SUSE-IU-2024:324-1: Security update of suse/sle-micro/rt-5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Apr 17 12:38:30 UTC 2024
SUSE Image Update Advisory: suse/sle-micro/rt-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:324-1
Image Tags : suse/sle-micro/rt-5.5:2.0.2 , suse/sle-micro/rt-5.5:2.0.2-3.2.86 , suse/sle-micro/rt-5.5:latest
Image Release : 3.2.86
Severity : important
Type : security
References : 1065729 1107342 1108281 1141539 1144060 1174649 1176006 1181674
1188307 1190495 1190495 1193285 1194869 1194869 1200731 1203823
1205502 1206453 1206627 1207987 1209412 1209834 1210443 1210507
1210959 1211515 1211886 1212091 1213189 1213418 1213456 1214377
1214806 1214934 1215275 1215377 1215434 1215885 1216198 1216441
1216559 1216702 1216752 1216776 1217083 1217445 1217450 1217589
1217667 1217895 1217927 1217964 1217987 1217988 1217989 1218005
1218195 1218216 1218232 1218447 1218450 1218492 1218527 1218527
1218571 1218659 1218663 1218713 1218723 1218730 1218738 1218752
1218757 1218768 1218778 1218779 1218804 1218832 1218836 1218842
1218866 1218915 1218916 1218948 1218958 1218968 1218997 1219006
1219012 1219013 1219014 1219031 1219053 1219067 1219120 1219126
1219127 1219128 1219136 1219141 1219146 1219238 1219243 1219285
1219295 1219321 1219349 1219412 1219429 1219434 1219443 1219490
1219512 1219520 1219559 1219568 1219576 1219582 1219653 1219767
1219827 1219835 1219839 1219840 1219841 1219934 1219975 1220003
1220009 1220021 1220030 1220061 1220106 1220140 1220187 1220238
1220240 1220241 1220243 1220250 1220251 1220253 1220254 1220255
1220257 1220267 1220277 1220317 1220326 1220328 1220330 1220335
1220344 1220348 1220350 1220364 1220385 1220392 1220393 1220398
1220409 1220441 1220444 1220457 1220459 1220485 1220649 1220724
1220770 1220771 1220772 1220796 1220825 1221218 1221239 1221289
1221399 1221470 1221665 1221667 1221675 1221831 1222259 CVE-2019-25162
CVE-2021-33631 CVE-2021-46923 CVE-2021-46924 CVE-2021-46932 CVE-2023-28746
CVE-2023-29383 CVE-2023-45918 CVE-2023-4641 CVE-2023-46838 CVE-2023-47233
CVE-2023-4921 CVE-2023-51042 CVE-2023-51043 CVE-2023-51780 CVE-2023-51782
CVE-2023-5197 CVE-2023-52160 CVE-2023-52340 CVE-2023-52425 CVE-2023-52429
CVE-2023-52439 CVE-2023-52443 CVE-2023-52445 CVE-2023-52447 CVE-2023-52448
CVE-2023-52449 CVE-2023-52451 CVE-2023-52452 CVE-2023-52456 CVE-2023-52457
CVE-2023-52463 CVE-2023-52464 CVE-2023-52475 CVE-2023-52478 CVE-2023-5388
CVE-2023-6040 CVE-2023-6356 CVE-2023-6531 CVE-2023-6535 CVE-2023-6536
CVE-2023-6817 CVE-2023-6915 CVE-2023-7207 CVE-2024-0565 CVE-2024-0607
CVE-2024-0641 CVE-2024-0727 CVE-2024-0775 CVE-2024-1085 CVE-2024-1086
CVE-2024-1151 CVE-2024-2004 CVE-2024-23849 CVE-2024-23850 CVE-2024-23851
CVE-2024-2398 CVE-2024-25062 CVE-2024-25744 CVE-2024-26458 CVE-2024-26461
CVE-2024-26462 CVE-2024-26585 CVE-2024-26586 CVE-2024-26589 CVE-2024-26591
CVE-2024-26593 CVE-2024-26595 CVE-2024-26598 CVE-2024-26602 CVE-2024-26603
CVE-2024-26622 CVE-2024-28085 CVE-2024-28182 CVE-2024-28757
-----------------------------------------------------------------
The container suse/sle-micro/rt-5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:322-1
Released: Fri Feb 2 15:13:26 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1107342,1215434
This update for aaa_base fixes the following issues:
- Set JAVA_HOME correctly (bsc#1107342, bsc#1215434)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:469-1
Released: Wed Feb 14 13:19:31 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1065729,1108281,1141539,1174649,1181674,1193285,1194869,1209834,1210443,1211515,1212091,1214377,1215275,1215885,1216441,1216559,1216702,1217895,1217987,1217988,1217989,1218005,1218447,1218527,1218659,1218713,1218723,1218730,1218738,1218752,1218757,1218768,1218778,1218779,1218804,1218832,1218836,1218916,1218948,1218958,1218968,1218997,1219006,1219012,1219013,1219014,1219053,1219067,1219120,1219128,1219136,1219285,1219349,1219412,1219429,1219434,1219490,1219512,1219568,1219582,CVE-2021-33631,CVE-2023-46838,CVE-2023-47233,CVE-2023-4921,CVE-2023-51042,CVE-2023-51043,CVE-2023-51780,CVE-2023-51782,CVE-2023-6040,CVE-2023-6356,CVE-2023-6531,CVE-2023-6535,CVE-2023-6536,CVE-2023-6915,CVE-2024-0565,CVE-2024-0641,CVE-2024-0775,CVE-2024-1085,CVE-2024-1086
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219429).
- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
- CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
- CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275).
- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).
- CVE-2024-0641: Fixed a denial of service vulnerability in tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916).
- CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).
- CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).
- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
The following non-security bugs were fixed:
- Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
- ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
- ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
- ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (git-fixes).
- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377)
- ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes).
- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
- ACPI: video: check for error while searching for backlight device parent (git-fixes).
- ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-fixes).
- ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook (git-fixes).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (git-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes).
- ALSA: hda: Refer to correct stream index at loops (git-fixes).
- ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-fixes).
- ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes).
- ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
- ASoC: Intel: Skylake: mem leak in skl register function (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-fixes).
- ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes).
- ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
- ASoC: amd: Add check for acp config flags (bsc#1219136).
- ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
- ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
- ASoC: amd: Drop empty platform remove function (bsc#1219136).
- ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136).
- ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes).
- ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller (bsc#1219136).
- ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136).
- ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136).
- ASoC: amd: acp: Add kcontrols and widgets per-codec in common code (bsc#1219136).
- ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes).
- ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136).
- ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver (bsc#1219136).
- ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136).
- ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
- ASoC: amd: acp: Initialize list to store acp_stream during pcm_open (bsc#1219136).
- ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136).
- ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
- ASoC: amd: acp: Refactor dai format implementation (bsc#1219136).
- ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136).
- ASoC: amd: acp: add a label to make error path more clean (bsc#1219136).
- ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform (bsc#1219136).
- ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136).
- ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136).
- ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136).
- ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
- ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
- ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols (bsc#1219136).
- ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136).
- ASoC: amd: acp: move pdm macros to common header file (bsc#1219136).
- ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136).
- ASoC: amd: acp: rembrandt: Drop if blocks with always false condition (bsc#1219136).
- ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
- ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions (bsc#1219136).
- ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
- ASoC: amd: acp: store platform device reference created in pci probe call (bsc#1219136).
- ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
- ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136).
- ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
- ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
- ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
- ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
- ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136).
- ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136).
- ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
- ASoC: amd: add acp6.2 irq handler (bsc#1219136).
- ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
- ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver (bsc#1219136).
- ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136).
- ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136).
- ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136).
- ASoC: amd: fix ACP version typo mistake (bsc#1219136).
- ASoC: amd: fix spelling mistake: 'i.e' -> 'i.e.' (bsc#1219136).
- ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs() (bsc#1219136).
- ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136).
- ASoC: amd: ps: Update copyright notice (bsc#1219136).
- ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136).
- ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136).
- ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136).
- ASoC: amd: ps: move irq handler registration (bsc#1219136).
- ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136).
- ASoC: amd: ps: refactor platform device creation logic (bsc#1219136).
- ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136).
- ASoC: amd: ps: remove unused variable (bsc#1219136).
- ASoC: amd: ps: update dev index value in irq handler (bsc#1219136).
- ASoC: amd: ps: update macros with ps platform naming convention (bsc#1219136).
- ASoC: amd: ps: update the acp clock source (bsc#1219136).
- ASoC: amd: ps: use acp_lock to protect common registers in pdm driver (bsc#1219136).
- ASoC: amd: ps: use static function (bsc#1219136).
- ASoC: amd: renoir: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
- ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1219136).
- ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
- ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136).
- ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136).
- ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop 15-fb0xxx (8A3E) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22) (bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136).
- ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136).
- ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
- ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table (bsc#1219136).
- ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136).
- ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136).
- ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks (bsc#1219136).
- ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes).
- ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes).
- ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
- ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes).
- ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes).
- ASoC: cs43130: Fix the position of const qualifier (git-fixes).
- ASoC: da7219: Support low DC impedance headset (git-fixes).
- ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (git-fixes).
- ASoC: ops: add correct range check for limiting volume (git-fixes).
- ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes).
- ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes).
- ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
- ASoC: wm8974: Correct boost mixer inputs (git-fixes).
- Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes).
- Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
- Documentation: Begin a RAS section (jsc#PED-7622).
- EDAC/amd64: Add context struct (jsc#PED-7615).
- EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
- EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616).
- EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
- EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622).
- EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
- EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
- EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
- EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
- EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
- EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615).
- EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
- EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
- EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
- EDAC/amd64: Remove module version string (jsc#PED-7615).
- EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
- EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
- EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
- EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615).
- EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615).
- EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
- EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
- EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
- EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes).
- Fix crash in vmw_context_cotables_unref when 3d support is enabled (bsc#1218738)
- HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
- HID: wacom: Correct behavior when processing some confidence == false touches (git-fixes).
- IB/iser: Prevent invalidating wrong MR (git-fixes)
- Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes).
- Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - use ab83 as id when skipping the getid command (git-fixes).
- Input: bcm5974 - check endpoint type before starting traffic (git-fixes).
- Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
- Input: xpad - add Razer Wolverine V2 support (git-fixes).
- KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes).
- KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1218997).
- KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
- PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
- PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
- PCI: keystone: Fix race condition when initializing PHYs (git-fixes).
- PM: hibernate: Enforce ordering during image compression/decompression (git-fixes).
- RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
- RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes)
- RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
- RDMA/irdma: Add wait for suspend on SQD (git-fixes)
- RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
- RDMA/irdma: Do not modify to SQD on error (git-fixes)
- RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
- RDMA/irdma: Refactor error handling in create CQP (git-fixes)
- RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
- RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
- RDMA/rtrs-clt: Start hb after path_up (git-fixes)
- RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
- RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes)
- RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
- RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes)
- RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
- USB: xhci: workaround for grace period (git-fixes).
- Update config files: enable ASoC AMD PS drivers (bsc#1219136)
- Update patch reference for ax88179 fix (bsc#1218948)
- acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-fixes).
- aio: fix mremap after fork null-deref (git-fixes).
- apparmor: avoid crash when parsed profile name is empty (git-fixes).
- arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729)
- arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps PLACEHOLDER_4 for HAS_ECV.
- arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729)
- arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
- arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes)
- arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
- arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
- arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
- arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
- arm64: module: move find_section to header (jsc#PED-4729)
- arm64: vdso: Fix 'no previous prototype' warning (jsc#PED-4729)
- arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
- arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729)
- asix: Add check for usbnet_get_endpoints (git-fixes).
- attr: block mode changes of symlinks (git-fixes).
- badblocks: add helper routines for badblock ranges handling (bsc#1174649).
- badblocks: add more helper structure and routines in badblocks.h (bsc#1174649).
- badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649).
- badblocks: improve badblocks_check() for multiple ranges handling (bsc#1174649).
- badblocks: improve badblocks_clear() for multiple ranges handling (bsc#1174649).
- badblocks: improve badblocks_set() for multiple ranges handling (bsc#1174649).
- badblocks: switch to the improved badblock handling code (bsc#1174649).
- bpf: Limit the number of kprobes when attaching program to multiple kprobes (git-fixes).
- bus: mhi: host: Add alignment check for event ring read pointer (git-fixes).
- bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-fixes).
- bus: mhi: host: Drop chan lock before queuing buffers (git-fixes).
- ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
- clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes).
- clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes).
- clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
- clk: samsung: Fix kernel-doc comments (git-fixes).
- clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-fixes).
- clk: zynqmp: Add a check for NULL pointer (git-fixes).
- clk: zynqmp: make bestdiv unsigned (git-fixes).
- clocksource: Skip watchdog check for large watchdog intervals (git-fixes).
- clocksource: disable watchdog checks on TSC when TSC is watchdog (bsc#1215885).
- coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
- coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779)
- coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779)
- coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
- coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
- coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779)
- coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
- crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
- crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
- crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes).
- crypto: sahara - do not resize req->src when doing hash operations (git-fixes).
- crypto: sahara - fix ahash reqsize (git-fixes).
- crypto: sahara - fix ahash selftest failure (git-fixes).
- crypto: sahara - fix cbc selftest failure (git-fixes).
- crypto: sahara - fix processing hash requests with req->nbytes < sg->length (git-fixes).
- crypto: sahara - fix processing requests with cryptlen < sg->length (git-fixes).
- crypto: sahara - fix wait_for_completion_timeout() error handling (git-fixes).
- crypto: sahara - handle zero-length aes requests (git-fixes).
- crypto: sahara - improve error handling in sahara_sha_process() (git-fixes).
- crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
- crypto: scomp - fix req->dst buffer overflow (git-fixes).
- dma-debug: fix kernel-doc warnings (git-fixes).
- dmaengine: fix NULL pointer in channel unregistration function (git-fixes).
- dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes).
- dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes).
- dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
- doc/README.KSYMS: Add to repo.
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes).
- drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
- drivers: clk: zynqmp: update divider round rate logic (git-fixes).
- drm/amd/display: Fix tiled display misalignment (git-fixes).
- drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-fixes).
- drm/amd/display: add nv12 bounding box (git-fixes).
- drm/amd/display: get dprefclk ss info from integration info table (git-fixes).
- drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes).
- drm/amd/display: pbn_div need be updated for hotplug event (git-fixes).
- drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
- drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes).
- drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-fixes).
- drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
- drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (git-fixes).
- drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
- drm/amdgpu/pm: Fix the power source flag error (git-fixes).
- drm/amdgpu: Add NULL checks for function pointers (git-fixes).
- drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes).
- drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' (git-fixes).
- drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (git-fixes).
- drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
- drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-fixes).
- drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' (git-fixes).
- drm/amdgpu: Let KFD sync with VM fences (git-fixes).
- drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (git-fixes).
- drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-fixes).
- drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
- drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c (git-fixes).
- drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (git-fixes).
- drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-fixes).
- drm/amdkfd: Fix lock dependency warning (git-fixes).
- drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
- drm/amdkfd: Use resource_size() helper function (git-fixes).
- drm/amdkfd: fixes for HMM mem allocation (git-fixes).
- drm/bridge: Fix typo in post_disable() description (git-fixes).
- drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes).
- drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes).
- drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes).
- drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes).
- drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() (git-fixes).
- drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case (git-fixes).
- drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-fixes).
- drm/bridge: tc358767: Fix return value on error case (git-fixes).
- drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (git-fixes).
- drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
- drm/crtc: fix uninitialized variable use (git-fixes).
- drm/drv: propagate errors from drm_modeset_register_all() (git-fixes).
- drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-fixes).
- drm/exynos: fix a potential error pointer dereference (git-fixes).
- drm/exynos: fix a wrong error checking (git-fixes).
- drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes).
- drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-fixes).
- drm/framebuffer: Fix use of uninitialized variable (git-fixes).
- drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-fixes).
- drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() (git-fixes).
- drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
- drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
- drm/msm/dpu: fix writeback programming for YUV cases (git-fixes).
- drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality (git-fixes).
- drm/msm/dsi: Enable runtime PM (git-fixes).
- drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-fixes).
- drm/msm/mdp4: flush vblank event on disable (git-fixes).
- drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-fixes).
- drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes).
- drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes).
- drm/panel: nt35510: fix typo (git-fixes).
- drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-fixes).
- drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-fixes).
- drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes).
- drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-fixes).
- drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-fixes).
- drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-fixes).
- drm/radeon: check return value of radeon_ring_lock() (git-fixes).
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (git-fixes).
- drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
- drm/tidss: Fix atomic_flush check (git-fixes).
- drm/tidss: Fix dss reset (git-fixes).
- drm/tidss: Move reset to the end of dispc_init() (git-fixes).
- drm/tidss: Return error value from from softreset (git-fixes).
- drm/tilcdc: Fix irq free on unload (git-fixes).
- drm: Do not unref the same fb many times by mistake due to deadlock handling (git-fixes).
- drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-fixes).
- drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
- dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
- efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes).
- eventfd: prevent underflow for eventfd semaphores (git-fixes).
- exfat: fix reporting fs error when reading dir beyond EOF (git-fixes).
- exfat: support handle zero-size directory (git-fixes).
- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes).
- fbdev: Only disable sysfb on the primary device (bsc#1216441)
- fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an existing patch to fix bsc#1216441.
- fbdev: flush deferred IO before closing (git-fixes).
- fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes).
- fbdev: imxfb: fix left margin setting (git-fixes).
- fbdev: mmp: Fix typo and wording in code comment (git-fixes).
- firewire: core: correct documentation of fw_csr_string() kernel API (git-fixes).
- firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (git-fixes).
- firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes).
- fjes: fix memleaks in fjes_hw_setup (git-fixes).
- fs/mount_setattr: always cleanup mount_kattr (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes).
- fs: Move notify_change permission checks into may_setattr (git-fixes).
- fs: do not audit the capability check in simple_xattr_list() (git-fixes).
- fs: drop peer group ids under namespace lock (git-fixes).
- fs: indicate request originates from old mount API (git-fixes).
- fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
- gfs2: Always check inode size of inline inodes (git-fixes).
- gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
- gfs2: Disable page faults during lockless buffered reads (git-fixes).
- gfs2: Eliminate ip->i_gh (git-fixes).
- gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes).
- gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
- gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes).
- gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
- gfs2: Switch to wait_event in gfs2_logd (git-fixes).
- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
- gfs2: low-memory forced flush fixes (git-fixes).
- gfs2: release iopen glock early in evict (git-fixes).
- gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes).
- gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes).
- i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
- i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
- i2c: s3c24xx: fix transferring more than one message in polling mode (git-fixes).
- iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
- iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
- iio: adc: ad9467: do not ignore error codes (git-fixes).
- iio: adc: ad9467: fix reset gpio handling (git-fixes).
- ipmi: Use regspacings passed as a module parameter (git-fixes).
- kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
- kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
- kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol It's an internal function that shouldn't have been exported
- kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
- kernel-doc: handle a void function without producing a warning (git-fixes).
- kernel-source: Fix description typo
- kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-fixes).
- leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes).
- libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-fixes).
- md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
- media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
- media: dt-bindings: ov8856: decouple lanes and link frequency from driver (git-fixes).
- media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (git-fixes).
- media: imx355: Enable runtime PM before registering async sub-device (git-fixes).
- media: ov9734: Enable runtime PM before registering async sub-device (git-fixes).
- media: pvrusb2: fix use after free on context disconnection (git-fixes).
- media: rkisp1: Disable runtime PM in probe error path (git-fixes).
- media: rkisp1: Fix media device memory leak (git-fixes).
- media: rkisp1: Read the ID register at probe time instead of streamon (git-fixes).
- media: videobuf2-dma-sg: fix vmap callback (git-fixes).
- mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes).
- misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes).
- mkspec: Include constraints for both multibuild and plain package always There is no need to check for multibuild flag, the constraints can be always generated for both cases.
- mkspec: Use variant in constraints template Constraints are not applied consistently with kernel package variants. Add variant to the constraints template as appropriate, and expand it in mkspec.
- mm: fs: initialize fsdata passed to write_begin/write_end interface (git-fixes).
- mmc: core: Cancel delayed work before releasing host (git-fixes).
- modpost: move __attribute__((format(printf, 2, 3))) to modpost.h (git-fixes).
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes).
- mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-fixes).
- mtd: rawnand: pl353: Fix kernel doc (git-fixes).
- mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-fixes).
- mtd: rawnand: rockchip: Rename a structure (git-fixes).
- net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
- net: usb: ax88179_178a: Bind only to vendor-specific interface (bsc#1218948).
- net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948).
- net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
- net: usb: ax88179_178a: remove redundant init code (git-fixes).
- net: usb: ax88179_178a: restore state on resume (bsc#1218948).
- nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes).
- nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349).
- nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
- nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
- nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes).
- nsfs: add compat ioctl handler (git-fixes).
- nvme-loop: always quiesce and cancel commands before destroying admin q (bsc#1211515).
- nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
- nvme-pci: fix sleeping function called from interrupt context (git-fixes).
- nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-fixes).
- nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515).
- nvme: fix max_discard_sectors calculation (git-fixes).
- nvme: introduce helper function to get ctrl state (git-fixes).
- nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515).
- nvme: start keep-alive after admin queue setup (bsc#1211515).
- nvme: trace: avoid memcpy overflow warning (git-fixes).
- nvmet: re-fix tracing strncpy() warning (git-fixes).
- of: Fix double free in of_parse_phandle_with_args_map (git-fixes).
- of: unittest: Fix of_count_phandle_with_args() expected value message (git-fixes).
- parport: parport_serial: Add Brainboxes BAR details (git-fixes).
- parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes).
- perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958).
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (bsc#1218958).
- perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (bsc#1219512).
- phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes).
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes).
- pinctrl: intel: Revert 'Unexport intel_pinctrl_probe()' (git-fixes).
- platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
- platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
- platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
- platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
- platform/x86: ISST: Reduce noise for missing numa information in logs (bsc#1219285).
- platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620).
- power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes).
- power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes).
- powerpc/fadump: reset dump area size if fadump memory reserve fails (bsc#1194869).
- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
- powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
- powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869).
- powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
- powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
- powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1194869).
- powerpc/pseries: fix potential memory leak in init_cpu_associativity() (bsc#1194869).
- powerpc/xive: Fix endian conversion size (bsc#1194869).
- pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).
- pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes).
- pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes).
- pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
- pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes).
- pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-fixes).
- r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
- reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-fixes).
- ring-buffer/Documentation: Add documentation on buffer_percent file (git-fixes).
- ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (git-fixes).
- s390/dasd: fix double module refcount decrement (bsc#1141539).
- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1219006).
- s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012).
- s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (git-fixes bsc#1219014).
- s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (git-fixes bsc#1219013).
- s390/vfio-ap: unpin pages on gisc registration failure (git-fixes bsc#1218723).
- s390: vfio-ap: tighten the NIB validity check (git-fixes).
- sched/isolation: add cpu_is_isolated() API (bsc#1217895).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: core: Always send batch on reset or error handling command (git-fixes).
- scsi: fnic: Return error if vmalloc() failed (git-fixes).
- scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes).
- scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes).
- scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
- scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes).
- scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes).
- scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes).
- scsi: hisi_sas: Replace with standard error code return value (git-fixes).
- scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes).
- scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-fixes).
- scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (git-fixes).
- scsi: ibmvfc: Implement channel queue depth and event buffer accounting (bsc#1209834 ltc#202097).
- scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834 ltc#202097).
- scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).
- scsi: lpfc: Change VMID driver load time parameters to read only (bsc#1219582).
- scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes (bsc#1219582).
- scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC (bsc#1219582).
- scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
- scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
- scsi: mpt3sas: Fix an outdated comment (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: mpt3sas: Fix loop logic (bsc#1219067).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
- scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command (git-fixes).
- scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes).
- selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes).
- serial: 8250: omap: Do not skip resource freeing if pm_runtime_resume_and_get() failed (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: imx: Correct clock error message in function probe() (git-fixes).
- serial: imx: fix tx statemachine deadlock (git-fixes).
- serial: max310x: fail probe if clock crystal is unstable (git-fixes).
- serial: max310x: improve crystal stable clock detection (git-fixes).
- serial: max310x: set default value when reading clock ready bit (git-fixes).
- serial: sc16is7xx: add check for unsupported SPI modes during probe (git-fixes).
- serial: sc16is7xx: set safe default SPI clock frequency (git-fixes).
- serial: sccnxp: Improve error message if regulator_disable() fails (git-fixes).
- shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-fixes).
- software node: Let args be NULL in software_node_get_reference_args (git-fixes).
- spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes).
- swiotlb-xen: provide the 'max_mapping_size' method (git-fixes).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- trace,smp: Add tracepoints around remotelly called functions (bsc#1217895).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).
- tracing: Add size check when printing trace_marker output (git-fixes).
- tracing: Ensure visibility when inserting an element into tracing_map (git-fixes).
- tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes).
- tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (git-fixes).
- ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex (git-fixes).
- ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted (git-fixes).
- ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-fixes).
- uio: Fix use-after-free in uio_open (git-fixes).
- usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-fixes).
- usb: cdns3: fix uvc failure work since sg support enabled (git-fixes).
- usb: chipidea: wait controller resume finished for wakeup irq (git-fixes).
- usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes).
- usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes).
- usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: otg numberpad exception (bsc#1218527).
- usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: ucsi: Add missing ppm_lock (git-fixes).
- usb: ucsi_acpi: Fix command completion handling (git-fixes).
- usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-fixes).
- usr/Kconfig: fix typos of 'its' (git-fixes).
- vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
- vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes).
- virtio-mmio: fix memory leak of vm_dev (git-fixes).
- virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes).
- vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
- vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (git-fixes).
- watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
- watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes).
- watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (git-fixes).
- watchdog: set cdev owner before adding (git-fixes).
- wifi: ath11k: Defer on rproc_get failure (git-fixes).
- wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
- wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
- wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-fixes).
- wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes).
- wifi: libertas: stop selecting wext (git-fixes).
- wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes).
- wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-fixes).
- wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes).
- wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes).
- wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-fixes).
- wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-fixes).
- wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
- x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
- x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
- x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
- x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
- x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
- x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
- x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes).
- x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown() (git-fixes).
- x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
- x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
- xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes).
- xen/events: fix delayed eoi list handling (git-fixes).
- xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes).
- xhci: cleanup xhci_hub_control port references (git-fixes).
- xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes).
- xhci: track port suspend state correctly in unsuccessful resume cases (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:549-1
Released: Tue Feb 20 17:05:52 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1219243,CVE-2024-0727
This update for openssl-1_1 fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:555-1
Released: Tue Feb 20 17:22:17 2024
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1219576,CVE-2024-25062
This update for libxml2 fixes the following issues:
- CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:597-1
Released: Thu Feb 22 20:07:11 2024
Summary: Security update for mozilla-nss
Type: security
Severity: important
References: 1216198,CVE-2023-5388
This update for mozilla-nss fixes the following issues:
Update to NSS 3.90.2:
- CVE-2023-5388: Fixed timing attack against RSA decryption in TLS (bsc#1216198)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:614-1
Released: Mon Feb 26 11:31:18 2024
Summary: Recommended update for rpm
Type: recommended
Severity: important
References: 1216752
This update for rpm fixes the following issues:
- backport lua support for rpm.execute to ease migrating from SLE Micro 5.5 to 6.0 (bsc#1216752)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:615-1
Released: Mon Feb 26 11:32:32 2024
Summary: Recommended update for netcfg
Type: recommended
Severity: moderate
References: 1211886
This update for netcfg fixes the following issues:
- Add krb-prop entry (bsc#1211886)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:764-1
Released: Tue Mar 5 13:46:25 2024
Summary: Security update for wpa_supplicant
Type: security
Severity: important
References: 1219975,CVE-2023-52160
This update for wpa_supplicant fixes the following issues:
- CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:766-1
Released: Tue Mar 5 13:50:28 2024
Summary: Recommended update for libssh
Type: recommended
Severity: important
References: 1220385
This update for libssh fixes the following issues:
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:305-1
Released: Mon Mar 11 14:15:37 2024
Summary: Security update for cpio
Type: security
Severity: moderate
References: 1218571,1219238,CVE-2023-7207
This update for cpio fixes the following issues:
- Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:861-1
Released: Wed Mar 13 09:12:30 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1218232
This update for aaa_base fixes the following issues:
- Silence the output in the case of broken symlinks (bsc#1218232)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:870-1
Released: Wed Mar 13 13:05:14 2024
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1217445,1217589,1218866
This update for glibc fixes the following issues:
Security issues fixed:
- qsort: harden handling of degenerated / non transient compare function (bsc#1218866)
Other issues fixed:
- getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:903-1
Released: Fri Mar 15 06:57:36 2024
Summary: Recommended update for systemd-presets-common-SUSE
Type: recommended
Severity: moderate
References: 1200731
This update for systemd-presets-common-SUSE fixes the following issues:
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked (bsc#1200731)
- Support both the old and new service to avoid complex version interdependency
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:907-1
Released: Fri Mar 15 08:57:38 2024
Summary: Recommended update for audit
Type: recommended
Severity: moderate
References: 1215377
This update for audit fixes the following issue:
- Fix plugin termination when using systemd service units (bsc#1215377)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:910-1
Released: Fri Mar 15 13:42:59 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1194869,1206453,1209412,1213456,1216776,1217927,1218195,1218216,1218450,1218527,1218663,1218915,1219126,1219127,1219141,1219146,1219295,1219443,1219653,1219827,1219835,1219839,1219840,1219934,1220003,1220009,1220021,1220030,1220106,1220140,1220187,1220238,1220240,1220241,1220243,1220250,1220251,1220253,1220254,1220255,1220257,1220267,1220277,1220317,1220326,1220328,1220330,1220335,1220344,1220348,1220350,1220364,1220392,1220393,1220398,1220409,1220444,1220457,1220459,1220649,1220796,1220825,CVE-2019-25162,CVE-2021-46923,CVE-2021-46924,CVE-2021-46932,CVE-2023-28746,CVE-2023-5197,CVE-2023-52340,CVE-2023-52429,CVE-2023-52439,CVE-2023-52443,CVE-2023-52445,CVE-2023-52447,CVE-2023-52448,CVE-2023-52449,CVE-2023-52451,CVE-2023-52452,CVE-2023-52456,CVE-2023-52457,CVE-2023-52463,CVE-2023-52464,CVE-2023-52475,CVE-2023-52478,CVE-2023-6817,CVE-2024-0607,CVE-2024-1151,CVE-2024-23849,CVE-2024-23850,CVE-2024-23851,CVE-2024-25744,CVE-2024-26585,CVE-2024-26586,CVE-2024-26589,CVE-2024-2659
1,CVE-2024-26593,CVE-2024-26595,CVE-2024-26598,CVE-2024-26602,CVE-2024-26603,CVE-2024-26622
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
- CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
- CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
- CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
- CVE-2023-52340: Fixed ICMPv6 “Packet Too Big†packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
- CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
- CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
- CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
- CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
- CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
- CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
- CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
- CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
- CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
- CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
- CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
- CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
- CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
- CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
- CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2024-26586: Fixed stack corruption (bsc#1220243).
- CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
- CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
- CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
- CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
- CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
- CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
- CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).
The following non-security bugs were fixed:
- acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes).
- acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes).
- acpi: extlog: fix null pointer dereference check (git-fixes).
- acpi: resource: add asus model s5402za to quirks (git-fixes).
- acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes).
- acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes).
- acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes).
- acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes).
- acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes).
- acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes).
- add reference to recently released cve
- afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes).
- afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes).
- afs: hide silly-rename files from userspace (git-fixes).
- afs: increase buffer size in afs_update_volume_status() (git-fixes).
- ahci: asm1166: correct count of reported ports (git-fixes).
- alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes).
- alsa: firewire-lib: fix to check cycle continuity (git-fixes).
- alsa: hda/conexant: add quirk for sws js201d (git-fixes).
- alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
- alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes).
- alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes).
- alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes).
- alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes).
- alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes).
- alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes).
- alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes).
- alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes).
- alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes).
- alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes).
- alsa: usb-audio: check presence of valid altsetting control (git-fixes).
- alsa: usb-audio: ignore clock selector errors for single connection (git-fixes).
- alsa: usb-audio: more relaxed check of midi jack names (git-fixes).
- alsa: usb-audio: sort quirk table entries (git-fixes).
- arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443)
- arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443)
- arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
- arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround.
- arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break.
- arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break
- arm64: irq: set the correct node for shadow call stack (git-fixes)
- arm64: irq: set the correct node for vmap stack (git-fixes)
- arm64: rename arm64_workaround_2966298 (bsc#1219443)
- arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes)
- asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes).
- asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes).
- asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes).
- asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes).
- atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
- bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes).
- bluetooth: enforce validation on max value of connection interval (git-fixes).
- bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes).
- bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes).
- bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes).
- bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes).
- bluetooth: l2cap: fix possible multiple reject send (git-fixes).
- bluetooth: qca: fix wrong event type for patch config command (git-fixes).
- bpf: fix verification of indirect var-off stack access (git-fixes).
- bpf: guard stack limits against 32bit overflow (git-fixes).
- bpf: minor logging improvement (bsc#1220257).
- bus: moxtet: add spi device table (git-fixes).
- cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267).
- can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes).
- crypto: api - disallow identical driver names (git-fixes).
- crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes).
- crypto: octeontx2 - fix cptvf driver cleanup (git-fixes).
- crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
- dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes).
- dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes).
- dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
- dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
- dmaengine: ptdma: use consistent dma masks (git-fixes).
- dmaengine: shdma: increase size of 'dev_id' (git-fixes).
- dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes).
- driver core: fix device_link_flag_is_sync_state_only() (git-fixes).
- drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes).
- drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes).
- drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes).
- drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes).
- drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes).
- drm/amd/display: preserve original aspect ratio in create stream (git-fixes).
- drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes).
- drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
- drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes).
- drm/buddy: fix range bias (git-fixes).
- drm/crtc: fix uninitialized variable use even harder (git-fixes).
- drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes).
- drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes).
- drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes).
- drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes).
- drm/prime: support page array >= 4gb (git-fixes).
- drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes).
- drm/ttm: fix an invalid freeing on already freed page in error path (git-fixes).
- drop bcm5974 input patch causing a regression (bsc#1220030)
- efi/capsule-loader: fix incorrect allocation size (git-fixes).
- efi: do not add memblocks for soft-reserved memory (git-fixes).
- efi: runtime: fix potential overflow of soft-reserved region size (git-fixes).
- fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes).
- fbdev: savage: error out if pixclock equals zero (git-fixes).
- fbdev: sis: error out if pixclock equals zero (git-fixes).
- firewire: core: send bus reset promptly on gap count error (git-fixes).
- fs: dlm: fix build with config_ipv6 disabled (git-fixes).
- fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes).
- gpio: 74x164: enable output pins after registers are reset (git-fixes).
- gpio: fix resource unwinding order in error path (git-fixes).
- gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes).
- gpiolib: fix the error path order in gpiochip_add_data_with_key() (git-fixes).
- hid: apple: add 2021 magic keyboard fn key mapping (git-fixes).
- hid: apple: add support for the 2021 magic keyboard (git-fixes).
- hid: wacom: do not register input devices until after hid_hw_start (git-fixes).
- hid: wacom: generic: avoid reporting a serial of '0' to userspace (git-fixes).
- hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
- hwmon: (coretemp) enlarge per package core count limit (git-fixes).
- hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes).
- hwmon: (coretemp) fix out-of-bounds memory access (git-fixes).
- i2c: i801: fix block process call transactions (git-fixes).
- i2c: i801: remove i801_set_block_buffer_mode (git-fixes).
- i2c: imx: add timer for handling the stop condition (git-fixes).
- i2c: imx: when being a target, mark the last read as processed (git-fixes).
- i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes).
- ib/hfi1: fix a memleak in init_credit_return (git-fixes)
- ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes)
- iio: accel: bma400: fix a compilation problem (git-fixes).
- iio: adc: ad7091r: set alert bit in config register (git-fixes).
- iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
- iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git-fixes).
- iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes).
- input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes).
- input: xpad - add lenovo legion go controllers (git-fixes).
- irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes).
- jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes).
- jfs: fix array-index-out-of-bounds in dinewext (git-fixes).
- jfs: fix slab-out-of-bounds read in dtsearch (git-fixes).
- jfs: fix uaf in jfs_evict_inode (git-fixes).
- kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes).
- kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839).
- kvm: s390: fix setting of fpc register (git-fixes bsc#1220392).
- kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393).
- kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes).
- kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git-fixes).
- lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes).
- leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes).
- lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423).
- lib/stackdepot: add refcount for records (jsc-ped#7423).
- lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423).
- lib/stackdepot: move stack_record struct definition into the header (jsc-ped#7423).
- libsubcmd: fix memory leak in uniq() (git-fixes).
- media: ddbridge: fix an error code problem in ddb_probe (git-fixes).
- media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
- media: rc: bpf attach/detach requires write permission (git-fixes).
- media: rockchip: rga: fix swizzling for rgb formats (git-fixes).
- media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes).
- mfd: syscon: fix null pointer dereference in of_syscon_register() (git-fixes).
- mm,page_owner: display all stacks and their count (jsc-ped#7423).
- mm,page_owner: filter out stacks by a threshold (jsc-ped#7423).
- mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423).
- mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423).
- mm,page_owner: update documentation regarding page_owner_stacks (jsc-ped#7423).
- mm/hwpoison: fix unpoison_memory() (bsc#1218663).
- mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663).
- mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663).
- mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes).
- mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes).
- mmc: core: use mrq.sbc in close-ended ffu (git-fixes).
- mmc: mmc_spi: remove custom dma mapped buffers (git-fixes).
- mmc: sdhci-xenon: add timeout for phy init complete (git-fixes).
- mmc: sdhci-xenon: fix phy init clock stability (git-fixes).
- mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes).
- modpost: trim leading spaces when processing source files list (git-fixes).
- mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
- netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003).
- nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes).
- nilfs2: replace warn_ons for invalid dat metadata block requests (git-fixes).
- nouveau/svm: fix kvcalloc() argument order (git-fixes).
- nouveau: fix function cast warnings (git-fixes).
- ntfs: check overflow when iterating attr_records (git-fixes).
- ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
- nvme-fabrics: fix i/o connect error handling (git-fixes).
- nvme-host: fix the updating of the firmware version (git-fixes).
- pci/aer: decode requester id when no error info found (git-fixes).
- pci: add no pm reset quirk for nvidia spectrum devices (git-fixes).
- pci: add pci_header_type_mfd definition (bsc#1220021).
- pci: fix 64gt/s effective data rate calculation (git-fixes).
- pci: only override amd usb controller if required (git-fixes).
- pci: switchtec: fix stdev_release() crash after surprise hot remove (git-fixes).
- platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes).
- platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes).
- platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes).
- pm: core: remove unnecessary (void *) conversions (git-fixes).
- pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes).
- pnp: acpi: fix fortify warning (git-fixes).
- power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes).
- powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869).
- powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869).
- powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348).
- powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869).
- powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348).
- powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869).
- powerpc/watchpoints: annotate atomic context in more places (bsc#1194869).
- powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869).
- powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869).
- powerpc: do not include lppaca.h in paca.h (bsc#1194869).
- pstore/ram: fix crash when setting number of cpus to an odd number (git-fixes).
- ras/amd/atl: add mi300 row retirement support (jsc#ped-7618).
- ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes).
- ras: introduce a fru memory poison manager (jsc#ped-7618).
- rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes)
- rdma/bnxt_re: return error for srq resize (git-fixes)
- rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934).
- rdma/core: get ib width and speed from netdev (bsc#1219934).
- rdma/irdma: add ae for too many rnrs (git-fixes)
- rdma/irdma: fix kasan issue with tasklet (git-fixes)
- rdma/irdma: set the cq read threshold for gen 1 (git-fixes)
- rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes)
- rdma/qedr: fix qedr_create_user_qp error flow (git-fixes)
- rdma/srpt: fix function pointer cast warnings (git-fixes)
- rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes)
- refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277)
- regulator: core: only increment use_count when enable_count changes (git-fixes).
- regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes).
- revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes).
- revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes).
- revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes).
- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created.
- s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840).
- s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317).
- sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes).
- scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes).
- scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes).
- scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141).
- scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes).
- scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106).
- scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106).
- scsi: isci: fix an error code problem in isci_io_request_build() (git-fixes).
- scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021).
- scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021).
- scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021).
- scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021).
- scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021).
- scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021).
- scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021).
- scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021).
- scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021).
- scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021).
- scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021).
- scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021).
- scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021).
- scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021).
- scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021).
- scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021).
- scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021).
- scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021).
- scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021).
- scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes).
- scsi: revert 'scsi: fcoe: fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141).
- serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes).
- spi-mxs: fix chipselect glitch (git-fixes).
- spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git-fixes).
- spi: ppc4xx: drop write-only variable (git-fixes).
- spi: sh-msiof: avoid integer overflow in constants (git-fixes).
- staging: iio: ad5933: fix type mismatch regression (git-fixes).
- supported.conf: remove external flag from ibm supported modules. (bsc#1209412)
- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
- tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes).
- topology/sysfs: add format parameter to macro defining 'show' functions for proc (jsc#ped-7618).
- topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618).
- tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes).
- ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes).
- usb: cdns3: fix memory double free when handle zero packet (git-fixes).
- usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes).
- usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes).
- usb: cdns3: put the cdns set active part outside the spin lock (git-fixes).
- usb: cdns: readd old api (git-fixes).
- usb: cdnsp: blocked some cdns3 specific code (git-fixes).
- usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes).
- usb: dwc3: gadget: do not disconnect if not started (git-fixes).
- usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes).
- usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes).
- usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes).
- usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes).
- usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git-fixes).
- usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
- usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes).
- usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes).
- usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes).
- usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes).
- usb: gadget: f_hid: fix report descriptor allocation (git-fixes).
- usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes).
- usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes).
- usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes).
- usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git-fixes).
- usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes).
- usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes).
- usb: gadget: udc: handle gadget_connect failure during bind operation (git-fixes).
- usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527).
- usb: hub: replace hardcoded quirk value with bit() macro (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes).
- usb: roles: fix null pointer issue when put module's reference (git-fixes).
- usb: serial: cp210x: add id for imst im871a-usb (git-fixes).
- usb: serial: option: add fibocom fm101-gl variant (git-fixes).
- usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes).
- watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git-fixes).
- wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes).
- wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes).
- wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
- wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes).
- wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes).
- wifi: iwlwifi: fix some error codes (git-fixes).
- wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes).
- wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes).
- wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes).
- wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes).
- wifi: nl80211: reject iftype change with mesh id change (git-fixes).
- wifi: rt2x00: restart beacon queue when hardware reset (git-fixes).
- wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes).
- wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes).
- wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes).
- x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes).
- x86/bugs: add asm helpers for executing verw (git-fixes).
- x86/bugs: use alternative() instead of mds_user_clear static key (git-fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk.
- x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618).
- x86/entry_32: add verw just before userspace transition (git-fixes).
- x86/entry_64: add verw just before userspace transition (git-fixes).
- x86/mm: fix memory encryption features advertisement (bsc#1206453).
- xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes).
- xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released: Tue Mar 19 06:36:24 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1219321
This update for coreutils fixes the following issues:
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:980-1
Released: Mon Mar 25 06:18:28 2024
Summary: Recommended update for pam-config
Type: recommended
Severity: moderate
References: 1219767
This update for pam-config fixes the following issues:
- Fix pam_gnome_keyring module for AUTH (bsc#1219767)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:982-1
Released: Mon Mar 25 12:56:33 2024
Summary: Recommended update for systemd-rpm-macros
Type: recommended
Severity: moderate
References: 1217964
This update for systemd-rpm-macros fixes the following issue:
- Order packages that requires systemd after systemd-sysvcompat if needed. (bsc#1217964)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:997-1
Released: Tue Mar 26 11:03:37 2024
Summary: Security update for krb5
Type: security
Severity: important
References: 1220770,1220771,1220772,CVE-2024-26458,CVE-2024-26461,CVE-2024-26462
This update for krb5 fixes the following issues:
- CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770).
- CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771).
- CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1007-1
Released: Wed Mar 27 10:51:42 2024
Summary: Security update for shadow
Type: security
Severity: moderate
References: 1144060,1176006,1188307,1203823,1205502,1206627,1210507,1213189,1214806,CVE-2023-29383,CVE-2023-4641
This update for shadow fixes the following issues:
- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).
- CVE-2023-4641: Fixed possible password leak during passwd(1) change (bsc#1214806).
The following non-security bugs were fixed:
- bsc#1176006: Fix chage date miscalculation
- bsc#1188307: Fix passwd segfault
- bsc#1203823: Remove pam_keyinit from PAM config files
- bsc#1213189: Change lock mechanism to file locking to prevent
lock files after power interruptions
- bsc#1206627: Add --prefix support to passwd, chpasswd and chage
- bsc#1205502: useradd audit event user id field cannot be interpretedd
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1010-1
Released: Wed Mar 27 16:07:37 2024
Summary: Recommended update for perl-Bootloader
Type: recommended
Severity: important
References: 1218842,1221470
This update for perl-Bootloader fixes the following issues:
- Log grub2-install errors correctly (bsc#1221470)
- Update to version 0.947
- Support old grub versions that used /usr/lib (bsc#1218842)
- Create EFI boot fallback directory if necessary
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1015-1
Released: Thu Mar 28 06:08:11 2024
Summary: Recommended update for sed
Type: recommended
Severity: important
References: 1221218
This update for sed fixes the following issues:
- 'sed -i' now creates temporary files with correct umask (bsc#1221218)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1080-1
Released: Tue Apr 2 06:50:10 2024
Summary: Recommended update for xfsprogs-scrub
Type: recommended
Severity: low
References: 1190495
This update for xfsprogs-scrub fixes the following issues:
- Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 and SLE-15-SP4 (bsc#1190495)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1081-1
Released: Tue Apr 2 06:50:44 2024
Summary: Recommended update for dracut
Type: recommended
Severity: important
References: 1217083,1219841,1220485,1221675
This update for dracut fixes the following issues:
- Update to version 055+suse.382.g80b55af2:
* Fix regression with multiple `rd.break=` options (bsc#1221675)
* Do not call `strcmp` if the `value` argument is NULL (bsc#1219841)
* Correct shellcheck regression when parsing ccw args (bsc#1220485)
* Skip README for AMD microcode generation (bsc#1217083)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1091-1
Released: Tue Apr 2 12:18:46 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References:
This update for rpm fixes the following issues:
- Turn on IMA/EVM file signature support, move the imaevm code that needs the
libiamevm library into a plugin, and install this plugin as part of a new
'rpm-imaevmsign' subpackage (jsc#PED-7246).
- Backport signature reserved space handling from upstream.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released: Mon Apr 8 09:12:08 2024
Summary: Security update for expat
Type: security
Severity: important
References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1151-1
Released: Mon Apr 8 11:36:23 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1221665,1221667,CVE-2024-2004,CVE-2024-2398
This update for curl fixes the following issues:
- CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665)
- CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1167-1
Released: Mon Apr 8 15:11:11 2024
Summary: Security update for nghttp2
Type: security
Severity: important
References: 1221399,CVE-2024-28182
This update for nghttp2 fixes the following issues:
- CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1172-1
Released: Tue Apr 9 09:52:32 2024
Summary: Security update for util-linux
Type: security
Severity: important
References: 1207987,1221831,CVE-2024-28085
This update for util-linux fixes the following issues:
- CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1201-1
Released: Thu Apr 11 10:47:59 2024
Summary: Recommended update for xfsprogs-scrub and jctools
Type: recommended
Severity: low
References: 1190495,1213418
This update for xfsprogs-scrub fixes the following issues:
- Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 (bsc#1190495)
- Added missing jctools to Package Hub for SLE-15-SP5 (bsc#1213418)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1206-1
Released: Thu Apr 11 12:56:24 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References: 1222259
This update for rpm fixes the following issues:
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1231-1
Released: Thu Apr 11 15:20:40 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1220441
This update for glibc fixes the following issues:
- duplocale: protect use of global locale (bsc#1220441, BZ #23970)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released: Fri Apr 12 08:15:18 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Add support for -fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM. [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686. [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1272-1
Released: Fri Apr 12 16:24:28 2024
Summary: Recommended update for elemental-operator, elemental-operator-crds-helm, elemental-operator-helm, operator-image
Type: recommended
Severity: moderate
References:
This update for elemental-operator, elemental-operator-crds-helm, elemental-operator-helm, operator-image contains the following fixes:
- Update to version 1.4.3:
* registration: allow dots in machineInventory names
* registration: decouple replacing data-labels from sanitizing strings
* registration: move sanitize code in sanitizeString()
* V1.4.x fix channel synchronization (#683)
* linter: fix copyright dates
* Make linter happy
The following package changes have been done:
- glibc-2.31-150300.71.1 updated
- libuuid1-2.37.4-150500.9.6.1 updated
- libsmartcols1-2.37.4-150500.9.6.1 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libexpat1-2.4.4-150400.3.17.1 updated
- libblkid1-2.37.4-150500.9.6.1 updated
- libaudit1-3.0.6-150400.4.16.1 updated
- libxml2-2-2.10.3-150500.5.14.1 updated
- libopenssl1_1-1.1.1l-150500.17.25.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libfdisk1-2.37.4-150500.9.6.1 updated
- libmount1-2.37.4-150500.9.6.1 updated
- krb5-1.20.1-150500.3.6.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- login_defs-4.8.1-150500.3.3.1 updated
- cpio-2.13-150400.3.6.1 updated
- coreutils-8.32-150400.9.3.1 updated
- sed-4.4-150300.13.3.1 updated
- systemd-rpm-macros-15-150000.7.39.1 updated
- systemd-presets-common-SUSE-15-150500.20.6.1 updated
- perl-Bootloader-0.947-150400.3.12.1 updated
- netcfg-11.6-150000.3.6.1 updated
- rpm-4.14.3-150400.59.13.1 updated
- shadow-4.8.1-150500.3.3.1 updated
- pam-config-1.1-150200.3.6.1 updated
- util-linux-2.37.4-150500.9.6.1 updated
- aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 updated
- util-linux-systemd-2.37.4-150500.9.6.1 updated
- dracut-055+suse.382.g80b55af2-150500.3.18.1 updated
- libfreebl3-3.90.2-150400.3.39.1 updated
- libnghttp2-14-1.40.0-150200.17.1 updated
- libssh-config-0.9.8-150400.3.6.1 updated
- libssh4-0.9.8-150400.3.6.1 updated
- mozilla-nss-certs-3.90.2-150400.3.39.1 updated
- libcurl4-8.0.1-150400.5.44.1 updated
- mozilla-nss-3.90.2-150400.3.39.1 updated
- libsoftokn3-3.90.2-150400.3.39.1 updated
- wpa_supplicant-2.10-150500.3.3.1 updated
- elemental-register-1.4.3-150500.3.3.3 updated
- elemental-support-1.4.3-150500.3.3.3 updated
- glibc-locale-base-2.31-150300.71.1 updated
- xfsprogs-5.13.0-150400.3.7.1 updated
- kernel-rt-5.14.21-150500.13.38.1 updated
- container:suse-sle-micro-5.5-latest-2.0.2-4.2.70 updated
- cni-1.1.2-150500.3.2.1 removed
- gettext-runtime-0.20.2-1.43 removed
- gpg2-2.2.27-150300.3.8.1 removed
- hostname-3.16-2.22 removed
- iproute2-5.14-150400.1.8 removed
- libassuan0-2.5.5-150000.4.5.2 removed
- libcontainers-common-20230214-150500.4.6.1 removed
- libcontainers-sles-mounts-20230214-150500.4.6.1 removed
- libgpgme11-1.16.0-150400.1.80 removed
- libksba8-1.3.5-150000.4.6.1 removed
- libltdl7-2.4.6-3.4.1 removed
- libmnl0-1.0.4-1.25 removed
- libmspack0-0.6-3.14.1 removed
- libnpth0-1.5-2.11 removed
- libslirp0-4.7.0+44-150500.2.1 removed
- libtextstyle0-0.20.2-1.43 removed
- libusb-1_0-0-1.0.24-150400.3.3.1 removed
- libxslt1-1.1.34-150400.3.3.1 removed
- libxtables12-1.8.7-1.1 removed
- pinentry-1.1.0-4.3.1 removed
- runc-1.1.10-150000.55.1 removed
- slirp4netns-1.2.0-150500.1.1 removed
- system-user-nobody-20170617-150400.24.2.1 removed
- tar-1.34-150000.3.34.1 removed
- timezone-2023c-150000.75.23.1 removed
- which-2.21-2.20 removed
More information about the sle-container-updates
mailing list