Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2020:2103-1
Rating:	important
References:	bsc#1051510 bsc#1065729 bsc#1071995 bsc#1085030 bsc#1111666 bsc#1112178 bsc#1113956 bsc#1114279 bsc#1144333 bsc#1148868 bsc#1150660 bsc#1151927 bsc#1152624 bsc#1158983 bsc#1159058 bsc#1161016 bsc#1162002 bsc#1162063 bsc#1163309 bsc#1166985 bsc#1167104 bsc#1168081 bsc#1168959 bsc#1169194 bsc#1169514 bsc#1169771 bsc#1169795 bsc#1170011 bsc#1170442 bsc#1170592 bsc#1170617 bsc#1170618 bsc#1171124 bsc#1171424 bsc#1171529 bsc#1171530 bsc#1171558 bsc#1171732 bsc#1171739 bsc#1171743 bsc#1171753 bsc#1171759 bsc#1171835 bsc#1171841 bsc#1171868 bsc#1171904 bsc#1172247 bsc#1172257 bsc#1172344 bsc#1172458 bsc#1172484 bsc#1172537 bsc#1172538 bsc#1172687 bsc#1172719 bsc#1172759 bsc#1172775 bsc#1172781 bsc#1172782 bsc#1172783 bsc#1172871 bsc#1172872 bsc#1172999 bsc#1173060 bsc#1173074 bsc#1173146 bsc#1173265 bsc#1173280 bsc#1173284 bsc#1173428 bsc#1173514 bsc#1173567 bsc#1173573 bsc#1173746 bsc#1173818 bsc#1173820 bsc#1173825 bsc#1173826 bsc#1173833 bsc#1173838 bsc#1173839 bsc#1173845 bsc#1173857 bsc#1174113 bsc#1174115 bsc#1174122 bsc#1174123 bsc#1174186 bsc#1174187 bsc#1174296 bsc#1174343 bsc#1174356 bsc#1174409 bsc#1174438 bsc#1174462 bsc#1174543
Cross-References:	CVE-2019-20810 CVE-2019-20908 CVE-2020-0305 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10769 CVE-2020-10773 CVE-2020-10781 CVE-2020-12771 CVE-2020-12888 CVE-2020-13974 CVE-2020-14416 CVE-2020-15393 CVE-2020-15780
CVSS scores:	CVE-2019-20810 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2019-20810 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-20908 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N CVE-2019-20908 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-0305 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-0305 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-10766 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2020-10766 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-10767 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N CVE-2020-10767 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-10768 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2020-10768 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-10769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-10769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-10773 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2020-10773 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2020-10781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-10781 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-12771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-12771 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-12888 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H CVE-2020-12888 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H CVE-2020-13974 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-13974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-14416 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-14416 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H CVE-2020-15393 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2020-15393 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-15780 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N CVE-2020-15780 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:	Public Cloud Module 15-SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Manager Proxy 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Server 4.0

An update that solves 15 vulnerabilities and has 81 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).
CVE-2020-12771: An issue was discovered in btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails (bnc#1171732).
CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868).
CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).
CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
CVE-2020-10768: Fixed an issue with the prctl() function, where indirect branch speculation could be enabled even though it was diabled before (bnc#1172783).
CVE-2020-10766: Fixed an issue which allowed an attacker with a local account to disable SSBD protection (bnc#1172781).
CVE-2020-10767: Fixed an issue where Indirect Branch Prediction Barrier was disabled in certain circumstances, leaving the system open to a spectre v2 style attack (bnc#1172782).
CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).
CVE-2019-20810: Fixed a memory leak in go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c because it did not call snd_card_free for a failure path (bnc#1172458).
CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
CVE-2020-10781: Fixed a denial of service issue in the ZRAM implementation (bsc#1173074).
CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bsc#1174462).
CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c: incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bsc#1173567).
CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c: injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bsc#1173573).

The following non-security bugs were fixed:

ACPI: GED: add support for _Exx / _Lxx handler methods (bsc#1111666).
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling (bsc#1111666).
ACPI: NFIT: Fix unlock on error in scrub_show() (bsc#1171753).
ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510).
ACPI: sysfs: Fix pm_profile_attr type (bsc#1111666).
ACPI: video: Use native backlight on Acer Aspire 5783z (bsc#1111666).
ACPI: video: Use native backlight on Acer TravelMate 5735Z (bsc#1111666).
ALSA: es1688: Add the missed snd_card_free() (bsc#1051510).
ALSA: hda: Add ElkhartLake HDMI codec vid (bsc#1111666).
ALSA: hda: add sienna_cichlid audio asic id for sienna_cichlid up (bsc#1111666).
ALSA: hda/hdmi - enable runtime pm for newer AMD display audio (bsc#1111666).
ALSA: hda - let hs_mic be picked ahead of hp_mic (bsc#1111666).
ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines (bsc#1111666).
ALSA: hda/realtek - Add LED class support for micmute LED (bsc#1111666).
ALSA: hda/realtek - Enable micmute LED on and HP system (bsc#1111666).
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 (bsc#1111666).
ALSA: hda/realtek - Fix unused variable warning w/o CONFIG_LEDS_TRIGGER_AUDIO (bsc#1111666).
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (bsc#1111666).
ALSA: lx6464es - add support for LX6464ESe pci express variant (bsc#1111666).
ALSA: opl3: fix infoleak in opl3 (bsc#1111666).
ALSA: pcm: disallow linking stream to itself (bsc#1111666).
ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback (bsc#1111666).
ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (bsc#1111666).
ALSA: usb-audio: add quirk for MacroSilicon MS2109 (bsc#1111666).
ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock (bsc#1111666).
ALSA: usb-audio: Clean up quirk entries with macros (bsc#1111666).
ALSA: usb-audio: Fix inconsistent card PM state after resume (bsc#1111666).
ALSA: usb-audio: Fix packet size calculation (bsc#1111666).
ALSA: usb-audio: Fix racy list management in output queue (bsc#1111666).
ALSA: usb-audio: Improve frames size computation (bsc#1111666).
ALSA: usb-audio: Manage auto-pm of all bundled interfaces (bsc#1111666).
ALSA: usb-audio: Use the new macro for HP Dock rename quirks (bsc#1111666).
amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes).
arm64: map FDT as RW for early_init_dt_scan() (jsc#SLE-12423).
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (bsc#1111666).
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (bsc#1111666).
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (bsc#1111666).
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb (bsc#1111666).
ax25: fix setsockopt(SO_BINDTODEVICE) (networking-stable-20_05_27).
b43: Fix connection problem with WPA3 (bsc#1111666).
b43_legacy: Fix connection problem with WPA3 (bsc#1111666).
bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)).
be2net: fix link failure after ethtool offline test (git-fixes).
block: nr_sects_write(): Disable preemption on seqcount write (bsc#1173818).
block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)).
block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)).
Bluetooth: Add SCO fallback for invalid LMP parameters error (bsc#1111666).
bnxt_en: Fix AER reset logic on 57500 chips (git-fixes).
bnxt_en: Fix ethtool selftest crash under error conditions (git-fixes).
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails (git-fixes).
bnxt_en: Fix ipv6 RFS filter matching logic (git-fixes).
bnxt_en: fix NULL dereference in case SR-IOV configuration fails (git-fixes).
bnxt_en: Fix VF anti-spoof filter setup (networking-stable-20_05_12).
bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features() (networking-stable-20_05_12).
bnxt_en: Improve AER slot reset (networking-stable-20_05_12).
brcmfmac: fix wrong location to get firmware feature (bsc#1111666).
brcmfmac: Transform compatible string for FW loading (bsc#1169771).
btrfs: add assertions for tree == inode->io_tree to extent IO helpers (bsc#1174438).
btrfs: add new helper btrfs_lock_and_flush_ordered_range (bsc#1174438).
btrfs: Always use a cached extent_state in btrfs_lock_and_flush_ordered_range (bsc#1174438).
btrfs: do not zero f_bavail if we have available space (bsc#1168081).
btrfs: do not zero f_bavail if we have available space (bsc#1168081).
btrfs: drop argument tree from btrfs_lock_and_flush_ordered_range (bsc#1174438).
btrfs: fix extent_state leak in btrfs_lock_and_flush_ordered_range (bsc#1174438).
btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof (bsc#1174438).
btrfs: fix hang on snapshot creation after RWF_NOWAIT write (bsc#1174438).
btrfs: fix RWF_NOWAIT write not failling when we need to cow (bsc#1174438).
btrfs: fix RWF_NOWAIT writes blocking on extent locks and waiting for IO (bsc#1174438).
btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247).
btrfs: Return EAGAIN if we can't start no snpashot write in check_can_nocow (bsc#1174438).
btrfs: use correct count in btrfs_file_write_iter() (bsc#1174438).
btrfs: Use newly introduced btrfs_lock_and_flush_ordered_range (bsc#1174438).
btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads (bsc#1111666).
carl9170: remove P2P_GO support (bsc#1111666).
CDC-ACM: heed quirk also in error handling (git-fixes).
ceph: convert mdsc->cap_dirty to a per-session list (bsc#1167104).
ceph: request expedited service on session's last cap flush (bsc#1167104).
cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages (bsc#1173857).
char/random: Add a newline at the end of the file (jsc#SLE-12423).
cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1144333).
cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016).
cifs: set up next DFS target before generic_ip_connect() (bsc#1144333 bsc#1161016).
clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510).
clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
clocksource: dw_apb_timer: Make CPU-affiliation being optional (bsc#1111666).
compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)).
compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)).
copy_{to,from}_user(): consolidate object size checks (git fixes).
crypto: algboss - do not wait during notifier callback (bsc#1111666).
crypto: algif_skcipher - Cap recv SG list at ctx->used (bsc#1111666).
crypto: caam - update xts sector size for large input length (bsc#1111666).
crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (bsc#1111666).
crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes).
Crypto/chcr: fix for ccm(aes) failed test (bsc#1111666).
crypto: chelsio/chtls: properly set tp->lsndtime (bsc#1111666).
crypto: talitos - fix IPsec cipher in length (git-fixes).
crypto: talitos - reorder code in talitos_edesc_alloc() (git-fixes).
debugfs: Check module state before warning in {full/open}_proxy_open() (bsc#1173746).
devinet: fix memleak in inetdev_init() (networking-stable-20_06_07).
/dev/mem: Add missing memory barriers for devmem_inode (git-fixes).
/dev/mem: Revoke mappings when a driver claims the region (git-fixes).
dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' (bsc#1111666).
dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)).
dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)).
dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)).
dm: fix potential for q->make_request_fn NULL pointer (git fixes (block drivers)).
dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)).
dm: various cleanups to md->queue initialization code (git fixes).
dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)).
dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block drivers)).
dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27).
driver-core, libnvdimm: Let device subsystems add local lockdep coverage (bsc#1171753).
Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170617, bsc#1170618).
drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (bsc#1051510).
drm: amd/display: fix Kconfig help text (bsc#1113956) * only fix DEBUG_KERNEL_DC
drm: bridge: adv7511: Extend list of audio sample rates (bsc#1111666).
drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1113956) * context changes
drm: encoder_slave: fix refcouting error for modules (bsc#1111666).
drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection (bsc#1112178)
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser (bsc#1111666).
drm/mediatek: Check plane visibility in atomic_update (bsc#1113956) * context changes
drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1111666).
drm: panel-orientation-quirks: Add quirk for Asus T101HA panel (bsc#1111666).
drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 (bsc#1111666).
drm/qxl: Use correct notify port address when creating cursor ring (bsc#1113956)
drm/radeon: fix double free (bsc#1113956)
drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1113956)
drm/sun4i: hdmi ddc clk: Fix size of m divider (bsc#1111666).
drm/tegra: hub: Do not enable orphaned window group (bsc#1111666).
drm/vkms: Hold gem object while still in-use (bsc#1113956) * context changes
Drop another USB dwc3 gadget patch that broke the build
Drop USB dwc3 gadget patch that broke the build on openSUSE-15.1 branch
e1000: Distribute switch variables for initialization (bsc#1111666).
e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
e1000e: Do not wake up the system via WOL if device wakeup is disabled (bsc#1051510).
e1000e: Relax condition to trigger reset for ME workaround (bsc#1111666).
EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
efi/random: Increase size of firmware supplied randomness (jsc#SLE-12423).
efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness (jsc#SLE-12423).
efi: READ_ONCE rng seed size before munmap (jsc#SLE-12423).
efi: Reorder pr_notice() with add_device_randomness() call (jsc#SLE-12423).
evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
evm: Fix a small race in init_desc() (bsc#1051510).
ext4: fix a data race at inode->i_blocks (bsc#1171835).
ext4: fix partial cluster initialization when splitting extent (bsc#1173839).
ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838).
ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error handlers (bsc#1173833).
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (bsc#1051510).
fanotify: fix ignore mask logic for events on child and on dir (bsc#1172719).
fdt: add support for rng-seed (jsc#SLE-12423).
fdt: Update CRC check for rng-seed (jsc#SLE-12423).
firmware: imx: scu: Fix corruption of header (git-fixes).
firmware: imx: scu: Fix possible memory leak in imx_scu_probe() (bsc#1111666).
Fix boot crash with MD (bsc#1174343) Refresh patches.suse/mdraid-fix-read-write-bytes-accounting.patch
fix multiplication overflow in copy_fdtable() (bsc#1173825).
Fix Patch-mainline tag in the previous zram fix patch
fpga: dfl: afu: Corrected error handling levels (git-fixes).
fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks (networking-stable-20_05_12).
gpiolib: Document that GPIO line names are not globally unique (bsc#1051510).
gpu: host1x: Detach driver on unregister (bsc#1111666).
gpu: ipu-v3: pre: do not trigger update if buffer address does not change (bsc#1111666).
HID: magicmouse: do not set up autorepeat (git-fixes).
HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
hv_netvsc: Fix netvsc_start_xmit's return type (git-fixes).
hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() (bsc#1111666).
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute (bsc#1111666).
hwmon: (max6697) Make sure the OVERT mask is set correctly (bsc#1111666).
i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 (bsc#1111666).
i2c: eg20t: Load module automatically if ID matches (bsc#1111666).
i2c: mlxcpld: check correct size of maximum RECV_LEN packet (bsc#1111666).
i40e: reduce stack usage in i40e_set_fc (git-fixes).
IB/hfi1: Do not destroy hfi1_wq when the device is shut down (bsc#1174409).
IB/hfi1: Do not destroy link_wq when the device is shut down (bsc#1174409).
ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369).
ibmvnic: Flush existing work items before device removal (bsc#1065729).
ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510).
iio:health:afe4404 Fix timestamp alignment and prevent data leak (bsc#1111666).
iio:humidity:hdc100x Fix alignment and data leak issues (bsc#1111666).
iio:magnetometer:ak8974: Fix alignment and data leak issues (bsc#1111666).
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() (bsc#1111666).
iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
iio:pressure:ms5611 Fix buffer element alignment (bsc#1111666).
iio: pressure: zpa2326: handle pm_runtime_get_sync failure (bsc#1111666).
ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1051510).
ima: Fix ima digest hash table key calculation (bsc#1051510).
include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868).
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list (bsc#1111666).
input: i8042 - Remove special PowerPC handling (git-fixes).
Input: synaptics - add a second working PNP_ID for Lenovo T470s (bsc#1111666).
intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
intel_th: Fix a NULL dereference when hub driver is not loaded (bsc#1111666).
ipvlan: call dev_change_flags when ipvlan mode is reset (git-fixes).
ixgbevf: Remove limit of 10 entries for unicast filter list (git-fixes).
jbd2: avoid leaking transaction credits when unreserving handle (bsc#1173845).
jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833).
kabi: hv: prevent struct device_node to become defined (bsc#1172871).
kabi: ppc64le: prevent struct dma_map_ops to become defined (jsc#SLE-12423).
kABI: protect struct mlx5_cmd_work_ent (kabi).
kABI: reintroduce inet_hashtables.h include to l2tp_ip (kabi).
kernfs: fix barrier usage in __kernfs_new_node() (bsc#1111666).
KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS (bsc#1114279).
KVM: nVMX: Skip IBP