{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\nThe SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559).\n- CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).\n- CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).\n- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).\n- CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027).\n- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).\n- CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).\n- CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).\n- CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).\n- CVE-2020-29373: Fixed an unsafe handling of the root directory during path lookups in fs/io_uring.c (bnc#1179434).\n- CVE-2020-11668: Fixed the mishandling of invalid descriptors in the Xirlink camera USB driver (bnc#1168952).\n- CVE-2020-27830: Fixed a null pointer dereference in speakup (bsc#1179656).\n- CVE-2020-29370: Fixed a race condition in kmem_cache_alloc_bulk (bnc#1179435).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PNP: compare the string length in the matching_id() (git-fixes).\n- add reference to CVE and its bsc\n- ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G (git-fixes).\n- ALSA: core: memalloc: add page alignment for iram (git-fixes).\n- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).\n- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).\n- ALSA: hda/hdmi: always print pin NIDs as hexadecimal (git-fixes).\n- ALSA: hda/hdmi: packet buffer index must be set before reading value (git-fixes).\n- ALSA: hda/proc - print DP-MST connections (git-fixes).\n- ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button (git-fixes).\n- ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (git-fixes).\n- ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256 (git-fixes).\n- ALSA: hda/realtek: Add quirk for MSI-GP73 (git-fixes).\n- ALSA: hda/realtek: Apply jack fixup for Quanta NL3 (git-fixes).\n- ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop (git-fixes).\n- ALSA: hda: Fix regressions on clear and reconfig sysfs (git-fixes).\n- ALSA: pcm: oss: Fix a few more UBSAN fixes (git-fixes).\n- ALSA: pcm: oss: Fix potential out-of-bounds shift (git-fixes).\n- ALSA: rawmidi: Access runtime->avail always in spinlock (git-fixes).\n- ALSA: seq: remove useless function (git-fixes).\n- ALSA: usb-audio: Add generic implicit fb parsing (bsc#1178203).\n- ALSA: usb-audio: Add hw constraint for implicit fb sync (bsc#1178203).\n- ALSA: usb-audio: Add implicit fb support for Steinberg UR22 (git-fixes).\n- ALSA: usb-audio: Add implicit_fb module option (bsc#1178203).\n- ALSA: usb-audio: Add quirk for Pioneer DJ DDJ-SR2 (git-fixes).\n- ALSA: usb-audio: Add snd_usb_get_endpoint() helper (bsc#1178203).\n- ALSA: usb-audio: Add snd_usb_get_host_interface() helper (bsc#1178203).\n- ALSA: usb-audio: Add support for Pioneer DJ DDJ-RR controller (git-fixes).\n- ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices (git-fixes).\n- ALSA: usb-audio: Always set up the parameters after resume (bsc#1178203).\n- ALSA: usb-audio: Avoid doubly initialization for implicit fb (bsc#1178203).\n- ALSA: usb-audio: Check implicit feedback EP generically for UAC2 (bsc#1178203).\n- ALSA: usb-audio: Check valid altsetting at parsing rates for UAC2/3 (bsc#1178203).\n- ALSA: usb-audio: Constify audioformat pointer references (bsc#1178203).\n- ALSA: usb-audio: Create endpoint objects at parsing phase (bsc#1178203).\n- ALSA: usb-audio: Disable sample read check if firmware does not give back (git-fixes).\n- ALSA: usb-audio: Do not call usb_set_interface() at trigger callback (bsc#1178203).\n- ALSA: usb-audio: Do not set altsetting before initializing sample rate (bsc#1178203).\n- ALSA: usb-audio: Drop debug.h (bsc#1178203).\n- ALSA: usb-audio: Drop keep_interface flag again (bsc#1178203).\n- ALSA: usb-audio: Drop unneeded snd_usb_substream fields (bsc#1178203).\n- ALSA: usb-audio: Factor out the implicit feedback quirk code (bsc#1178203).\n- ALSA: usb-audio: Fix control 'access overflow' errors from chmap (git-fixes).\n- ALSA: usb-audio: Fix EP matching for continuous rates (bsc#1178203).\n- ALSA: usb-audio: Fix MOTU M-Series quirks (bsc#1178203).\n- ALSA: usb-audio: Fix possible stall of implicit fb packet ring-buffer (bsc#1178203).\n- ALSA: usb-audio: Fix potential out-of-bounds shift (git-fixes).\n- ALSA: usb-audio: Fix quirks for other BOSS devices (bsc#1178203).\n- ALSA: usb-audio: Handle discrete rates properly in hw constraints (bsc#1178203).\n- ALSA: usb-audio: Improve some debug prints (bsc#1178203).\n- ALSA: usb-audio: Move snd_usb_autoresume() call out of setup_hw_info() (bsc#1178203).\n- ALSA: usb-audio: Pass snd_usb_audio object to quirk functions (bsc#1178203).\n- ALSA: usb-audio: Quirk for BOSS GT-001 (bsc#1178203).\n- ALSA: usb-audio: Refactor endpoint management (bsc#1178203).\n- ALSA: usb-audio: Refactoring endpoint URB deactivation (bsc#1178203).\n- ALSA: usb-audio: Replace slave/master terms (bsc#1178203).\n- ALSA: usb-audio: Set and clear sync EP link properly (bsc#1178203).\n- ALSA: usb-audio: Set callbacks via snd_usb_endpoint_set_callback() (bsc#1178203).\n- ALSA: usb-audio: Show sync endpoint information in proc outputs (bsc#1178203).\n- ALSA: usb-audio: Simplify hw_params rules (bsc#1178203).\n- ALSA: usb-audio: Simplify rate_min/max and rates set up (bsc#1178203).\n- ALSA: usb-audio: Simplify snd_usb_init_pitch() arguments (bsc#1178203).\n- ALSA: usb-audio: Simplify snd_usb_init_sample_rate() arguments (bsc#1178203).\n- ALSA: usb-audio: Stop both endpoints properly at error (bsc#1178203).\n- ALSA: usb-audio: Track implicit fb sync endpoint in audioformat list (bsc#1178203).\n- ALSA: usb-audio: Unify the code for the next packet size calculation (bsc#1178203).\n- ALSA: usb-audio: Use atomic_t for endpoint use_count (bsc#1178203).\n- ALSA: usb-audio: Use unsigned char for iface and altsettings fields (bsc#1178203).\n- ALSA: usb-audio: workaround for iface reset issue (bsc#1178203).\n- ASoC: amd: change clk_get() to devm_clk_get() and add missed checks (git-fixes).\n- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).\n- ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (git-fixes).\n- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).\n- ASoC: meson: fix COMPILE_TEST error (git-fixes).\n- ASoC: pcm: DRAIN support reactivation (git-fixes).\n- ASoC: SOF: control: fix size checks for ext_bytes control .get() (git-fixes).\n- ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode (git-fixes).\n- ASoC: tegra20-spdif: remove 'default m' (git-fixes).\n- ASoC: ti: davinci-mcasp: remove always zero of davinci_mcasp_get_dt_params (git-fixes).\n- ASoC: wm8998: Fix PM disable depth imbalance on error (git-fixes).\n- ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (git-fixes).\n- ath10k: Fix an error handling path (git-fixes).\n- ath10k: Release some resources in an error handling path (git-fixes).\n- ath6kl: fix enum-conversion warning (git-fixes).\n- blk-mq: Remove 'running from the wrong CPU' warning (bsc#1174486).\n- block: return status code in blk_mq_end_request() (bsc#1171000, bsc#1165933).\n- Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware() (git-fixes).\n- Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware() (git-fixes).\n- Bluetooth: Fix null pointer dereference in hci_event_packet() (git-fixes).\n- Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (git-fixes).\n- Bluetooth: hci_h5: fix memory leak in h5_close (git-fixes).\n- bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address() (git-fixes).\n- btrfs: add missing check for nocow and compression inode flags (bsc#1178780).\n- btrfs: delete duplicated words + other fixes in comments (bsc#1180566).\n- btrfs: do not commit logs and transactions during link and rename operations (bsc#1180566).\n- btrfs: do not take the log_mutex of the subvolume when pinning the log (bsc#1180566).\n- btrfs: fix readahead hang and use-after-free after removing a device (bsc#1179963).\n- btrfs: fix use-after-free on readahead extent after failure to create it (bsc#1179963).\n- btrfs: qgroup: do not try to wait flushing if we're already holding a transaction (bsc#1179575).\n- bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (git-fixes).\n- can: softing: softing_netdev_open(): fix error handling (git-fixes).\n- cfg80211: initialize rekey_data (git-fixes).\n- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).\n- cifs: do not share tcons with DFS (bsc#1178270).\n- cifs: document and cleanup dfs mount (bsc#1178270).\n- cifs: ensure correct super block for DFS reconnect (bsc#1178270).\n- cifs: Fix an error pointer dereference in cifs_mount() (bsc#1178270).\n- cifs: fix check of tcon dfs in smb1 (bsc#1178270).\n- cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270).\n- cifs: fix double free error on share and prefix (bsc#1178270).\n- cifs: fix leaked reference on requeued write (bsc#1178270).\n- cifs: fix uninitialised lease_key in open_shroot() (bsc#1178270).\n- cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1178270).\n- cifs: handle empty list of targets in cifs_reconnect() (bsc#1178270).\n- cifs: handle hostnames that resolve to same ip in failover (bsc#1178270).\n- cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect (bsc#1178270).\n- cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect() (bsc#1178270).\n- cifs: only update prefix path of DFS links in cifs_tree_connect() (bsc#1178270).\n- cifs: reduce number of referral requests in DFS link lookups (bsc#1178270).\n- cifs: rename reconn_inval_dfs_target() (bsc#1178270).\n- cifs: set up next DFS target before generic_ip_connect() (bsc#1178270).\n- clk: at91: sam9x60: remove atmel,osc-bypass support (git-fixes).\n- clk: ingenic: Fix divider calculation with div tables (git-fixes).\n- clk: mediatek: Make mtk_clk_register_mux() a static function (git-fixes).\n- clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (git-fixes).\n- clk: renesas: r9a06g032: Drop __packed for portability (git-fixes).\n- clk: s2mps11: Fix a resource leak in error handling paths in the probe function (git-fixes).\n- clk: sunxi-ng: Make sure divider tables have sentinel (git-fixes).\n- clk: tegra: Do not return 0 on failure (git-fixes).\n- clk: tegra: Fix duplicated SE clock entry (git-fixes).\n- clk: ti: Fix memleak in ti_fapll_synth_setup (git-fixes).\n- clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI (git-fixes).\n- clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne (git-fixes).\n- clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent() (git-fixes).\n- clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path (git-fixes).\n- cpufreq: ap806: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).\n- cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).\n- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- cpufreq: vexpress-spc: Add missing MODULE_ALIAS (git-fixes).\n- crypto: af_alg - avoid undefined behavior accessing salg_name (git-fixes).\n- crypto: atmel-i2c - select CONFIG_BITREVERSE (git-fixes).\n- crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd (git-fixes).\n- crypto: ecdh - avoid unaligned accesses in ecdh_set_secret() (git-fixes).\n- crypto: inside-secure - Fix sizeof() mismatch (git-fixes).\n- crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (git-fixes).\n- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (git-fixes).\n- crypto: talitos - Endianess in current_desc_hdr() (git-fixes).\n- crypto: talitos - Fix return type of current_desc_hdr() (git-fixes).\n- cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (git-fixes).\n- dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe() (git-fixes).\n- Documentation: seqlock: s/LOCKTYPE/LOCKNAME/g (git-fixes).\n- drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (git-fixes).\n- drm/amd/display: Fix wrong return value in dm_update_plane_state() (bsc#1152489)\n- drm/amdgpu: pass NULL pointer instead of 0 (bsc#1152489) Backporting changes: \t* context fixes\n- drm/crc-debugfs: Fix memleak in crc_control_write (bsc#1152472)\n- drm/gma500: fix error check (bsc#1152472) Backporting changes: \t* context fixes\n- drm/i915/gem: Avoid implicit vmap for highmem on x86-32 (bsc#1152489) Backporting changes: \t* context fixes\n- drm/i915: Fix sha_text population code (bsc#1152489) Backporting changes: \t* context fixes \t* adapted I/O functions to old driver\n- drm/imx: tve remove extraneous type qualifier (bsc#1152489)\n- drm/mediatek: Add exception handing in mtk_drm_probe() if component (bsc#1152472)\n- drm/mediatek: Add missing put_device() call in (bsc#1152472)\n- drm/mediatek: Add missing put_device() call in mtk_drm_kms_init() (bsc#1152472) Backporting changes: \t* context fixes \t* adapted to function layout\n- drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check() (bsc#1152489)\n- drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (bsc#1152489) Backporting changes: \t* context fixes\n- drm/panfrost: Ensure GPU quirks are always initialised (bsc#1152489)\n- drm/panfrost: increase readl_relaxed_poll_timeout values (bsc#1152472) Backporting changes: \t* context fixes\n- drm/radeon: Prefer lower feedback dividers (bsc#1152489)\n- drm/sun4i: sun8i-csc: Secondary CSC register correction (bsc#1152489)\n- drm/vc4/vc4_hdmi: fill ASoC card owner (bsc#1152489)\n- drm/vc4: crtc: Rework a bit the CRTC state code (bsc#1152472) Backporting changes: \t* context fixes\n- drm/vc4: hdmi: Avoid sleeping in atomic context (bsc#1152489) Backporting changes: \t* context fixes\n- drm/vkms: fix xrgb on compute crc (bsc#1152472) Backporting changes: \t* changed filename from vkms_composer.c to vkms_crc.c \t* context fixes\n- drm: mxsfb: check framebuffer pitch (bsc#1152472) Backporting changes: \t* context fixes\n- drm: mxsfb: Remove fbdev leftovers (bsc#1152472) Backporting changes: \t* context fixes\n- drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel (bsc#1152489)\n- drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel (bsc#1152472) Backporting changes: \t* context fixes\n- drm: rcar-du: Put reference to VSP device (bsc#1152489)\n- EDAC/amd64: Do not load on family 0x15, model 0x13 (bsc#1179763).\n- EDAC/i10nm: Use readl() to access MMIO registers (bsc#1152489).\n- EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId (bsc#1152489).\n- epoll: Keep a reference on files added to the check list (bsc#1180031).\n- ext4: correctly report 'not supported' for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672).\n- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).\n- ext4: fix leaking sysfs kobject after failed mount (bsc#1179670).\n- ext4: limit entries returned when counting fsmap records (bsc#1179671).\n- ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673).\n- extcon: max77693: Fix modalias string (git-fixes).\n- fail_function: Remove a redundant mutex unlock (bsc#1149032).\n- fbcon: Remove the superfluous break (bsc#1152472)\n- fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes).\n- fs/minix: check return value of sb_getblk() (bsc#1179676).\n- fs/minix: do not allow getting deleted inodes (bsc#1179677).\n- fs/minix: fix block limit check for V1 filesystems (bsc#1179680).\n- fs/minix: reject too-large maximum file size (bsc#1179678).\n- fs/minix: remove expected error message in block_to_path() (bsc#1179681).\n- fs/minix: set s_maxbytes correctly (bsc#1179679).\n- fs/ufs: avoid potential u32 multiplication overflow (bsc#1179682).\n- fs: Do not invalidate page buffers in block_write_full_page() (bsc#1179711).\n- ftrace: Fix updating FTRACE_FL_TRAMP (git-fixes).\n- genirq/irqdomain: Add an irq_create_mapping_affinity() function (bsc#1065729).\n- genirq/matrix: Deal with the sillyness of for_each_cpu() on UP (bsc#1156315).\n- gpio: mvebu: fix potential user-after-free on probe (git-fixes).\n- gpio: mvebu: update Armada XP per-CPU comment (git-fixes).\n- HID: i2c-hid: add Vero K147 to descriptor override (git-fixes).\n- HMAT: Register memory-side cache after parsing (bsc#1178660).\n- HMAT: Skip publishing target info for nodes with no online memory (bsc#1178660).\n- HSI: omap_ssi: Do not jump to free ID in ssi_add_controller() (git-fixes).\n- IB/isert: Fix unaligned immediate-data handling (bsc#1152489)\n- IB/mlx4: Add and improve logging (bsc#1152489)\n- IB/mlx4: Add support for MRA (bsc#1152489)\n- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1152489)\n- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1152489)\n- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1152489)\n- IB/rdmavt: Fix sizeof mismatch (bsc#1152489)\n- IB/srpt: Fix memory leak in srpt_add_one (bsc#1152489)\n- IB/uverbs: Set IOVA on IB MR in uverbs layer (bsc#1152489)\n- ibmvnic: add some debugs (bsc#1179896 ltc#190255).\n- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231 git-fixes).\n- ibmvnic: continue fatal error reset after passive init (bsc#1171078 ltc#184239 git-fixes).\n- ibmvnic: delay next reset if hard reset fails (bsc#1094840 ltc#167098 git-fixes).\n- ibmvnic: enhance resetting status check during module exit (bsc#1065729).\n- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431 ltc#171853 git-fixes).\n- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (bsc#1040855 ltc#155067 git-fixes).\n- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231 git-fixes).\n- ibmvnic: notify peers when failover and migration happen (bsc#1044120 ltc#155423 git-fixes).\n- ibmvnic: restore adapter state on failed reset (bsc#1152457 ltc#174432 git-fixes).\n- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (git-fixes).\n- iio: buffer: Fix demux update (git-fixes).\n- iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context (git-fixes).\n- iio:adc:ti-ads124s08: Fix alignment and data leak issues (git-fixes).\n- iio:adc:ti-ads124s08: Fix buffer being too long (git-fixes).\n- iio:imu:bmi160: Fix too large a buffer (git-fixes).\n- iio:light:rpr0521: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:light:st_uvis25: Fix timestamp alignment and prevent data leak (git-fixes).\n- iio:magnetometer:mag3110: Fix alignment and data leak issues (git-fixes).\n- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).\n- inet_ecn: Fix endianness of checksum update when setting ECT(1) (git-fixes).\n- Input: ads7846 - fix integer overflow on Rt calculation (git-fixes).\n- Input: ads7846 - fix race that causes missing releases (git-fixes).\n- Input: ads7846 - fix unaligned access on 7845 (git-fixes).\n- Input: cm109 - do not stomp on control URB (git-fixes).\n- Input: cros_ec_keyb - send 'scancodes' in addition to key events (git-fixes).\n- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).\n- Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (git-fixes).\n- Input: i8042 - add Acer laptops to the i8042 reset list (git-fixes).\n- Input: i8042 - add ByteSpeed touchpad to noloop table (git-fixes).\n- Input: omap4-keypad - fix runtime PM error handling (git-fixes).\n- Input: xpad - support Ardwiino Controllers (git-fixes).\n- iomap: Clear page error before beginning a write (bsc#1179683).\n- iomap: Mark read blocks uptodate in write_begin (bsc#1179684).\n- iomap: Set all uptodate bits for an Uptodate page (bsc#1179685).\n- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (bsc#1179652).\n- iwlwifi: mvm: fix kernel panic in case of assert during CSA (git-fixes).\n- iwlwifi: mvm: hook up missing RX handlers (git-fixes).\n- iwlwifi: pcie: add one missing entry for AX210 (git-fixes).\n- iwlwifi: pcie: limit memory read spin time (git-fixes).\n- jbd2: fix up sparse warnings in checkpoint code (bsc#1179707).\n- kABI: genirq: add back irq_create_mapping (bsc#1065729).\n- kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing ESB page (bsc#1156395).\n- lan743x: fix for potential NULL pointer dereference with bare card (git-fixes).\n- libfs: fix error cast of negative value in simple_attr_write() (bsc#1179709).\n- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1149032).\n- mac80211: do not set set TDLS STA bandwidth wider than possible (git-fixes).\n- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).\n- md-cluster: fix rmmod issue when md_cluster convert bitmap to none (bsc#1163727).\n- md-cluster: fix safemode_delay value when converting to clustered bitmap (bsc#1163727).\n- md-cluster: fix wild pointer of unlock_all_bitmaps() (bsc#1163727).\n- md/bitmap: fix memory leak of temporary bitmap (bsc#1163727).\n- md/bitmap: md_bitmap_get_counter returns wrong blocks (bsc#1163727).\n- md/bitmap: md_bitmap_read_sb uses wrong bitmap blocks (bsc#1163727).\n- md/cluster: block reshape with remote resync job (bsc#1163727).\n- md/cluster: fix deadlock when node is doing resync job (bsc#1163727).\n- media: gspca: Fix memory leak in probe (git-fixes).\n- media: imx214: Fix stop streaming (git-fixes).\n- media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE (git-fixes).\n- media: ipu3-cio2: Remove traces of returned buffers (git-fixes).\n- media: ipu3-cio2: Return actual subdev format (git-fixes).\n- media: ipu3-cio2: Serialise access to pad format (git-fixes).\n- media: ipu3-cio2: Validate mbus format in setting subdev format (git-fixes).\n- media: max2175: fix max2175_set_csm_mode() error code (git-fixes).\n- media: msi2500: assign SPI bus number dynamically (git-fixes).\n- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm() (git-fixes).\n- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm() (git-fixes).\n- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (git-fixes).\n- media: saa7146: fix array overflow in vidioc_s_audio() (git-fixes).\n- media: siano: fix memory leak of debugfs members in smsdvb_hotplug (git-fixes).\n- media: solo6x10: fix missing snd_card_free in error handling case (git-fixes).\n- media: sunxi-cir: ensure IR is handled when it is continuous (git-fixes).\n- media: tm6000: Fix sizeof() mismatches (git-fixes).\n- media: uvcvideo: Accept invalid bFormatIndex and bFrameIndex values (bsc#1180117).\n- memstick: fix a double-free bug in memstick_check (git-fixes).\n- memstick: r592: Fix error return in r592_probe() (git-fixes).\n- mfd: rt5033: Fix errorneous defines (git-fixes).\n- mm,memory_failure: always pin the page in madvise_inject_error (bsc#1180258).\n- mm/error_inject: Fix allow_error_inject function signatures (bsc#1179710).\n- mm/memory_hotplug: shrink zones when offlining memory (bsc#1177679).\n- mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204).\n- mm: memcg: fix memcg reclaim soft lockup (VM Functionality, bsc#1180056).\n- mmc: block: Fixup condition for CMD13 polling for RPMB requests (git-fixes).\n- mmc: pxamci: Fix error return code in pxamci_probe (git-fixes).\n- mtd: rawnand: gpmi: fix reference count leak in gpmi ops (git-fixes).\n- mtd: rawnand: gpmi: Fix the random DMA timeout issue (git-fixes).\n- mtd: rawnand: meson: Fix a resource leak in init (git-fixes).\n- mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments (git-fixes).\n- mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read (git-fixes).\n- mtd: spinand: Fix OOB read (git-fixes).\n- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (git-fixes).\n- nfc: s3fwrn5: Release the nfc firmware (git-fixes).\n- nvme-fabrics: allow to queue requests for live queues (git-fixes).\n- nvme-fabrics: do not check state NVME_CTRL_NEW for request acceptance (bsc#1179519).\n- nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1177326).\n- nvme-fc: cancel async events before freeing event struct (git-fixes).\n- nvme-fc: eliminate terminate_io use by nvme_fc_error_recovery (bsc#1177326).\n- nvme-fc: fix error loop in create_hw_io_queues (git-fixes).\n- nvme-fc: fix io timeout to abort I/O (bsc#1177326).\n- nvme-fc: remove err_work work item (bsc#1177326).\n- nvme-fc: remove nvme_fc_terminate_io() (bsc#1177326).\n- nvme-fc: shorten reconnect delay if possible for FC (git-fixes).\n- nvme-fc: track error_recovery while connecting (bsc#1177326).\n- nvme-fc: wait for queues to freeze before calling (git-fixes).\n- nvme-multipath: fix deadlock between ana_work and scan_work (git-fixes).\n- nvme-multipath: fix deadlock due to head->lock (git-fixes).\n- nvme-pci: properly print controller address (git-fixes).\n- nvme-rdma: avoid race between time out and tear down (bsc#1179519).\n- nvme-rdma: avoid repeated request completion (bsc#1179519).\n- nvme-rdma: cancel async events before freeing event struct (git-fixes).\n- nvme-rdma: fix controller reset hang during traffic (bsc#1179519).\n- nvme-rdma: fix reset hang if controller died in the middle of a reset (bsc#1179519).\n- nvme-rdma: fix timeout handler (bsc#1179519).\n- nvme-rdma: handle unexpected nvme completion data length (bsc#1178612).\n- nvme-rdma: serialize controller teardown sequences (bsc#1179519).\n- nvme-tcp: avoid race between time out and tear down (bsc#1179519).\n- nvme-tcp: avoid repeated request completion (bsc#1179519).\n- nvme-tcp: avoid scheduling io_work if we are already polling (bsc#1179519).\n- nvme-tcp: break from io_work loop if recv failed (bsc#1179519).\n- nvme-tcp: cancel async events before freeing event struct (git-fixes).\n- nvme-tcp: do not poll a non-live queue (bsc#1179519).\n- nvme-tcp: fix controller reset hang during traffic (bsc#1179519).\n- nvme-tcp: fix possible crash in recv error flow (bsc#1179519).\n- nvme-tcp: fix possible leakage during error flow (git-fixes).\n- nvme-tcp: fix reset hang if controller died in the middle of a reset (bsc#1179519).\n- nvme-tcp: fix timeout handler (bsc#1179519).\n- nvme-tcp: have queue prod/cons send list become a llist (bsc#1179519).\n- nvme-tcp: leverage request plugging (bsc#1179519).\n- nvme-tcp: move send failure to nvme_tcp_try_send (bsc#1179519).\n- nvme-tcp: optimize network stack with setting msg flags (bsc#1179519).\n- nvme-tcp: optimize queue io_cpu assignment for multiple queue (git-fixes).\n- nvme-tcp: serialize controller teardown sequences (bsc#1179519).\n- nvme-tcp: set MSG_SENDPAGE_NOTLAST with MSG_MORE when we have (bsc#1179519).\n- nvme-tcp: try to send request in queue_rq context (bsc#1179519).\n- nvme-tcp: use bh_lock in data_ready (bsc#1179519).\n- nvme: do not protect ns mutation with ns->head->lock (git-fixes).\n- nvme: have nvme_wait_freeze_timeout return if it timed out (bsc#1179519).\n- nvme: introduce nvme_sync_io_queues (bsc#1179519).\n- nvme: Revert: Fix controller creation races with teardown (git-fixes).\n- nvmet-fc: fix missing check for no hostport struct (bsc#1176942).\n- nvmet-tcp: fix maxh2cdata icresp parameter (bsc#1179892).\n- ocfs2: fix unbalanced locking (bsc#1180506).\n- orinoco: Move context allocation after processing the skb (git-fixes).\n- PCI: brcmstb: Initialize 'tmp' before use (git-fixes).\n- PCI: Fix overflow in command-line resource alignment requests (git-fixes).\n- PCI: Fix pci_slot_release() NULL pointer dereference (git-fixes).\n- PCI: iproc: Fix out-of-bound array accesses (git-fixes).\n- pinctrl: amd: remove debounce filter setting in IRQ type setting (git-fixes).\n- pinctrl: aspeed: Fix GPIO requests on pass-through banks (git-fixes).\n- pinctrl: baytrail: Avoid clearing debounce value when turning it off (git-fixes).\n- pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (git-fixes).\n- pinctrl: merrifield: Set default bias in case no particular value given (git-fixes).\n- platform/chrome: cros_ec_spi: Do not overwrite spi::mode (git-fixes).\n- platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (git-fixes).\n- platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (git-fixes).\n- platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12 (git-fixes).\n- platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC (git-fixes).\n- platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (git-fixes).\n- platform/x86: mlx-platform: remove an unused variable (git-fixes).\n- platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (git-fixes).\n- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (git-fixes).\n- platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen (git-fixes).\n- platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e (git-fixes).\n- platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet (git-fixes).\n- power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching (git-fixes).\n- power: supply: bq24190_charger: fix reference leak (git-fixes).\n- powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (bsc#1065729).\n- powerpc/64s/powernv: Fix memory corruption when saving SLB entries on MCE (jsc#SLE-9246 git-fixes).\n- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest kernels (bsc#1179888 ltc#190253).\n- powerpc/64s: Fix allnoconfig build since uaccess flush (bsc#1177666 git-fixes).\n- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- powerpc/64s: Trim offlined CPUs from mm_cpumasks (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- powerpc/bitops: Fix possible undefined behaviour with fls() and fls64() (bsc#1156395).\n- powerpc/eeh_cache: Fix a possible debugfs deadlock (bsc#1156395).\n- powerpc/pci: Remove LSI mappings on device teardown (bsc#1172145 ltc#184630).\n- powerpc/pseries/hibernation: remove redundant cacheinfo update (bsc#1138374 ltc#178199 git-fixes).\n- powerpc/pseries: Pass MSI affinity to irq_create_mapping() (bsc#1065729).\n- powerpc/smp: Add __init to init_big_cores() (bsc#1109695 ltc#171067 git-fixes).\n- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).\n- powerpc: Avoid broken GCC __attribute__((optimize)) (bsc#1156395).\n- powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (bsc#1065729).\n- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).\n- pwm: zx: Add missing cleanup in error path (git-fixes).\n- qede: Notify qedr when mtu has changed (bsc#1152489)\n- qtnfmac: fix error return code in qtnf_pcie_probe() (git-fixes).\n- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).\n- RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel() (bsc#1152489)\n- RDMA/bnxt_re: Do not add user qps to flushlist (bsc#1152489)\n- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1152489)\n- RDMA/core: Fix bogus WARN_ON during ib_unregister_device_queued() (bsc#1152489)\n- RDMA/core: Fix reported speed and width (bsc#1152489)\n- RDMA/core: Fix return error value in _ib_modify_qp() to negative (bsc#1152489)\n- RDMA/core: Free DIM memory in error unwind (bsc#1152489)\n- RDMA/core: Stop DIM before destroying CQ (bsc#1152489)\n- RDMA/counter: Allow manually bind QPs with different pids to same counter (bsc#1152489)\n- RDMA/counter: Only bind user QPs in auto mode (bsc#1152489)\n- RDMA/hns: Add check for the validity of sl configuration (bsc#1152489)\n- RDMA/hns: Bugfix for memory window mtpt configuration (bsc#1152489)\n- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1152489)\n- RDMA/hns: Fix missing sq_sig_type when querying QP (bsc#1152489)\n- RDMA/hns: Set the unsupported wr opcode (bsc#1152489)\n- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1152489)\n- RDMA/mlx5: Disable IB_DEVICE_MEM_MGT_EXTENSIONS if IB_WR_REG_MR can't work (bsc#1152489)\n- RDMA/netlink: Remove CAP_NET_RAW check when dump a raw QP (bsc#1152489)\n- RDMA/pvrdma: Fix missing kfree() in pvrdma_register_device() (bsc#1152489)\n- RDMA/qedr: Endianness warnings cleanup (bsc#1152489)\n- RDMA/qedr: Fix doorbell setting (bsc#1152489)\n- RDMA/qedr: Fix inline size returned for iWARP (bsc#1152489)\n- RDMA/qedr: Fix iWARP active mtu display (bsc#1152489)\n- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1152489)\n- RDMA/qedr: Fix qp structure memory leak (bsc#1152489)\n- RDMA/qedr: Fix resource leak in qedr_create_qp (bsc#1152489)\n- RDMA/qedr: Fix use of uninitialized field (bsc#1152489)\n- RDMA/qedr: SRQ's bug fixes (bsc#1152489)\n- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1152489)\n- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1152489)\n- RDMA/rxe: Fix skb lifetime in rxe_rcv_mcast_pkt() (bsc#1152489)\n- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1152489)\n- RDMA/rxe: Handle skb_clone() failure in rxe_recv.c (bsc#1152489)\n- RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1152489)\n- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1152489)\n- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1152489)\n- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1152489)\n- RDMA/rxe: Skip dgid check in loopback mode (bsc#1152489)\n- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1152489)\n- RDMA/umem: Fix ib_umem_find_best_pgsz() for mappings that cross a page boundary (bsc#1152489)\n- RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz() (bsc#1152489)\n- Re-import the upstream uvcvideo fix; one more fix will be added later (bsc#1180117)\n- regmap: Remove duplicate `type` field from regmap `regcache_sync` trace event (git-fixes).\n- regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x (git-fixes).\n- regulator: mcp16502: add linear_min_sel (git-fixes).\n- reiserfs: Fix oops during mount (bsc#1179715).\n- reiserfs: Initialize inode keys properly (bsc#1179713).\n- remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable (git-fixes).\n- remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio() (git-fixes).\n- remoteproc: qcom: fix reference leak in adsp_start (git-fixes).\n- rsi: fix error return code in rsi_reset_card() (git-fixes).\n- rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time (git-fixes).\n- rtc: hym8563: enable wakeup when applicable (git-fixes).\n- s390/cpuinfo: show processor physical address (git-fixes).\n- s390/pci: fix CPU address in MSI for directed IRQ (git-fixes).\n- s390/qeth: delay draining the TX buffers (git-fixes).\n- s390/qeth: fix af_iucv notification race (git-fixes).\n- s390/qeth: fix tear down of async TX buffers (git-fixes).\n- s390/qeth: make af_iucv TX notification call more robust (bsc#1179604 LTC#190151).\n- s390: add 3f program exception handler (git-fixes).\n- samples/bpf: Remove unused test_ipip.sh (bsc#1155518).\n- samples: bpf: Refactor test_cgrp2_sock2 program with libbpf (bsc#1155518).\n- sched/fair: Fix overutilized update in enqueue_task_fair() (git-fixes)\n- sched/fair: Fix race between runtime distribution and (git-fixes)\n- sched/fair: Fix wrong cpu selecting from isolated domain (git-fixes)\n- sched/fair: Refill bandwidth before scaling (git-fixes)\n- sched: correct SD_flags returned by tl->sd_flags() (git-fixes)\n- scsi: core: Fix VPD LUN ID designator priorities (bsc#1178049).\n- scsi: core: Return BLK_STS_AGAIN for ALUA transitioning (bsc#1165933, bsc#1171000).\n- scsi: fnic: Avoid looping in TRANS ETH on unload (bsc#1175079).\n- scsi: fnic: Change shost_printk() to FNIC_FCS_DBG() (bsc#1175079).\n- scsi: fnic: Change shost_printk() to FNIC_MAIN_DBG() (bsc#1175079).\n- scsi: fnic: Set scsi_set_resid() only for underflow (bsc#1175079).\n- scsi: fnic: Validate io_req before others (bsc#1175079).\n- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4 handlers (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Convert SCSI path to use common I/O submission path (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Correct null ndlp reference on routine exit (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Enable common send_io interface for SCSI and NVMe (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Enable common wqe_template support for both SCSI and NVMe (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Enlarge max_sectors in scsi host templates (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Extend the RDF FPIN Registration descriptor for additional events (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix memory leak on lcb_context (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix missing prototype for lpfc_nvmet_prep_abort_wqe() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix missing prototype warning for lpfc_fdmi_vendor_attr_mi() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix NPIV discovery and Fabric Node detection (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix NPIV Fabric Node reference counting (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix pointer defereference before it is null checked issue (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix removal of SCSI transport device get and put on dev structure (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix set but not used warnings from Rework remote port lock handling (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix set but unused variables in lpfc_dev_loss_tmo_handler() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix spelling mistake 'Cant' -> 'Can't' (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Fix variable 'vport' set but not used in lpfc_sli4_abts_err_handler() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined functions (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc misdemeanours (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_bsg: Provide correct documentation for a bunch of functions (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_nvme: Fix some kernel-doc related issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_nvme: Remove unused variable 'phba' (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_nvmet: Fix-up some formatting and doc-rot issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Refactor WQE structure definitions for common use (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Reject CT request for MIB commands (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Remove dead code on second !ndlp check (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI ultimately fails (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Remove set but not used 'qp' (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Remove unneeded variable 'status' in lpfc_fcp_cpu_map_store() (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Rework locations of ndlp reference taking (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Rework remote port lock handling (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Rework remote port ref counting and node freeing (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Unsolicited ELS leaves node in incorrect state while dropping it (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Update changed file copyrights for 2020 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: lpfc: Use generic power management (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: mpt3sas: A small correction in _base_process_reply_queue (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Add bypass_dirty_port_flag parameter (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Add functions to check if any cmd is outstanding on Target and LUN (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Add module parameter multipath_on_hba (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Allocate memory for hba_port objects (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Bump driver version to 35.101.00.00 (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Cancel the running work during host reset (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Capture IOC data for debugging purposes (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Define hba_port structure (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Detect tampered Aero and Sea adapters (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Disable DIF when prot_mask set to zero (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Do not call disable_irq from IRQ poll handler (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Do not change the DMA coherent mask after allocations (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Dump system registers for debugging (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix double free warnings (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix error returns in BRM_status_show (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix memset() in non-RDPQ mode (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix reply queue count in non RDPQ mode (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix set but unused variable (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix sync irqs (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Fix unlock imbalance (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Get device objects using sas_address & portID (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Get sas_device objects using device's rphy (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Handle vSES vphy object during HBA reset (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Handling HBA vSES device (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Memset config_cmds.reply buffer with zeros (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Postprocessing of target and LUN reset (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Remove NULL check before freeing function (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Remove pci-dma-compat wrapper API (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Remove superfluous memset() (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Rename and export interrupt mask/unmask functions (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Rename function name is_MSB_are_same (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Separate out RDPQ allocation to new function (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Update driver version to 35.100.00.00 (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Update hba_port objects after host reset (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Update hba_port's sas_address & phy_mask (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Update mpt3sas version to 33.101.00.00 (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: Use true, false for ioc->use_32bit_dma (jsc#SLE-16914, bsc#1177733).\n- scsi: mpt3sas: use true,false for bool variables (jsc#SLE-16914, bsc#1177733).\n- scsi: qla2xxx: Change post del message from debug level to log level (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Do not check for fw_started while posting NVMe command (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Do not consume srb greedily (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Tear down session if FW say it is down (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1171688 bsc#1172733).\n- scsi: qla2xxx: Use constant when it is known (bsc#1171688 bsc#1172733).\n- scsi: Remove unneeded break statements (bsc#1175480 bsc#1176396 bsc#1176942 bsc#1177500).\n- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1171688 bsc#1172733).\n- scsi_dh_alua: return BLK_STS_AGAIN for ALUA transitioning state (bsc#1165933, bsc#1171000).\n- scsi_dh_alua: set 'transitioning' state on unit attention (bsc#1171000, bsc#1165933).\n- selftest/bpf: Add missed ip6ip6 test back (bsc#1155518).\n- selftests/bpf/test_offload.py: Reset ethtool features after failed setting (bsc#1155518).\n- selftests/bpf: Fix invalid use of strncat in test_sockmap (bsc#1155518).\n- selftests/bpf: Print reason when a tester could not run a program (bsc#1155518).\n- seqlock: avoid -Wshadow warnings (git-fixes).\n- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (git-fixes).\n- serial_core: Check for port state when tty is in error state (git-fixes).\n- slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI (git-fixes).\n- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).\n- soc: amlogic: canvas: add missing put_device() call in meson_canvas_get() (git-fixes).\n- soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (git-fixes).\n- soc: mediatek: Check if power domains can be powered on at boot time (git-fixes).\n- soc: qcom: geni: More properly switch to DMA mode (git-fixes).\n- soc: qcom: smp2p: Safely acquire spinlock without IRQs (git-fixes).\n- soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains() (git-fixes).\n- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).\n- soc: ti: knav_qmss: fix reference leak in knav_queue_probe (git-fixes).\n- speakup: fix uninitialized flush_lock (git-fixes).\n- spi: atmel-quadspi: Disable clock in probe error path (git-fixes).\n- spi: atmel-quadspi: Fix AHB memory accesses (git-fixes).\n- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (git-fixes).\n- spi: davinci: Fix use-after-free on unbind (git-fixes).\n- spi: fix resource leak for drivers without .remove callback (git-fixes).\n- spi: img-spfi: fix reference leak in img_spfi_resume (git-fixes).\n- spi: mt7621: Disable clock in probe error path (git-fixes).\n- spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe (git-fixes).\n- spi: mxs: fix reference leak in mxs_spi_probe (git-fixes).\n- spi: pic32: Do not leak DMA channels in probe error path (git-fixes).\n- spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes).\n- spi: spi-mem: fix reference leak in spi_mem_access_start (git-fixes).\n- spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts (git-fixes).\n- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (git-fixes).\n- spi: sprd: fix reference leak in sprd_spi_remove (git-fixes).\n- spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (git-fixes).\n- spi: stm32: fix reference leak in stm32_spi_resume (git-fixes).\n- spi: synquacer: Disable clock in probe error path (git-fixes).\n- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).\n- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (git-fixes).\n- spi: tegra20-slink: fix reference leak in slink ops of tegra20 (git-fixes).\n- staging: comedi: mf6x4: Fix AI end-of-conversion detection (git-fixes).\n- staging: olpc_dcon: Do not call platform_device_unregister() in dcon_probe() (git-fixes).\n- timers: Do not block on ->expiry_lock for TIMER_IRQSAFE timers (bsc#1180349).\n- tty: Fix ->session locking (bsc#1179745).\n- ubifs: dent: Fix some potential memory leaks while iterating entries (bsc#1179703).\n- ubifs: Do not parse authentication mount options in remount process (bsc#1179688).\n- ubifs: Fix a memleak after dumping authentication mount options (bsc#1179687).\n- ubifs: Fix wrong orphan node deletion in ubifs_jnl_update|rename (bsc#1179675).\n- ubifs: journal: Make sure to not dirty twice for auth nodes (bsc#1179704).\n- ubifs: mount_ubifs: Release authentication resource in error handling path (bsc#1179689).\n- ubifs: xattr: Fix some potential memory leaks while iterating entries (bsc#1179690).\n- udf: Fix memory leak when mounting (bsc#1179712).\n- usb/max3421: fix return error code in max3421_probe() (git-fixes).\n- usb: add RESET_RESUME quirk for Snapscan 1212 (git-fixes).\n- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (git-fixes).\n- usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (git-fixes).\n- usb: gadget: f_acm: add support for SuperSpeed Plus (git-fixes).\n- usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus (git-fixes).\n- usb: gadget: f_midi: setup SuperSpeed Plus descriptors (git-fixes).\n- usb: gadget: f_rndis: fix bitrate for SuperSpeed and above (git-fixes).\n- usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes).\n- usb: mtu3: fix memory corruption in mtu3_debugfs_regset() (git-fixes).\n- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).\n- usb: serial: ch341: add new Product ID for CH341A (git-fixes).\n- usb: serial: ch341: sort device-id entries (git-fixes).\n- usb: serial: digi_acceleport: fix write-wakeup deadlocks (git-fixes).\n- usb: serial: keyspan_pda: fix dropped unthrottle interrupts (git-fixes).\n- usb: serial: keyspan_pda: fix stalled writes (git-fixes).\n- usb: serial: keyspan_pda: fix tx-unthrottle use-after-free (git-fixes).\n- usb: serial: keyspan_pda: fix write deadlock (git-fixes).\n- usb: serial: keyspan_pda: fix write unthrottling (git-fixes).\n- usb: serial: keyspan_pda: fix write-wakeup use-after-free (git-fixes).\n- usb: serial: mos7720: fix parallel-port state restore (git-fixes).\n- usb: serial: option: add Fibocom NL668 variants (git-fixes).\n- usb: serial: option: add interface-number sanity check to flag handling (git-fixes).\n- usb: serial: option: add support for Thales Cinterion EXS82 (git-fixes).\n- usb: UAS: introduce a quirk to set no_write_same (git-fixes).\n- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).\n- video: fbdev: radeon: Fix memleak in radeonfb_pci_register (bsc#1152472)\n- video: fbdev: sis: fix null ptr dereference (bsc#1152472)\n- watchdog: armada_37xx: Add missing dependency on HAS_IOMEM (git-fixes).\n- watchdog: coh901327: add COMMON_CLK dependency (git-fixes).\n- watchdog: Fix potential dereferencing of null pointer (git-fixes).\n- watchdog: qcom: Avoid context switch in restart handler (git-fixes).\n- watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (git-fixes).\n- watchdog: sprd: change to use usleep_range() instead of busy loop (git-fixes).\n- watchdog: sprd: check busy bit before new loading rather than after that (git-fixes).\n- watchdog: sprd: remove watchdog disable from resume fail path (git-fixes).\n- wimax: fix duplicate initializer warning (git-fixes).\n- x86/apic/vector: Fix ordering in vector assignment (bsc#1156315).\n- x86/CPU/AMD: Remove amd_get_nb_id() (bsc#1152489).\n- x86/CPU/AMD: Save AMD NodeId as cpu_die_id (bsc#1152489).\n- x86/ima: use correct identifier for SetupMode variable (bsc#1152489).\n- x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (bsc#1152489).\n- x86/mce: Do not overwrite no_way_out if mce_end() fails (bsc#1152489).\n- x86/mm/ident_map: Check for errors from ident_pud_init() (bsc#1152489).\n- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (bsc#1152489).\n- x86/resctrl: Fix AMD L3 QOS CDP enable/disable (bsc#1152489).\n- x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1152489).\n- x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1152489).\n- x86/topology: Set cpu_die_id only if DIE_TYPE found (bsc#1152489).\n- x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (bsc#1152489).\n- xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (git-fixes).\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2021-108,SUSE-SLE-Module-RT-15-SP2-2021-108","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0108-1.json"},{"category":"self","summary":"URL for SUSE-SU-2021:0108-1","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20210108-1/"},{"category":"self","summary":"E-Mail link for SUSE-SU-2021:0108-1","url":"https://lists.suse.com/pipermail/sle-security-updates/2021-January/008191.html"},{"category":"self","summary":"SUSE Bug 1040855","url":"https://bugzilla.suse.com/1040855"},{"category":"self","summary":"SUSE Bug 1044120","url":"https://bugzilla.suse.com/1044120"},{"category":"self","summary":"SUSE Bug 1044767","url":"https://bugzilla.suse.com/1044767"},{"category":"self","summary":"SUSE Bug 1055117","url":"https://bugzilla.suse.com/1055117"},{"category":"self","summary":"SUSE Bug 1065729","url":"https://bugzilla.suse.com/1065729"},{"category":"self","summary":"SUSE Bug 1094840","url":"https://bugzilla.suse.com/1094840"},{"category":"self","summary":"SUSE Bug 1109695","url":"https://bugzilla.suse.com/1109695"},{"category":"self","summary":"SUSE Bug 1115431","url":"https://bugzilla.suse.com/1115431"},{"category":"self","summary":"SUSE Bug 1138374","url":"https://bugzilla.suse.com/1138374"},{"category":"self","summary":"SUSE Bug 1149032","url":"https://bugzilla.suse.com/1149032"},{"category":"self","summary":"SUSE Bug 1152457","url":"https://bugzilla.suse.com/1152457"},{"category":"self","summary":"SUSE Bug 1152472","url":"https://bugzilla.suse.com/1152472"},{"category":"self","summary":"SUSE Bug 1152489","url":"https://bugzilla.suse.com/1152489"},{"category":"self","summary":"SUSE Bug 1155518","url":"https://bugzilla.suse.com/1155518"},{"category":"self","summary":"SUSE Bug 1156315","url":"https://bugzilla.suse.com/1156315"},{"category":"self","summary":"SUSE Bug 1156395","url":"https://bugzilla.suse.com/1156395"},{"category":"self","summary":"SUSE Bug 1163727","url":"https://bugzilla.suse.com/1163727"},{"category":"self","summary":"SUSE Bug 1165933","url":"https://bugzilla.suse.com/1165933"},{"category":"self","summary":"SUSE Bug 1167657","url":"https://bugzilla.suse.com/1167657"},{"category":"self","summary":"SUSE Bug 1168952","url":"https://bugzilla.suse.com/1168952"},{"category":"self","summary":"SUSE Bug 1171000","url":"https://bugzilla.suse.com/1171000"},{"category":"self","summary":"SUSE Bug 1171078","url":"https://bugzilla.suse.com/1171078"},{"category":"self","summary":"SUSE Bug 1171688","url":"https://bugzilla.suse.com/1171688"},{"category":"self","summary":"SUSE Bug 1172145","url":"https://bugzilla.suse.com/1172145"},{"category":"self","summary":"SUSE Bug 1172733","url":"https://bugzilla.suse.com/1172733"},{"category":"self","summary":"SUSE Bug 1174486","url":"https://bugzilla.suse.com/1174486"},{"category":"self","summary":"SUSE Bug 1175079","url":"https://bugzilla.suse.com/1175079"},{"category":"self","summary":"SUSE Bug 1175480","url":"https://bugzilla.suse.com/1175480"},{"category":"self","summary":"SUSE Bug 1176396","url":"https://bugzilla.suse.com/1176396"},{"category":"self","summary":"SUSE Bug 1176942","url":"https://bugzilla.suse.com/1176942"},{"category":"self","summary":"SUSE Bug 1177326","url":"https://bugzilla.suse.com/1177326"},{"category":"self","summary":"SUSE Bug 1177500","url":"https://bugzilla.suse.com/1177500"},{"category":"self","summary":"SUSE Bug 1177666","url":"https://bugzilla.suse.com/1177666"},{"category":"self","summary":"SUSE Bug 1177679","url":"https://bugzilla.suse.com/1177679"},{"category":"self","summary":"SUSE Bug 1177733","url":"https://bugzilla.suse.com/1177733"},{"category":"self","summary":"SUSE Bug 1178049","url":"https://bugzilla.suse.com/1178049"},{"category":"self","summary":"SUSE Bug 1178203","url":"https://bugzilla.suse.com/1178203"},{"category":"self","summary":"SUSE Bug 1178270","url":"https://bugzilla.suse.com/1178270"},{"category":"self","summary":"SUSE Bug 1178612","url":"https://bugzilla.suse.com/1178612"},{"category":"self","summary":"SUSE Bug 1178660","url":"https://bugzilla.suse.com/1178660"},{"category":"self","summary":"SUSE Bug 1178780","url":"https://bugzilla.suse.com/1178780"},{"category":"self","summary":"SUSE Bug 1179107","url":"https://bugzilla.suse.com/1179107"},{"category":"self","summary":"SUSE Bug 1179204","url":"https://bugzilla.suse.com/1179204"},{"category":"self","summary":"SUSE Bug 1179419","url":"https://bugzilla.suse.com/1179419"},{"category":"self","summary":"SUSE Bug 1179434","url":"https://bugzilla.suse.com/1179434"},{"category":"self","summary":"SUSE Bug 1179435","url":"https://bugzilla.suse.com/1179435"},{"category":"self","summary":"SUSE Bug 1179519","url":"https://bugzilla.suse.com/1179519"},{"category":"self","summary":"SUSE Bug 1179575","url":"https://bugzilla.suse.com/1179575"},{"category":"self","summary":"SUSE Bug 1179604","url":"https://bugzilla.suse.com/1179604"},{"category":"self","summary":"SUSE Bug 1179652","url":"https://bugzilla.suse.com/1179652"},{"category":"self","summary":"SUSE Bug 1179656","url":"https://bugzilla.suse.com/1179656"},{"category":"self","summary":"SUSE Bug 1179670","url":"https://bugzilla.suse.com/1179670"},{"category":"self","summary":"SUSE Bug 1179671","url":"https://bugzilla.suse.com/1179671"},{"category":"self","summary":"SUSE Bug 1179672","url":"https://bugzilla.suse.com/1179672"},{"category":"self","summary":"SUSE Bug 1179673","url":"https://bugzilla.suse.com/1179673"},{"category":"self","summary":"SUSE Bug 1179675","url":"https://bugzilla.suse.com/1179675"},{"category":"self","summary":"SUSE Bug 1179676","url":"https://bugzilla.suse.com/1179676"},{"category":"self","summary":"SUSE Bug 1179677","url":"https://bugzilla.suse.com/1179677"},{"category":"self","summary":"SUSE Bug 1179678","url":"https://bugzilla.suse.com/1179678"},{"category":"self","summary":"SUSE Bug 1179679","url":"https://bugzilla.suse.com/1179679"},{"category":"self","summary":"SUSE Bug 1179680","url":"https://bugzilla.suse.com/1179680"},{"category":"self","summary":"SUSE Bug 1179681","url":"https://bugzilla.suse.com/1179681"},{"category":"self","summary":"SUSE Bug 1179682","url":"https://bugzilla.suse.com/1179682"},{"category":"self","summary":"SUSE Bug 1179683","url":"https://bugzilla.suse.com/1179683"},{"category":"self","summary":"SUSE Bug 1179684","url":"https://bugzilla.suse.com/1179684"},{"category":"self","summary":"SUSE Bug 1179685","url":"https://bugzilla.suse.com/1179685"},{"category":"self","summary":"SUSE Bug 1179687","url":"https://bugzilla.suse.com/1179687"},{"category":"self","summary":"SUSE Bug 1179688","url":"https://bugzilla.suse.com/1179688"},{"category":"self","summary":"SUSE Bug 1179689","url":"https://bugzilla.suse.com/1179689"},{"category":"self","summary":"SUSE Bug 1179690","url":"https://bugzilla.suse.com/1179690"},{"category":"self","summary":"SUSE Bug 1179703","url":"https://bugzilla.suse.com/1179703"},{"category":"self","summary":"SUSE Bug 1179704","url":"https://bugzilla.suse.com/1179704"},{"category":"self","summary":"SUSE Bug 1179707","url":"https://bugzilla.suse.com/1179707"},{"category":"self","summary":"SUSE Bug 1179709","url":"https://bugzilla.suse.com/1179709"},{"category":"self","summary":"SUSE Bug 1179710","url":"https://bugzilla.suse.com/1179710"},{"category":"self","summary":"SUSE Bug 1179711","url":"https://bugzilla.suse.com/1179711"},{"category":"self","summary":"SUSE Bug 1179712","url":"https://bugzilla.suse.com/1179712"},{"category":"self","summary":"SUSE Bug 1179713","url":"https://bugzilla.suse.com/1179713"},{"category":"self","summary":"SUSE Bug 1179714","url":"https://bugzilla.suse.com/1179714"},{"category":"self","summary":"SUSE Bug 1179715","url":"https://bugzilla.suse.com/1179715"},{"category":"self","summary":"SUSE Bug 1179716","url":"https://bugzilla.suse.com/1179716"},{"category":"self","summary":"SUSE Bug 1179745","url":"https://bugzilla.suse.com/1179745"},{"category":"self","summary":"SUSE Bug 1179763","url":"https://bugzilla.suse.com/1179763"},{"category":"self","summary":"SUSE Bug 1179888","url":"https://bugzilla.suse.com/1179888"},{"category":"self","summary":"SUSE Bug 1179892","url":"https://bugzilla.suse.com/1179892"},{"category":"self","summary":"SUSE Bug 1179896","url":"https://bugzilla.suse.com/1179896"},{"category":"self","summary":"SUSE Bug 1179960","url":"https://bugzilla.suse.com/1179960"},{"category":"self","summary":"SUSE Bug 1179963","url":"https://bugzilla.suse.com/1179963"},{"category":"self","summary":"SUSE Bug 1180027","url":"https://bugzilla.suse.com/1180027"},{"category":"self","summary":"SUSE Bug 1180029","url":"https://bugzilla.suse.com/1180029"},{"category":"self","summary":"SUSE Bug 1180031","url":"https://bugzilla.suse.com/1180031"},{"category":"self","summary":"SUSE Bug 1180052","url":"https://bugzilla.suse.com/1180052"},{"category":"self","summary":"SUSE Bug 1180056","url":"https://bugzilla.suse.com/1180056"},{"category":"self","summary":"SUSE Bug 1180086","url":"https://bugzilla.suse.com/1180086"},{"category":"self","summary":"SUSE Bug 1180117","url":"https://bugzilla.suse.com/1180117"},{"category":"self","summary":"SUSE Bug 1180258","url":"https://bugzilla.suse.com/1180258"},{"category":"self","summary":"SUSE Bug 1180261","url":"https://bugzilla.suse.com/1180261"},{"category":"self","summary":"SUSE Bug 1180349","url":"https://bugzilla.suse.com/1180349"},{"category":"self","summary":"SUSE Bug 1180506","url":"https://bugzilla.suse.com/1180506"},{"category":"self","summary":"SUSE Bug 1180541","url":"https://bugzilla.suse.com/1180541"},{"category":"self","summary":"SUSE Bug 1180559","url":"https://bugzilla.suse.com/1180559"},{"category":"self","summary":"SUSE Bug 1180566","url":"https://bugzilla.suse.com/1180566"},{"category":"self","summary":"SUSE CVE CVE-2020-0444 page","url":"https://www.suse.com/security/cve/CVE-2020-0444/"},{"category":"self","summary":"SUSE CVE CVE-2020-0465 page","url":"https://www.suse.com/security/cve/CVE-2020-0465/"},{"category":"self","summary":"SUSE CVE CVE-2020-0466 page","url":"https://www.suse.com/security/cve/CVE-2020-0466/"},{"category":"self","summary":"SUSE CVE CVE-2020-11668 page","url":"https://www.suse.com/security/cve/CVE-2020-11668/"},{"category":"self","summary":"SUSE CVE CVE-2020-27068 page","url":"https://www.suse.com/security/cve/CVE-2020-27068/"},{"category":"self","summary":"SUSE CVE CVE-2020-27777 page","url":"https://www.suse.com/security/cve/CVE-2020-27777/"},{"category":"self","summary":"SUSE CVE CVE-2020-27825 page","url":"https://www.suse.com/security/cve/CVE-2020-27825/"},{"category":"self","summary":"SUSE CVE CVE-2020-27830 page","url":"https://www.suse.com/security/cve/CVE-2020-27830/"},{"category":"self","summary":"SUSE CVE CVE-2020-29370 page","url":"https://www.suse.com/security/cve/CVE-2020-29370/"},{"category":"self","summary":"SUSE CVE CVE-2020-29373 page","url":"https://www.suse.com/security/cve/CVE-2020-29373/"},{"category":"self","summary":"SUSE CVE CVE-2020-29660 page","url":"https://www.suse.com/security/cve/CVE-2020-29660/"},{"category":"self","summary":"SUSE CVE CVE-2020-29661 page","url":"https://www.suse.com/security/cve/CVE-2020-29661/"},{"category":"self","summary":"SUSE CVE CVE-2020-36158 page","url":"https://www.suse.com/security/cve/CVE-2020-36158/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2021-01-13T08:53:33Z","generator":{"date":"2021-01-13T08:53:33Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-SU-2021:0108-1","initial_release_date":"2021-01-13T08:53:33Z","revision_history":[{"date":"2021-01-13T08:53:33Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-rt-5.3.18-22.1.noarch","product":{"name":"kernel-devel-rt-5.3.18-22.1.noarch","product_id":"kernel-devel-rt-5.3.18-22.1.noarch"}},{"category":"product_version","name":"kernel-source-rt-5.3.18-22.1.noarch","product":{"name":"kernel-source-rt-5.3.18-22.1.noarch","product_id":"kernel-source-rt-5.3.18-22.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"cluster-md-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"cluster-md-kmp-rt-5.3.18-22.1.x86_64","product_id":"cluster-md-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"cluster-md-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"cluster-md-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"cluster-md-kmp-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"dlm-kmp-rt-5.3.18-22.1.x86_64","product_id":"dlm-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"dlm-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"dlm-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"dlm-kmp-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"gfs2-kmp-rt-5.3.18-22.1.x86_64","product_id":"gfs2-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"gfs2-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"gfs2-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"gfs2-kmp-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt-5.3.18-22.1.x86_64","product":{"name":"kernel-rt-5.3.18-22.1.x86_64","product_id":"kernel-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt-devel-5.3.18-22.1.x86_64","product":{"name":"kernel-rt-devel-5.3.18-22.1.x86_64","product_id":"kernel-rt-devel-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt-extra-5.3.18-22.1.x86_64","product":{"name":"kernel-rt-extra-5.3.18-22.1.x86_64","product_id":"kernel-rt-extra-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt-livepatch-devel-5.3.18-22.1.x86_64","product":{"name":"kernel-rt-livepatch-devel-5.3.18-22.1.x86_64","product_id":"kernel-rt-livepatch-devel-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-5.3.18-22.1.x86_64","product":{"name":"kernel-rt_debug-5.3.18-22.1.x86_64","product_id":"kernel-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-devel-5.3.18-22.1.x86_64","product":{"name":"kernel-rt_debug-devel-5.3.18-22.1.x86_64","product_id":"kernel-rt_debug-devel-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-extra-5.3.18-22.1.x86_64","product":{"name":"kernel-rt_debug-extra-5.3.18-22.1.x86_64","product_id":"kernel-rt_debug-extra-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-rt_debug-livepatch-devel-5.3.18-22.1.x86_64","product":{"name":"kernel-rt_debug-livepatch-devel-5.3.18-22.1.x86_64","product_id":"kernel-rt_debug-livepatch-devel-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kernel-syms-rt-5.3.18-22.1.x86_64","product":{"name":"kernel-syms-rt-5.3.18-22.1.x86_64","product_id":"kernel-syms-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"kselftests-kmp-rt-5.3.18-22.1.x86_64","product_id":"kselftests-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"kselftests-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"kselftests-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"kselftests-kmp-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"ocfs2-kmp-rt-5.3.18-22.1.x86_64","product_id":"ocfs2-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"ocfs2-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"ocfs2-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"ocfs2-kmp-rt_debug-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"reiserfs-kmp-rt-5.3.18-22.1.x86_64","product":{"name":"reiserfs-kmp-rt-5.3.18-22.1.x86_64","product_id":"reiserfs-kmp-rt-5.3.18-22.1.x86_64"}},{"category":"product_version","name":"reiserfs-kmp-rt_debug-5.3.18-22.1.x86_64","product":{"name":"reiserfs-kmp-rt_debug-5.3.18-22.1.x86_64","product_id":"reiserfs-kmp-rt_debug-5.3.18-22.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Real Time Module 15 SP2","product":{"name":"SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-rt:15:sp2"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"cluster-md-kmp-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64"},"product_reference":"cluster-md-kmp-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"dlm-kmp-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64"},"product_reference":"dlm-kmp-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"gfs2-kmp-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64"},"product_reference":"gfs2-kmp-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-rt-5.3.18-22.1.noarch as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch"},"product_reference":"kernel-devel-rt-5.3.18-22.1.noarch","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64"},"product_reference":"kernel-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt-devel-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64"},"product_reference":"kernel-rt-devel-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-rt_debug-devel-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64"},"product_reference":"kernel-rt_debug-devel-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-rt-5.3.18-22.1.noarch as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch"},"product_reference":"kernel-source-rt-5.3.18-22.1.noarch","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64"},"product_reference":"kernel-syms-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"},{"category":"default_component_of","full_product_name":{"name":"ocfs2-kmp-rt-5.3.18-22.1.x86_64 as component of SUSE Real Time Module 15 SP2","product_id":"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"},"product_reference":"ocfs2-kmp-rt-5.3.18-22.1.x86_64","relates_to_product_reference":"SUSE Real Time Module 15 SP2"}]},"vulnerabilities":[{"cve":"CVE-2020-0444","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-0444"}],"notes":[{"category":"general","text":"In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-0444","url":"https://www.suse.com/security/cve/CVE-2020-0444"},{"category":"external","summary":"SUSE Bug 1180027 for CVE-2020-0444","url":"https://bugzilla.suse.com/1180027"},{"category":"external","summary":"SUSE Bug 1180028 for CVE-2020-0444","url":"https://bugzilla.suse.com/1180028"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"moderate"}],"title":"CVE-2020-0444"},{"cve":"CVE-2020-0465","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-0465"}],"notes":[{"category":"general","text":"In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-0465","url":"https://www.suse.com/security/cve/CVE-2020-0465"},{"category":"external","summary":"SUSE Bug 1180029 for CVE-2020-0465","url":"https://bugzilla.suse.com/1180029"},{"category":"external","summary":"SUSE Bug 1180030 for CVE-2020-0465","url":"https://bugzilla.suse.com/1180030"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-0465"},{"cve":"CVE-2020-0466","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-0466"}],"notes":[{"category":"general","text":"In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-0466","url":"https://www.suse.com/security/cve/CVE-2020-0466"},{"category":"external","summary":"SUSE Bug 1180031 for CVE-2020-0466","url":"https://bugzilla.suse.com/1180031"},{"category":"external","summary":"SUSE Bug 1180032 for CVE-2020-0466","url":"https://bugzilla.suse.com/1180032"},{"category":"external","summary":"SUSE Bug 1199255 for CVE-2020-0466","url":"https://bugzilla.suse.com/1199255"},{"category":"external","summary":"SUSE Bug 1200084 for CVE-2020-0466","url":"https://bugzilla.suse.com/1200084"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-0466"},{"cve":"CVE-2020-11668","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-11668"}],"notes":[{"category":"general","text":"In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-11668","url":"https://www.suse.com/security/cve/CVE-2020-11668"},{"category":"external","summary":"SUSE Bug 1168952 for CVE-2020-11668","url":"https://bugzilla.suse.com/1168952"},{"category":"external","summary":"SUSE Bug 1173942 for CVE-2020-11668","url":"https://bugzilla.suse.com/1173942"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.1,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-11668"},{"cve":"CVE-2020-27068","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-27068"}],"notes":[{"category":"general","text":"Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-27068","url":"https://www.suse.com/security/cve/CVE-2020-27068"},{"category":"external","summary":"SUSE Bug 1180086 for CVE-2020-27068","url":"https://bugzilla.suse.com/1180086"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.3,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"moderate"}],"title":"CVE-2020-27068"},{"cve":"CVE-2020-27777","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-27777"}],"notes":[{"category":"general","text":"A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-27777","url":"https://www.suse.com/security/cve/CVE-2020-27777"},{"category":"external","summary":"SUSE Bug 1179107 for CVE-2020-27777","url":"https://bugzilla.suse.com/1179107"},{"category":"external","summary":"SUSE Bug 1179419 for CVE-2020-27777","url":"https://bugzilla.suse.com/1179419"},{"category":"external","summary":"SUSE Bug 1200343 for CVE-2020-27777","url":"https://bugzilla.suse.com/1200343"},{"category":"external","summary":"SUSE Bug 1220060 for CVE-2020-27777","url":"https://bugzilla.suse.com/1220060"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.4,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"moderate"}],"title":"CVE-2020-27777"},{"cve":"CVE-2020-27825","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-27825"}],"notes":[{"category":"general","text":"A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-27825","url":"https://www.suse.com/security/cve/CVE-2020-27825"},{"category":"external","summary":"SUSE Bug 1179960 for CVE-2020-27825","url":"https://bugzilla.suse.com/1179960"},{"category":"external","summary":"SUSE Bug 1179961 for CVE-2020-27825","url":"https://bugzilla.suse.com/1179961"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-27825"},{"cve":"CVE-2020-27830","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-27830"}],"notes":[{"category":"general","text":"A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-27830","url":"https://www.suse.com/security/cve/CVE-2020-27830"},{"category":"external","summary":"SUSE Bug 1179656 for CVE-2020-27830","url":"https://bugzilla.suse.com/1179656"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.2,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"moderate"}],"title":"CVE-2020-27830"},{"cve":"CVE-2020-29370","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-29370"}],"notes":[{"category":"general","text":"An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-29370","url":"https://www.suse.com/security/cve/CVE-2020-29370"},{"category":"external","summary":"SUSE Bug 1179435 for CVE-2020-29370","url":"https://bugzilla.suse.com/1179435"},{"category":"external","summary":"SUSE Bug 1179648 for CVE-2020-29370","url":"https://bugzilla.suse.com/1179648"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-29370"},{"cve":"CVE-2020-29373","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-29373"}],"notes":[{"category":"general","text":"An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations, aka CID-ff002b30181d.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-29373","url":"https://www.suse.com/security/cve/CVE-2020-29373"},{"category":"external","summary":"SUSE Bug 1179434 for CVE-2020-29373","url":"https://bugzilla.suse.com/1179434"},{"category":"external","summary":"SUSE Bug 1179779 for CVE-2020-29373","url":"https://bugzilla.suse.com/1179779"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-29373"},{"cve":"CVE-2020-29660","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-29660"}],"notes":[{"category":"general","text":"A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-29660","url":"https://www.suse.com/security/cve/CVE-2020-29660"},{"category":"external","summary":"SUSE Bug 1179745 for CVE-2020-29660","url":"https://bugzilla.suse.com/1179745"},{"category":"external","summary":"SUSE Bug 1179877 for CVE-2020-29660","url":"https://bugzilla.suse.com/1179877"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-29660"},{"cve":"CVE-2020-29661","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-29661"}],"notes":[{"category":"general","text":"A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-29661","url":"https://www.suse.com/security/cve/CVE-2020-29661"},{"category":"external","summary":"SUSE Bug 1179745 for CVE-2020-29661","url":"https://bugzilla.suse.com/1179745"},{"category":"external","summary":"SUSE Bug 1179877 for CVE-2020-29661","url":"https://bugzilla.suse.com/1179877"},{"category":"external","summary":"SUSE Bug 1214268 for CVE-2020-29661","url":"https://bugzilla.suse.com/1214268"},{"category":"external","summary":"SUSE Bug 1218966 for CVE-2020-29661","url":"https://bugzilla.suse.com/1218966"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-29661"},{"cve":"CVE-2020-36158","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-36158"}],"notes":[{"category":"general","text":"mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.","title":"CVE description"}],"product_status":{"recommended":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-36158","url":"https://www.suse.com/security/cve/CVE-2020-36158"},{"category":"external","summary":"SUSE Bug 1180559 for CVE-2020-36158","url":"https://bugzilla.suse.com/1180559"},{"category":"external","summary":"SUSE Bug 1180562 for CVE-2020-36158","url":"https://bugzilla.suse.com/1180562"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-22.1.noarch","SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-22.1.x86_64","SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-22.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-01-13T08:53:33Z","details":"important"}],"title":"CVE-2020-36158"}]}