SUSE 5150 Published by

A Linux Kernel security update has been released for openSUSE Leap 15.2.



openSUSE-SU-2021:1357-1: important: Security update for the Linux Kernel


openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2021:1357-1
Rating: important
References: #1065729 #1148868 #1152489 #1154353 #1159886
#1167773 #1170774 #1173746 #1176940 #1184439
#1184804 #1185302 #1185677 #1185726 #1185762
#1187167 #1188067 #1188651 #1188986 #1189297
#1189841 #1189884 #1190023 #1190062 #1190115
#1190159 #1190358 #1190406 #1190467 #1190523
#1190534 #1190543 #1190576 #1190595 #1190596
#1190598 #1190620 #1190626 #1190679 #1190705
#1190717 #1190746 #1190758 #1190784 #1190785
#1191172 #1191193 #1191240 #1191292
Cross-References: CVE-2020-3702 CVE-2021-3669 CVE-2021-3744
CVE-2021-3752 CVE-2021-3764 CVE-2021-40490

CVSS scores:
CVE-2020-3702 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-3702 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-3669 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3744 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3752 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3764 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-40490 (SUSE): 6.1 CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________

An update that solves 6 vulnerabilities and has 43 fixes is
now available.

Description:


The openSUSE Leap 15.2 kernel was updated to receive various security and
bugfixes.

The following security bugs were fixed:

- CVE-2020-3702: Specifically timed and handcrafted traffic can cause
internal errors in a WLAN device that lead to improper layer 2 Wi-Fi
encryption with a consequent possibility of information disclosure over
the air for a discrete set of traffic (bnc#1191193).
- CVE-2021-3669: Fixed a denial of service to replace costly bailout check
in sysvipc_find_ipc() (bsc#1159886 bsc#1188986).
- CVE-2021-3752: Fixed a use-after-free uaf bug in bluetooth
(bsc#1190023).
- CVE-2021-40490: A race condition was discovered in
ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in
the Linux kernel (bnc#1190159)
- CVE-2021-3744, CVE-2021-3764: Fixed some resource leaks in the ccp
driver ccp_run_aes_gcm_cmd() (bsc#1189884 bsc#1190534).

The following non-security bugs were fixed:

- ALSA: firewire-motu: fix truncated bytes in message tracepoints
(git-fixes).
- apparmor: remove duplicate macro list_entry_is_head() (git-fixes).
- ASoC: fsl_micfil: register platform component before registering cpu dai
(git-fixes).
- ASoC: mediatek: common: handle NULL case in suspend/resume function
(git-fixes).
- ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes).
- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (git-fixes).
- ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes).
- ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes).
- ath9k: fix sleeping in atomic context (git-fixes).
- blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762).
- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).
- blk-mq: mark if one queue map uses managed irq (bsc#1185762).
- Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes).
- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).
- bnxt: count Tx drops (git-fixes).
- bnxt: disable napi before canceling DIM (git-fixes).
- bnxt: do not lock the tx queue from napi poll (git-fixes).
- bnxt_en: Add missing DMA memory barriers (git-fixes).
- bnxt_en: Disable aRFS if running on 212 firmware (git-fixes).
- bnxt_en: Do not enable legacy TX push on older firmware (git-fixes).
- bnxt_en: Store the running firmware version code (git-fixes).
- bnxt: make sure xmit_more + errors does not miss doorbells (git-fixes).
- btrfs: prevent rename2 from exchanging a subvol with a directory from
different parents (bsc#1190626).
- clk: at91: clk-generated: Limit the requested rate to our range
(git-fixes).
- clk: at91: clk-generated: pass the id of changeable parent at
registration (git-fixes).
- console: consume APC, DM, DCS (git-fixes).
- cuse: fix broken release (bsc#1190596).
- cxgb4: dont touch blocked freelist bitmap after free (git-fixes).
- debugfs: Return error during {full/open}_proxy_open() on rmmod
(bsc#1173746).
- devlink: Break parameter notification sequence to be before/after
unload/load driver (bsc#1154353).
- dmaengine: ioat: depends on !UML (git-fixes).
- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- dmaengine: xilinx_dma: Set DMA mask for coherent APIs (git-fixes).
- docs: Fix infiniband uverbs minor number (git-fixes).
- drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in
amdgpu_dm_update_backlight_caps (git-fixes).
- drm/amd/amdgpu: Update debugfs link_settings output link_rate field in
hex (git-fixes).
- drm/amd/display: Fix timer_per_pixel unit error (git-fixes).
- drm/amdgpu: Fix BUG_ON assert (git-fixes).
- drm: avoid blocking in drm_clients_info's rcu section (git-fixes).
- drm/gma500: Fix end of loop tests for list_for_each_entry (git-fixes).
- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes).
- drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes).
- e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100).
- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).
- EDAC/i10nm: Fix NVDIMM detection (bsc#1152489).
- EDAC/synopsys: Fix wrong value type assignment for edac_mode
(bsc#1152489).
- erofs: fix up erofs_lookup tracepoint (git-fixes).
- fbmem: do not allow too huge resolutions (git-fixes).
- fpga: machxo2-spi: Fix missing error code in machxo2_write_complete()
(git-fixes).
- fpga: machxo2-spi: Return an error on failure (git-fixes).
- fuse: flush extending writes (bsc#1190595).
- fuse: truncate pagecache on atomic_o_trunc (bsc#1190705).
- genirq: add device_has_managed_msi_irq (bsc#1185762).
- gpio: uniphier: Fix void functions to remove return value (git-fixes).
- gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
access in amdgpu_i2c_router_select_ddc_port() (git-fixes).
- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).
- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779,
bsc#1185726).
- hv_netvsc: Make netvsc/VF binding check both MAC and serial number
(jsc#SLE-18779, bsc#1185726).
- hwmon: (mlxreg-fan) Return non-zero value when fan current state is
enforced from sysfs (git-fixes).
- hwmon: (tmp421) fix rounding for negative values (git-fixes).
- hwmon: (tmp421) report /PVLD condition as fault (git-fixes).
- i40e: Add additional info to PHY type error (git-fixes).
- i40e: Fix firmware LLDP agent related warning (git-fixes).
- i40e: Fix logic of disabling queues (git-fixes).
- i40e: Fix log TC creation failure when max num of queues is exceeded
(git-fixes).
- i40e: Fix queue-to-TC mapping on Tx (git-fixes).
- iavf: Fix ping is lost after untrusted VF had tried to change MAC
(jsc#SLE-7940).
- iavf: Set RSS LUT and key in reset handle path (git-fixes).
- ibmvnic: check failover_pending in login response (bsc#1190523
ltc#194510).
- ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758
ltc#191943).
- ibmvnic: Fix up some comments and messages (bsc#1190758 ltc#191943).
- ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758 ltc#191943).
- ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943).
- ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943).
- ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758 ltc#191943).
- ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758 ltc#191943).
- ice: Prevent probing virtual functions (git-fixes).
- iio: dac: ad5624r: Fix incorrect handling of an optional regulator
(git-fixes).
- include/linux/list.h: add a macro to test if entry is pointing to the
head (git-fixes).
- iomap: Fix negative assignment to unsigned sis->pages in
iomap_swapfile_activate (bsc#1190784).
- ionic: cleanly release devlink instance (bsc#1167773).
- ionic: count csum_none when offload enabled (bsc#1167773).
- ipc: remove memcg accounting for sops objects in do_semtimedop()
(bsc#1190115).
- ipc/util.c: use binary search for max_idx (bsc#1159886).
- ipvs: allow connection reuse for unconfirmed conntrack (bsc#1190467).
- ipvs: avoid expiring many connections from timer (bsc#1190467).
- ipvs: Fix up kabi for expire_nodest_conn_work addition (bsc#1190467).
- ipvs: queue delayed work to expire no destination connections if
expire_nodest_conn=1 (bsc#1190467).
- iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
(git-fixes).
- kernel-binary.spec: Check for no kernel signing certificates. Also
remove unused variable.
- kernel-binary.spec: Do not fail silently when KMP is empty
(bsc#1190358). Copy the code from kernel-module-subpackage that deals
with empty KMPs.
- kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167
bsc#1191240 ltc#194716).
- kernel-binary.spec.in Stop templating the scriptlets for subpackages
(bsc#1190358).
- libata: fix ata_host_start() (git-fixes).
- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (git-fixes).
- mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes).
- mac80211-hwsim: fix late beacon hrtimer handling (git-fixes).
- mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
(git-fixes).
- mac80211: mesh: fix potentially unaligned access (git-fixes).
- media: cedrus: Fix SUNXI tile size calculation (git-fixes).
- media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
(git-fixes).
- media: dib8000: rewrite the init prbs logic (git-fixes).
- media: imx258: Limit the max analogue gain to 480 (git-fixes).
- media: imx258: Rectify mismatch of VTS value (git-fixes).
- media: rc-loopback: return number of emitters rather than error
(git-fixes).
- media: TDA1997x: fix tda1997x_query_dv_timings() return value
(git-fixes).
- media: uvc: do not do DMA on stack (git-fixes).
- media: v4l2-dv-timings.c: fix wrong condition in two for-loops
(git-fixes).
- mfd: Do not use irq_create_mapping() to resolve a mapping (git-fixes).
- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).
- mm: always have io_remap_pfn_range() set pgprot_decrypted() (git-fixes).
- mmc: core: Return correct emmc response in case of ioctl error
(git-fixes).
- mmc: rtsx_pci: Fix long reads when clock is prescaled (git-fixes).
- mmc: sdhci-of-arasan: Check return value of non-void funtions
(git-fixes).
- mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1190785).
- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state
(bsc#1190062).
- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA)
(jsc#SLE-18779, bsc#1185726).
- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726).
- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779,
bsc#1185726).
- net: mana: Fix a memory leak in an error handling path in
(jsc#SLE-18779, bsc#1185726).
- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726).
- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726).
- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779,
bsc#1185726).
- net: mana: remove redundant initialization of variable err
(jsc#SLE-18779, bsc#1185726).
- net: mana: Use int to check the return value of mana_gd_poll_cq()
(jsc#SLE-18779, bsc#1185726).
- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726).
- net/mlx5e: Avoid creating tunnel headers for local route (git-fixes).
- net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).
- net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes).
- net/mlx5: E-Switch, handle devcom events only for ports on the same
device (git-fixes).
- net/mlx5: Fix flow table chaining (git-fixes).
- net/mlx5: Fix return value from tracer initialization (git-fixes).
- net/mlx5: Unload device upon firmware fatal error (git-fixes).
- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (git-fixes).
- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).
- nfp: update ethtool reporting of pauseframe control (git-fixes).
- NFS: change nfs_access_get_cached to only report the mask (bsc#1190746).
- NFS: do not store 'struct cred *' in struct nfs_access_entry
(bsc#1190746).
- NFS: pass cred explicitly for access tests (bsc#1190746).
- nvme: avoid race in shutdown namespace removal (bsc#1188067).
- nvme: fix refcounting imbalance when all paths are down (bsc#1188067).
- parport: remove non-zero check on count (git-fixes).
- PCI: aardvark: Fix checking for PIO status (git-fixes).
- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
(git-fixes).
- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO
response (git-fixes).
- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).
- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (git-fixes).
- PCI: Add AMD GPU multi-function power dependencies (git-fixes).
- PCI: ibmphp: Fix double unmap of io_mem (git-fixes).
- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (git-fixes).
- PCI: pci-bridge-emul: Fix array overruns, improve safety (git-fixes).
- PCI: pci-bridge-emul: Fix big-endian support (git-fixes).
- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
(git-fixes).
- PCI: Use pci_update_current_state() in pci_enable_device_flags()
(git-fixes).
- PM: base: power: do not try to use non-existing RTC for storing data
(git-fixes).
- PM: EM: Increase energy calculation precision (git-fixes).
- powercap: intel_rapl: add support for Sapphire Rapids (jsc#SLE-15289).
- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543
ltc#194523).
- powerpc: fix function annotations to avoid section mismatch warnings
with gcc-10 (bsc#1148868).
- powerpc/perf: Drop the case of returning 0 as instruction pointer
(bsc#1065729).
- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not
set (bsc#1065729).
- powerpc/perf: Fix the check for SIAR value (bsc#1065729).
- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).
- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).
- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).
- powerpc/perf: Use the address from SIAR register to set cpumode flags
(bsc#1065729).
- powerpc/powernv: Fix machine check reporting of async store errors
(bsc#1065729).
- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).
- powerpc/pseries: Prevent free CPU ids being reused on another node
(bsc#1190620 ltc#194498).
- power: supply: axp288_fuel_gauge: Report register-address on readb /
writeb errors (git-fixes).
- power: supply: max17042_battery: fix typo in MAx17042_TOFF (git-fixes).
- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).
- pwm: img: Do not modify HW state in .remove() callback (git-fixes).
- pwm: rockchip: Do not modify HW state in .remove() callback (git-fixes).
- pwm: stm32-lp: Do not modify HW state in .remove() callback (git-fixes).
- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (git-fixes).
- RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init()
(bsc#1170774).
- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (git-fixes).
- regmap: fix page selection for noinc reads (git-fixes).
- regmap: fix page selection for noinc writes (git-fixes).
- regmap: fix the offset of register error log (git-fixes).
- Restore kabi after NFS: pass cred explicitly for access tests
(bsc#1190746).
- rpm: Abolish scritplet templating (bsc#1189841).
- rtc: rx8010: select REGMAP_I2C (git-fixes).
- rtc: tps65910: Correct driver module alias (git-fixes).
- s390/unwind: use current_frame_address() to unwind current task
(bsc#1185677).
- sched/fair: Add ancestors of unthrottled undecayed cfs_rq (bsc#1191292).
- scsi: core: Add helper to return number of logical blocks in a request
(bsc#1190576).
- scsi: core: Introduce the scsi_cmd_to_rq() function (bsc#1190576).
- scsi: fc: Add EDC ELS definition (bsc#1190576).
- scsi: fc: Update formal FPIN descriptor definitions (bsc#1190576).
- scsi: lpfc: Add bsg support for retrieving adapter cmf data
(bsc#1190576).
- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).
- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).
- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).
- scsi: lpfc: Add debugfs support for cm framework buffers (bsc#1190576).
- scsi: lpfc: Add EDC ELS support (bsc#1190576).
- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).
- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).
- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info to
firmware (bsc#1190576).
- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).
- scsi: lpfc: Add support for maintaining the cm statistics buffer
(bsc#1190576).
- scsi: lpfc: Add support for the CM framework (bsc#1190576).
- scsi: lpfc: Adjust bytes received vales during cmf timer interval
(bsc#1190576).
- scsi: lpfc: Copyright updates for 14.0.0.1 patches (bsc#1190576).
- scsi: lpfc: Do not release final kref on Fport node while ABTS
outstanding (bsc#1190576).
- scsi: lpfc: Do not remove ndlp on PRLI errors in P2P mode (bsc#1190576).
- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).
- scsi: lpfc: Fix compilation errors on kernels with no CONFIG_DEBUG_FS
(bsc#1190576).
- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS processing
(bsc#1190576).
- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).
- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines
(bsc#1190576).
- scsi: lpfc: Fix gcc -Wstringop-overread warning, again (bsc#1190576).
- scsi: lpfc: Fix hang on unload due to stuck fport node (bsc#1190576).
- scsi: lpfc: Fix I/O block after enabling managed congestion mode
(bsc#1190576).
- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (bsc#1190576).
- scsi: lpfc: Fix NVMe I/O failover to non-optimized path (bsc#1190576).
- scsi: lpfc: Fix premature rpi release for unsolicited TPLS and LS_RJT
(bsc#1190576).
- scsi: lpfc: Fix rediscovery of tape device after LIP (bsc#1190576).
- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn()
(bsc#1190576).
- scsi: lpfc: Improve PBDE checks during SGL processing (bsc#1190576).
- scsi: lpfc: Remove unneeded variable (bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).
- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).
- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).
- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
(bsc#1190576).
- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI (bsc#1190576).
- scsi: lpfc: Zero CGN stats only during initial driver load and stat
reset (bsc#1190576).
- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (bsc#1189297).
- serial: 8250: Define RX trigger levels for OxSemi 950 devices
(git-fixes).
- serial: 8250_pci: make setup_port() parameters explicitly unsigned
(git-fixes).
- serial: mvebu-uart: fix driver's tx_empty callback (git-fixes).
- serial: sh-sci: fix break handling for sysrq (git-fixes).
- spi: Fix tegra20 build with CONFIG_PM=n (git-fixes).
- staging: board: Fix uninitialized spinlock when attaching genpd
(git-fixes).
- staging: ks7010: Fix the initialization of the 'sleep_status' structure
(git-fixes).
- staging: rts5208: Fix get_ms_information() heap buffer size (git-fixes).
- thermal/core: Potential buffer overflow in
thermal_build_list_of_policies() (git-fixes).
- time: Handle negative seconds correctly in timespec64_to_ns()
(git-fixes).
- tty: Fix data race between tiocsti() and flush_to_ldisc() (git-fixes).
- tty: serial: jsm: hold port lock when reporting modem line changes
(git-fixes).
- tty: synclink_gt, drop unneeded forward declarations (git-fixes).
- usb: core: hcd: Add support for deferring roothub registration
(git-fixes).
- usb: dwc2: Add missing cleanups when usb_add_gadget_udc() fails
(git-fixes).
- usb: dwc2: Avoid leaving the error_debugfs label unused (git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes).
- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
(git-fixes).
- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
(git-fixes).
- usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes).
- usb: gadget: u_ether: fix a potential null pointer dereference
(git-fixes).
- usb: host: fotg210: fix the actual_length of an iso packet (git-fixes).
- usb: host: fotg210: fix the endpoint's transactional opportunities
calculation (git-fixes).
- usbip: give back URBs for unsent unlink requests during cleanup
(git-fixes).
- usbip:vhci_hcd USB port can get stuck in the disabled state (git-fixes).
- usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes).
- usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned()
(git-fixes).
- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
(git-fixes).
- USB: serial: option: add device id for Foxconn T99W265 (git-fixes).
- USB: serial: option: add Telit LN920 compositions (git-fixes).
- USB: serial: option: remove duplicate USB device ID (git-fixes).
- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
(git-fixes).
- video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
(git-fixes).
- video: fbdev: kyro: Error out if 'pixclock' equals zero (git-fixes).
- video: fbdev: kyro: fix a DoS bug by restricting user input (git-fixes).
- video: fbdev: riva: Error out if 'pixclock' equals zero (git-fixes).
- vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406).
- vmxnet3: add support for ESP IPv6 RSS (bsc#1190406).
- vmxnet3: increase maximum configurable mtu to 9190 (bsc#1190406).
- vmxnet3: prepare for version 6 changes (bsc#1190406).
- vmxnet3: remove power of 2 limitation on the queues (bsc#1190406).
- vmxnet3: set correct hash type based on rss information (bsc#1190406).
- vmxnet3: update to version 6 (bsc#1190406).
- watchdog/sb_watchdog: fix compilation problem due to COMPILE_TEST
(git-fixes).
- x86/alternatives: Teach text_poke_bp() to emulate instructions
(bsc#1185302).
- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).
- x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289).
- x86/mm: Fix kern_addr_valid() to cope with existing but not present
entries (bsc#1152489).
- x86/resctrl: Fix a maybe-uninitialized build warning treated as error
(bsc#1152489).
- x86/resctrl: Fix default monitoring groups reporting (bsc#1152489).
- xfs: allow mount/remount when stripe width alignment is zero
(bsc#1188651).
- xfs: sync lazy sb accounting on quiesce of read-only mounts
(bsc#1190679).
- xgene-v2: Fix a resource leak in the error handling path of
'xge_probe()' (git-fixes).
- xhci: Set HCD flag to defer primary roothub registration (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-1357=1


Package List:

- openSUSE Leap 15.2 (noarch):

kernel-devel-5.3.18-lp152.95.1
kernel-docs-5.3.18-lp152.95.1
kernel-docs-html-5.3.18-lp152.95.1
kernel-macros-5.3.18-lp152.95.1
kernel-source-5.3.18-lp152.95.1
kernel-source-vanilla-5.3.18-lp152.95.1

- openSUSE Leap 15.2 (x86_64):

kernel-debug-5.3.18-lp152.95.1
kernel-debug-debuginfo-5.3.18-lp152.95.1
kernel-debug-debugsource-5.3.18-lp152.95.1
kernel-debug-devel-5.3.18-lp152.95.1
kernel-debug-devel-debuginfo-5.3.18-lp152.95.1
kernel-default-5.3.18-lp152.95.1
kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1
kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1
kernel-default-debuginfo-5.3.18-lp152.95.1
kernel-default-debugsource-5.3.18-lp152.95.1
kernel-default-devel-5.3.18-lp152.95.1
kernel-default-devel-debuginfo-5.3.18-lp152.95.1
kernel-kvmsmall-5.3.18-lp152.95.1
kernel-kvmsmall-debuginfo-5.3.18-lp152.95.1
kernel-kvmsmall-debugsource-5.3.18-lp152.95.1
kernel-kvmsmall-devel-5.3.18-lp152.95.1
kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.95.1
kernel-obs-build-5.3.18-lp152.95.1
kernel-obs-build-debugsource-5.3.18-lp152.95.1
kernel-obs-qa-5.3.18-lp152.95.1
kernel-preempt-5.3.18-lp152.95.1
kernel-preempt-debuginfo-5.3.18-lp152.95.1
kernel-preempt-debugsource-5.3.18-lp152.95.1
kernel-preempt-devel-5.3.18-lp152.95.1
kernel-preempt-devel-debuginfo-5.3.18-lp152.95.1
kernel-syms-5.3.18-lp152.95.1

References:

  https://www.suse.com/security/cve/CVE-2020-3702.html
  https://www.suse.com/security/cve/CVE-2021-3669.html
  https://www.suse.com/security/cve/CVE-2021-3744.html
  https://www.suse.com/security/cve/CVE-2021-3752.html
  https://www.suse.com/security/cve/CVE-2021-3764.html
  https://www.suse.com/security/cve/CVE-2021-40490.html
  https://bugzilla.suse.com/1065729
  https://bugzilla.suse.com/1148868
  https://bugzilla.suse.com/1152489
  https://bugzilla.suse.com/1154353
  https://bugzilla.suse.com/1159886
  https://bugzilla.suse.com/1167773
  https://bugzilla.suse.com/1170774
  https://bugzilla.suse.com/1173746
  https://bugzilla.suse.com/1176940
  https://bugzilla.suse.com/1184439
  https://bugzilla.suse.com/1184804
  https://bugzilla.suse.com/1185302
  https://bugzilla.suse.com/1185677
  https://bugzilla.suse.com/1185726
  https://bugzilla.suse.com/1185762
  https://bugzilla.suse.com/1187167
  https://bugzilla.suse.com/1188067
  https://bugzilla.suse.com/1188651
  https://bugzilla.suse.com/1188986
  https://bugzilla.suse.com/1189297
  https://bugzilla.suse.com/1189841
  https://bugzilla.suse.com/1189884
  https://bugzilla.suse.com/1190023
  https://bugzilla.suse.com/1190062
  https://bugzilla.suse.com/1190115
  https://bugzilla.suse.com/1190159
  https://bugzilla.suse.com/1190358
  https://bugzilla.suse.com/1190406
  https://bugzilla.suse.com/1190467
  https://bugzilla.suse.com/1190523
  https://bugzilla.suse.com/1190534
  https://bugzilla.suse.com/1190543
  https://bugzilla.suse.com/1190576
  https://bugzilla.suse.com/1190595
  https://bugzilla.suse.com/1190596
  https://bugzilla.suse.com/1190598
  https://bugzilla.suse.com/1190620
  https://bugzilla.suse.com/1190626
  https://bugzilla.suse.com/1190679
  https://bugzilla.suse.com/1190705
  https://bugzilla.suse.com/1190717
  https://bugzilla.suse.com/1190746
  https://bugzilla.suse.com/1190758
  https://bugzilla.suse.com/1190784
  https://bugzilla.suse.com/1190785
  https://bugzilla.suse.com/1191172
  https://bugzilla.suse.com/1191193
  https://bugzilla.suse.com/1191240
  https://bugzilla.suse.com/1191292