uuid parser (fate#315887, bsc#1082632).\n- livepatch: introduce shadow variable API (bsc#1082299 fate#313296). Shadow variables support.\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c (bsc#1082299 fate#313296). Shadow variables support.\n- lockd: fix 'list_add double add' caused by legacy signal interface (bnc#1012382).\n- loop: fix concurrent lo_open/lo_release (bnc#1012382).\n- mac80211: fix the update of path metric for RANN frame (bnc#1012382).\n- mac80211: mesh: drop frames appearing to be from us (bnc#1012382).\n- macvlan: Only deliver one copy of the frame to the macvlan interface (bnc#1012382).\n- Make DST_CACHE a silent config option (bnc#1012382).\n- mdio-sun4i: Fix a memory leak (bnc#1012382).\n- md: more open-coded offset_in_page() (bsc#1076110).\n- md/raid1: Use a new variable to count flighting sync requests(bsc#1083048)\n- media: cxusb, dib0700: ignore XC2028_I2C_FLUSH (bnc#1012382).\n- media: dvb: i2c transfers over usb cannot be done from stack (bnc#1012382).\n- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (bnc#1012382).\n- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (bnc#1012382).\n- media: r820t: fix r820t_write_reg for KASAN (bnc#1012382).\n- media: s5k6aa: describe some function parameters (bnc#1012382).\n- media: soc_camera: soc_scale_crop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- media: ts2020: avoid integer overflows on 32 bit machines (bnc#1012382).\n- media: usbtv: add a new usbid (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- mfd: cros ec: spi: Do not send first message too soon (bnc#1012382).\n- mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012382).\n- mfd: twl6040: Fix child-node lookup (bnc#1012382).\n- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: AR7: ensure the port type's FCR value is used (bnc#1012382).\n- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses (bnc#1012382).\n- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012382).\n- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA (bnc#1012382).\n- MIPS: Guard against any partial write attempt with PTRACE_SETREGSET (bnc#1012382).\n- MIPS: math-emu: Fix final emulation phase for certain instructions (bnc#1012382).\n- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task (bnc#1012382).\n- mlxsw: reg: Fix SPVMLR max record count (bnc#1012382).\n- mlxsw: reg: Fix SPVM max record count (bnc#1012382).\n- mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers (bnc#1012382).\n- mmc: bcm2835: Do not overwrite max frequency unconditionally (bsc#983145, git-fixes).\n- mmc: mediatek: Fixed bug where clock frequency could be set wrong (bnc#1012382).\n- mm: drop unused pmdp_huge_get_and_clear_notify() (bnc#1012382).\n- mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep (bnc#1012382).\n- mm: Handle 0 flags in _calc_vm_trans() macro (bnc#1012382).\n- mm: hide a #warning for COMPILE_TEST (bnc#1012382).\n- mm/kmemleak.c: make cond_resched() rate-limiting more efficient (git-fixes).\n- mm/mprotect: add a cond_resched() inside change_pmd_range() (bnc#1077871, bnc#1078002).\n- mm: pin address_space before dereferencing it while isolating an LRU page (bnc#1081500).\n- mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed (bnc#1012382).\n- mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP (bnc#1012382).\n- mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy (bnc#1012382).\n- modsign: hide openssl output in silent builds (bnc#1012382).\n- module: Add retpoline tag to VERMAGIC (bnc#1012382).\n- module/retpoline: Warn about missing retpoline in module (bnc#1012382).\n- module: set __jump_table alignment to 8 (bnc#1012382).\n- more bio_map_user_iov() leak fixes (bnc#1012382).\n- mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM (bsc#1078583).\n- mptfusion: hide unused seq_mpt_print_ioc_summary function (bnc#1012382).\n- mtd: cfi: convert inline functions to macros (bnc#1012382).\n- mtd: cfi: enforce valid geometry configuration (bnc#1012382).\n- mtd: ichxrom: maybe-uninitialized with gcc-4.9 (bnc#1012382).\n- mtd: maps: add __init attribute (bnc#1012382).\n- mtd: nand: brcmnand: Disable prefetch by default (bnc#1012382).\n- mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- mtd: nand: Fix nand_do_read_oob() return value (bnc#1012382).\n- mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM (bnc#1012382).\n- mtd: nand: sunxi: Fix ECC strength choice (bnc#1012382).\n- mtd: sh_flctl: pass FIFO as physical address (bnc#1012382).\n- mvpp2: fix multicast address filter (bnc#1012382).\n- ncpfs: fix unused variable warning (bnc#1012382).\n- ncr5380: shut up gcc indentation warning (bnc#1012382).\n- net: add dst_cache support (bnc#1012382).\n- net: Allow neigh contructor functions ability to modify the primary_key (bnc#1012382).\n- net/appletalk: Fix kernel memory disclosure (bnc#1012382).\n- net: arc_emac: fix arc_emac_rx() error paths (bnc#1012382).\n- net: avoid skb_warn_bad_offload on IS_ERR (bnc#1012382).\n- net: bcmgenet: correct MIB access of UniMAC RUNT counters (bnc#1012382).\n- net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values (bnc#1012382).\n- net: bcmgenet: power down internal phy if open or resume fails (bnc#1012382).\n- net: bcmgenet: Power up the internal PHY before probing the MII (bnc#1012382).\n- net: bcmgenet: reserved phy revisions must be checked first (bnc#1012382).\n- net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012382).\n- net: cdc_ncm: initialize drvflags before usage (bnc#1012382).\n- net: core: fix module type in sock_diag_bind (bnc#1012382).\n- net: Do not allow negative values for busy_read and busy_poll sysctl interfaces (bnc#1012382).\n- net: dst_cache_per_cpu_dst_set() can be static (bnc#1012382).\n- net: ena: add detection and recovery mechanism for handling missed/misrouted MSI-X (bsc#1083548).\n- net: ena: add new admin define for future support of IPv6 RSS (bsc#1083548).\n- net: ena: add power management ops to the ENA driver (bsc#1083548).\n- net: ena: add statistics for missed tx packets (bsc#1083548).\n- net: ena: fix error handling in ena_down() sequence (bsc#1083548).\n- net: ena: fix race condition between device reset and link up setup (bsc#1083548).\n- net: ena: fix rare kernel crash when bar memory remap fails (bsc#1083548).\n- net: ena: fix wrong max Tx/Rx queues on ethtool (bsc#1083548).\n- net: ena: improve ENA driver boot time (bsc#1083548).\n- net: ena: increase ena driver version to 1.3.0 (bsc#1083548).\n- net: ena: increase ena driver version to 1.5.0 (bsc#1083548).\n- net: ena: reduce the severity of some printouts (bsc#1083548).\n- net: ena: remove legacy suspend suspend/resume support (bsc#1083548).\n- net: ena: Remove redundant unlikely() (bsc#1083548).\n- net: ena: unmask MSI-X only after device initialization is completed (bsc#1083548).\n- net: ethernet: cavium: Correct Cavium Thunderx NIC driver names accordingly to module name (bsc#1085011).\n- net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit (bnc#1012382).\n- net: ethtool: Add back transceiver type (bsc#1085050).\n- net: ethtool: remove error check for legacy setting transceiver type (bsc#1085050).\n- net: fec: fix multicast filtering hardware setup (bnc#1012382).\n- netfilter: bridge: honor frag_max_size when refragmenting (bnc#1012382).\n- netfilter: do not track fragmented packets (bnc#1012382).\n- netfilter: drop outermost socket lock in getsockopt() (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() (bnc#1012382).\n- netfilter: ipvs: avoid unused variable warnings (bnc#1012382).\n- netfilter: ipvs: Fix inappropriate output of procfs (bnc#1012382).\n- netfilter: nfnetlink_queue: fix secctx memory leak (bnc#1012382).\n- netfilter: nfnetlink_queue: fix timestamp attribute (bsc#1074134).\n- netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table (bnc#1012382).\n- netfilter: nfnl_cthelper: Fix memory leak (bnc#1012382).\n- netfilter: nfnl_cthelper: fix runtime expectation policy updates (bnc#1012382).\n- netfilter: nf_queue: Make the queue_handler pernet (bnc#1012382).\n- netfilter: nf_tables: fix a wrong check to skip the inactive rules (bsc#1042286).\n- netfilter: nf_tables: fix inconsistent element expiration calculation (bsc#1042286).\n- netfilter: nf_tables: fix *leak* when expr clone fail (bsc#1042286).\n- netfilter: nf_tables: fix race when create new element in dynset (bsc#1042286).\n- netfilter: on sockopt() acquire sock lock only in the required scope (bnc#1012382).\n- netfilter: tee: select NF_DUP_IPV6 unconditionally (bsc#1042286).\n- netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (bnc#1012382).\n- netfilter: x_tables: fix int overflow in xt_alloc_table_info() (bnc#1012382).\n- netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert (bnc#1012382).\n- netfilter: xt_socket: fix transparent match for IPv6 request sockets (bsc#1042286).\n- net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012382).\n- net: gianfar_ptp: move set_fipers() to spinlock protecting area (bnc#1012382).\n- net: hns: add ACPI mode support for ethtool -p (bsc#1084041).\n- net: hp100: remove unnecessary #ifdefs (bnc#1012382).\n- net: igmp: add a missing rcu locking section (bnc#1012382).\n- net: igmp: fix source address check for IGMPv3 reports (bnc#1012382).\n- net: igmp: Use correct source address on IGMPv3 reports (bnc#1012382).\n- net: initialize msg.msg_flags in recvfrom (bnc#1012382).\n- net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012382).\n- net/ipv4: Introduce IPSKB_FRAG_SEGS bit to inet_skb_parm.flags (bsc#1042286).\n- netlink: fix nla_put_{u8,u16,u32} for KASAN (bnc#1012382).\n- net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y (bnc#1012382).\n- net/mlx5: Avoid NULL pointer dereference on steering cleanup (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Cleanup IRQs in case of unload failure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Add refcount to VXLAN structure (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix features check of IPv6 traffic (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare (bsc#1015342).\n- net/mlx5e: Fix loopback self test when GRO is off (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5e: Fix possible deadlock of VXLAN lock (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Fix wrong delay calculation for overflow check scheduling (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Prevent possible races in VXLAN control flow (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5e: Verify inline header size do not exceed SKB linear size (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Fix rate limit packet pacing naming and struct (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net/mlx5: Stay in polling mode when command EQ destroy fails (bsc#966170 FATE#320225 bsc#966172 FATE#320226).\n- net/mlx5: Use 128B cacheline size for 128B or larger cachelines (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).\n- net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012382).\n- net: mvneta: clear interface link status on port disable (bnc#1012382).\n- net: mvneta: eliminate wrong call to handle rx descriptor error (fate#319899).\n- net: mvneta: use proper rxq_number in loop on rx queues (fate#319899).\n- net/packet: fix a race in packet_bind() and packet_notifier() (bnc#1012382).\n- net: phy: at803x: Change error to EINVAL for invalid MAC (bnc#1012382).\n- net: phy: Keep reporting transceiver type (bsc#1085050).\n- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012382).\n- net: qdisc_pkt_len_init() should be more robust (bnc#1012382).\n- net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012382).\n- net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4 (bnc#1012382).\n- net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012382).\n- net: replace dst_cache ip6_tunnel implementation with the generic one (bnc#1012382).\n- net: Resend IGMP memberships upon peer notification (bnc#1012382).\n- net_sched: red: Avoid devision by zero (bnc#1012382).\n- net_sched: red: Avoid illegal values (bnc#1012382).\n- net: sctp: fix array overrun read on sctp_timer_tbl (bnc#1012382).\n- net/smc: fix NULL pointer dereference on sock_create_kern() error path (bsc#1082979).\n- net: stmmac: enable EEE in MII, GMII or RGMII only (bnc#1012382).\n- net: systemport: Pad packet before inserting TSB (bnc#1012382).\n- net: systemport: Utilize skb_put_padto() (bnc#1012382).\n- net: tcp: close sock if net namespace is exiting (bnc#1012382).\n- netvsc: allow controlling send/recv buffer size (fate#315887, bsc#1082632).\n- netvsc: allow driver to be removed even if VF is present (fate#315887, bsc#1082632).\n- netvsc: check error return when restoring channels and mtu (fate#315887, bsc#1082632).\n- netvsc: cleanup datapath switch (fate#315887, bsc#1082632).\n- netvsc: do not signal host twice if empty (fate#315887, bsc#1082632).\n- netvsc: fix deadlock betwen link status and removal (fate#315887, bsc#1082632).\n- netvsc: increase default receive buffer size (fate#315887, bsc#1082632).\n- netvsc: keep track of some non-fatal overload conditions (fate#315887, bsc#1082632).\n- netvsc: no need to allocate send/receive on numa node (fate#315887, bsc#1082632).\n- netvsc: propagate MAC address change to VF slave (fate#315887, bsc#1082632).\n- netvsc: remove unnecessary cast of void pointer (fate#315887, bsc#1082632).\n- netvsc: remove unnecessary check for NULL hdr (fate#315887, bsc#1082632).\n- netvsc: whitespace cleanup (fate#315887, bsc#1082632).\n- net: vxlan: lwt: Fix vxlan local traffic (bsc#1042286).\n- net: vxlan: lwt: Use source ip address during route lookup (bsc#1042286).\n- net: wimax/i2400m: fix NULL-deref at probe (bnc#1012382).\n- nfs: Add a cond_resched() to nfs_commit_release_pages() (bsc#1077779).\n- nfs: commit direct writes even if they fail partially (bnc#1012382).\n- nfsd: auth: Fix gid sorting when rootsquash enabled (bnc#1012382).\n- nfsd: check for use of the closed special stateid (bnc#1012382).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (bnc#1012382).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (bnc#1012382).\n- NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) (bnc#1012382).\n- NFSD: fix nfsd_reset_versions for NFSv4 (bnc#1012382).\n- nfs: Do not convert nfs_idmap_cache_timeout to jiffies (git-fixes).\n- nfs: Do not take a reference on fl->fl_file for LOCK operation (bnc#1012382).\n- nfs: fix a deadlock in nfs client initialization (bsc#1074198).\n- NFS: Fix a typo in nfs_rename() (bnc#1012382).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (bnc#1012382).\n- nfs: reject request for id_legacy key without auxdata (bnc#1012382).\n- nfs: Trunking detection should handle ERESTARTSYS/EINTR (bsc#1074198).\n- NFSv4.1 respect server's max size in CREATE_SESSION (bnc#1012382).\n- NFSv4: Fix client recovery when server reboots multiple times (bnc#1012382).\n- nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012382).\n- n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012382).\n- nvme_fc: cleanup io completion (bsc#1079609).\n- nvme_fc: correct abort race condition on resets (bsc#1079609).\n- nvme_fc: correct hang in nvme_ns_remove() (bsc#1075811).\n- nvme_fc: fix abort race on teardown with lld reject (bsc#1083750).\n- nvme_fc: fix ctrl create failures racing with workq items (bsc#1076982).\n- nvme_fc: fix rogue admin cmds stalling teardown (bsc#1075811).\n- nvme_fc: io timeout should defer abort to ctrl reset (bsc#1085054).\n- nvme-fc: kick admin requeue list on disconnect (bsc#1077241).\n- nvme-fc: merge error on sles12sp3 for reset_work (bsc#1079195).\n- nvme_fc: minor fixes on sqsize (bsc#1076760).\n- nvme_fc: on remoteport reuse, set new nport_id and role (bsc#1076760).\n- nvme_fc: rework sqsize handling (bsc#1076760).\n- nvme: Fix managing degraded controllers (bnc#1012382).\n- nvme: Fix setting logical block format when revalidating (bsc#1079313).\n- nvme: only start KATO if the controller is live (bsc#1083387).\n- nvme-pci: clean up CMB initialization (bsc#1082979).\n- nvme-pci: clean up SMBSZ bit definitions (bsc#1082979).\n- nvme-pci: consistencly use ctrl->device for logging (bsc#1082979).\n- nvme-pci: fix typos in comments (bsc#1082979).\n- nvme-pci: Remap CMB SQ entries on every controller reset (bsc#1082979).\n- nvme-pci: Remove watchdog timer (bsc#1066163).\n- nvme-pci: Use PCI bus address for data/queues in CMB (bsc#1082979).\n- nvme: Quirks for PM1725 controllers (bsc#1082979).\n- nvme_rdma: clear NVME_RDMA_Q_LIVE bit if reconnect fails (bsc#1083770).\n- nvme-rdma: fix concurrent reset and reconnect (bsc#1082979).\n- nvme: remove nvme_revalidate_ns (bsc#1079313).\n- ocfs2: return error when we attempt to access a dirty bh in jbd2 (bsc#1070404).\n- openrisc: fix issue handling 8 byte get_user calls (bnc#1012382).\n- openvswitch: fix the incorrect flow action alloc size (bnc#1012382).\n- ovl: fix failure to fsync lower dir (bnc#1012382).\n- ovs/geneve: fix rtnl notifications on iface deletion (bsc#1042286).\n- ovs/gre: fix rtnl notifications on iface deletion (bsc#1042286).\n- ovs/gre,geneve: fix error path when creating an iface (bsc#1042286).\n- ovs/vxlan: fix rtnl notifications on iface deletion (bsc#1042286).\n- packet: fix crash in fanout_demux_rollover() (bnc#1012382).\n- parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel (bnc#1012382).\n- parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012382).\n- partially revert tipc improve link resiliency when rps is activated (bsc#1068038).\n- PCI/AER: Report non-fatal errors only to the affected endpoint (bnc#1012382).\n- pci/ASPM: Do not retrain link if ASPM not possible (bnc#1071892).\n- PCI: Avoid bus reset if bridge itself is broken (bnc#1012382).\n- PCI: Create SR-IOV virtfn/physfn links before attaching driver (bnc#1012382).\n- PCI: Detach driver before procfs & sysfs teardown on device remove (bnc#1012382).\n- pci: hv: Do not sleep in compose_msi_msg() (fate#315887, bsc#1082632).\n- pci: keystone: Fix interrupt-controller-node lookup (bnc#1012382).\n- pci/MSI: Fix msi_desc->affinity memory leak when freeing MSI IRQs (bsc#1082979).\n- PCI/PME: Handle invalid data when reading Root Status (bnc#1012382).\n- PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012382).\n- perf bench numa: Fixup discontiguous/sparse numa nodes (bnc#1012382).\n- perf symbols: Fix symbols__fixup_end heuristic for corner cases (bnc#1012382).\n- perf test attr: Fix ignored test case result (bnc#1012382).\n- perf top: Fix window dimensions change handling (bnc#1012382).\n- perf/x86: Shut up false-positive -Wmaybe-uninitialized warning (bnc#1012382).\n- phy: work around 'phys' references to usb-nop-xceiv devices (bnc#1012382).\n- pinctrl: adi2: Fix Kconfig build problem (bnc#1012382).\n- pinctrl: st: add irq_request/release_resources callbacks (bnc#1012382).\n- pinctrl: sunxi: Fix A80 interrupt pin bank (bnc#1012382).\n- pipe: avoid round_pipe_size() nr_pages overflow on 32-bit (bnc#1012382).\n- pktcdvd: Fix pkt_setup_dev() error path (bnc#1012382).\n- platform/x86: intel_mid_thermal: Fix suspend handlers unused warning (bnc#1012382).\n- pm / devfreq: Propagate error from devfreq_add_device() (bnc#1012382).\n- pm / wakeirq: Fix unbalanced IRQ enable for wakeirq (bsc#1031717).\n- posix-timer: Properly check sigevent->sigev_notify (bnc#1012382).\n- power: bq27xxx_battery: mark some symbols __maybe_unused (bnc#1012382).\n- powerpc/64: Add macros for annotating the destination of rfid/hrfid (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64: Fix flush_(d|i)cache_range() called from modules (FATE#315275 LTC#103998 bnc#1012382 bnc#863764).\n- powerpc/64s: Add EX_SIZE definition for paca exception save areas (bsc#1068032, bsc#1075087).\n- powerpc/64s: Add support for RFI flush of L1-D cache (bsc#1068032,  bsc#1075087).\n- powerpc/64s: Allow control of RFI flush via debugfs (bsc#1068032, bsc#1075087).\n- powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL (bsc#1068032, bsc#1075087).\n- powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR (bnc#1012382).\n- powerpc/64s: Improve RFI L1-D cache flush fallback (bsc#1068032, bsc#1075087).\n- powerpc/64s: Simple RFI macro conversions (bsc#1068032, bsc#1075087).\n- powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti (bsc#1068032, bsc#1075087).\n- powerpc/64s: Wire up cpu_show_meltdown() (bsc#1068032).\n- powerpc/asm: Allow including ppc_asm.h in asm files (bsc#1068032, bsc#1075087).\n- powerpc: Do not preempt_disable() in show_cpuinfo() (bsc#1066223).\n- powerpc/ipic: Fix status get and status clear (bnc#1012382).\n- powerpc/numa: Ensure nodes initialized for hotplug (FATE#322022, bsc#1081514).\n- powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove (bsc#1081512).\n- powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes (FATE#322022, bsc#1081514).\n- powerpc/perf: Dereference BHRB entries safely (bsc#1066223).\n- powerpc/perf: Fix oops when grouping different pmu events (bnc#1012382).\n- powerpc/perf/hv-24x7: Fix incorrect comparison in memord (bnc#1012382).\n- powerpc/powernv: Check device-tree for RFI flush settings (bsc#1068032,  bsc#1075087).\n- powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo (bnc#1012382).\n- powerpc/powernv: Fix MCE handler to avoid trashing CR0/CR1 registers (bsc#1066223).\n- powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested (bnc#1012382).\n- powerpc/powernv: Move IDLE_STATE_ENTER_SEQ macro to cpuidle.h (bsc#1066223).\n- powerpc/powernv: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Fix cpu hotplug crash with memoryless nodes (FATE#322022, bsc#1081514).\n- powerpc/pseries: include linux/types.h in asm/hvcall.h (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Introduce H_GET_CPU_CHARACTERISTICS (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Query hypervisor for RFI flush settings (bsc#1068032,  bsc#1075087).\n- powerpc/pseries: rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries/rfi-flush: Call setup_rfi_flush() after LPM migration (bsc#1068032, bsc#1075087).\n- powerpc/pseries: Support firmware disable of RFI flush (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Add DEBUG_RFI config option (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Make setup_rfi_flush() not __init (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move RFI flush fields out of the paca (unbreak kABI) (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: Move the logic to avoid a redo into the sysfs code (bsc#1068032, bsc#1075087).\n- powerpc/rfi-flush: prevent crash when changing flush type to fallback after system boot (bsc#1068032, bsc#1075087).\n- powerpc: Simplify module TOC handling (bnc#1012382).\n- power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012382).\n- ppp: Destroy the mutex when cleanup (bnc#1012382).\n- pppoe: take ->needed_headroom of lower device into account on xmit (bnc#1012382).\n- profile: hide unused functions when !CONFIG_PROC_FS (bnc#1012382).\n- Provide a function to create a NUL-terminated string from unterminated data (bnc#1012382).\n- pwc: hide unused label (bnc#1012382).\n- qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).\n- qla2xxx: Add FC-NVMe abort processing (bsc#1084427).\n- qla2xxx: asynchronous pci probing (bsc#1034503).\n- qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).\n- qla2xxx: Convert QLA_TGT_ABTS to TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1043726,FATE#324770).\n- qla2xxx: do not check login_state if no loop id is assigned (bsc#1081681).\n- qla2xxx: ensure async flags are reset correctly (bsc#1081681).\n- qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).\n- qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).\n- qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) (bsc#1043726,FATE#324770).\n- qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).\n- qla2xxx: Fix NVMe entry_type for iocb packet on BE system (bsc#1043726,FATE#324770).\n- qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).\n- qla2xxx: Fixup locking for session deletion (bsc#1081681).\n- qla2xxx: Remove nvme_done_list (bsc#1084427).\n- qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).\n- qla2xxx: remove use of FC-specific error codes (bsc#1043726,FATE#324770).\n- qla2xxx: Restore ZIO threshold setting (bsc#1084427).\n- qla2xxx: Return busy if rport going away (bsc#1084427).\n- qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).\n- qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).\n- qlcnic: fix deadlock bug (bnc#1012382).\n- r8152: fix the list rx_done may be used without initialization (bnc#1012382).\n- r8152: prevent the driver from transmitting packets with carrier off (bnc#1012382).\n- r8169: fix memory corruption on retrieval of hardware statistics (bnc#1012382).\n- r8169: fix RTL8168EP take too long to complete driver initialization (bnc#1012382).\n- raid5: Set R5_Expanded on parity devices as well as data (bnc#1012382).\n- ravb: Remove Rx overflow log messages (bnc#1012382).\n- rbd: set max_segments to USHRT_MAX (bnc#1012382).\n- RDMA/cma: Avoid triggering undefined behavior (bnc#1012382).\n- rdma/cma: Make sure that PSN is not over max allowed (bnc#1012382).\n- RDMA/i40iw: Remove MSS change support (bsc#1024376 FATE#321249).\n- rdma/uverbs: Protect from command mask overflow (bsc#1082979).\n- rds: Fix NULL pointer dereference in __rds_rdma_map (bnc#1012382).\n- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012382).\n- RDS: null pointer dereference in rds_atomic_free_op (bnc#1012382).\n- regulator: core: Rely on regulator_dev_release to free constraints (bsc#1074847).\n- regulator: da9063: Return an error code on probe failure (bsc#1074847).\n- regulator: pwm: Fix regulator ramp delay for continuous mode (bsc#1074847).\n- regulator: Try to resolve regulators supplies on registration (bsc#1074847).\n- reiserfs: avoid a -Wmaybe-uninitialized warning (bnc#1012382).\n- Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (bnc#1012382).\n- Revert 'Bluetooth: btusb: fix QCA Rome suspend/resume' (bnc#1012382).\n- Revert 'drm/armada: Fix compile fail' (bnc#1012382).\n- Revert 'Enable DEBUG_RFI'\n- Revert 'kaiser: vmstat show NR_KAISERTABLE as nr_overhead' (kabi).\n- Revert 'lib/genalloc.c: make the avail variable an atomic_long_t' (kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (bnc#1012382 kabi).\n- Revert 'module: Add retpoline tag to VERMAGIC' (kabi).\n- Revert 'net: replace dst_cache ip6_tunnel implementation with the generic one' (kabi bnc#1082897).\n- Revert 'ocfs2: should wait dio before inode lock in ocfs2_setattr()' (bnc#1012382).\n- Revert 'power: bq27xxx_battery: Remove unneeded dependency in Kconfig' (bnc#1012382).\n- Revert 's390/kbuild: enable modversions for symbols exported from asm' (bnc#1012382).\n- Revert 'sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks' (kabi).\n- Revert 'scsi: libsas: align sata_device's rps_resp on a cacheline' (kabi).\n- Revert 'spi: SPI_FSL_DSPI should depend on HAS_DMA' (bnc#1012382).\n- Revert 'userfaultfd: selftest: vm: allow to build in vm/ directory' (bnc#1012382).\n- Revert 'x86/efi: Build our own page table structures' (bnc#1012382).\n- Revert 'x86/efi: Hoist page table switching code into efi_call_virt()' (bnc#1012382).\n- Revert 'x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0'\n- Revert 'x86/entry/64: Use a per-CPU trampoline stack for IDT entries'\n- Revert 'x86/mm/pat: Ensure cpa->pfn only contains page frame numbers' (bnc#1012382).\n- rfi-flush: Make DEBUG_RFI a CONFIG option (bsc#1068032, bsc#1075087).\n- rfi-flush: Move the logic to avoid a redo into the debugfs code (bsc#1068032, bsc#1075087).\n- rfi-flush: Switch to new linear fallback flush (bsc#1068032, bsc#1075087).\n- rhashtable: add rhashtable_lookup_get_insert_key() (bsc#1042286).\n- ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012382).\n- route: also update fnhe_genid when updating a route cache (bnc#1012382).\n- route: update fnhe_expires for redirect when the fnhe exists (bnc#1012382).\n- rtc: cmos: Initialize hpet timer before irq is registered (bsc#1077592).\n- rtc-opal: Fix handling of firmware error codes, prevent busy loops (bnc#1012382).\n- rtc: pcf8563: fix output clock rate (bnc#1012382).\n- rtc: pl031: make interrupt optional (bnc#1012382).\n- rtc: set the alarm to the next expiring timer (bnc#1012382).\n- rtlwifi: fix gcc-6 indentation warning (bnc#1012382).\n- rtlwifi: rtl8821ae: Fix connection lost problem correctly (bnc#1012382).\n- s390: add no-execute support (FATE#324087, LTC#158827).\n- s390: always save and restore all registers on context switch (bnc#1012382).\n- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).\n- s390/dasd: fix handling of internal requests (bsc#1080321).\n- s390/dasd: fix wrongly assigned configuration data (bnc#1012382).\n- s390/dasd: prevent prefix I/O error (bnc#1012382).\n- s390: fix compat system call table (bnc#1012382).\n- s390: fix handling of -1 in set{,fs}[gu]id16 syscalls (bnc#1012382).\n- s390: hypfs: Move diag implementation and data definitions (FATE#324070, LTC#158959).\n- s390: kvm: Cpu model support for msa6, msa7 and msa8 (FATE#324069, LTC#159031).\n- s390: Make cpc_name accessible (FATE#324070, LTC#158959).\n- s390: Make diag224 public (FATE#324070, LTC#158959).\n- s390/mem_detect: use unsigned longs (FATE#324071, LTC#158956).\n- s390/mm: align swapper_pg_dir to 16k (FATE#324087, LTC#158827).\n- s390/mm: always use PAGE_KERNEL when mapping pages (FATE#324087, LTC#158827).\n- s390/noexec: execute kexec datamover without DAT (FATE#324087, LTC#158827).\n- s390/oprofile: fix address range for asynchronous stack (bsc#1082979).\n- s390/pageattr: allow kernel page table splitting (FATE#324087, LTC#158827).\n- s390/pageattr: avoid unnecessary page table splitting (FATE#324087, LTC#158827).\n- s390/pageattr: handle numpages parameter correctly (FATE#324087, LTC#158827).\n- s390/pci_dma: improve lazy flush for unmap (bnc#1079886, LTC#163393).\n- s390/pci_dma: improve map_sg (bnc#1079886, LTC#163393).\n- s390/pci_dma: make lazy flush independent from the tlb_refresh bit (bnc#1079886, LTC#163393).\n- s390/pci_dma: remove dma address range check (bnc#1079886, LTC#163393).\n- s390/pci_dma: simplify dma address calculation (bnc#1079886, LTC#163393).\n- s390/pci_dma: split dma_update_trans (bnc#1079886, LTC#163393).\n- s390/pci: do not require AIS facility (bnc#1012382).\n- s390/pci: fix dma address calculation in map_sg (bnc#1079886, LTC#163393).\n- s390/pci: handle insufficient resources during dma tlb flush (bnc#1079886, LTC#163393).\n- s390/pgtable: introduce and use generic csp inline asm (FATE#324087, LTC#158827).\n- s390/pgtable: make pmd and pud helper functions available (FATE#324087, LTC#158827).\n- s390/qeth: fix underestimated count of buffer elements (bnc#1082089, LTC#164529).\n- s390/qeth: no ETH header for outbound AF_IUCV (LTC#156276 bnc#1012382 bnc#1053472).\n- s390: report new vector facilities (FATE#324088, LTC#158828).\n- s390/runtime instrumentation: simplify task exit handling (bnc#1012382).\n- s390/sclp: Add hmfai field (FATE#324071, LTC#158956).\n- s390/vmem: align segment and region tables to 16k (FATE#324087, LTC#158827).\n- s390/vmem: introduce and use SEGMENT_KERNEL and REGION3_KERNEL (FATE#324087, LTC#158827).\n- s390/vmem: simplify vmem code for read-only mappings (FATE#324087, LTC#158827).\n- sch_dsmark: fix invalid skb_cow() usage (bnc#1012382).\n- sched/deadline: Make sure the replenishment timer fires in the next period (bnc#1012382).\n- sched/deadline: Throttle a constrained deadline task activated after the deadline (bnc#1012382).\n- sched/deadline: Use deadline instead of period when calculating overflow (bnc#1012382).\n- sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks (bnc#1012382).\n- sched/deadline: Zero out positive runtime after throttling constrained tasks (git-fixes).\n- sched/rt: Up the root domain ref count when passing it around via IPIs (bnc#1012382).\n- sched/rt: Use container_of() to get root domain in rto_push_irq_work_func() (bnc#1012382).\n- scripts/kernel-doc: Do not fail with status != 0 if error encountered with -none (bnc#1012382).\n- scsi: aacraid: Fix hang in kdump (bsc#1022607, FATE#321673).\n- scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path (bnc#1012382).\n- scsi: advansys: fix build warning for PCI=n (bnc#1012382).\n- scsi: advansys: fix uninitialized data access (bnc#1012382).\n- scsi: bfa: integer overflow in debugfs (bnc#1012382).\n- scsi: cxgb4i: fix Tx skb leak (bnc#1012382).\n- scsi: do not look for NULL devices handlers by name (bsc#1082373).\n- scsi: fas216: fix sense buffer initialization (bsc#1082979).\n- scsi: fdomain: drop fdomain_pci_tbl when built-in (bnc#1012382).\n- scsi: handle ABORTED_COMMAND on Fujitsu ETERNUS (bsc#1069138).\n- scsi: hisi_sas: directly attached disk LED feature for v2 hw (bsc#1083409).\n- scsi: hpsa: cleanup sas_phy structures in sysfs when unloading (bnc#1012382).\n- scsi: hpsa: destroy sas transport properties before scsi_host (bnc#1012382).\n- scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info (bnc#1012382).\n- scsi: initio: remove duplicate module device table (bnc#1012382 bsc#1082979).\n- scsi: initio: remove duplicate module device table (bsc#1082979).\n- scsi: libsas: align sata_device's rps_resp on a cacheline (bnc#1012382).\n- scsi: libsas: fix error when getting phy events (bsc#1082979).\n- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (bsc#1082979).\n- scsi: lpfc: Add WQ Full Logic for NVME Target (bsc#1080656).\n- scsi: lpfc: Allow set of maximum outstanding SCSI cmd limit for a target (bsc#1080656).\n- scsi: lpfc: Beef up stat counters for debug (bsc#1076693).\n- scsi: lpfc: correct debug counters for abort (bsc#1080656).\n- scsi: lpfc: do not dereference localport before it has been null checked (bsc#1076693).\n- scsi: lpfc: Do not return internal MBXERR_ERROR code from probe function (bsc#1082979).\n- scsi: lpfc: fix a couple of minor indentation issues (bsc#1076693).\n- scsi: lpfc: Fix -EOVERFLOW behavior for NVMET and defer_rcv (bsc#1076693).\n- scsi: lpfc: Fix header inclusion in lpfc_nvmet (bsc#1080656).\n- scsi: lpfc: Fix infinite wait when driver unregisters a remote NVME port (bsc#1076693).\n- scsi: lpfc: Fix IO failure during hba reset testing with nvme io (bsc#1080656).\n- scsi: lpfc: Fix issue_lip if link is disabled (bsc#1080656).\n- scsi: lpfc: Fix issues connecting with nvme initiator (bsc#1076693).\n- scsi: lpfc: Fix nonrecovery of NVME controller after cable swap (bsc#1080656).\n- scsi: lpfc: Fix PRLI handling when topology type changes (bsc#1080656).\n- scsi: lpfc: Fix receive PRLI handling (bsc#1076693).\n- scsi: lpfc: Fix RQ empty firmware trap (bsc#1080656).\n- scsi: lpfc: Fix SCSI io host reset causing kernel crash (bsc#1080656).\n- scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled (bsc#1076693).\n- scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing (bsc#1080656).\n- scsi: lpfc: Increase CQ and WQ sizes for SCSI (bsc#1080656).\n- scsi: lpfc: Increase SCSI CQ and WQ sizes (bsc#1076693).\n- scsi: lpfc: Indicate CONF support in NVMe PRLI (bsc#1080656).\n- scsi: lpfc: move placement of target destroy on driver detach (bsc#1080656).\n- scsi: lpfc: Treat SCSI Write operation Underruns as an error (bsc#1080656).\n- scsi: lpfc: Update 11.4.0.7 modified files for 2018 Copyright (bsc#1080656).\n- scsi: lpfc: update driver version to 11.4.0.6 (bsc#1076693).\n- scsi: lpfc: update driver version to 11.4.0.7 (bsc#1080656).\n- scsi: lpfc: Use after free in lpfc_rq_buf_free() (bsc#1037838).\n- scsi: lpfc: Validate adapter support for SRIU option (bsc#1080656).\n- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (bnc#1012382).\n- scsi: mvumi: use __maybe_unused to hide pm functions (bnc#1012382).\n- scsi: qla2xxx: Ability to process multiple SGEs in Command SGL for CT passthrough commands (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Accelerate SCSI BUSY status generation in target mode (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add ability to autodetect SFP type (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ability to send PRLO (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ability to use GPNFT/GNNFT for RSCN handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ATIO-Q processing for INTx mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add boundary checks for exchanges to be offloaded (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add command completion for error path (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add debug knob for user control workload (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add debug logging routine for qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Added change to enable ZIO for FC-NVMe devices (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe command handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe F/W initialization and transport registration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add FC-NVMe port discovery and PRLI handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add function call to qpair for door bell (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add fw_started flags to qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add lock protection around host lookup (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add LR distance support from nvram bit (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: add missing includes for qla_isr (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add option for use reserve exch for ELS (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add ql2xiniexchg parameter (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Add retry limit for fabric scan logic (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add support for minimum link speed (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add switch command to simplify fabric discovery (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add timeout ability to wait_for_sess_deletion() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Add XCB counters to debugfs (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow ABTS, PURX, RIDA on ATIOQ for ISP83XX/27XX (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Allow MBC_GET_PORT_DATABASE to query and save the port states (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow relogin and session creation after reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow SNS fabric login to be retried (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Allow target mode to accept PRLI in dual mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: avoid unused-function warning (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Change ha->wq max_active value to default (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Changes to support N2N logins (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Chip reset uses wrong lock during IO flush (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Cleanup FC-NVMe code (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Cleanup NPIV host in target mode during config teardown (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Clear fc4f_nvme flag (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Clear loop id after delete (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Combine Active command arrays (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Convert 32-bit LUN usage to 64-bit (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Defer processing of GS IOCB calls (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Delay loop id allocation at login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Do not call abort handler function during chip reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Do not call dma_free_coherent with IRQ disabled (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: do not include <generated/utsrelease.h> (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Enable Async TMF processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Enable ATIO interrupt handshake for ISP27XX (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Enable Target Multi Queue (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix abort command deadlock due to spinlock (FATE#320146, bsc#966328).\n- scsi: qla2xxx: fix a bunch of typos and spelling mistakes (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix a locking imbalance in qlt_24xx_handle_els() (bsc#1082979).\n- scsi: qla2xxx: Fix compile warning (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix FC-NVMe LUN discovery (bsc#1083223).\n- scsi: qla2xxx: Fix Firmware dump size for Extended login and Exchange Offload (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix GPNFT/GNNFT error handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix gpnid error processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix incorrect handle for abort IOCB (bsc#1082979).\n- scsi: qla2xxx: Fix login state machine freeze (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix login state machine stuck at GPDB (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix logo flag for qlt_free_session_done() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix mailbox failure while deleting Queue pairs (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Fix memory leak in dual/target mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NPIV host cleanup in target mode (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NPIV host enable after chip reset (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NULL pointer access for fcport structure (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS (bsc#1082979).\n- scsi: qla2xxx: Fix NULL pointer crash due to probe failure (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix oops in qla2x00_probe_one error path (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix PRLI state check (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix queue ID for async abort with Multiqueue (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix recursion while sending terminate exchange (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix Relogin being triggered too fast (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix re-login for Nport Handle in use (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix remoteport disconnect for FC-NVMe (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix scan state field for fcport (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix session cleanup for N2N (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix slow mem alloc behind lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: fix spelling mistake of variable sfp_additonal_info (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash for Notify ack timeout handling (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system crash while triggering FW dump (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix system panic due to pointer access problem (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix target multiqueue configuration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix task mgmt handling for NPIV (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning during port_name debug print (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning for code intentation in __qla24xx_handle_gpdb_event() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Fix WWPN/WWNN in debug message (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Handle PCIe error for driver (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Include Exchange offload/Extended Login into FW dump (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Increase ql2xmaxqdepth to 64 (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Increase verbosity of debug messages logged (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Migrate switch registration commands away from mailbox interface (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: move fields from qla_hw_data to qla_qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Move function prototype to correct header (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move logging default mask to execute once only (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move session delete to driver work queue (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Move target stat counters from vha to qpair (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Move work element processing out of DPC thread (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Off by one in qlt_ctio_to_cmd() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Preparation for Target MQ (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Prevent multiple active discovery commands per session (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Prevent relogin trigger from sending too many commands (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Prevent sp->free null/uninitialized pointer dereference (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Print correct mailbox registers in failed summary (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Properly extract ADISC error codes (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Protect access to qpair members with qpair->qp_lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Query FC4 type during RSCN processing (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Recheck session state after RSCN (bsc#1043726,FATE#324770)\n- scsi: qla2xxx: Reduce the use of terminate exchange (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reduce trace noise for Async Events (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reinstate module parameter ql2xenablemsix (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Relogin to target port on a cable swap (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout (FATE#320146, bsc#966328).\n- scsi: qla2xxx: Remove an unused structure member (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove datasegs_per_cmd and datasegs_per_cont field (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove extra register read (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove extra register read (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove FC_NO_LOOP_ID for FCP and FC-NVMe Discovery (bsc#1084397).\n- scsi: qla2xxx: Remove potential macro parameter side-effect in ql_dump_regs() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: remove redundant assignment of d (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: remove redundant null check on tgt (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove redundant wait when target is stopped (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove session creation redundant code (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove unused argument from qlt_schedule_sess_for_deletion() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Remove unused irq_cmd_count field (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Remove unused tgt_enable_64bit_addr flag (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: remove writeq/readq function definitions (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Replace GPDB with async ADISC command (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Reset the logo flag, after target re-login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Retry switch command on time out (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Send FC4 type NVMe to the management server (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize GPNID for multiple RSCN (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize session deletion by using work_lock (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Serialize session free in qlt_free_session_done (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Simpify unregistration of FC-NVMe local/remote ports (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Skip IRQ affinity for Target QPairs (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Skip zero queue count entry during FW dump capture (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Suppress a kernel complaint in qla_init_base_qpair() (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Tweak resource count dump (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update Driver version to 10.00.00.00-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.01-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.02-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.03-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.04-k (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Update driver version to 10.00.00.05-k (bsc#1081681).\n- scsi: qla2xxx: Update driver version to 9.01.00.00-k (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Update fw_started flags at qpair creation (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use BIT_6 to acquire FAWWPN from switch (bsc#1043726,FATE#324770)\n- scsi: qla2xxx: Use chip reset to bring down laser on unload (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: use dma_mapping_error to check map errors (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use FC-NVMe FC4 type for FDMI registration (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use IOCB path to submit Control VP MBX command (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use known NPort ID for Management Server login (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use ql2xnvmeenable to enable Q-Pair for FC-NVMe (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: use shadow register for ISP27XX (bsc#1043725,FATE#324770).\n- scsi: qla2xxx: Use shadow register for ISP27XX (bsc#1043726,FATE#324770).\n- scsi: qla2xxx: Use sp->free instead of hard coded call (bsc#1043726,FATE#324770).\n- scsi: sd: change allow_restart to bool in sysfs interface (bnc#1012382).\n- scsi: sd: change manage_start_stop to bool in sysfs interface (bnc#1012382).\n- scsi: ses: do not get power status of SES device slot on probe (bsc#1082979).\n- scsi: sg: disable SET_FORCE_LOW_DMA (bnc#1012382).\n- scsi: sim710: fix build warning (bnc#1012382).\n- scsi: sr: wait for the medium to become ready (bsc#1048585).\n- scsi: sr: workaround VMware ESXi cdrom emulation bug (bsc#1080813).\n- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (bnc#1012382).\n- scsi: storvsc: remove unnecessary channel inbound lock (fate#315887, bsc#1082632).\n- scsi: sun_esp: fix device reference leaks (bsc#1082979).\n- scsi: tcm_qla2xxx: Do not allow aborted cmd to advance (bsc#1043725,FATE#324770).\n- scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg (bnc#1012382).\n- sctp: do not allow the v4 socket to bind a v4mapped v6 address (bnc#1012382).\n- sctp: do not free asoc when it is already dead in sctp_sendmsg (bnc#1012382).\n- sctp: make use of pre-calculated len (bnc#1012382).\n- sctp: Replace use of sockets_allocated with specified macro (bnc#1012382).\n- sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf (bnc#1012382).\n- sctp: use the right sk after waking up from wait_buf sleep (bnc#1012382).\n- selftest/powerpc: Fix false failures for skipped tests (bnc#1012382).\n- selftests/x86: Add test_vsyscall (bnc#1012382).\n- selftests/x86/ldt_get: Add a few additional tests for limits (bnc#1012382).\n- selinux: ensure the context is NUL terminated in security_context_to_sid_core() (bnc#1012382).\n- selinux: general protection fault in sock_has_perm (bnc#1012382).\n- selinux: skip bounded transition processing if the policy isn't loaded (bnc#1012382).\n- serial: 8250_mid: fix broken DMA dependency (bnc#1012382).\n- serial: 8250_pci: Add Amazon PCI serial device ID (bnc#1012382).\n- serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X (bnc#1012382).\n- serial: 8250_uniphier: fix error return code in uniphier_uart_probe() (bsc#1031717).\n- serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS (bnc#1012382).\n- series.conf: disable qla2xxx patches (bsc#1043725)\n- series.conf: move core networking (including netfilter) into sorted section\n- series.conf: refresh Ran series_sort.py (no effect on expanded tree).\n- series.conf: whitespace cleanup\n- Set supported_modules_check 1 (bsc#1072163).\n- sfc: do not warn on successful change of MAC (bnc#1012382).\n- sget(): handle failures of register_shrinker() (bnc#1012382).\n- sh_eth: fix SH7757 GEther initialization (bnc#1012382).\n- sh_eth: fix TSU resource handling (bnc#1012382).\n- signal/openrisc: Fix do_unaligned_access to send the proper signal (bnc#1012382).\n- signal/sh: Ensure si_signo is initialized in do_divide_error (bnc#1012382).\n- sit: update frag_off info (bnc#1012382).\n- sock: free skb in skb_complete_tx_timestamp on error (bnc#1012382).\n- SolutionEngine771x: fix Ether platform data (bnc#1012382).\n- sparc64/mm: set fields in deferred pages (bnc#1012382).\n- spi: atmel: fixed spin_lock usage inside atmel_spi_remove (bnc#1012382).\n- spi: imx: do not access registers while clocks disabled (bnc#1012382).\n- spi_ks8995: fix 'BUG: key accdaa28 not in .data!' (bnc#1012382).\n- spi: sh-msiof: Fix DMA transfer size check (bnc#1012382).\n- spi: sun4i: disable clocks in the remove function (bnc#1012382).\n- spi: xilinx: Detect stall with Unknown commands (bnc#1012382).\n- ssb: mark ssb_bus_register as __maybe_unused (bnc#1012382).\n- staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl (bnc#1012382).\n- staging: android: ashmem: Fix a race condition in pin ioctls (bnc#1012382).\n- staging: iio: adc: ad7192: fix external frequency setting (bnc#1012382).\n- staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID (bnc#1012382).\n- staging: ste_rmi4: avoid unused function warnings (bnc#1012382).\n- staging: unisys: visorinput depends on INPUT (bnc#1012382).\n- staging: wilc1000: fix kbuild test robot error (bnc#1012382).\n- sunrpc: Allow connect to return EHOSTUNREACH (bnc#1012382).\n- sunrpc: Fix rpc_task_begin trace point (bnc#1012382).\n- sunxi-rsb: Include OF based modalias in device uevent (bnc#1012382).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- sysrq : fix Show Regs call trace on ARM (bnc#1012382).\n- target: Add support for TMR percpu reference counting (bsc#1043726,FATE#324770).\n- target: Add TARGET_SCF_LOOKUP_LUN_FROM_TAG support for ABORT_TASK (bsc#1043726,FATE#324770).\n- target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK (bnc#1012382).\n- target/file: Do not return error for UNMAP if length is zero (bnc#1012382).\n- target: fix ALUA transition timeout handling (bnc#1012382).\n- target:fix condition return in core_pr_dump_initiator_port() (bnc#1012382).\n- target: fix race during implicit transition work flushes (bnc#1012382).\n- target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() (bnc#1012382).\n- target: Use system workqueue for ALUA transitions (bnc#1012382).\n- tc1100-wmi: fix build warning when CONFIG_PM not enabled (bnc#1012382).\n- tc358743: fix register i2c_rd/wr function fix (git-fixes).\n- tc358743: fix register i2c_rd/wr functions (bnc#1012382).\n- tcp: correct memory barrier usage in tcp_check_space() (bnc#1012382).\n- tcp: do not set rtt_min to 1 (bsc#1042286).\n- tcp: fix under-evaluated ssthresh in TCP Vegas (bnc#1012382).\n- tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012382).\n- tcp: release sk_frag.page in tcp_disconnect (bnc#1012382).\n- tcp: __tcp_hdrlen() helper (bnc#1012382).\n- test_bpf: fix the dummy skb after dissector changes (bsc#1042286).\n- tg3: Add workaround to restrict 5762 MRRS to 2048 (bnc#1012382).\n- tg3: Enable PHY reset in MTU change path for 5720 (bnc#1012382).\n- tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012382).\n- thermal/drivers/step_wise: Fix temperature regulation misbehavior (bnc#1012382).\n- thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies (bnc#1012382).\n- thermal: hisilicon: Handle return value of clk_prepare_enable (bnc#1012382).\n- thermal: spear: use __maybe_unused for PM functions (bnc#1012382).\n- tipc: fix cleanup at module unload (bnc#1012382).\n- tipc: fix memory leak in tipc_accept_from_sock() (bnc#1012382).\n- tipc: improve link resiliency when rps is activated (bsc#1068038).\n- tlan: avoid unused label with PCI=n (bnc#1012382).\n- tools build: Add tools tree support for 'make -s' (bnc#1012382).\n- tpm-dev-common: Reject too short writes (bsc#1020645, git-fixes).\n- tpm: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tpm_tis: fix potential buffer overruns caused by bit glitches on the bus (bsc#1020645, git-fixes).\n- tracing: Allocate mask_str buffer dynamically (bnc#1012382).\n- tracing: Fix converting enum's from the map in trace_event_eval_update() (bnc#1012382).\n- tracing: Fix crash when it fails to alloc ring buffer (bnc#1012382).\n- tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012382).\n- tracing: Remove extra zeroing out of the ring buffer page (bnc#1012382).\n- tty: cyclades: cyz_interrupt is only used for PCI (bnc#1012382).\n- tty fix oops when rmmod 8250 (bnc#1012382).\n- tty: hvc_xen: hide xen_console_remove when unused (bnc#1012382).\n- tty: mxser: Remove ASYNC_CLOSING (bnc#1072363).\n- uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices (bnc#1012382).\n- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012382).\n- ubi: block: Fix locking for idr_alloc/idr_remove (bnc#1012382).\n- udf: Avoid overflow when session starts at large offset (bnc#1012382).\n- udp: restore UDPlite many-cast delivery (bsc#1042286).\n- um: link vmlinux with -no-pie (bnc#1012382).\n- usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012382).\n- usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012382).\n- usb: build drivers/usb/common/ when USB_SUPPORT is set (bnc#1012382).\n- usb: cdc-acm: Do not log urb submission errors on disconnect (bnc#1012382).\n- usb: cdc_subset: only build when one driver is enabled (bnc#1012382).\n- USB: core: Add type-specific length check of BOS descriptors (bnc#1012382).\n- USB: core: prevent malicious bNumInterfaces overflow (bnc#1012382).\n- USB: devio: Prevent integer overflow in proc_do_submiturb() (bnc#1012382).\n- usb: dwc3: gadget: Set maxpacket size for ep0 IN (bnc#1012382).\n- usb: f_fs: Prevent gadget unbind if it is already unbound (bnc#1012382).\n- USB: Fix off by one in type-specific length check of BOS SSP capability (git-fixes).\n- USB: fix usbmon BUG trigger (bnc#1012382).\n- usb: gadget: configs: plug memory leak (bnc#1012382).\n- usb: gadget: do not dereference g until after it has been null checked (bnc#1012382).\n- usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping (bnc#1012382).\n- usb: gadget: f_fs: Process all descriptors during bind (bnc#1012382).\n- USB: gadgetfs: Fix a potential memory leak in 'dev_config()' (bnc#1012382).\n- usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed (bnc#1012382).\n- usb: gadget: udc: remove pointer dereference after free (bnc#1012382).\n- usb: gadget: uvc: Missing files for configfs interface (bnc#1012382).\n- usb: hub: Cycle HUB power when initialization fails (bnc#1012382).\n- USB: Increase usbfs transfer limit (bnc#1012382).\n- usbip: fix 3eee23c3ec14 tcp_socket address still in the status file (bnc#1012382).\n- usbip: Fix implicit fallthrough warning (bnc#1012382).\n- usbip: Fix potential format overflow in userspace tools (bnc#1012382).\n- usbip: fix stub_rx: get_pipe() to validate endpoint number (bnc#1012382).\n- usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input (bnc#1012382).\n- usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer (bnc#1012382).\n- usbip: fix usbip bind writing random string after command in match_busid (bnc#1012382).\n- usbip: keep usbip_device sockfd state in sync with tcp_socket (bnc#1012382).\n- usbip: list: do not list devices attached to vhci_hcd (bnc#1012382).\n- usbip: prevent bind loops on devices attached to vhci_hcd (bnc#1012382).\n- usbip: prevent leaking socket pointer address in messages (bnc#1012382).\n- usbip: prevent vhci_hcd driver from leaking a socket pointer address (bnc#1012382).\n- usbip: remove kernel addresses from usb device and urb debug msgs (bnc#1012382).\n- usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit (bnc#1012382).\n- usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012382).\n- usb: ldusb: add PIDs for new CASSY devices supported by this driver (bnc#1012382).\n- usb: misc: usb3503: make sure reset is low for at least 100us (bnc#1012382).\n- usb: musb: da8xx: fix babble condition handling (bnc#1012382).\n- usb: musb/ux500: remove duplicate check for dma_is_compatible (bnc#1012382).\n- usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() (bnc#1012382).\n- usb: option: Add support for FS040U modem (bnc#1012382).\n- usb: phy: isp1301: Add OF device ID table (bnc#1012382).\n- usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled (git-fixes).\n- usb: phy: msm add regulator dependency (bnc#1012382).\n- usb: phy: tahvo: fix error handling in tahvo_usb_probe() (bnc#1012382).\n- usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub (bnc#1012382).\n- usb: renesas_usbhs: missed the 'running' flag in usb_dmac with rx path (bnc#1012382).\n- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ (bnc#1012382).\n- USB: serial: cp210x: add new device ID ELV ALC 8xxx (bnc#1012382).\n- USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012382).\n- usb: serial: io_edgeport: fix possible sleep-in-atomic (bnc#1012382).\n- USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012382).\n- USB: serial: option: add Quectel BG96 id (bnc#1012382).\n- USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012382).\n- usb: serial: pl2303: new device id for Chilitag (bnc#1012382).\n- USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012382).\n- usb: serial: simple: add Motorola Tetra driver (bnc#1012382).\n- USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID (bnc#1012382).\n- usb: uas: unconditionally bring back host after reset (bnc#1012382).\n- USB: usbfs: Filter flags passed in from user space (bnc#1012382).\n- usb: usbip: Fix possible deadlocks reported by lockdep (bnc#1012382).\n- usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012382).\n- usb: xhci: fix panic in xhci_free_virt_devices_depth_first (bnc#1012382).\n- userfaultfd: selftest: vm: allow to build in vm/ directory (bnc#1012382).\n- userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE (bnc#1012382).\n- v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER (bnc#1012382).\n- vb2: V4L2_BUF_FLAG_DONE is set after DQBUF (bnc#1012382).\n- vfs: do not do RCU lookup of empty pathnames (bnc#1012382).\n- vhost_net: stop device during reset owner (bnc#1012382).\n- video: fbdev: atmel_lcdfb: fix display-timings lookup (bnc#1012382).\n- video: fbdev: au1200fb: Release some resources if a memory allocation fails (bnc#1012382).\n- video: fbdev: au1200fb: Return an error code if a memory allocation fails (bnc#1012382).\n- video: fbdev/mmp: add MODULE_LICENSE (bnc#1012382).\n- video: fbdev: sis: remove unused variable (bnc#1012382).\n- video: fbdev: via: remove possibly unused variables (bnc#1012382).\n- video: Use bool instead int pointer for get_opt_bool() argument (bnc#1012382).\n- virtio_balloon: prevent uninitialized variable use (bnc#1012382).\n- virtio: release virtio index when fail to device_register (bnc#1012382).\n- vmbus: add per-channel sysfs info (fate#315887, bsc#1082632).\n- vmbus: add prefetch to ring buffer iterator (fate#315887, bsc#1082632).\n- vmbus: do not acquire the mutex in vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).\n- vmbus: drop unused ring_buffer_info elements (fate#315887, bsc#1082632).\n- vmbus: eliminate duplicate cached index (fate#315887, bsc#1082632).\n- vmbus: hvsock: add proper sync for vmbus_hvsock_device_unregister() (fate#315887, bsc#1082632).\n- vmbus: initialize reserved fields in messages (fate#315887, bsc#1082632).\n- vmbus: make channel_message table constant (fate#315887, bsc#1082632).\n- vmbus: more host signalling avoidance (fate#315887, bsc#1082632).\n- vmbus: refactor hv_signal_on_read (fate#315887, bsc#1082632).\n- vmbus: remove unused vmbus_sendpacket_ctl (fate#315887, bsc#1082632).\n- vmbus: remove unused vmbus_sendpacket_multipagebuffer (fate#315887, bsc#1082632).\n- vmbus: remove unused vmubs_sendpacket_pagebuffer_ctl (fate#315887, bsc#1082632).\n- vmbus: Reuse uuid_le_to_bin() helper (fate#315887, bsc#1082632).\n- vmbus: simplify hv_ringbuffer_read (fate#315887, bsc#1082632).\n- vmbus: unregister device_obj->channels_kset (fate#315887, bsc#1082632).\n- vmxnet3: prevent building with 64K pages (bnc#1012382).\n- vmxnet3: repair memory leak (bnc#1012382).\n- vsyscall: Fix permissions for emulate mode with KAISER/PTI (bnc#1012382).\n- vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend (bnc#1012382).\n- vti6: Do not report path MTU below IPV6_MIN_MTU (bnc#1012382).\n- vti6: fix device register to report IFLA_INFO_KIND (bnc#1012382).\n- vxlan: consolidate csum flag handling (bsc#1042286).\n- vxlan: consolidate output route calculation (bsc#1042286).\n- vxlan: consolidate vxlan_xmit_skb and vxlan6_xmit_skb (bsc#1042286).\n- vxlan: do not allow overwrite of config src addr (bsc#1042286).\n- watchdog: imx2_wdt: restore previous timeout after suspend+resume (bnc#1012382).\n- wireless: cw1200: use __maybe_unused to hide pm functions_ (bnc#1012382).\n- workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq (bnc#1012382).\n- writeback: fix memory leak in wb_queue_work() (bnc#1012382).\n- X.509: fix buffer overflow detection in sprint_oid() (bsc#1075078).\n- X.509: reject invalid BIT STRING for subjectPublicKey (bnc#1012382).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86: add MULTIUSER dependency for KVM (bnc#1012382).\n- x86/alternatives: Add missing '\\n' at end of ALTERNATIVE inline asm (bnc#1012382).\n- x86/alternatives: Fix optimize_nops() checking (bnc#1012382).\n- x86/apic/vector: Fix off by one in error path (bnc#1012382).\n- x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels (bnc#1012382).\n- x86/asm: Fix inline asm call constraints for GCC 4.4 (bnc#1012382).\n- x86/boot: Avoid warning for zero-filling .bss (bnc#1012382).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86: bpf_jit: small optimization in emit_bpf_tail_call() (bnc#1012382).\n- x86/bugs: Drop one 'mitigation' from dmesg (bnc#1012382).\n- x86/build: Silence the build with 'make -s' (bnc#1012382).\n- x86/cpu/bugs: Make retpoline module warning conditional (bnc#1012382).\n- x86/cpu: Change type of x86_cache_size variable to unsigned int (bnc#1012382).\n- x86/cpu: Factor out application of forced CPU caps (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012382).\n- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012382).\n- x86/cpufeatures: Make CPU bugs sticky (bnc#1012382).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/cpu: Merge bugs.c and bugs_64.c (bnc#1012382).\n- x86/cpu: Rename Merrifield2 to Moorefield (bsc#985025).\n- x86/cpu: Rename 'WESTMERE2' family to 'NEHALEM_G' (bsc#985025).\n- x86/cpu, x86/pti: Do not enable PTI on AMD processors (bnc#1012382).\n- x86/Documentation: Add PTI description (bnc#1012382).\n- x86/efi: Build our own page table structures (fate#320512).\n- x86/efi: Hoist page table switching code into efi_call_virt() (fate#320512).\n- x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0 (bsc#1077560).\n- x86/entry/64: Use a per-CPU trampoline stack for IDT entries (bsc#1077560).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bnc#1012382).\n- x86: fix build warnign with 32-bit PAE (bnc#1012382).\n- x86/fpu/math-emu: Fix possible uninitialized variable use (bnc#1012382).\n- x86/hpet: Prevent might sleep splat on resume (bnc#1012382).\n- x86/hyperv: Implement hv_get_tsc_page() (fate#315887, bsc#1082632).\n- x86/hyper-v: include hyperv/ only when CONFIG_HYPERV is set (fate#315887, bsc#1082632).\n- x86/hyper-v: Introduce fast hypercall implementation (fate#315887, bsc#1082632).\n- x86/hyper-v: Make hv_do_hypercall() inline (fate#315887, bsc#1082632).\n- x86/hyperv: Move TSC reading method to asm/mshyperv.h (fate#315887, bsc#1082632).\n- x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER (bnc#1012382).\n- x86/kasan: Clear kasan_zero_page after TLB flush (bnc#1012382).\n- x86/kasan: Write protect kasan zero shadow (bnc#1012382).\n- x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested (bsc#1081431).\n- x86/mce: Pin the timer when modifying (bsc#1080851,1076282).\n- x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix preemptibility bug (bnc#1012382).\n- x86/microcode/AMD: Do not load when running on a hypervisor (bnc#1012382).\n- x86/microcode/AMD: Do not load when running on a hypervisor (bsc#1081436 bsc#1081437).\n- x86/microcode: Do the family check first (bnc#1012382).\n- x86/microcode: Do the family check first (bsc#1081436 bsc#1081437).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bnc#1012382).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bnc#1012382).\n- x86/microcode/intel: Fix BDW late-loading revision check (bnc#1012382).\n- x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier (git-fixes).\n- x86/mm: Disable PCID on 32-bit kernels (bnc#1012382).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bnc#1012382).\n- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (fate#320588).\n- x86/mm/pkeys: Fix fill_sig_info_pkey (fate#321300).\n- x86/nospec: Fix header guards names (bnc#1012382).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bnc#1012382).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bnc#1012382).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bnc#1012382).\n- x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG (bnc#1012382).\n- x86/platform/olpc: Fix resume handler build warning (bnc#1012382).\n- x86/pti: Document fix wrong index (bnc#1012382).\n- x86/pti/efi: broken conversion from efi to kernel page table (bnc#1012382).\n- x86/pti: Make unpoison of pgd for trusted boot work for real (bnc#1012382).\n- x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN (bnc#1012382).\n- x86/ras/inject: Make it depend on X86_LOCAL_APIC=y (bnc#1012382).\n- x86/retpoline: Avoid retpolines for built-in __init functions (bnc#1012382).\n- x86/retpoline/hyperv: Convert assembler indirect jumps (fate#315887, bsc#1082632).\n- x86/retpoline: Remove the esp/rsp thunk (bnc#1012382).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/smpboot: Remove stale TLB flush invocations (bnc#1012382).\n- x86/spectre: Check CONFIG_RETPOLINE in command line parser (bnc#1012382).\n- x86/spectre: Fix an error message (git-fixes).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bnc#1012382).\n- x86/spectre: Remove the out-of-tree RSB stuffing\n- x86/spectre: Simplify spectre_v2 command line parsing (bnc#1012382).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL (bnc#1012382).\n- x86/tlb: Drop the _GPL from the cpu_tlbstate export (bnc#1012382).\n- x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly() (bnc#1012382).\n- x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend (bnc#1065600).\n- xen: Fix trampoline stack loading issue on XEN PV.\n- xen/gntdev: Fix off-by-one error when unmapping with holes (bnc#1012382).\n- xen/gntdev: Fix partial gntdev_mmap() cleanup (bnc#1012382).\n- xen-netfront: avoid crashing on resume after a failure in talk_to_netback() (bnc#1012382).\n- xen-netfront: enable device after manual module load (bnc#1012382).\n- xen-netfront: Improve error handling during initialization (bnc#1012382).\n- xen-netfront: remove warning when unloading module (bnc#1012382).\n- xen: XEN_ACPI_PROCESSOR is Dom0-only (bnc#1012382).\n- xfrm: check id proto in validate_tmpl() (bnc#1012382).\n- xfrm: Copy policy family in clone_policy (bnc#1012382).\n- xfrm: Fix stack-out-of-bounds read on socket policy lookup (bnc#1012382).\n- xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies (bnc#1012382).\n- xfrm_user: propagate sec ctx allocation errors (bsc#1042286).\n- xfs: add configurable error support to metadata buffers (bsc#1068569).\n- xfs: add configuration handlers for specific errors (bsc#1068569).\n- xfs: add configuration of error failure speed (bsc#1068569).\n- xfs: add 'fail at unmount' error handling configuration (bsc#1068569).\n- xfs: Add infrastructure needed for error propagation during buffer IO failure (bsc#1068569).\n- xfs: address kabi for xfs buffer retry infrastructure (kabi).\n- xfs: configurable error behavior via sysfs (bsc#1068569).\n- xfs: do not chain ioends during writepage submission (bsc#1077285 bsc#1043441).\n- xfs: factor mapping out of xfs_do_writepage (bsc#1077285 bsc#1043441).\n- xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real (bnc#1012382).\n- xfs: fix log block underflow during recovery cycle verification (bnc#1012382).\n- xfs: fix up inode32/64 (re)mount handling (bsc#1069160).\n- xfs: introduce metadata IO error class (bsc#1068569).\n- xfs: introduce table-based init for error behaviors (bsc#1068569).\n- xfs: Introduce writeback context for writepages (bsc#1077285 bsc#1043441).\n- xfs: ioends require logically contiguous file offsets (bsc#1077285 bsc#1043441).\n- xfs: Properly retry failed inode items in case of error during buffer writeback (bsc#1068569).\n- xfs: quota: check result of register_shrinker() (bnc#1012382).\n- xfs: quota: fix missed destroy of qi_tree_lock (bnc#1012382).\n- xfs: reinit btree pointer on attr tree inactivation walk (bsc#1078787).\n- xfs: remove nonblocking mode from xfs_vm_writepage (bsc#1077285 bsc#1043441).\n- xfs: remove xfs_cancel_ioend (bsc#1077285 bsc#1043441).\n- xfs: remove xfs_trans_ail_delete_bulk (bsc#1068569).\n- xfs: stop searching for free slots in an inode chunk when there are none (bsc#1072739).\n- xfs: toggle readonly state around xfs_log_mount_finish (bsc#1073401).\n- xfs: ubsan fixes (bnc#1012382).\n- xfs: validate sb_logsunit is a multiple of the fs blocksize (bsc#1077513).\n- xfs: write unmount record for ro mounts (bsc#1073401).\n- xfs: xfs_cluster_write is redundant (bsc#1077285 bsc#1043441).\n- xhci: Do not add a virt_dev to the devs array before it's fully allocated (bnc#1012382).\n- xhci: Fix ring leak in failure path of xhci_alloc_virt_device() (bnc#1012382).\n- xhci: plat: Register shutdown for xhci_plat (bnc#1012382).\n- xtensa: fix futex_atomic_cmpxchg_inatomic (bnc#1012382).\n- zram: fix operator precedence to get offset (bsc#1082979).\n- zram: set physical queue limits to avoid array out of bounds accesses (bnc#1012382).\n\n","title":"Description of the patch"},{"category":"details","text":"SUSE-SLE-RT-12-SP3-2018-663","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0986-1.json"},{"category":"self","summary":"URL for SUSE-SU-2018:0986-1","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180986-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2018:0986-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2018-April/003902.html"},{"category":"self","summary":"SUSE Bug 1006867","url":"https://bugzilla.suse.com/1006867"},{"category":"self","summary":"SUSE Bug 1012382","url":"https://bugzilla.suse.com/1012382"},{"category":"self","summary":"SUSE Bug 1015342","url":"https://bugzilla.suse.com/1015342"},{"category":"self","summary":"SUSE Bug 1015343","url":"https://bugzilla.suse.com/1015343"},{"category":"self","summary":"SUSE Bug 1019784","url":"https://bugzilla.suse.com/1019784"},{"category":"self","summary":"SUSE Bug 1020645","url":"https://bugzilla.suse.com/1020645"},{"category":"self","summary":"SUSE Bug 1022595","url":"https://bugzilla.suse.com/1022595"},{"category":"self","summary":"SUSE Bug 1022607","url":"https://bugzilla.suse.com/1022607"},{"category":"self","summary":"SUSE Bug 1022912","url":"https://bugzilla.suse.com/1022912"},{"category":"self","summary":"SUSE Bug 1024296","url":"https://bugzilla.suse.com/1024296"},{"category":"self","summary":"SUSE Bug 1024376","url":"https://bugzilla.suse.com/1024376"},{"category":"self","summary":"SUSE Bug 1027054","url":"https://bugzilla.suse.com/1027054"},{"category":"self","summary":"SUSE Bug 1031492","url":"https://bugzilla.suse.com/1031492"},{"category":"self","summary":"SUSE Bug 1031717","url":"https://bugzilla.suse.com/1031717"},{"category":"self","summary":"SUSE Bug 1033587","url":"https://bugzilla.suse.com/1033587"},{"category":"self","summary":"SUSE Bug 1034503","url":"https://bugzilla.suse.com/1034503"},{"category":"self","summary":"SUSE Bug 1037838","url":"https://bugzilla.suse.com/1037838"},{"category":"self","summary":"SUSE Bug 1038078","url":"https://bugzilla.suse.com/1038078"},{"category":"self","summary":"SUSE Bug 1038085","url":"https://bugzilla.suse.com/1038085"},{"category":"self","summary":"SUSE Bug 1040182","url":"https://bugzilla.suse.com/1040182"},{"category":"self","summary":"SUSE Bug 1042286","url":"https://bugzilla.suse.com/1042286"},{"category":"self","summary":"SUSE Bug 1043441","url":"https://bugzilla.suse.com/1043441"},{"category":"self","summary":"SUSE Bug 1043652","url":"https://bugzilla.suse.com/1043652"},{"category":"self","summary":"SUSE Bug 1043725","url":"https://bugzilla.suse.com/1043725"},{"category":"self","summary":"SUSE Bug 1043726","url":"https://bugzilla.suse.com/1043726"},{"category":"self","summary":"SUSE Bug 1048325","url":"https://bugzilla.suse.com/1048325"},{"category":"self","summary":"SUSE Bug 1048585","url":"https://bugzilla.suse.com/1048585"},{"category":"self","summary":"SUSE Bug 1053472","url":"https://bugzilla.suse.com/1053472"},{"category":"self","summary":"SUSE Bug 1060279","url":"https://bugzilla.suse.com/1060279"},{"category":"self","summary":"SUSE Bug 1062129","url":"https://bugzilla.suse.com/1062129"},{"category":"self","summary":"SUSE Bug 1065600","url":"https://bugzilla.suse.com/1065600"},{"category":"self","summary":"SUSE Bug 1065615","url":"https://bugzilla.suse.com/1065615"},{"category":"self","summary":"SUSE Bug 1066163","url":"https://bugzilla.suse.com/1066163"},{"category":"self","summary":"SUSE Bug 1066223","url":"https://bugzilla.suse.com/1066223"},{"category":"self","summary":"SUSE Bug 1067118","url":"https://bugzilla.suse.com/1067118"},{"category":"self","summary":"SUSE Bug 1068032","url":"https://bugzilla.suse.com/1068032"},{"category":"self","summary":"SUSE Bug 1068038","url":"https://bugzilla.suse.com/1068038"},{"category":"self","summary":"SUSE Bug 1068569","url":"https://bugzilla.suse.com/1068569"},{"category":"self","summary":"SUSE Bug 1068984","url":"https://bugzilla.suse.com/1068984"},{"category":"self","summary":"SUSE Bug 1069135","url":"https://bugzilla.suse.com/1069135"},{"category":"self","summary":"SUSE Bug 1069138","url":"https://bugzilla.suse.com/1069138"},{"category":"self","summary":"SUSE Bug 1069160","url":"https://bugzilla.suse.com/1069160"},{"category":"self","summary":"SUSE Bug 1070052","url":"https://bugzilla.suse.com/1070052"},{"category":"self","summary":"SUSE Bug 1070404","url":"https://bugzilla.suse.com/1070404"},{"category":"self","summary":"SUSE Bug 1070799","url":"https://bugzilla.suse.com/1070799"},{"category":"self","summary":"SUSE Bug 1071306","url":"https://bugzilla.suse.com/1071306"},{"category":"self","summary":"SUSE Bug 1071892","url":"https://bugzilla.suse.com/1071892"},{"category":"self","summary":"SUSE Bug 1072163","url":"https://bugzilla.suse.com/1072163"},{"category":"self","summary":"SUSE Bug 1072363","url":"https://bugzilla.suse.com/1072363"},{"category":"self","summary":"SUSE Bug 1072484","url":"https://bugzilla.suse.com/1072484"},{"category":"self","summary":"SUSE Bug 1072689","url":"https://bugzilla.suse.com/1072689"},{"category":"self","summary":"SUSE Bug 1072739","url":"https://bugzilla.suse.com/1072739"},{"category":"self","summary":"SUSE Bug 1072865","url":"https://bugzilla.suse.com/1072865"},{"category":"self","summary":"SUSE Bug 1073229","url":"https://bugzilla.suse.com/1073229"},{"category":"self","summary":"SUSE Bug 1073401","url":"https://bugzilla.suse.com/1073401"},{"category":"self","summary":"SUSE Bug 1073407","url":"https://bugzilla.suse.com/1073407"},{"category":"self","summary":"SUSE Bug 1073928","url":"https://bugzilla.suse.com/1073928"},{"category":"self","summary":"SUSE Bug 1074134","url":"https://bugzilla.suse.com/1074134"},{"category":"self","summary":"SUSE Bug 1074198","url":"https://bugzilla.suse.com/1074198"},{"category":"self","summary":"SUSE Bug 1074426","url":"https://bugzilla.suse.com/1074426"},{"category":"self","summary":"SUSE Bug 1074488","url":"https://bugzilla.suse.com/1074488"},{"category":"self","summary":"SUSE Bug 1074621","url":"https://bugzilla.suse.com/1074621"},{"category":"self","summary":"SUSE Bug 1074839","url":"https://bugzilla.suse.com/1074839"},{"category":"self","summary":"SUSE Bug 1074847","url":"https://bugzilla.suse.com/1074847"},{"category":"self","summary":"SUSE Bug 1075066","url":"https://bugzilla.suse.com/1075066"},{"category":"self","summary":"SUSE Bug 1075078","url":"https://bugzilla.suse.com/1075078"},{"category":"self","summary":"SUSE Bug 1075087","url":"https://bugzilla.suse.com/1075087"},{"category":"self","summary":"SUSE Bug 1075091","url":"https://bugzilla.suse.com/1075091"},{"category":"self","summary":"SUSE Bug 1075397","url":"https://bugzilla.suse.com/1075397"},{"category":"self","summary":"SUSE Bug 1075428","url":"https://bugzilla.suse.com/1075428"},{"category":"self","summary":"SUSE Bug 1075617","url":"https://bugzilla.suse.com/1075617"},{"category":"self","summary":"SUSE Bug 1075621","url":"https://bugzilla.suse.com/1075621"},{"category":"self","summary":"SUSE Bug 1075627","url":"https://bugzilla.suse.com/1075627"},{"category":"self","summary":"SUSE Bug 1075811","url":"https://bugzilla.suse.com/1075811"},{"category":"self","summary":"SUSE Bug 1075994","url":"https://bugzilla.suse.com/1075994"},{"category":"self","summary":"SUSE Bug 1076017","url":"https://bugzilla.suse.com/1076017"},{"category":"self","summary":"SUSE Bug 1076110","url":"https://bugzilla.suse.com/1076110"},{"category":"self","summary":"SUSE Bug 1076187","url":"https://bugzilla.suse.com/1076187"},{"category":"self","summary":"SUSE Bug 1076232","url":"https://bugzilla.suse.com/1076232"},{"category":"self","summary":"SUSE Bug 1076282","url":"https://bugzilla.suse.com/1076282"},{"category":"self","summary":"SUSE Bug 1076693","url":"https://bugzilla.suse.com/1076693"},{"category":"self","summary":"SUSE Bug 1076760","url":"https://bugzilla.suse.com/1076760"},{"category":"self","summary":"SUSE Bug 1076805","url":"https://bugzilla.suse.com/1076805"},{"category":"self","summary":"SUSE Bug 1076847","url":"https://bugzilla.suse.com/1076847"},{"category":"self","summary":"SUSE Bug 1076872","url":"https://bugzilla.suse.com/1076872"},{"category":"self","summary":"SUSE Bug 1076899","url":"https://bugzilla.suse.com/1076899"},{"category":"self","summary":"SUSE Bug 1076982","url":"https://bugzilla.suse.com/1076982"},{"category":"self","summary":"SUSE Bug 1077068","url":"https://bugzilla.suse.com/1077068"},{"category":"self","summary":"SUSE Bug 1077241","url":"https://bugzilla.suse.com/1077241"},{"category":"self","summary":"SUSE Bug 1077285","url":"https://bugzilla.suse.com/1077285"},{"category":"self","summary":"SUSE Bug 1077513","url":"https://bugzilla.suse.com/1077513"},{"category":"self","summary":"SUSE Bug 1077560","url":"https://bugzilla.suse.com/1077560"},{"category":"self","summary":"SUSE Bug 1077592","url":"https://bugzilla.suse.com/1077592"},{"category":"self","summary":"SUSE Bug 1077704","url":"https://bugzilla.suse.com/1077704"},{"category":"self","summary":"SUSE Bug 1077779","url":"https://bugzilla.suse.com/1077779"},{"category":"self","summary":"SUSE Bug 1077871","url":"https://bugzilla.suse.com/1077871"},{"category":"self","summary":"SUSE Bug 1078002","url":"https://bugzilla.suse.com/1078002"},{"category":"self","summary":"SUSE Bug 1078583","url":"https://bugzilla.suse.com/1078583"},{"category":"self","summary":"SUSE Bug 1078672","url":"https://bugzilla.suse.com/1078672"},{"category":"self","summary":"SUSE Bug 1078673","url":"https://bugzilla.suse.com/1078673"},{"category":"self","summary":"SUSE Bug 1078681","url":"https://bugzilla.suse.com/1078681"},{"category":"self","summary":"SUSE Bug 1078787","url":"https://bugzilla.suse.com/1078787"},{"category":"self","summary":"SUSE Bug 1079029","url":"https://bugzilla.suse.com/1079029"},{"category":"self","summary":"SUSE Bug 1079038","url":"https://bugzilla.suse.com/1079038"},{"category":"self","summary":"SUSE Bug 1079195","url":"https://bugzilla.suse.com/1079195"},{"category":"self","summary":"SUSE Bug 1079313","url":"https://bugzilla.suse.com/1079313"},{"category":"self","summary":"SUSE Bug 1079384","url":"https://bugzilla.suse.com/1079384"},{"category":"self","summary":"SUSE Bug 1079609","url":"https://bugzilla.suse.com/1079609"},{"category":"self","summary":"SUSE Bug 1079886","url":"https://bugzilla.suse.com/1079886"},{"category":"self","summary":"SUSE Bug 1079989","url":"https://bugzilla.suse.com/1079989"},{"category":"self","summary":"SUSE Bug 1080014","url":"https://bugzilla.suse.com/1080014"},{"category":"self","summary":"SUSE Bug 1080263","url":"https://bugzilla.suse.com/1080263"},{"category":"self","summary":"SUSE Bug 1080321","url":"https://bugzilla.suse.com/1080321"},{"category":"self","summary":"SUSE Bug 1080344","url":"https://bugzilla.suse.com/1080344"},{"category":"self","summary":"SUSE Bug 1080364","url":"https://bugzilla.suse.com/1080364"},{"category":"self","summary":"SUSE Bug 1080384","url":"https://bugzilla.suse.com/1080384"},{"category":"self","summary":"SUSE Bug 1080464","url":"https://bugzilla.suse.com/1080464"},{"category":"self","summary":"SUSE Bug 1080533","url":"https://bugzilla.suse.com/1080533"},{"category":"self","summary":"SUSE Bug 1080656","url":"https://bugzilla.suse.com/1080656"},{"category":"self","summary":"SUSE Bug 1080774","url":"https://bugzilla.suse.com/1080774"},{"category":"self","summary":"SUSE Bug 1080813","url":"https://bugzilla.suse.com/1080813"},{"category":"self","summary":"SUSE Bug 1080851","url":"https://bugzilla.suse.com/1080851"},{"category":"self","summary":"SUSE Bug 1081134","url":"https://bugzilla.suse.com/1081134"},{"category":"self","summary":"SUSE Bug 1081431","url":"https://bugzilla.suse.com/1081431"},{"category":"self","summary":"SUSE Bug 1081436","url":"https://bugzilla.suse.com/1081436"},{"category":"self","summary":"SUSE Bug 1081437","url":"https://bugzilla.suse.com/1081437"},{"category":"self","summary":"SUSE Bug 1081491","url":"https://bugzilla.suse.com/1081491"},{"category":"self","summary":"SUSE Bug 1081498","url":"https://bugzilla.suse.com/1081498"},{"category":"self","summary":"SUSE Bug 1081500","url":"https://bugzilla.suse.com/1081500"},{"category":"self","summary":"SUSE Bug 1081512","url":"https://bugzilla.suse.com/1081512"},{"category":"self","summary":"SUSE Bug 1081514","url":"https://bugzilla.suse.com/1081514"},{"category":"self","summary":"SUSE Bug 1081681","url":"https://bugzilla.suse.com/1081681"},{"category":"self","summary":"SUSE Bug 1081735","url":"https://bugzilla.suse.com/1081735"},{"category":"self","summary":"SUSE Bug 1082089","url":"https://bugzilla.suse.com/1082089"},{"category":"self","summary":"SUSE Bug 1082223","url":"https://bugzilla.suse.com/1082223"},{"category":"self","summary":"SUSE Bug 1082299","url":"https://bugzilla.suse.com/1082299"},{"category":"self","summary":"SUSE Bug 1082373","url":"https://bugzilla.suse.com/1082373"},{"category":"self","summary":"SUSE Bug 1082478","url":"https://bugzilla.suse.com/1082478"},{"category":"self","summary":"SUSE Bug 1082632","url":"https://bugzilla.suse.com/1082632"},{"category":"self","summary":"SUSE Bug 1082795","url":"https://bugzilla.suse.com/1082795"},{"category":"self","summary":"SUSE Bug 1082864","url":"https://bugzilla.suse.com/1082864"},{"category":"self","summary":"SUSE Bug 1082897","url":"https://bugzilla.suse.com/1082897"},{"category":"self","summary":"SUSE Bug 1082979","url":"https://bugzilla.suse.com/1082979"},{"category":"self","summary":"SUSE Bug 1082993","url":"https://bugzilla.suse.com/1082993"},{"category":"self","summary":"SUSE Bug 1083048","url":"https://bugzilla.suse.com/1083048"},{"category":"self","summary":"SUSE Bug 1083056","url":"https://bugzilla.suse.com/1083056"},{"category":"self","summary":"SUSE Bug 1083086","url":"https://bugzilla.suse.com/1083086"},{"category":"self","summary":"SUSE Bug 1083223","url":"https://bugzilla.suse.com/1083223"},{"category":"self","summary":"SUSE Bug 1083387","url":"https://bugzilla.suse.com/1083387"},{"category":"self","summary":"SUSE Bug 1083409","url":"https://bugzilla.suse.com/1083409"},{"category":"self","summary":"SUSE Bug 1083494","url":"https://bugzilla.suse.com/1083494"},{"category":"self","summary":"SUSE Bug 1083548","url":"https://bugzilla.suse.com/1083548"},{"category":"self","summary":"SUSE Bug 1083750","url":"https://bugzilla.suse.com/1083750"},{"category":"self","summary":"SUSE Bug 1083770","url":"https://bugzilla.suse.com/1083770"},{"category":"self","summary":"SUSE Bug 1084041","url":"https://bugzilla.suse.com/1084041"},{"category":"self","summary":"SUSE Bug 1084397","url":"https://bugzilla.suse.com/1084397"},{"category":"self","summary":"SUSE Bug 1084427","url":"https://bugzilla.suse.com/1084427"},{"category":"self","summary":"SUSE Bug 1084610","url":"https://bugzilla.suse.com/1084610"},{"category":"self","summary":"SUSE Bug 1084772","url":"https://bugzilla.suse.com/1084772"},{"category":"self","summary":"SUSE Bug 1084888","url":"https://bugzilla.suse.com/1084888"},{"category":"self","summary":"SUSE Bug 1084926","url":"https://bugzilla.suse.com/1084926"},{"category":"self","summary":"SUSE Bug 1084928","url":"https://bugzilla.suse.com/1084928"},{"category":"self","summary":"SUSE Bug 1084967","url":"https://bugzilla.suse.com/1084967"},{"category":"self","summary":"SUSE Bug 1085011","url":"https://bugzilla.suse.com/1085011"},{"category":"self","summary":"SUSE Bug 1085015","url":"https://bugzilla.suse.com/1085015"},{"category":"self","summary":"SUSE Bug 1085045","url":"https://bugzilla.suse.com/1085045"},{"category":"self","summary":"SUSE Bug 1085047","url":"https://bugzilla.suse.com/1085047"},{"category":"self","summary":"SUSE Bug 1085050","url":"https://bugzilla.suse.com/1085050"},{"category":"self","summary":"SUSE Bug 1085053","url":"https://bugzilla.suse.com/1085053"},{"category":"self","summary":"SUSE Bug 1085054","url":"https://bugzilla.suse.com/1085054"},{"category":"self","summary":"SUSE Bug 1085056","url":"https://bugzilla.suse.com/1085056"},{"category":"self","summary":"SUSE Bug 1085107","url":"https://bugzilla.suse.com/1085107"},{"category":"self","summary":"SUSE Bug 1085224","url":"https://bugzilla.suse.com/1085224"},{"category":"self","summary":"SUSE Bug 1085239","url":"https://bugzilla.suse.com/1085239"},{"category":"self","summary":"SUSE Bug 863764","url":"https://bugzilla.suse.com/863764"},{"category":"self","summary":"SUSE Bug 963844","url":"https://bugzilla.suse.com/963844"},{"category":"self","summary":"SUSE Bug 966170","url":"https://bugzilla.suse.com/966170"},{"category":"self","summary":"SUSE Bug 966172","url":"https://bugzilla.suse.com/966172"},{"category":"self","summary":"SUSE Bug 966328","url":"https://bugzilla.suse.com/966328"},{"category":"self","summary":"SUSE Bug 969476","url":"https://bugzilla.suse.com/969476"},{"category":"self","summary":"SUSE Bug 969477","url":"https://bugzilla.suse.com/969477"},{"category":"self","summary":"SUSE Bug 973818","url":"https://bugzilla.suse.com/973818"},{"category":"self","summary":"SUSE Bug 975772","url":"https://bugzilla.suse.com/975772"},{"category":"self","summary":"SUSE Bug 983145","url":"https://bugzilla.suse.com/983145"},{"category":"self","summary":"SUSE Bug 985025","url":"https://bugzilla.suse.com/985025"},{"category":"self","summary":"SUSE CVE CVE-2017-13166 page","url":"https://www.suse.com/security/cve/CVE-2017-13166/"},{"category":"self","summary":"SUSE CVE CVE-2017-15129 page","url":"https://www.suse.com/security/cve/CVE-2017-15129/"},{"category":"self","summary":"SUSE CVE CVE-2017-15951 page","url":"https://www.suse.com/security/cve/CVE-2017-15951/"},{"category":"self","summary":"SUSE CVE CVE-2017-16644 page","url":"https://www.suse.com/security/cve/CVE-2017-16644/"},{"category":"self","summary":"SUSE CVE CVE-2017-16912 page","url":"https://www.suse.com/security/cve/CVE-2017-16912/"},{"category":"self","summary":"SUSE CVE CVE-2017-16913 page","url":"https://www.suse.com/security/cve/CVE-2017-16913/"},{"category":"self","summary":"SUSE CVE CVE-2017-17712 page","url":"https://www.suse.com/security/cve/CVE-2017-17712/"},{"category":"self","summary":"SUSE CVE CVE-2017-17862 page","url":"https://www.suse.com/security/cve/CVE-2017-17862/"},{"category":"self","summary":"SUSE CVE CVE-2017-17864 page","url":"https://www.suse.com/security/cve/CVE-2017-17864/"},{"category":"self","summary":"SUSE CVE CVE-2017-17975 page","url":"https://www.suse.com/security/cve/CVE-2017-17975/"},{"category":"self","summary":"SUSE CVE CVE-2017-18017 page","url":"https://www.suse.com/security/cve/CVE-2017-18017/"},{"category":"self","summary":"SUSE CVE CVE-2017-18174 page","url":"https://www.suse.com/security/cve/CVE-2017-18174/"},{"category":"self","summary":"SUSE CVE CVE-2017-18208 page","url":"https://www.suse.com/security/cve/CVE-2017-18208/"},{"category":"self","summary":"SUSE CVE CVE-2017-5715 page","url":"https://www.suse.com/security/cve/CVE-2017-5715/"},{"category":"self","summary":"SUSE CVE CVE-2018-1000004 page","url":"https://www.suse.com/security/cve/CVE-2018-1000004/"},{"category":"self","summary":"SUSE CVE CVE-2018-1000026 page","url":"https://www.suse.com/security/cve/CVE-2018-1000026/"},{"category":"self","summary":"SUSE CVE CVE-2018-5332 page","url":"https://www.suse.com/security/cve/CVE-2018-5332/"},{"category":"self","summary":"SUSE CVE CVE-2018-5333 page","url":"https://www.suse.com/security/cve/CVE-2018-5333/"},{"category":"self","summary":"SUSE CVE CVE-2018-8087 page","url":"https://www.suse.com/security/cve/CVE-2018-8087/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2018-04-19T09:27:38Z","generator":{"date":"2018-04-19T09:27:38Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2018:0986-1","initial_release_date":"2018-04-19T09:27:38Z","revision_history":[{"date":"2018-04-19T09:27:38Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-rt-4.4.120-3.8.1.noarch","product":{"name":"kernel-devel-rt-4.4.120-3.8.1.noarch","product_id":"kernel-devel-rt-4.4.120-3.8.1.noarch"}},{"category":"product_version","name":"kernel-source-rt-4.4.120-3.8.1.noarch","product":{"name":"kernel-source-rt-4.4.120-3.8.1.noarch","product_id":"kernel-source-rt-4.4.120-3.8.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","product":{"name":"cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","product_id":"cluster-md-kmp-rt-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-rt-4.4.120-3.8.1.x86_64","product":{"name":"dlm-kmp-rt-4.4.120-3.8.1.x86_64","product_id":"dlm-kmp-rt-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-rt-4.4.120-3.8.1.x86_64","product":{"name":"gfs2-kmp-rt-4.4.120-3.8.1.x86_64","product_id":"gfs2-kmp-rt-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"kernel-rt-4.4.120-3.8.1.x86_64","product":{"name":"kernel-rt-4.4.120-3.8.1.x86_64","product_id":"kernel-rt-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"kernel-rt-base-4.4.120-3.8.1.x86_64","product":{"name":"kernel-rt-base-4.4.120-3.8.1.x86_64","product_id":"kernel-rt-base-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"kernel-rt-devel-4.4.120-3.8.1.x86_64","product":{"name":"kernel-rt-devel-4.4.120-3.8.1.x86_64","product_id":"kernel-rt-devel-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","product":{"name":"kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","product_id":"kernel-rt_debug-devel-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"kernel-syms-rt-4.4.120-3.8.1.x86_64","product":{"name":"kernel-syms-rt-4.4.120-3.8.1.x86_64","product_id":"kernel-syms-rt-4.4.120-3.8.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-rt-4.4.120-3.8.1.x86_64","product":{"name":"ocfs2-kmp-rt-4.4.120-3.8.1.x86_64","product_id":"ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Real Time 12 SP3","product":{"name":"SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:suse-linux-enterprise-rt:12:sp3"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"cluster-md-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64"},"product_reference":"cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"dlm-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64"},"product_reference":"dlm-kmp-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"gfs2-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64"},"product_reference":"gfs2-kmp-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-rt-4.4.120-3.8.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch"},"product_reference":"kernel-devel-rt-4.4.120-3.8.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64"},"product_reference":"kernel-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-base-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64"},"product_reference":"kernel-rt-base-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-devel-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64"},"product_reference":"kernel-rt-devel-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-devel-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64"},"product_reference":"kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-rt-4.4.120-3.8.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch"},"product_reference":"kernel-source-rt-4.4.120-3.8.1.noarch","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64"},"product_reference":"kernel-syms-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"ocfs2-kmp-rt-4.4.120-3.8.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP3","product_id":"SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"},"product_reference":"ocfs2-kmp-rt-4.4.120-3.8.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Real Time 12 SP3"}]},"vulnerabilities":[{"cve":"CVE-2017-13166","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-13166"}],"notes":[{"category":"general","text":"An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-13166","url":"https://www.suse.com/security/cve/CVE-2017-13166"},{"category":"external","summary":"SUSE Bug 1072865 for CVE-2017-13166","url":"https://bugzilla.suse.com/1072865"},{"category":"external","summary":"SUSE Bug 1074488 for CVE-2017-13166","url":"https://bugzilla.suse.com/1074488"},{"category":"external","summary":"SUSE Bug 1085447 for CVE-2017-13166","url":"https://bugzilla.suse.com/1085447"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-13166","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-13166","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-13166"},{"cve":"CVE-2017-15129","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-15129"}],"notes":[{"category":"general","text":"A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in netns_ids idr, which could lead to double free and memory corruption. This vulnerability could allow an unprivileged local user to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is thought to be unlikely.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-15129","url":"https://www.suse.com/security/cve/CVE-2017-15129"},{"category":"external","summary":"SUSE Bug 1074839 for CVE-2017-15129","url":"https://bugzilla.suse.com/1074839"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-15129"},{"cve":"CVE-2017-15951","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-15951"}],"notes":[{"category":"general","text":"The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the \"negative\" state to avoid a race condition, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-15951","url":"https://www.suse.com/security/cve/CVE-2017-15951"},{"category":"external","summary":"SUSE Bug 1062840 for CVE-2017-15951","url":"https://bugzilla.suse.com/1062840"},{"category":"external","summary":"SUSE Bug 1065615 for CVE-2017-15951","url":"https://bugzilla.suse.com/1065615"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"low"}],"title":"CVE-2017-15951"},{"cve":"CVE-2017-16644","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16644"}],"notes":[{"category":"general","text":"The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16644","url":"https://www.suse.com/security/cve/CVE-2017-16644"},{"category":"external","summary":"SUSE Bug 1067118 for CVE-2017-16644","url":"https://bugzilla.suse.com/1067118"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16644","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16644","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1146519 for CVE-2017-16644","url":"https://bugzilla.suse.com/1146519"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":4.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-16644"},{"cve":"CVE-2017-16912","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16912"}],"notes":[{"category":"general","text":"The \"get_pipe()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a denial of service (out-of-bounds read) via a specially crafted USB over IP packet.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16912","url":"https://www.suse.com/security/cve/CVE-2017-16912"},{"category":"external","summary":"SUSE Bug 1078673 for CVE-2017-16912","url":"https://bugzilla.suse.com/1078673"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16912","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16912","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-16912"},{"cve":"CVE-2017-16913","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-16913"}],"notes":[{"category":"general","text":"The \"stub_recv_cmd_submit()\" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary memory allocation) via a specially crafted USB over IP packet.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-16913","url":"https://www.suse.com/security/cve/CVE-2017-16913"},{"category":"external","summary":"SUSE Bug 1078672 for CVE-2017-16913","url":"https://bugzilla.suse.com/1078672"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-16913","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-16913","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-16913"},{"cve":"CVE-2017-17712","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-17712"}],"notes":[{"category":"general","text":"The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-17712","url":"https://www.suse.com/security/cve/CVE-2017-17712"},{"category":"external","summary":"SUSE Bug 1073229 for CVE-2017-17712","url":"https://bugzilla.suse.com/1073229"},{"category":"external","summary":"SUSE Bug 1073230 for CVE-2017-17712","url":"https://bugzilla.suse.com/1073230"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"important"}],"title":"CVE-2017-17712"},{"cve":"CVE-2017-17862","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-17862"}],"notes":[{"category":"general","text":"kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-17862","url":"https://www.suse.com/security/cve/CVE-2017-17862"},{"category":"external","summary":"SUSE Bug 1073928 for CVE-2017-17862","url":"https://bugzilla.suse.com/1073928"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-17862"},{"cve":"CVE-2017-17864","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-17864"}],"notes":[{"category":"general","text":"kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-17864","url":"https://www.suse.com/security/cve/CVE-2017-17864"},{"category":"external","summary":"SUSE Bug 1073928 for CVE-2017-17864","url":"https://bugzilla.suse.com/1073928"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.3,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-17864"},{"cve":"CVE-2017-17975","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-17975"}],"notes":[{"category":"general","text":"Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of audio registration, because a kfree of the usbtv data structure occurs during a usbtv_video_free call, but the usbtv_video_fail label's code attempts to both access and free this data structure.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-17975","url":"https://www.suse.com/security/cve/CVE-2017-17975"},{"category":"external","summary":"SUSE Bug 1074426 for CVE-2017-17975","url":"https://bugzilla.suse.com/1074426"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.5,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"low"}],"title":"CVE-2017-17975"},{"cve":"CVE-2017-18017","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18017"}],"notes":[{"category":"general","text":"The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18017","url":"https://www.suse.com/security/cve/CVE-2017-18017"},{"category":"external","summary":"SUSE Bug 1074488 for CVE-2017-18017","url":"https://bugzilla.suse.com/1074488"},{"category":"external","summary":"SUSE Bug 1080255 for CVE-2017-18017","url":"https://bugzilla.suse.com/1080255"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-18017","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2017-18017","url":"https://bugzilla.suse.com/1115893"},{"category":"external","summary":"SUSE Bug 971126 for CVE-2017-18017","url":"https://bugzilla.suse.com/971126"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-18017"},{"cve":"CVE-2017-18174","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18174"}],"notes":[{"category":"general","text":"In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18174","url":"https://www.suse.com/security/cve/CVE-2017-18174"},{"category":"external","summary":"SUSE Bug 1080533 for CVE-2017-18174","url":"https://bugzilla.suse.com/1080533"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-18174"},{"cve":"CVE-2017-18208","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-18208"}],"notes":[{"category":"general","text":"The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-18208","url":"https://www.suse.com/security/cve/CVE-2017-18208"},{"category":"external","summary":"SUSE Bug 1083494 for CVE-2017-18208","url":"https://bugzilla.suse.com/1083494"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2017-18208","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-18208","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2017-18208"},{"cve":"CVE-2017-5715","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-5715"}],"notes":[{"category":"general","text":"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2017-5715","url":"https://www.suse.com/security/cve/CVE-2017-5715"},{"category":"external","summary":"SUSE Bug 1068032 for CVE-2017-5715","url":"https://bugzilla.suse.com/1068032"},{"category":"external","summary":"SUSE Bug 1074562 for CVE-2017-5715","url":"https://bugzilla.suse.com/1074562"},{"category":"external","summary":"SUSE Bug 1074578 for CVE-2017-5715","url":"https://bugzilla.suse.com/1074578"},{"category":"external","summary":"SUSE Bug 1074701 for CVE-2017-5715","url":"https://bugzilla.suse.com/1074701"},{"category":"external","summary":"SUSE Bug 1074741 for CVE-2017-5715","url":"https://bugzilla.suse.com/1074741"},{"category":"external","summary":"SUSE Bug 1074919 for CVE-2017-5715","url":"https://bugzilla.suse.com/1074919"},{"category":"external","summary":"SUSE Bug 1075006 for CVE-2017-5715","url":"https://bugzilla.suse.com/1075006"},{"category":"external","summary":"SUSE Bug 1075007 for CVE-2017-5715","url":"https://bugzilla.suse.com/1075007"},{"category":"external","summary":"SUSE Bug 1075262 for CVE-2017-5715","url":"https://bugzilla.suse.com/1075262"},{"category":"external","summary":"SUSE Bug 1075419 for CVE-2017-5715","url":"https://bugzilla.suse.com/1075419"},{"category":"external","summary":"SUSE Bug 1076115 for CVE-2017-5715","url":"https://bugzilla.suse.com/1076115"},{"category":"external","summary":"SUSE Bug 1076372 for CVE-2017-5715","url":"https://bugzilla.suse.com/1076372"},{"category":"external","summary":"SUSE Bug 1076606 for CVE-2017-5715","url":"https://bugzilla.suse.com/1076606"},{"category":"external","summary":"SUSE Bug 1078353 for CVE-2017-5715","url":"https://bugzilla.suse.com/1078353"},{"category":"external","summary":"SUSE Bug 1080039 for CVE-2017-5715","url":"https://bugzilla.suse.com/1080039"},{"category":"external","summary":"SUSE Bug 1087887 for CVE-2017-5715","url":"https://bugzilla.suse.com/1087887"},{"category":"external","summary":"SUSE Bug 1087939 for CVE-2017-5715","url":"https://bugzilla.suse.com/1087939"},{"category":"external","summary":"SUSE Bug 1088147 for CVE-2017-5715","url":"https://bugzilla.suse.com/1088147"},{"category":"external","summary":"SUSE Bug 1089055 for CVE-2017-5715","url":"https://bugzilla.suse.com/1089055"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2017-5715","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1095735 for CVE-2017-5715","url":"https://bugzilla.suse.com/1095735"},{"category":"external","summary":"SUSE Bug 1102517 for CVE-2017-5715","url":"https://bugzilla.suse.com/1102517"},{"category":"external","summary":"SUSE Bug 1105108 for CVE-2017-5715","url":"https://bugzilla.suse.com/1105108"},{"category":"external","summary":"SUSE Bug 1126516 for CVE-2017-5715","url":"https://bugzilla.suse.com/1126516"},{"category":"external","summary":"SUSE Bug 1173489 for CVE-2017-5715","url":"https://bugzilla.suse.com/1173489"},{"category":"external","summary":"SUSE Bug 1178658 for CVE-2017-5715","url":"https://bugzilla.suse.com/1178658"},{"category":"external","summary":"SUSE Bug 1201457 for CVE-2017-5715","url":"https://bugzilla.suse.com/1201457"},{"category":"external","summary":"SUSE Bug 1201877 for CVE-2017-5715","url":"https://bugzilla.suse.com/1201877"},{"category":"external","summary":"SUSE Bug 1203236 for CVE-2017-5715","url":"https://bugzilla.suse.com/1203236"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"important"}],"title":"CVE-2017-5715"},{"cve":"CVE-2018-1000004","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-1000004"}],"notes":[{"category":"general","text":"In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-1000004","url":"https://www.suse.com/security/cve/CVE-2018-1000004"},{"category":"external","summary":"SUSE Bug 1076017 for CVE-2018-1000004","url":"https://bugzilla.suse.com/1076017"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-1000004","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2018-1000004"},{"cve":"CVE-2018-1000026","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-1000026"}],"notes":[{"category":"general","text":"Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-1000026","url":"https://www.suse.com/security/cve/CVE-2018-1000026"},{"category":"external","summary":"SUSE Bug 1079384 for CVE-2018-1000026","url":"https://bugzilla.suse.com/1079384"},{"category":"external","summary":"SUSE Bug 1087082 for CVE-2018-1000026","url":"https://bugzilla.suse.com/1087082"},{"category":"external","summary":"SUSE Bug 1096723 for CVE-2018-1000026","url":"https://bugzilla.suse.com/1096723"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.7,"baseSeverity":"HIGH","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"important"}],"title":"CVE-2018-1000026"},{"cve":"CVE-2018-5332","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-5332"}],"notes":[{"category":"general","text":"In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-5332","url":"https://www.suse.com/security/cve/CVE-2018-5332"},{"category":"external","summary":"SUSE Bug 1075621 for CVE-2018-5332","url":"https://bugzilla.suse.com/1075621"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-5332","url":"https://bugzilla.suse.com/1091815"},{"category":"external","summary":"SUSE Bug 1115893 for CVE-2018-5332","url":"https://bugzilla.suse.com/1115893"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.6,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"low"}],"title":"CVE-2018-5332"},{"cve":"CVE-2018-5333","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-5333"}],"notes":[{"category":"general","text":"In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-5333","url":"https://www.suse.com/security/cve/CVE-2018-5333"},{"category":"external","summary":"SUSE Bug 1075617 for CVE-2018-5333","url":"https://bugzilla.suse.com/1075617"},{"category":"external","summary":"SUSE Bug 1091815 for CVE-2018-5333","url":"https://bugzilla.suse.com/1091815"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":2.9,"baseSeverity":"LOW","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"low"}],"title":"CVE-2018-5333"},{"cve":"CVE-2018-8087","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-8087"}],"notes":[{"category":"general","text":"Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-8087","url":"https://www.suse.com/security/cve/CVE-2018-8087"},{"category":"external","summary":"SUSE Bug 1085053 for CVE-2018-8087","url":"https://bugzilla.suse.com/1085053"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.0"},"products":["SUSE Linux Enterprise Real Time 12 SP3:cluster-md-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:dlm-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:gfs2-kmp-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-devel-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-base-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-rt_debug-devel-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:kernel-source-rt-4.4.120-3.8.1.noarch","SUSE Linux Enterprise Real Time 12 SP3:kernel-syms-rt-4.4.120-3.8.1.x86_64","SUSE Linux Enterprise Real Time 12 SP3:ocfs2-kmp-rt-4.4.120-3.8.1.x86_64"]}],"threats":[{"category":"impact","date":"2018-04-19T09:27:38Z","details":"moderate"}],"title":"CVE-2018-8087"}]}