SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2939-1)

high Nessus Plugin ID 205734

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2939-1 advisory.

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958).
- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
- CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
- CVE-2021-47546: ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
- CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
- CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
- CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
- CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
- CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
- CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571).
- CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len. (bsc#1226555).
- CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
- CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
- CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
- CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071).
- CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869).
- CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
- CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).
- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
- CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
- CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).
- CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()' (bsc#1222323).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).
- CVE-2024-26842: scsi: target: core: Add TMF to tmr_list handling (bsc#1223013).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35961: net/mlx5: Register devlink first under devlink lock (bsc#1224585).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35995: ACPI: CPPC: Use access_width over bit_width for system memory accesses (bsc#1224557).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
- CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103).
- CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435)
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-39493: crypto: qat - fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39497: drm/shmem-helper: fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722).
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-39508: io_uring/io-wq: use set_bit() and test_bit() at worker->flags (bsc#1227732).
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
- CVE-2024-40982: ssb: fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41016: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518).
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
- CVE-2024-41063: bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
- CVE-2024-41072: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (bsc#1228626).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
- CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).

The following non-security bugs were fixed:

- acpi: EC: Abort address space access upon error (stable-fixes).
- acpi: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- acpi: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- acpi: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- acpi: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes).
- acpi: x86: Force StorageD3Enable on more products (stable-fixes).
- acpi: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes).
- acpica: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
- alsa: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- alsa: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- alsa: emux: improve patch ioctl data validation (stable-fixes).
- alsa: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- alsa: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- alsa: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- alsa: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- alsa: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- alsa: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- alsa: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- alsa: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- alsa: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- alsa: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- alsa: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- alsa: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- alsa: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- alsa: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- alsa: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- alsa: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- alsa: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- alsa: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- alsa: timer: Set lower bound of start tick time (stable-fixes).
- alsa: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- alsa: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- alsa: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- alsa: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- alsa/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).
- arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- asoc: amd: acp: add a null check for chip_pdev structure (git-fixes).
- asoc: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- asoc: amd: Adjust error handling in case of absent codec device (git-fixes).
- asoc: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes).
- asoc: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- asoc: max98088: Check for clk_prepare_enable() error (git-fixes).
- asoc: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).
- asoc: rt715-sdca: volume step modification (stable-fixes).
- asoc: rt715: add vendor clear control register (stable-fixes).
- asoc: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- asoc: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- blk-cgroup: dropping parent refcount after pd_free_fn() is done (bsc#1224573).
- block, loop: support partitions without scanning (bsc#1227162).
- block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162).
- bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes).
- bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes).
- bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes).
- bpf: aggressively forget precise markings during state checkpointing (bsc#1225903).
- bpf: allow precision tracking for programs with subprogs (bsc#1225903).
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: clean up visit_insn()'s instruction processing (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: encapsulate precision backtracking bookkeeping (bsc#1225903).
- bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903).
- bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903).
- bpf: Fix memory leaks in __check_func_call (bsc#1225903).
- bpf: fix propagate_precision() logic for inner frames (bsc#1225903).
- bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903).
- bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903).
- bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903).
- bpf: improve precision backtrack logging (bsc#1225903).
- bpf: Improve verifier u32 scalar equality checking (bsc#1225903).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: maintain bitmasks across all active frames in __mark_chain_precision (bsc#1225903).
- bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: regsafe() must not skip check_ids() (bsc#1225903).
- bpf: reject non-exact register type matches in regsafe() (bsc#1225903).
- bpf: Remove unused insn_cnt argument from visit_[func_call_]insn() (bsc#1225903).
- bpf: reorganize struct bpf_reg_state fields (bsc#1225903).
- bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903).
- bpf: states_equal() must build idmap for all function frames (bsc#1225903).
- bpf: stop setting precise in current state (bsc#1225903).
- bpf: support precision propagation in the presence of subprogs (bsc#1225903).
- bpf: take into account liveness when propagating precision (bsc#1225903).
- bpf: teach refsafe() to take into account ID remapping (bsc#1225903).
- bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903).
- bpf: use check_ids() for active_lock comparison (bsc#1225903).
- bpf: Use scalar ids in mark_chain_precision() (bsc#1225903).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162).
- btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).
- btrfs: harden identification of a stale device (bsc#1227162).
- btrfs: match stale devices by dev_t (bsc#1227162).
- btrfs: remove the cross file system checks from remap (bsc#1227157).
- btrfs: use dev_t to match device in device_matched (bsc#1227162).
- btrfs: validate device maj:min during open (bsc#1227162).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- check-for-config-changes: ignore also GCC_ASM_GOTO_OUTPUT_BROKEN .
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location() (git-fixes).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: Fix formatting of literal sections in fanotify docs (stable-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- exfat: check if cluster num is valid (git-fixes).
- exfat: simplify is_valid_cluster() (git-fixes).
- filelock: add a new locks_inode_context accessor function (git-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- fs: allow cross-vfsmount reflink/dedupe (bsc#1227157).
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: verify {g,u}id mount options correctly (bsc#1228191).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- hid: Add quirk for Logitech Casa touchpad (stable-fixes).
- hid: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- hid: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- hid: wacom: Modify pen IDs (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: tegra: Fix failure during probe deferral cleanup (git-fixes)
- i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661)
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- input: qt1050 - handle CHIP_ID reading error (git-fixes).
- input: silead - Always support 10 fingers (stable-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- ionic: clean interrupt before enabling queue to avoid credit race (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kabi: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903).
- kabi: bpf: callback fixes kABI workaround (bsc#1225903).
- kabi: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903).
- kabi: bpf: tmp_str_buf kABI workaround (bsc#1225903).
- kabi: rtas: Workaround false positive due to lost definition (bsc#1227487).
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kabi/severities: Ignore tpm_tis_core_init (bsc#1082555).
- kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users.
- kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kernel-binary: vdso: Own module_dir
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- kernel/sched: Remove dl_boosted flag comment (git fixes (sched)).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobes: Make arch_check_ftrace_location static (git-fixes).
- kvm: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- kvm: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869).
- kvm: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869).
- kvm: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- kvm: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1194869).
- kvm: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST (bsc#1194869).
- kvm: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869).
- kvm: s390: fix LPSWEY handling (bsc#1227635 git-fixes).
- kvm: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes).
- kvm: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- kvm: x86: Add IBPB_BRTYPE support (bsc#1228079).
- kvm: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- kvm: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds (git-fixes).
- kvm: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes).
- kvm: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes).
- kvm: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- kvm: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes).
- kvm: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes).
- kvm: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- kvm: x86: Fix KVM_GET_MSRS stack info leak (git-fixes).
- kvm: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes).
- kvm: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes).
- kvm: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes).
- kvm: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190).
- lockd: set missing fl_flags field when retrieving args (git-fixes).
- lockd: use locks_inode_context helper (git-fixes).
- Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582)
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mkspec-dtb: add toplevel symlinks also on arm
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8690).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- net/mlx5e: Fix a race in command alloc flow (git-fixes).
- netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180).
- netfilter: conntrack: prepare tcp_in_window for ternary return value (bsc#1223180).
- netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180).
- netfilter: conntrack: work around exceeded receive window (bsc#1223180).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- nfs: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- nfs: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- nfs: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfs: Leave pages in the pagecache if readpage failed (git-fixes).
- nfsd enforce filehandle check for source file in COPY (git-fixes).
- nfsd: Add an nfsd_file_fsync tracepoint (git-fixes).
- nfsd: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-fixes).
- nfsd: Add errno mapping for EREMOTEIO (git-fixes).
- nfsd: Add nfsd_file_lru_dispose_list() helper (git-fixes).
- nfsd: add some comments to nfsd_file_do_acquire (git-fixes).
- nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes).
- nfsd: allow reaping files still under writeback (git-fixes).
- nfsd: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes).
- nfsd: Clean up nfsd_file_put() (git-fixes).
- nfsd: Clean up nfsd_open_verified() (git-fixes).
- nfsd: Clean up nfsd3_proc_create() (git-fixes).
- nfsd: Clean up unused code after rhashtable conversion (git-fixes).
- nfsd: Convert filecache to rhltable (git-fixes).
- nfsd: Convert the filecache to use rhashtable (git-fixes).
- nfsd: De-duplicate hash bucket indexing (git-fixes).
- nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-fixes).
- nfsd: do not fsync nfsd_files on last close (git-fixes).
- nfsd: do not hand out delegation on setuid files being opened for write (git-fixes).
- nfsd: do not kill nfsd_files because of lease break error (git-fixes).
- nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
- nfsd: do not take/put an extra reference when putting a file (git-fixes).
- nfsd: Ensure nf_inode is never dereferenced (git-fixes).
- nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes).
- nfsd: Fix licensing header in filecache.c (git-fixes).
- nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes).
- nfsd: fix nfsd_file_unhash_and_dispose (git-fixes).
- nfsd: Fix potential use-after-free in nfsd_file_put() (git-fixes).
- nfsd: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes).
- nfsd: Fix the filecache LRU shrinker (git-fixes).
- nfsd: fix up the filecache laundrette scheduling (git-fixes).
- nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes).
- nfsd: Flesh out a documenting comment for filecache.c (git-fixes).
- nfsd: handle errors better in write_ports_addfd() (git-fixes).
- nfsd: Instantiate a struct file when creating a regular NFSv4 file (git-fixes).
- nfsd: Leave open files out of the filecache LRU (git-fixes).
- nfsd: map EBADF (git-fixes).
- nfsd: Move nfsd_file_trace_alloc() tracepoint (git-fixes).
- nfsd: nfsd_file_hash_remove can compute hashval (git-fixes).
- nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes).
- nfsd: nfsd_file_put() can sleep (git-fixes).
- nfsd: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes).
- nfsd: No longer record nf_hashval in the trace log (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nfsd: Pass the target nfsd_file to nfsd_commit() (git-fixes).
- nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes).
- nfsd: Record number of flush calls (git-fixes).
- nfsd: Refactor __nfsd_file_close_inode() (git-fixes).
- nfsd: Refactor nfsd_create_setattr() (git-fixes).
- nfsd: Refactor nfsd_file_gc() (git-fixes).
- nfsd: Refactor nfsd_file_lru_scan() (git-fixes).
- nfsd: Refactor NFSv3 CREATE (git-fixes).
- nfsd: Refactor NFSv4 OPEN(CREATE) (git-fixes).
- nfsd: Remove do_nfsd_create() (git-fixes).
- nfsd: Remove lockdep assertion from unhash_and_release_locked() (git-fixes).
- nfsd: Remove nfsd_file::nf_hashval (git-fixes).
- nfsd: remove the pages_flushed statistic from filecache (git-fixes).
- nfsd: reorganize filecache.c (git-fixes).
- nfsd: Replace the 'init once' mechanism (git-fixes).
- nfsd: Report average age of filecache items (git-fixes).
- nfsd: Report count of calls to nfsd_file_acquire() (git-fixes).
- nfsd: Report count of freed filecache items (git-fixes).
- nfsd: Report filecache LRU size (git-fixes).
- nfsd: Report the number of items evicted by the LRU walk (git-fixes).
- nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes).
- nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes).
- nfsd: rework refcounting in filecache (git-fixes).
- nfsd: Separate tracepoints for acquire and create (git-fixes).
- nfsd: Set up an rhashtable for the filecache (git-fixes).
- nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes).
- nfsd: simplify per-net file cache management (git-fixes).
- nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes).
- nfsd: simplify the delayed disposal list code (git-fixes).
- nfsd: Trace filecache LRU activity (git-fixes).
- nfsd: Trace filecache opens (git-fixes).
- nfsd: update comment over __nfsd_file_cache_purge (git-fixes).
- nfsd: verify the opened dentry after setting a delegation (git-fixes).
- nfsd: WARN when freeing an item still linked via nf_lru (git-fixes).
- nfsd: Write verifier might go backwards (git-fixes).
- nfsd: Zero counters when the filecache is re-initialized (git-fixes).
- nfsv4: by default serialize open/close operations (bsc#1223863 bsc#1227362)
- nfsv4: Fixup smatch warning for ambiguous return (git-fixes).
- nilfs2: add missing check for inode numbers on directory entries (git-fixes).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes).
- nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes).
- nvme-auth: allow mixing of secret and hash lengths (git-fixes).
- nvme-auth: use transformed key size to create resp (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: ensure reset state check ordering (bsc#1215492).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme: use ctrl state accessor (bsc#1215492).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- pci: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes).
- pci: Clear Secondary Status errors after enumeration (bsc#1226928)
- pci: Extend ACS configurability (bsc#1228090).
- pci: Fix resource double counting on remove & rescan (git-fixes).
- pci: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- pci: Introduce cleanup helpers for device reference counts and locks (git-fixes).
- pci: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- pci: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- pci: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git- fixes).
- pci: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- pci: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- pci: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- pci/aspm: Update save_state when configuration changes (bsc#1226915)
- pci/dpc: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- pci/pm: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes).
- pci/pm: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: update rk3308 iomux routes (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121 ltc#207129).
- powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/rtas: clean up includes (bsc#1227487).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- pwm: stm32: Always do lazy disabling (git-fixes).
- random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
- ras/amd/atl: Fix MI300 bank hash (bsc#1225300).
- ras/amd/atl: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- rdma/cache: Release GID table even if leak is detected (git-fixes)
- rdma/device: Return error earlier if port in not valid (git-fixes)
- rdma/hns: Check atomic wr length (git-fixes)
- rdma/hns: Fix incorrect sge nums calculation (git-fixes)
- rdma/hns: Fix insufficient extend DB for VFs. (git-fixes)
- rdma/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- rdma/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- rdma/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- rdma/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- rdma/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- rdma/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- rdma/irdma: Drop unused kernel push code (git-fixes)
- rdma/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- rdma/mana_ib: Ignore optional access flags for MRs (git-fixes).
- rdma/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- rdma/mlx4: Fix truncated output warning in mad.c (git-fixes)
- rdma/mlx5: Add check for srq max_sge attribute (git-fixes)
- rdma/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- rdma/restrack: Fix potential invalid address access (git-fixes)
- rdma/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- Revert 'Add remote for nfs maintainer'
- Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783).
- Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783).
- Revert 'build initrd without systemd' (bsc#1195775)'.
- Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes).
- Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rpm/guards: fix precedence issue with control flow operator
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212)
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211)
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2.
- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- rtlwifi: rtl8192de: Style clean-ups (stable-fixes).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)).
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570).
- selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903).
- selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903).
- selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader (bsc#1225903).
- selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903).
- selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903).
- selftests/bpf: Check if mark_chain_precision() follows scalar ids (bsc#1225903).
- selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903).
- selftests/bpf: fix __retval() being always ignored (bsc#1225903).
- selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903).
- selftests/bpf: make test_align selftest more robust (bsc#1225903).
- selftests/bpf: populate map_array_ro map for verifier_array_access test (bsc#1225903).
- selftests/bpf: prog_tests entry point for migrated test_verifier tests (bsc#1225903).
- selftests/bpf: Report program name on parse_test_spec error (bsc#1225903).
- selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903).
- selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: Tests execution support for test_loader.c (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903).
- selftests/bpf: Verify copy_register_state() preserves parent/live fields (bsc#1225903).
- selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903).
- selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- smb: client: ensure to try all targets when finding nested links (bsc#1224020).
- smb: client: guarantee refcounted children from parent session (bsc#1224679.
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
- sunrpc: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- sunrpc: Fix gss_free_in_token_pages() (git-fixes).
- sunrpc: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- sunrpc: return proper error from gss_wrap_req_priv (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
- tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555).
- tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
- tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
- tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555).
- tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
- tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
- tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
- tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
- tpm, tpm: Implement usage counter for locality (bsc#1082555).
- tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
- tpm: Prevent hwrng from activating during resume (bsc#1082555).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330)
- tracing/osnoise: Add osnoise/options file (bsc#1228330)
- tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330)
- tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330)
- tracing/osnoise: Make osnoise_instances static (bsc#1228330)
- tracing/osnoise: Split workload start from the tracer start (bsc#1228330)
- tracing/osnoise: Support a list of trace_array *tr (bsc#1228330)
- tracing/osnoise: Use built-in RCU list checking (bsc#1228330)
- tracing/timerlat: Notify new max thread latency (bsc#1228330)
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes).
- usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config (git-fixes).
- usb: cdns3: fix iso transfer error when mult is not zero (git-fixes).
- usb: cdns3: improve handling of unaligned address case (git-fixes).
- usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes).
- usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-fixes).
- usb: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- usb: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes).
- usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes).
- usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes).
- usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).
- usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: serial: mos7840: fix crash on resume (git-fixes).
- usb: serial: option: add Fibocom FM350-GL (stable-fixes).
- usb: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
- usb: serial: option: add Rolling RW350-GL variants (stable-fixes).
- usb: serial: option: add support for Foxconn T99W651 (stable-fixes).
- usb: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- usb: serial: option: add Telit generic core-dump composition (stable-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (git-fixes).
- usb: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- usb: xhci-plat: Do not include xhci.h (git-fixes).
- usb: xhci-plat: fix legacy PHY double init (git-fixes).
- usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes).
- usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes).
- watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x.509: Fix the parser of extended key usage for length (bsc#1218820).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
- x86/bugs: Remove default case for fully switched enums (bsc#1227900).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/ibt,ftrace: Search for __fentry__ location (git-fixes).
- x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes).
- x86/mm: Fix enc_status_change_finish_noop() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900).
- x86/srso: Remove 'pred_cmd' label (bsc#1227900).
- x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226).
- xfs: make sure sb_fdblocks is non-negative (bsc#1225419).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Fix failure to detect ring expansion need (git-fixes).
- xhci: fix matching completion events with TDs (git-fixes).
- xhci: Fix transfer ring expansion size calculation (git-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes).
- xhci: restre deleted trb fields for tracing (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).
- xhci: update event ring dequeue pointer position to controller correctly (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 205734

File Name: suse_SU-2024-2939-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 8/17/2024

Updated: 8/17/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-42224

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_55_73-default, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-extra, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/16/2024

Vulnerability Publication Date: 3/7/2022

CISA Known Exploited Vulnerability Due Dates: 8/28/2024

Reference Information

CVE: CVE-2021-4439, CVE-2021-47086, CVE-2021-47089, CVE-2021-47103, CVE-2021-47186, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47546, CVE-2021-47547, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47588, CVE-2021-47589, CVE-2021-47590, CVE-2021-47591, CVE-2021-47592, CVE-2021-47593, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47598, CVE-2021-47599, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47606, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2021-47622, CVE-2021-47623, CVE-2021-47624, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2022-48773, CVE-2022-48774, CVE-2022-48775, CVE-2022-48776, CVE-2022-48777, CVE-2022-48778, CVE-2022-48780, CVE-2022-48783, CVE-2022-48784, CVE-2022-48785, CVE-2022-48786, CVE-2022-48787, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48791, CVE-2022-48792, CVE-2022-48793, CVE-2022-48794, CVE-2022-48796, CVE-2022-48797, CVE-2022-48798, CVE-2022-48799, CVE-2022-48800, CVE-2022-48801, CVE-2022-48802, CVE-2022-48803, CVE-2022-48804, CVE-2022-48805, CVE-2022-48806, CVE-2022-48807, CVE-2022-48809, CVE-2022-48810, CVE-2022-48811, CVE-2022-48812, CVE-2022-48813, CVE-2022-48814, CVE-2022-48815, CVE-2022-48816, CVE-2022-48817, CVE-2022-48818, CVE-2022-48820, CVE-2022-48821, CVE-2022-48822, CVE-2022-48823, CVE-2022-48824, CVE-2022-48825, CVE-2022-48826, CVE-2022-48827, CVE-2022-48828, CVE-2022-48829, CVE-2022-48830, CVE-2022-48831, CVE-2022-48834, CVE-2022-48835, CVE-2022-48836, CVE-2022-48837, CVE-2022-48838, CVE-2022-48839, CVE-2022-48840, CVE-2022-48841, CVE-2022-48842, CVE-2022-48843, CVE-2022-48844, CVE-2022-48846, CVE-2022-48847, CVE-2022-48849, CVE-2022-48850, CVE-2022-48851, CVE-2022-48852, CVE-2022-48853, CVE-2022-48855, CVE-2022-48856, CVE-2022-48857, CVE-2022-48858, CVE-2022-48859, CVE-2022-48860, CVE-2022-48861, CVE-2022-48862, CVE-2022-48863, CVE-2022-48864, CVE-2022-48866, CVE-2023-24023, CVE-2023-52435, CVE-2023-52573, CVE-2023-52580, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52751, CVE-2023-52752, CVE-2023-52762, CVE-2023-52766, CVE-2023-52775, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52812, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52857, CVE-2023-52863, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2023-52885, CVE-2023-52886, CVE-2024-25741, CVE-2024-26583, CVE-2024-26584, CVE-2024-26615, CVE-2024-26625, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26644, CVE-2024-26661, CVE-2024-26663, CVE-2024-26665, CVE-2024-26720, CVE-2024-26800, CVE-2024-26802, CVE-2024-26813, CVE-2024-26814, CVE-2024-26842, CVE-2024-26845, CVE-2024-26863, CVE-2024-26923, CVE-2024-26935, CVE-2024-26961, CVE-2024-26973, CVE-2024-26976, CVE-2024-27015, CVE-2024-27019, CVE-2024-27020, CVE-2024-27025, CVE-2024-27065, CVE-2024-27402, CVE-2024-27432, CVE-2024-27437, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35805, CVE-2024-35807, CVE-2024-35814, CVE-2024-35819, CVE-2024-35835, CVE-2024-35837, CVE-2024-35848, CVE-2024-35853, CVE-2024-35855, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35889, CVE-2024-35890, CVE-2024-35893, CVE-2024-35896, CVE-2024-35898, CVE-2024-35899, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35934, CVE-2024-35949, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35961, CVE-2024-35962, CVE-2024-35979, CVE-2024-35995, CVE-2024-35997, CVE-2024-36000, CVE-2024-36004, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36288, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36889, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36901, CVE-2024-36902, CVE-2024-36904, CVE-2024-36909, CVE-2024-36910, CVE-2024-36911, CVE-2024-36912, CVE-2024-36913, CVE-2024-36914, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36937, CVE-2024-36939, CVE-2024-36940, CVE-2024-36945, CVE-2024-36946, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36974, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38558, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38570, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38586, CVE-2024-38587, CVE-2024-38588, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38598, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38628, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39276, CVE-2024-39301, CVE-2024-39371, CVE-2024-39463, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471, CVE-2024-39472, CVE-2024-39475, CVE-2024-39482, CVE-2024-39487, CVE-2024-39488, CVE-2024-39490, CVE-2024-39493, CVE-2024-39494, CVE-2024-39497, CVE-2024-39499, CVE-2024-39500, CVE-2024-39501, CVE-2024-39502, CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39508, CVE-2024-39509, CVE-2024-40900, CVE-2024-40901, CVE-2024-40902, CVE-2024-40903, CVE-2024-40904, CVE-2024-40906, CVE-2024-40908, CVE-2024-40909, CVE-2024-40911, CVE-2024-40912, CVE-2024-40916, CVE-2024-40919, CVE-2024-40923, CVE-2024-40924, CVE-2024-40927, CVE-2024-40929, CVE-2024-40931, CVE-2024-40932, CVE-2024-40934, CVE-2024-40935, CVE-2024-40937, CVE-2024-40940, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945, CVE-2024-40953, CVE-2024-40954, CVE-2024-40956, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40966, CVE-2024-40967, CVE-2024-40970, CVE-2024-40972, CVE-2024-40976, CVE-2024-40977, CVE-2024-40981, CVE-2024-40982, CVE-2024-40984, CVE-2024-40987, CVE-2024-40988, CVE-2024-40989, CVE-2024-40990, CVE-2024-40994, CVE-2024-40998, CVE-2024-40999, CVE-2024-41002, CVE-2024-41004, CVE-2024-41006, CVE-2024-41009, CVE-2024-41011, CVE-2024-41012, CVE-2024-41013, CVE-2024-41014, CVE-2024-41015, CVE-2024-41016, CVE-2024-41017, CVE-2024-41040, CVE-2024-41041, CVE-2024-41044, CVE-2024-41048, CVE-2024-41057, CVE-2024-41058, CVE-2024-41059, CVE-2024-41063, CVE-2024-41064, CVE-2024-41066, CVE-2024-41069, CVE-2024-41070, CVE-2024-41071, CVE-2024-41072, CVE-2024-41076, CVE-2024-41078, CVE-2024-41081, CVE-2024-41087, CVE-2024-41090, CVE-2024-41091, CVE-2024-42070, CVE-2024-42079, CVE-2024-42093, CVE-2024-42096, CVE-2024-42105, CVE-2024-42122, CVE-2024-42124, CVE-2024-42145, CVE-2024-42161, CVE-2024-42224, CVE-2024-42230

SuSE: SUSE-SU-2024:2939-1

Detections

Analytics