Security update for the Linux Kernel

Announcement ID: SUSE-SU-2020:2103-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2019-20810 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-20810 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-20908 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
  • CVE-2019-20908 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-0305 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-0305 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-10766 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-10766 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-10767 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-10767 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-10768 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-10768 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-10769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-10769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-10773 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2020-10773 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-10781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-10781 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-12771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-12771 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-12888 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  • CVE-2020-12888 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  • CVE-2020-13974 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-13974 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-14416 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-14416 ( NVD ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
  • CVE-2020-15393 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-15393 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-15780 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
  • CVE-2020-15780 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • Public Cloud Module 15-SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Manager Proxy 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0

An update that solves 15 vulnerabilities and has 81 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-15393: Fixed a memory leak in usbtest_disconnect (bnc#1173514).
  • CVE-2020-12771: An issue was discovered in btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails (bnc#1171732).
  • CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868).
  • CVE-2020-10773: Fixed a memory leak on s390/s390x, in the cmm_timeout_hander in file arch/s390/mm/cmm.c (bnc#1172999).
  • CVE-2020-14416: Fixed a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002).
  • CVE-2020-10768: Fixed an issue with the prctl() function, where indirect branch speculation could be enabled even though it was diabled before (bnc#1172783).
  • CVE-2020-10766: Fixed an issue which allowed an attacker with a local account to disable SSBD protection (bnc#1172781).
  • CVE-2020-10767: Fixed an issue where Indirect Branch Prediction Barrier was disabled in certain circumstances, leaving the system open to a spectre v2 style attack (bnc#1172782).
  • CVE-2020-13974: Fixed a integer overflow in drivers/tty/vt/keyboard.c, if k_ascii is called several times in a row (bnc#1172775).
  • CVE-2019-20810: Fixed a memory leak in go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c because it did not call snd_card_free for a failure path (bnc#1172458).
  • CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265).
  • CVE-2020-10781: Fixed a denial of service issue in the ZRAM implementation (bsc#1173074).
  • CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bsc#1174462).
  • CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c: incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bsc#1173567).
  • CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c: injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bsc#1173573).

The following non-security bugs were fixed:

  • ACPI: GED: add support for _Exx / _Lxx handler methods (bsc#1111666).
  • ACPI: GED: use correct trigger type field in _Exx / _Lxx handling (bsc#1111666).
  • ACPI: NFIT: Fix unlock on error in scrub_show() (bsc#1171753).
  • ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510).
  • ACPI: sysfs: Fix pm_profile_attr type (bsc#1111666).
  • ACPI: video: Use native backlight on Acer Aspire 5783z (bsc#1111666).
  • ACPI: video: Use native backlight on Acer TravelMate 5735Z (bsc#1111666).
  • ALSA: es1688: Add the missed snd_card_free() (bsc#1051510).
  • ALSA: hda: Add ElkhartLake HDMI codec vid (bsc#1111666).
  • ALSA: hda: add sienna_cichlid audio asic id for sienna_cichlid up (bsc#1111666).
  • ALSA: hda/hdmi - enable runtime pm for newer AMD display audio (bsc#1111666).
  • ALSA: hda - let hs_mic be picked ahead of hp_mic (bsc#1111666).
  • ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines (bsc#1111666).
  • ALSA: hda/realtek - Add LED class support for micmute LED (bsc#1111666).
  • ALSA: hda/realtek - Enable micmute LED on and HP system (bsc#1111666).
  • ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534 (bsc#1111666).
  • ALSA: hda/realtek - Fix unused variable warning w/o CONFIG_LEDS_TRIGGER_AUDIO (bsc#1111666).
  • ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (bsc#1111666).
  • ALSA: lx6464es - add support for LX6464ESe pci express variant (bsc#1111666).
  • ALSA: opl3: fix infoleak in opl3 (bsc#1111666).
  • ALSA: pcm: disallow linking stream to itself (bsc#1111666).
  • ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback (bsc#1111666).
  • ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (bsc#1111666).
  • ALSA: usb-audio: add quirk for MacroSilicon MS2109 (bsc#1111666).
  • ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock (bsc#1111666).
  • ALSA: usb-audio: Clean up quirk entries with macros (bsc#1111666).
  • ALSA: usb-audio: Fix inconsistent card PM state after resume (bsc#1111666).
  • ALSA: usb-audio: Fix packet size calculation (bsc#1111666).
  • ALSA: usb-audio: Fix racy list management in output queue (bsc#1111666).
  • ALSA: usb-audio: Improve frames size computation (bsc#1111666).
  • ALSA: usb-audio: Manage auto-pm of all bundled interfaces (bsc#1111666).
  • ALSA: usb-audio: Use the new macro for HP Dock rename quirks (bsc#1111666).
  • amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes).
  • arm64: map FDT as RW for early_init_dt_scan() (jsc#SLE-12423).
  • ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb (bsc#1111666).
  • ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx (bsc#1111666).
  • ath9k: Fix use-after-free Write in ath9k_htc_rx_msg (bsc#1111666).
  • ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb (bsc#1111666).
  • ax25: fix setsockopt(SO_BINDTODEVICE) (networking-stable-20_05_27).
  • b43: Fix connection problem with WPA3 (bsc#1111666).
  • b43_legacy: Fix connection problem with WPA3 (bsc#1111666).
  • bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)).
  • be2net: fix link failure after ethtool offline test (git-fixes).
  • block: nr_sects_write(): Disable preemption on seqcount write (bsc#1173818).
  • block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)).
  • block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)).
  • Bluetooth: Add SCO fallback for invalid LMP parameters error (bsc#1111666).
  • bnxt_en: Fix AER reset logic on 57500 chips (git-fixes).
  • bnxt_en: Fix ethtool selftest crash under error conditions (git-fixes).
  • bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails (git-fixes).
  • bnxt_en: Fix ipv6 RFS filter matching logic (git-fixes).
  • bnxt_en: fix NULL dereference in case SR-IOV configuration fails (git-fixes).
  • bnxt_en: Fix VF anti-spoof filter setup (networking-stable-20_05_12).
  • bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features() (networking-stable-20_05_12).
  • bnxt_en: Improve AER slot reset (networking-stable-20_05_12).
  • brcmfmac: fix wrong location to get firmware feature (bsc#1111666).
  • brcmfmac: Transform compatible string for FW loading (bsc#1169771).
  • btrfs: add assertions for tree == inode->io_tree to extent IO helpers (bsc#1174438).
  • btrfs: add new helper btrfs_lock_and_flush_ordered_range (bsc#1174438).
  • btrfs: Always use a cached extent_state in btrfs_lock_and_flush_ordered_range (bsc#1174438).
  • btrfs: do not zero f_bavail if we have available space (bsc#1168081).
  • btrfs: do not zero f_bavail if we have available space (bsc#1168081).
  • btrfs: drop argument tree from btrfs_lock_and_flush_ordered_range (bsc#1174438).
  • btrfs: fix extent_state leak in btrfs_lock_and_flush_ordered_range (bsc#1174438).
  • btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof (bsc#1174438).
  • btrfs: fix hang on snapshot creation after RWF_NOWAIT write (bsc#1174438).
  • btrfs: fix RWF_NOWAIT write not failling when we need to cow (bsc#1174438).
  • btrfs: fix RWF_NOWAIT writes blocking on extent locks and waiting for IO (bsc#1174438).
  • btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247).
  • btrfs: Return EAGAIN if we can't start no snpashot write in check_can_nocow (bsc#1174438).
  • btrfs: use correct count in btrfs_file_write_iter() (bsc#1174438).
  • btrfs: Use newly introduced btrfs_lock_and_flush_ordered_range (bsc#1174438).
  • btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
  • bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads (bsc#1111666).
  • carl9170: remove P2P_GO support (bsc#1111666).
  • CDC-ACM: heed quirk also in error handling (git-fixes).
  • ceph: convert mdsc->cap_dirty to a per-session list (bsc#1167104).
  • ceph: request expedited service on session's last cap flush (bsc#1167104).
  • cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages (bsc#1173857).
  • char/random: Add a newline at the end of the file (jsc#SLE-12423).
  • cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1144333).
  • cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016).
  • cifs: set up next DFS target before generic_ip_connect() (bsc#1144333 bsc#1161016).
  • clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510).
  • clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
  • clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
  • clocksource: dw_apb_timer: Make CPU-affiliation being optional (bsc#1111666).
  • compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)).
  • compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)).
  • copy_{to,from}_user(): consolidate object size checks (git fixes).
  • crypto: algboss - do not wait during notifier callback (bsc#1111666).
  • crypto: algif_skcipher - Cap recv SG list at ctx->used (bsc#1111666).
  • crypto: caam - update xts sector size for large input length (bsc#1111666).
  • crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (bsc#1111666).
  • crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes).
  • Crypto/chcr: fix for ccm(aes) failed test (bsc#1111666).
  • crypto: chelsio/chtls: properly set tp->lsndtime (bsc#1111666).
  • crypto: talitos - fix IPsec cipher in length (git-fixes).
  • crypto: talitos - reorder code in talitos_edesc_alloc() (git-fixes).
  • debugfs: Check module state before warning in {full/open}_proxy_open() (bsc#1173746).
  • devinet: fix memleak in inetdev_init() (networking-stable-20_06_07).
  • /dev/mem: Add missing memory barriers for devmem_inode (git-fixes).
  • /dev/mem: Revoke mappings when a driver claims the region (git-fixes).
  • dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()' (bsc#1111666).
  • dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)).
  • dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)).
  • dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)).
  • dm: fix potential for q->make_request_fn NULL pointer (git fixes (block drivers)).
  • dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)).
  • dm: various cleanups to md->queue initialization code (git fixes).
  • dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)).
  • dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block drivers)).
  • dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27).
  • driver-core, libnvdimm: Let device subsystems add local lockdep coverage (bsc#1171753).
  • Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170617, bsc#1170618).
  • drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (bsc#1051510).
  • drm: amd/display: fix Kconfig help text (bsc#1113956) * only fix DEBUG_KERNEL_DC
  • drm: bridge: adv7511: Extend list of audio sample rates (bsc#1111666).
  • drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1113956) * context changes
  • drm: encoder_slave: fix refcouting error for modules (bsc#1111666).
  • drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
  • drm/i915/icl+: Fix hotplug interrupt disabling after storm detection (bsc#1112178)
  • drm/i915: Whitelist context-local timestamp in the gen9 cmdparser (bsc#1111666).
  • drm/mediatek: Check plane visibility in atomic_update (bsc#1113956) * context changes
  • drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1111666).
  • drm: panel-orientation-quirks: Add quirk for Asus T101HA panel (bsc#1111666).
  • drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 (bsc#1111666).
  • drm/qxl: Use correct notify port address when creating cursor ring (bsc#1113956)
  • drm/radeon: fix double free (bsc#1113956)
  • drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1113956)
  • drm/sun4i: hdmi ddc clk: Fix size of m divider (bsc#1111666).
  • drm/tegra: hub: Do not enable orphaned window group (bsc#1111666).
  • drm/vkms: Hold gem object while still in-use (bsc#1113956) * context changes
  • Drop another USB dwc3 gadget patch that broke the build
  • Drop USB dwc3 gadget patch that broke the build on openSUSE-15.1 branch
  • e1000: Distribute switch variables for initialization (bsc#1111666).
  • e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
  • e1000e: Do not wake up the system via WOL if device wakeup is disabled (bsc#1051510).
  • e1000e: Relax condition to trigger reset for ME workaround (bsc#1111666).
  • EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
  • efi/random: Increase size of firmware supplied randomness (jsc#SLE-12423).
  • efi/random: Treat EFI_RNG_PROTOCOL output as bootloader randomness (jsc#SLE-12423).
  • efi: READ_ONCE rng seed size before munmap (jsc#SLE-12423).
  • efi: Reorder pr_notice() with add_device_randomness() call (jsc#SLE-12423).
  • evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
  • evm: Fix a small race in init_desc() (bsc#1051510).
  • ext4: fix a data race at inode->i_blocks (bsc#1171835).
  • ext4: fix partial cluster initialization when splitting extent (bsc#1173839).
  • ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838).
  • ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error handlers (bsc#1173833).
  • extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (bsc#1051510).
  • fanotify: fix ignore mask logic for events on child and on dir (bsc#1172719).
  • fdt: add support for rng-seed (jsc#SLE-12423).
  • fdt: Update CRC check for rng-seed (jsc#SLE-12423).
  • firmware: imx: scu: Fix corruption of header (git-fixes).
  • firmware: imx: scu: Fix possible memory leak in imx_scu_probe() (bsc#1111666).
  • Fix boot crash with MD (bsc#1174343) Refresh patches.suse/mdraid-fix-read-write-bytes-accounting.patch
  • fix multiplication overflow in copy_fdtable() (bsc#1173825).
  • Fix Patch-mainline tag in the previous zram fix patch
  • fpga: dfl: afu: Corrected error handling levels (git-fixes).
  • fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks (networking-stable-20_05_12).
  • gpiolib: Document that GPIO line names are not globally unique (bsc#1051510).
  • gpu: host1x: Detach driver on unregister (bsc#1111666).
  • gpu: ipu-v3: pre: do not trigger update if buffer address does not change (bsc#1111666).
  • HID: magicmouse: do not set up autorepeat (git-fixes).
  • HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
  • hv_netvsc: Fix netvsc_start_xmit's return type (git-fixes).
  • hwmon: (acpi_power_meter) Fix potential memory leak in acpi_power_meter_add() (bsc#1111666).
  • hwmon: (emc2103) fix unable to change fan pwm1_enable attribute (bsc#1111666).
  • hwmon: (max6697) Make sure the OVERT mask is set correctly (bsc#1111666).
  • i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 (bsc#1111666).
  • i2c: eg20t: Load module automatically if ID matches (bsc#1111666).
  • i2c: mlxcpld: check correct size of maximum RECV_LEN packet (bsc#1111666).
  • i40e: reduce stack usage in i40e_set_fc (git-fixes).
  • IB/hfi1: Do not destroy hfi1_wq when the device is shut down (bsc#1174409).
  • IB/hfi1: Do not destroy link_wq when the device is shut down (bsc#1174409).
  • ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
  • ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369).
  • ibmvnic: Flush existing work items before device removal (bsc#1065729).
  • ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
  • iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510).
  • iio:health:afe4404 Fix timestamp alignment and prevent data leak (bsc#1111666).
  • iio:humidity:hdc100x Fix alignment and data leak issues (bsc#1111666).
  • iio:magnetometer:ak8974: Fix alignment and data leak issues (bsc#1111666).
  • iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe() (bsc#1111666).
  • iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
  • iio:pressure:ms5611 Fix buffer element alignment (bsc#1111666).
  • iio: pressure: zpa2326: handle pm_runtime_get_sync failure (bsc#1111666).
  • ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1051510).
  • ima: Fix ima digest hash table key calculation (bsc#1051510).
  • include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868).
  • Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list (bsc#1111666).
  • input: i8042 - Remove special PowerPC handling (git-fixes).
  • Input: synaptics - add a second working PNP_ID for Lenovo T470s (bsc#1111666).
  • intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
  • intel_th: Fix a NULL dereference when hub driver is not loaded (bsc#1111666).
  • ipvlan: call dev_change_flags when ipvlan mode is reset (git-fixes).
  • ixgbevf: Remove limit of 10 entries for unicast filter list (git-fixes).
  • jbd2: avoid leaking transaction credits when unreserving handle (bsc#1173845).
  • jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833).
  • kabi: hv: prevent struct device_node to become defined (bsc#1172871).
  • kabi: ppc64le: prevent struct dma_map_ops to become defined (jsc#SLE-12423).
  • kABI: protect struct mlx5_cmd_work_ent (kabi).
  • kABI: reintroduce inet_hashtables.h include to l2tp_ip (kabi).
  • kernfs: fix barrier usage in __kernfs_new_node() (bsc#1111666).
  • KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS (bsc#1114279).
  • KVM: nVMX: Skip IBP