You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava Linux

Sigurnosni nedostaci jezgre operacijskog sustava Linux

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LSU

openSUSE Security Update: Security update for the Linux Kernel

Announcement ID: openSUSE-SU-2020:1062-1
Rating: important
References: #1152472 #1152489 #1153274 #1154353 #1155518
#1155798 #1156395 #1158983 #1162702 #1167773
#1169094 #1170284 #1170617 #1171150 #1171529
#1171530 #1171732 #1172344 #1172543 #1172687
#1172871 #1173284 #1173514 #1173552 #1173573
#1173625 #1173746 #1173776 #1173817 #1173818
#1173820 #1173822 #1173823 #1173824 #1173825
#1173826 #1173827 #1173828 #1173830 #1173831
#1173832 #1173833 #1173834 #1173836 #1173837
#1173838 #1173839 #1173841 #1173843 #1173844
#1173845 #1173847 #1173860 #1173894 #1174018
#1174244 #1174345
Cross-References: CVE-2020-12771 CVE-2020-15393
Affected Products:
openSUSE Leap 15.2

An update that solves two vulnerabilities and has 55 fixes
is now available.


The openSUSE Leap 15.2 was updated to receive various security and

The following security bugs were fixed:

– CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a
memory leak, aka CID-28ebeb8db770 (bnc#1173514).
– CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a
deadlock if a coalescing operation fails (bnc#1171732).

The following non-security bugs were fixed:

– ACPI: configfs: Disallow loading ACPI tables when locked down
– ACPI: sysfs: Fix pm_profile_attr type (git-fixes).
– aio: fix async fsync creds (bsc#1173828).
– ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table
– ALSA: hda/hdmi: fix failures at PCM open on Intel ICL and later
– ALSA: hda/hdmi: improve debug traces for stream lookups (git-fixes).
– ALSA: hda – let hs_mic be picked ahead of hp_mic (git-fixes).
– ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems
– ALSA: hda/realtek – Add quirk for MSI GE63 laptop (git-fixes).
– ALSA: hda/realtek – Enable audio jacks of Acer vCopperbox with ALC269VC
– ALSA: hda/realtek: Enable headset mic of Acer C20-820 with ALC269VC
– ALSA: hda/realtek: Enable headset mic of Acer Veriton N4660G with
ALC269VC (git-fixes).
– ALSA: hda/realtek – Fix Lenovo Thinkpad X1 Carbon 7th quirk subdevice id
– ALSA: isa/wavefront: prevent out of bounds write in ioctl (git-fixes).
– ALSA: opl3: fix infoleak in opl3 (git-fixes).
– ALSA: usb-audio: Add implicit feedback quirk for RTX6001 (git-fixes).
– ALSA: usb-audio: Add implicit feedback quirk for SSL2+ (git-fixes).
– ALSA: usb-audio: add quirk for Denon DCD-1500RE (git-fixes).
– ALSA: usb-audio: add quirk for MacroSilicon MS2109 (git-fixes).
– ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) (git-fixes).
– ALSA: usb-audio: Fix OOB access of mixer element list (git-fixes).
– ALSA: usb-audio: Fix packet size calculation (bsc#1173847).
– ALSA: usb-audio: Fix potential use-after-free of streams (git-fixes).
– ALSA: usb-audio: Replace s/frame/packet/ where appropriate (git-fixes).
– amdgpu: a NULL ->mm does not mean a thread is a kthread (git-fixes).
– ASoC: core: only convert non DPCM link to DPCM link (git-fixes).
– ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
– ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
– ASoC: fsl_ssi: Fix bclk calculation for mono channel (git-fixes).
– ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
– ASoC: max98373: reorder max98373_reset() in resume (git-fixes).
– ASoc: q6afe: add support to get port direction (git-fixes).
– ASoC: q6asm: handle EOS correctly (git-fixes).
– ASoC: qcom: q6asm-dai: kCFI fix (git-fixes).
– ASoC: rockchip: Fix a reference count leak (git-fixes).
– ASoC: SOF: Do nothing when DSP PM callbacks are not set (git-fixes).
– ASoC: SOF: nocodec: conditionally set dpcm_capture/dpcm_playback flags
– ASoC: tegra: tegra_wm8903: Support nvidia, headset property (git-fixes).
– ASoC: ti: omap-mcbsp: Fix an error handling path in ‘asoc_mcbsp_probe()’
– ata/libata: Fix usage of page address by page_address in
ata_scsi_mode_select_xlat function (git-fixes).
– ath10k: fix kernel null pointer dereference (git-fixes).
– ath10k: Fix the race condition in firmware dump work queue (git-fixes).
– b43: Fix connection problem with WPA3 (git-fixes).
– b43_legacy: Fix connection problem with WPA3 (git-fixes).
– backlight: lp855x: Ensure regulators are disabled on probe failure
– batman-adv: Revert “disable ethtool link speed detection when auto
negotiation off” (git-fixes).
– bdev: fix bdev inode reference count disbalance regression (bsc#1174244)
– block/bio-integrity: do not free ‘buf’ if bio_integrity_add_page()
failed (bsc#1173817).
– block: Fix use-after-free in blkdev_get() (bsc#1173834).
– block: nr_sects_write(): Disable preemption on seqcount write
– Bluetooth: Add SCO fallback for invalid LMP parameters error (git-fixes).
– Bluetooth: btbcm: Add 2 missing models to subver tables (git-fixes).
– bnxt_en: Fix AER reset logic on 57500 chips (bsc#1171150).
– bnxt_en: fix firmware message length endianness (bsc#1173894).
– bnxt_en: Fix return code to “flash_device” (bsc#1173894).
– bnxt_en: Re-enable SRIOV during resume (jsc#SLE-8371 bsc#1153274).
– bnxt_en: Return from timer if interface is not in open state
(jsc#SLE-8371 bsc#1153274).
– bnxt_en: Simplify bnxt_resume() (jsc#SLE-8371 bsc#1153274).
– bpf: Document optval > PAGE_SIZE behavior for sockopt hooks
– bpf: Do not return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE
– bpf: Fix an error code in check_btf_func() (bsc#1154353).
– bpf: Restrict bpf_trace_printk()’s %s usage and add %pks, %pus specifier
– bpf, xdp, samples: Fix null pointer dereference in *_user code
– brcmfmac: expose RPi firmware config files through modinfo (bsc#1169094).
– bus: ti-sysc: Ignore clockactivity unless specified as a quirk
– carl9170: remove P2P_GO support (git-fixes).
– cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip (git-fixes).
– clk: qcom: msm8916: Fix the address location of pll->config_reg
– clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
– clk: sifive: allocate sufficient memory for struct __prci_data
– clk: ti: composite: fix memory leak (git-fixes).
– clk: zynqmp: fix memory leak in zynqmp_register_clocks (git-fixes).
– clocksource: dw_apb_timer: Make CPU-affiliation being optional
– cpufreq: Fix up cpufreq_boost_set_sw() (git-fixes).
– cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once
– cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn
– cpuidle: Fix three reference count leaks (git-fixes).
– crypto: algif_skcipher – Cap recv SG list at ctx->used (git-fixes).
– crypto – Avoid free() namespace collision (git-fixes).
– Crypto/chcr: fix for ccm(aes) failed test (git-fixes).
– crypto: omap-sham – add proper load balancing support for multicore
– debugfs: Check module state before warning in {full/open}_proxy_open()
– devlink: fix return value after hitting end in region read
– devmap: Use bpf_map_area_alloc() for allocating hash buckets
– dm writecache: reject asynchronous pmem devices (bsc#1156395).
– dpaa2-eth: prevent array underflow in update_cls_rule()
– dpaa2-eth: properly handle buffer size restrictions
– dpaa_eth: fix usage as DSA master, try 3 (networking-stable-20_05_27).
– drivers: base: Fix NULL pointer exception in __platform_driver_probe()
if a driver developer is foolish (git-fixes).
– Drivers: hv: Change flag to write log level in panic msg to false
– drm: amd/display: fix Kconfig help text (bsc#1152489) * context changes
– drm/amd/display: Revalidate bandwidth before commiting DC updates
– drm/amd: fix potential memleak in err branch (git-fixes).
– drm/amdgpu: add fw release for sdma v5_0 (git-fixes).
– drm/amdgpu: drop redundant cg/pg ungate on runpm enter (git-fixes).
– drm/amdgpu: fix gfx hang during suspend with video playback (v2)
– drm/amdgpu: fix the hw hang during perform system reboot and reset
– drm/amdgpu: Init data to avoid oops while reading pp_num_states
– drm/amdgpu: move kfd suspend after ip_suspend_phase1 (git-fixes).
– drm/amdgpu: Replace invalid device ID with a valid device ID
– drm/amd/powerpay: Disable gfxoff when setting manual mode on picasso and
raven (git-fixes).
– drm: bridge: adv7511: Extend list of audio sample rates (git-fixes).
– drm/connector: notify userspace on hotplug after register complete
(bsc#1152489) * context changes
– drm/i915/gt: Do not schedule normal requests immediately along
– drm/i915/gvt: Fix two CFL MMIO handling caused by regression.
– drm/i915/gvt: Fix two CFL MMIO handling caused by regression (git-fixes).
– drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
– drm/msm: Check for powered down HW in the devfreq callbacks (bsc#1152489)
– drm/msm/dpu: fix error return code in dpu_encoder_init (bsc#1152489)
– drm/msm/dpu: fix error return code in dpu_encoder_init (git-fixes).
– drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
– drm/nouveau/disp/gm200-: fix NV_PDISP_SOR_HDMI2_CTRL(n) selection
– drm/qxl: Use correct notify port address when creating cursor ring
– drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1152472)
– drm: rcar-du: Fix build error (bsc#1152472)
– drm: sun4i: hdmi: Remove extra HPD polling (bsc#1152489)
– drm: sun4i: hdmi: Remove extra HPD polling (git-fixes).
– e1000: Distribute switch variables for initialization (git-fixes).
– e1000e: Relax condition to trigger reset for ME workaround (git-fixes).
– ext4: avoid utf8_strncasecmp() with unstable name (bsc#1173843).
– ext4: fix error pointer dereference (bsc#1173837).
– ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max (bsc#1173836).
– ext4: fix partial cluster initialization when splitting extent
– ext4: fix race between ext4_sync_parent() and rename() (bsc#1173838).
– ext4, jbd2: ensure panic by fix a race between jbd2 abort and ext4 error
handlers (bsc#1173833).
– ext4: stop overwrite the errcode in ext4_setup_super (bsc#1173841).
– fat: do not allow to mount if the FAT length == 0 (bsc#1173831).
– Fix boot crash with MD (bsc#1173860)
– fix multiplication overflow in copy_fdtable() (bsc#1173825).
– fork: prevent accidental access to clone3 features (bsc#1174018).
– fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks
– geneve: allow changing DF behavior after creation (git-fixes).
– geneve: change from tx_error to tx_dropped on missing metadata
– gfs2: fix glock reference problem in gfs2_trans_remove_revoke
– gfs2: Multi-block allocations in gfs2_page_mkwrite (bsc#1173822).
– gpio: pca953x: fix handling of automatic address incrementing
– HID: Add quirks for Trust Panora Graphic Tablet (git-fixes).
– hinic: fix a bug of ndo_stop (networking-stable-20_05_16).
– hinic: fix wrong para of wait_for_completion_timeout
– hv_netvsc: Fix netvsc_start_xmit’s return type (git-fixes).
– hwmon: (acpi_power_meter) Fix potential memory leak in
acpi_power_meter_add() (git-fixes).
– hwmon: (k10temp) Add AMD family 17h model 60h PCI match (git-fixes).
– hwmon: (max6697) Make sure the OVERT mask is set correctly (git-fixes).
– hwmon: (pmbus) fix a typo in Kconfig SENSORS_IR35221 option (git-fixes).
– i2c: algo-pca: Add 0x78 as SCL stuck low status for PCA9665 (git-fixes).
– i2c: core: check returned size of emulated smbus block read (git-fixes).
– i2c: fsi: Fix the port number field in status register (git-fixes).
– i2c: mlxcpld: check correct size of maximum RECV_LEN packet (git-fixes).
– i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
– i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
– i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output (git-fixes).
– IB/rdmavt: Free kernel completion queue when done (bsc#1173625).
– iio: bmp280: fix compensation of humidity (git-fixes).
– input: i8042 – Remove special PowerPC handling (git-fixes).
– ionic: add pcie_print_link_status (bsc#1167773).
– ionic: export features for vlans to use (bsc#1167773).
– ionic: no link check while resetting queues (bsc#1167773).
– ionic: remove support for mgmt device (bsc#1167773).
– ionic: tame the watchdog timer on reconfig (bsc#1167773).
– ionic: wait on queue start until after IFF_UP (bsc#1167773).
– io_uring: use kvfree() in io_sqe_buffer_register() (bsc#1173832).
– ipmi: use vzalloc instead of kmalloc for user creation (git-fixes).
– iwlwifi: mvm: fix aux station leak (git-fixes).
– ixgbe: do not check firmware errors (bsc#1170284).
– jbd2: avoid leaking transaction credits when unreserving handle
– jbd2: Preserve kABI when adding j_abort_mutex (bsc#1173833).
– kABI fixup mtk-vpu: avoid unaligned access to DTCM buffer (git-fixes).
– kabi: hv: prevent struct device_node to become defined (bsc#1172871).
– kABI: protect struct fib_dump_filter (kabi).
– kABI: protect struct mlx5_cmd_work_ent (kabi).
– libceph: do not omit recovery_deletes in target_copy() (git-fixes).
– loop: replace kill_bdev with invalidate_bdev (bsc#1173820).
– media: dvbdev: Fix tuner->demod media controller link (git-fixes).
– media: dvbsky: add support for eyeTV Geniatech T2 lite (bsc#1173776).
– media: dvbsky: add support for Mygica T230C v2 (bsc#1173776).
– media: imx: imx7-mipi-csis: Cleanup and fix subdev pad format handling
– media: mtk-vpu: avoid unaligned access to DTCM buffer (git-fixes).
– media: ov5640: fix use of destroyed mutex (git-fixes).
– media: si2157: Better check for running tuner in init (git-fixes).
– media: si2168: add support for Mygica T230C v2 (bsc#1173776).
– media: staging: imgu: do not hold spinlock during freeing mmu page table
– media: staging/intel-ipu3: Implement lock for stream on/off operations
– media: vicodec: Fix error codes in probe function (git-fixes).
– mfd: wm8994: Fix driver operation if loaded as modules (git-fixes).
– mlxsw: spectrum_acl_tcam: Position vchunk in a vregion list properly
– mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk (git-fixes).
– mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
– mm: fix NUMA node file count error in replace_page_cache() (bsc#1173844).
– mm/memory_hotplug: refrain from adding memory into an impossible node
– mvpp2: remove module bugfix (bsc#1154353).
– namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1173824).
– neigh: send protocol value in neighbor create notification
– net: core: device_rename: Use rwsem instead of a seqcount (bsc#1162702).
– net: do not return invalid table id error when we fall back to PF_UNSPEC
– net: dsa: Do not leave DSA master with NULL netdev_ops
– net: dsa: loop: Add module soft dependency (networking-stable-20_05_16).
– net: dsa: mt7530: fix roaming from DSA user ports
– net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend
– net: fix a potential recursive NETDEV_FEAT_CHANGE
– __netif_receive_skb_core: pass skb by reference
– net: inet_csk: Fix so_reuseport bind-address cache in tb->fast*
– net: ipip: fix wrong address family in init error path
– net: macb: fix an issue about leak related system resources
– net: macsec: preserve ingress frame ordering
– net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc()
– net/mlx5: Add command entry handling completion
– net/mlx5: Disable reload while removing the device (jsc#SLE-8464).
– net/mlx5: DR, Fix freeing in dr_create_rc_qp() (jsc#SLE-8464).
– net/mlx5e: Fix inner tirs handling (networking-stable-20_05_27).
– net/mlx5e: kTLS, Destroy key object after destroying the TIS
– net/mlx5e: Update netdev txq on completions during closure
– net/mlx5: Fix command entry leak in Internal Error State
– net/mlx5: Fix error flow in case of function_setup failure
– net/mlx5: Fix forced completion access non initialized command entry
– net/mlx5: Fix memory leak in mlx5_events_init
– net: mvpp2: cls: Prevent buffer overflow in mvpp2_ethtool_cls_rule_del()
– net: mvpp2: fix RX hashing for non-10G ports
– net: mvpp2: prevent buffer overflow in mvpp22_rss_ctx()
– net: nlmsg_cancel() if put fails for nhmsg (networking-stable-20_05_27).
– net: phy: fix aneg restart in phy_ethtool_set_eee
– netprio_cgroup: Fix unlimited memory leak of v2 cgroups
– net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
– net sched: fix reporting the first-time use timestamp
– net_sched: sch_skbprio: add message validation to skbprio_change()
– net/smc: tolerate future SMCD versions (bsc#1172543 LTC#186069).
– net: stmmac: fix num_por initialization (networking-stable-20_05_16).
– net: stricter validation of untrusted gso packets
– net: tc35815: Fix phydev supported/advertising mask
– net: tcp: fix rx timestamp behavior for tcp_recvmsg
– net/tls: fix race condition causing kernel panic
– net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict()
– net/tls: Fix sk_psock refcnt leak when in tls_data_ready()
– net: usb: qmi_wwan: add support for DW5816e (networking-stable-20_05_12).
– nexthop: Fix attribute checking for groups (networking-stable-20_05_27).
– nfp: abm: fix a memory leak bug (networking-stable-20_05_12).
– nfp: abm: fix error return code in nfp_abm_vnic_alloc()
– nfsd4: fix nfsdfs reference count loop (git-fixes).
– nfsd: apply umask on fs without ACL support (git-fixes).
– nfsd: fix nfsdfs inode reference count leak (git-fixes).
– NFSv4 fix CLOSE not waiting for direct IO compeletion (git-fixes).
– PCI: aardvark: Do not blindly enable ASPM L0s and do not write to
read-only register (git-fixes).
– PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
– PCI: Add Loongson vendor ID (git-fixes).
– PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges (git-fixes).
– PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0 (git-fixes).
– PCI: Avoid FLR for AMD Starship USB 3.0 (git-fixes).
– PCI: Do not disable decoding when mmio_always_on is set (git-fixes).
– PCI: dwc: Fix inner MSI IRQ domain registration (git-fixes).
– PCI: hv: Change pci_protocol_version to per-hbus (bsc#1172871).
– PCI: hv: Decouple the func definition in hv_dr_state from VSP message
– PCI: hv: Fix the PCI HyperV probe failure path to release resource
properly (bsc#1172871).
– PCI: hv: Introduce hv_msi_entry (bsc#1172871).
– PCI: hv: Move hypercall related definitions into tlfs header
– PCI: hv: Move retarget related structures into tlfs header (bsc#1172871).
– PCI: hv: Reorganize the code in preparation of hibernation (bsc#1172871).
– PCI: hv: Retry PCI bus D0 entry on invalid device state (bsc#1172871).
– PCI: pci-bridge-emul: Fix PCIe bit conflicts (git-fixes).
– PCI: vmd: Add device id for VMD device 8086:9A0B (git-fixes).
– pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map (git-fixes).
– pinctrl: tegra: Use noirq suspend/resume callbacks (git-fixes).
– platform/x86: asus_wmi: Reserve more space for struct bias_args
– platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
– platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
– pNFS/flexfiles: Fix list corruption if the mirror count changes
– pppoe: only process PADT targeted at local interfaces
– proc: Use new_inode not new_inode_pseudo (bsc#1173830).
– pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
– RDMA/core: Check that type_attrs is not NULL prior access (jsc#SLE-8449).
– regualtor: pfuze100: correct sw1a/sw2 on pfuze3000 (git-fixes).
– remoteproc: qcom_q6v5_mss: map/unmap mpss segments before/after use
– Revert commit e918e570415c (“tpm_tis: Remove the HID IFX0102”)
– Revert “i2c: tegra: Fix suspending in active runtime PM state”
– Revert “ipv6: add mtu lock check in __ip6_rt_update_pmtu”
– ring-buffer: Zero out time extend if it is nested and not absolute
– sata_rcar: handle pm_runtime_get_sync failure cases (git-fixes).
– sch_choke: avoid potential panic in choke_reset()
– sched: Fix loadavg accounting race (bnc#1155798 (CPU scheduler
functional and performance backports)).
– sched: Fix race against ptrace_freeze_trace() (bsc#1174345).
– sch_sfq: validate silly quantum values (networking-stable-20_05_12).
– scsi: lpfc: Add an internal trace log buffer (bsc#1172687 bsc#1171530).
– scsi: lpfc: Add blk_io_poll support for latency improvment (bsc#1172687
– scsi: lpfc: Add support to display if adapter dumps are available
(bsc#1172687 bsc#1171530).
– scsi: lpfc: Allow applications to issue Common Set Features mailbox
command (bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix inconsistent indenting (bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix interrupt assignments when multiple vectors are
supported on same CPU (bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix kdump hang on PPC (bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix language in 0373 message to reflect non-error message
(bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix less-than-zero comparison of unsigned value (bsc#1172687
– scsi: lpfc: Fix missing MDS functionality (bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix NVMe rport deregister and registration during ADISC
(bsc#1172687 bsc#1171530).
– scsi: lpfc: Fix oops due to overrun when reading SLI3 data (bsc#1172687
– scsi: lpfc: Fix shost refcount mismatch when deleting vport (bsc#1172687
– scsi: lpfc: Fix stack trace seen while setting rrq active (bsc#1172687
– scsi: lpfc: Fix unused assignment in lpfc_sli4_bsg_link_diag_test
(bsc#1172687 bsc#1171530).
– scsi: lpfc: Update lpfc version to (bsc#1172687 bsc#1171530).
– scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request
– sctp: Do not add the shutdown timer if its already been added
– sctp: Start shutdown on association restart if in SHUTDOWN-SENT state
and socket is closed (networking-stable-20_05_27).
– selftests/bpf: Make sure optvals > PAGE_SIZE are bypassed (bsc#1155518).
– signal: Avoid corrupting si_pid and si_uid in do_notify_parent
– slimbus: ngd: get drvdata from correct device (git-fixes).
– socionext: account for napi_gro_receive never returning GRO_DROP
– spi: dw: Enable interrupts in accordance with DMA xfer mode (git-fixes).
– spi: dw: Fix Rx-only DMA transfers (git-fixes).
– spi: dw: Return any value retrieved from the dma_transfer callback
– spi: pxa2xx: Apply CS clk quirk to BXT (git-fixes).
– spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
– Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate()
– sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).
– SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment()
– tcp: fix error recovery in tcp_zerocopy_receive()
– tcp: fix SO_RCVLOWAT hangs with fat skbs (networking-stable-20_05_16).
– tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes
– thermal/drivers/mediatek: Fix bank number settings on mt8183 (git-fixes).
– thermal/drivers/rcar_gen3: Fix undefined temperature if negative
– thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR (git-fixes).
– tipc: block BH before using dst_cache (networking-stable-20_05_27).
– tipc: fix partial topology connection closure
– tpm: Fix TIS locality timeout problems (git-fixes).
– tpm_tis: Remove the HID IFX0102 (git-fixes).
– tracing: Fix event trigger to accept redundant spaces (git-fixes).
– tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040
– ubifs: fix wrong use of crypto_shash_descsize() (bsc#1173827).
– ubifs: remove broken lazytime support (bsc#1173826).
– Update patch reference tag for ACPI lockdown fix (bsc#1173573)
– usb: add USB_QUIRK_DELAY_INIT for Logitech C922 (git-fixes).
– usb/ehci-platform: Set PM runtime as active on resume (git-fixes).
– USB: ehci: reopen solution for Synopsys HC bug (git-fixes).
– usb: gadget: udc: Potential Oops in error handling code (git-fixes).
– usb: host: ehci-exynos: Fix error check in exynos_ehci_probe()
– usb: host: ehci-platform: add a quirk to avoid stuck (git-fixes).
– usb: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).
– usblp: poison URBs upon disconnect (git-fixes).
– usb/ohci-platform: Fix a warning when hibernating (git-fixes).
– USB: ohci-sm501: Add missed iounmap() in remove (git-fixes).
– usb: renesas_usbhs: getting residue from callback_result (git-fixes).
– USB: serial: ch341: add basis for quirk detection (git-fixes).
– usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs
– usb/xhci-plat: Set PM runtime as active on resume (git-fixes).
– video: vt8500lcdfb: fix fallthrough warning (bsc#1152489)
– virtio_net: fix lockdep warning on 32 bit (networking-stable-20_05_16).
– watchdog: da9062: No need to ping manually before setting timeout
– wil6210: account for napi_gro_receive never returning GRO_DROP
– wil6210: add wil_netif_rx() helper function (bsc#1154353).
– wil6210: use after free in wil_netif_rx_any() (bsc#1154353).
– x86/amd_nb: Add AMD family 17h model 60h PCI IDs (git-fixes).
– xhci: Fix enumeration issue when setting max packet size for FS devices
– xhci: Fix incorrect EP_STATE_MASK (git-fixes).
– xhci: Poll for U0 after disabling USB2 LPM (git-fixes).
– xhci: Return if xHCI does not support LPM (git-fixes).
– xprtrdma: Fix handling of RDMA_ERROR replies (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

– openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1062=1

Package List:

– openSUSE Leap 15.2 (x86_64):


– openSUSE Leap 15.2 (noarch):



To unsubscribe, e-mail:
For additional commands, e-mail:

AutorFilip Omazic
Cert idNCERT-REF-2020-07-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa re2c

Otkriven je sigurnosni nedostatak u programskom paketu re2c za operacijski sustav Gentoo. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...