SUSE-IU-2024:1759-1: Security update of suse/sle-micro/rt-5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Nov 14 08:03:27 UTC 2024
SUSE Image Update Advisory: suse/sle-micro/rt-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1759-1
Image Tags : suse/sle-micro/rt-5.5:2.0.4 , suse/sle-micro/rt-5.5:2.0.4-4.5.244 , suse/sle-micro/rt-5.5:latest
Image Release : 4.5.244
Severity : important
Type : security
References : 1054914 1065729 1194869 1204171 1205796 1206188 1206344 1209290
1210449 1210627 1213034 1216813 1218562 1223384 1223524 1223824
1225189 1225336 1225611 1225762 1226498 1226631 1226797 1227437
1227885 1228119 1228269 1228709 1228743 1228747 1229005 1229019
1229450 1229454 1229456 1229556 1229769 1229837 1229891 1230055
1230179 1230289 1230405 1230414 1230429 1230456 1230550 1230600
1230620 1230715 1230722 1230763 1230773 1230774 1230801 1230903
1230918 1231016 1231072 1231073 1231084 1231085 1231087 1231094
1231096 1231105 1231114 1231115 1231148 1231179 1231191 1231193
1231195 1231197 1231200 1231203 1231277 1231293 1231327 1231344
1231375 1231383 1231439 1231442 1231496 1231502 1231539 1231540
1231578 1231673 1231857 1231861 1231872 1231883 1231885 1231887
1231888 1231889 1231890 1231892 1231893 1231895 1231896 1231897
1231902 1231903 1231907 1231914 1231929 1231935 1231936 1231937
1231938 1231939 1231940 1231941 1231942 1231944 1231950 1231954
1231958 1231960 1231961 1231962 1231965 1231967 1231968 1231972
1231973 1231976 1231979 1231987 1231988 1231990 1231991 1231992
1231995 1231996 1231997 1231998 1232001 1232004 1232005 1232006
1232007 1232025 1232026 1232033 1232034 1232035 1232036 1232037
1232038 1232039 1232043 1232049 1232067 1232069 1232070 1232071
1232075 1232083 1232084 1232085 1232089 1232097 1232104 1232105
1232108 1232114 1232116 1232119 1232120 1232123 1232124 1232133
1232135 1232136 1232140 1232145 1232149 1232150 1232151 1232154
1232155 1232160 1232163 1232164 1232170 1232172 1232174 1232175
1232191 1232196 1232199 1232200 1232201 1232217 1232220 1232221
1232229 1232233 1232237 1232251 1232253 1232259 1232260 1232262
1232263 1232282 1232285 1232286 1232304 1232305 1232307 1232309
1232310 1232313 1232314 1232316 1232329 1232332 1232335 1232337
1232342 1232345 1232352 1232354 1232355 1232358 1232361 1232366
1232367 1232368 1232369 1232374 1232381 1232383 1232392 1232395
1232418 1232424 1232432 1232435 1232442 1232446 1232501 1232519
1232630 1232631 1232632 1232757 CVE-2021-47416 CVE-2021-47534
CVE-2022-3435 CVE-2022-45934 CVE-2022-48664 CVE-2022-48879 CVE-2022-48946
CVE-2022-48947 CVE-2022-48948 CVE-2022-48949 CVE-2022-48951 CVE-2022-48953
CVE-2022-48954 CVE-2022-48955 CVE-2022-48956 CVE-2022-48957 CVE-2022-48958
CVE-2022-48959 CVE-2022-48960 CVE-2022-48961 CVE-2022-48962 CVE-2022-48966
CVE-2022-48967 CVE-2022-48968 CVE-2022-48969 CVE-2022-48970 CVE-2022-48971
CVE-2022-48972 CVE-2022-48973 CVE-2022-48975 CVE-2022-48977 CVE-2022-48978
CVE-2022-48980 CVE-2022-48981 CVE-2022-48985 CVE-2022-48987 CVE-2022-48988
CVE-2022-48991 CVE-2022-48992 CVE-2022-48994 CVE-2022-48995 CVE-2022-48997
CVE-2022-48999 CVE-2022-49000 CVE-2022-49002 CVE-2022-49003 CVE-2022-49005
CVE-2022-49006 CVE-2022-49007 CVE-2022-49010 CVE-2022-49011 CVE-2022-49012
CVE-2022-49014 CVE-2022-49015 CVE-2022-49016 CVE-2022-49017 CVE-2022-49019
CVE-2022-49020 CVE-2022-49021 CVE-2022-49022 CVE-2022-49023 CVE-2022-49024
CVE-2022-49025 CVE-2022-49026 CVE-2022-49027 CVE-2022-49028 CVE-2022-49029
CVE-2022-49031 CVE-2022-49032 CVE-2023-2166 CVE-2023-28327 CVE-2023-52766
CVE-2023-52800 CVE-2023-52881 CVE-2023-52919 CVE-2023-6270 CVE-2024-27043
CVE-2024-36244 CVE-2024-36957 CVE-2024-39476 CVE-2024-40965 CVE-2024-42145
CVE-2024-42226 CVE-2024-42253 CVE-2024-44931 CVE-2024-44947 CVE-2024-44958
CVE-2024-45016 CVE-2024-45025 CVE-2024-46678 CVE-2024-46716 CVE-2024-46719
CVE-2024-46754 CVE-2024-46770 CVE-2024-46775 CVE-2024-46777 CVE-2024-46809
CVE-2024-46811 CVE-2024-46813 CVE-2024-46814 CVE-2024-46815 CVE-2024-46816
CVE-2024-46817 CVE-2024-46818 CVE-2024-46826 CVE-2024-46828 CVE-2024-46834
CVE-2024-46840 CVE-2024-46841 CVE-2024-46848 CVE-2024-46849 CVE-2024-46854
CVE-2024-46855 CVE-2024-46857 CVE-2024-47660 CVE-2024-47661 CVE-2024-47664
CVE-2024-47668 CVE-2024-47672 CVE-2024-47673 CVE-2024-47674 CVE-2024-47684
CVE-2024-47685 CVE-2024-47692 CVE-2024-47704 CVE-2024-47705 CVE-2024-47706
CVE-2024-47707 CVE-2024-47710 CVE-2024-47720 CVE-2024-47727 CVE-2024-47730
CVE-2024-47738 CVE-2024-47739 CVE-2024-47745 CVE-2024-47747 CVE-2024-47748
CVE-2024-49858 CVE-2024-49860 CVE-2024-49866 CVE-2024-49867 CVE-2024-49881
CVE-2024-49882 CVE-2024-49883 CVE-2024-49886 CVE-2024-49890 CVE-2024-49892
CVE-2024-49894 CVE-2024-49895 CVE-2024-49896 CVE-2024-49897 CVE-2024-49899
CVE-2024-49901 CVE-2024-49906 CVE-2024-49908 CVE-2024-49909 CVE-2024-49911
CVE-2024-49912 CVE-2024-49913 CVE-2024-49914 CVE-2024-49917 CVE-2024-49918
CVE-2024-49919 CVE-2024-49920 CVE-2024-49922 CVE-2024-49923 CVE-2024-49929
CVE-2024-49930 CVE-2024-49933 CVE-2024-49936 CVE-2024-49939 CVE-2024-49946
CVE-2024-49949 CVE-2024-49954 CVE-2024-49955 CVE-2024-49958 CVE-2024-49959
CVE-2024-49960 CVE-2024-49962 CVE-2024-49967 CVE-2024-49969 CVE-2024-49973
CVE-2024-49974 CVE-2024-49975 CVE-2024-49982 CVE-2024-49991 CVE-2024-49993
CVE-2024-49995 CVE-2024-49996 CVE-2024-50000 CVE-2024-50001 CVE-2024-50002
CVE-2024-50006 CVE-2024-50014 CVE-2024-50019 CVE-2024-50024 CVE-2024-50028
CVE-2024-50033 CVE-2024-50035 CVE-2024-50041 CVE-2024-50045 CVE-2024-50046
CVE-2024-50047 CVE-2024-50048 CVE-2024-50049 CVE-2024-50055 CVE-2024-50058
CVE-2024-50059 CVE-2024-50061 CVE-2024-50063 CVE-2024-50081
-----------------------------------------------------------------
The container suse/sle-micro/rt-5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3985-1
Released: Wed Nov 13 11:13:35 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1054914,1065729,1194869,1204171,1205796,1206188,1206344,1209290,1210449,1210627,1213034,1216813,1218562,1223384,1223524,1223824,1225189,1225336,1225611,1225762,1226498,1226631,1226797,1227437,1227885,1228119,1228269,1228709,1228743,1228747,1229005,1229019,1229450,1229454,1229456,1229556,1229769,1229837,1229891,1230055,1230179,1230289,1230405,1230414,1230429,1230456,1230550,1230600,1230620,1230715,1230722,1230763,1230773,1230774,1230801,1230903,1230918,1231016,1231072,1231073,1231084,1231085,1231087,1231094,1231096,1231105,1231114,1231115,1231148,1231179,1231191,1231193,1231195,1231197,1231200,1231203,1231277,1231293,1231327,1231344,1231375,1231383,1231439,1231442,1231496,1231502,1231539,1231540,1231578,1231673,1231857,1231861,1231872,1231883,1231885,1231887,1231888,1231889,1231890,1231892,1231893,1231895,1231896,1231897,1231902,1231903,1231907,1231914,1231929,1231935,1231936,1231937,1231938,1231939,1231940,1231941,1231942,1231944,1231950,1231954,1231958,1231960,1231961,1
231962,1231965,1231967,1231968,1231972,1231973,1231976,1231979,1231987,1231988,1231990,1231991,1231992,1231995,1231996,1231997,1231998,1232001,1232004,1232005,1232006,1232007,1232025,1232026,1232033,1232034,1232035,1232036,1232037,1232038,1232039,1232043,1232049,1232067,1232069,1232070,1232071,1232075,1232083,1232084,1232085,1232089,1232097,1232104,1232105,1232108,1232114,1232116,1232119,1232120,1232123,1232124,1232133,1232135,1232136,1232140,1232145,1232149,1232150,1232151,1232154,1232155,1232160,1232163,1232164,1232170,1232172,1232174,1232175,1232191,1232196,1232199,1232200,1232201,1232217,1232220,1232221,1232229,1232233,1232237,1232251,1232253,1232259,1232260,1232262,1232263,1232282,1232285,1232286,1232304,1232305,1232307,1232309,1232310,1232313,1232314,1232316,1232329,1232332,1232335,1232337,1232342,1232345,1232352,1232354,1232355,1232358,1232361,1232366,1232367,1232368,1232369,1232374,1232381,1232383,1232392,1232395,1232418,1232424,1232432,1232435,1232442,1232446,1232501,123251
9,1232630,1232631,1232632,1232757,CVE-2021-47416,CVE-2021-47534,CVE-2022-3435,CVE-2022-45934,CVE-2022-48664,CVE-2022-48879,CVE-2022-48946,CVE-2022-48947,CVE-2022-48948,CVE-2022-48949,CVE-2022-48951,CVE-2022-48953,CVE-2022-48954,CVE-2022-48955,CVE-2022-48956,CVE-2022-48957,CVE-2022-48958,CVE-2022-48959,CVE-2022-48960,CVE-2022-48961,CVE-2022-48962,CVE-2022-48966,CVE-2022-48967,CVE-2022-48968,CVE-2022-48969,CVE-2022-48970,CVE-2022-48971,CVE-2022-48972,CVE-2022-48973,CVE-2022-48975,CVE-2022-48977,CVE-2022-48978,CVE-2022-48980,CVE-2022-48981,CVE-2022-48985,CVE-2022-48987,CVE-2022-48988,CVE-2022-48991,CVE-2022-48992,CVE-2022-48994,CVE-2022-48995,CVE-2022-48997,CVE-2022-48999,CVE-2022-49000,CVE-2022-49002,CVE-2022-49003,CVE-2022-49005,CVE-2022-49006,CVE-2022-49007,CVE-2022-49010,CVE-2022-49011,CVE-2022-49012,CVE-2022-49014,CVE-2022-49015,CVE-2022-49016,CVE-2022-49017,CVE-2022-49019,CVE-2022-49020,CVE-2022-49021,CVE-2022-49022,CVE-2022-49023,CVE-2022-49024,CVE-2022-49025,CVE-2022-49026,CVE-
2022-49027,CVE-2022-49028,CVE-2022-49029,CVE-2022-49031,CVE-2022-49032,CVE-2023-2166,CVE-2023-28327,CVE-2023-52766,CVE-2023-52800,CVE-2023-52881,CVE-2023-52919,CVE-2023-6270,CVE-2024-27043,CVE-2024-36244,CVE-2024-36957,CVE-2024-39476,CVE-2024-40965,CVE-2024-42145,CVE-2024-42226,CVE-2024-42253,CVE-2024-44931,CVE-2024-44947,CVE-2024-44958,CVE-2024-45016,CVE-2024-45025,CVE-2024-46678,CVE-2024-46716,CVE-2024-46719,CVE-2024-46754,CVE-2024-46770,CVE-2024-46775,CVE-2024-46777,CVE-2024-46809,CVE-2024-46811,CVE-2024-46813,CVE-2024-46814,CVE-2024-46815,CVE-2024-46816,CVE-2024-46817,CVE-2024-46818,CVE-2024-46826,CVE-2024-46828,CVE-2024-46834,CVE-2024-46840,CVE-2024-46841,CVE-2024-46848,CVE-2024-46849,CVE-2024-46854,CVE-2024-46855,CVE-2024-46857,CVE-2024-47660,CVE-2024-47661,CVE-2024-47664,CVE-2024-47668,CVE-2024-47672,CVE-2024-47673,CVE-2024-47674,CVE-2024-47684,CVE-2024-47685,CVE-2024-47692,CVE-2024-47704,CVE-2024-47705,CVE-2024-47706,CVE-2024-47707,CVE-2024-47710,CVE-2024-47720,CVE-2024-4772
7,CVE-2024-47730,CVE-2024-47738,CVE-2024-47739,CVE-2024-47745,CVE-2024-47747,CVE-2024-47748,CVE-2024-49858,CVE-2024-49860,CVE-2024-49866,CVE-2024-49867,CVE-2024-49881,CVE-2024-49882,CVE-2024-49883,CVE-2024-49886,CVE-2024-49890,CVE-2024-49892,CVE-2024-49894,CVE-2024-49895,CVE-2024-49896,CVE-2024-49897,CVE-2024-49899,CVE-2024-49901,CVE-2024-49906,CVE-2024-49908,CVE-2024-49909,CVE-2024-49911,CVE-2024-49912,CVE-2024-49913,CVE-2024-49914,CVE-2024-49917,CVE-2024-49918,CVE-2024-49919,CVE-2024-49920,CVE-2024-49922,CVE-2024-49923,CVE-2024-49929,CVE-2024-49930,CVE-2024-49933,CVE-2024-49936,CVE-2024-49939,CVE-2024-49946,CVE-2024-49949,CVE-2024-49954,CVE-2024-49955,CVE-2024-49958,CVE-2024-49959,CVE-2024-49960,CVE-2024-49962,CVE-2024-49967,CVE-2024-49969,CVE-2024-49973,CVE-2024-49974,CVE-2024-49975,CVE-2024-49982,CVE-2024-49991,CVE-2024-49993,CVE-2024-49995,CVE-2024-49996,CVE-2024-50000,CVE-2024-50001,CVE-2024-50002,CVE-2024-50006,CVE-2024-50014,CVE-2024-50019,CVE-2024-50024,CVE-2024-50028,CVE-2
024-50033,CVE-2024-50035,CVE-2024-50041,CVE-2024-50045,CVE-2024-50046,CVE-2024-50047,CVE-2024-50048,CVE-2024-50049,CVE-2024-50055,CVE-2024-50058,CVE-2024-50059,CVE-2024-50061,CVE-2024-50063,CVE-2024-50081
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893).
- CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973).
- CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889).
- CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976).
- CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979).
- CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286).
- CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191).
- CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233).
- CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070).
- CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938).
- CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004).
- CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709).
- CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005).
- CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715).
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148).
- CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193).
- CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200).
- CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46828: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1231114).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072).
- CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502).
- CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540).
- CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043).
- CVE-2024-47727: x86/tdx: Fix 'in-kernel MMIO' check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174).
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
- CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253).
- CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260).
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (bsc#1232314).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49975: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1232104).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263).
- CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
The following non-security bugs were fixed:
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Call power_supply_changed() when adding hooks (bsc#1232154)
- ACPI: battery: Simplify battery hook locking (bsc#1232154)
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (git-fixes).
- ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda: Fix kctl->id initialization (git-fixes).
- ALSA: hda: cs35l41: fix module autoloading (git-fixes).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: intel: fix module autoloading (stable-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).
- ASoC: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes).
- ASoC: tda7419: fix module autoloading (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Drop HD-audio conexant patch that caused a regression on Thinkpad (bsc#1228269)
- Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342)
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: multitouch: Add support for GT7868Q (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: ads7846 - ratelimit the spi_sync error message (stable-fixes).
- Input: goodix - use the new soc_intel_is_byt() helper (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: Fix lockdep false negative during host resume (git-fixes).
- KVM: Grab a reference to KVM for VM and vCPU stats file descriptors (git-fixes).
- KVM: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes).
- KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (git-fixes).
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes).
- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes).
- KVM: Unconditionally get a ref to /dev/kvm module when creating a VM (git-fixes).
- KVM: Write the per-page 'segment' when clearing (part of) a guest page (git-fixes).
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes).
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes).
- KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes).
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes).
- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes).
- KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes).
- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes).
- KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes).
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes).
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes).
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes).
- KVM: eventfd: Fix false positive RCU usage warning (git-fixes).
- KVM: fix memoryleak in kvm_init() (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232631).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231277).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232630).
- KVM: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes).
- KVM: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k (git-fixes).
- KVM: x86: Use a stable condition around all VT-d PI paths (git-fixes).
- Makefile.compiler: replace cc-ifversion with compiler-specific macros (bsc#1230414 bsc#1229450).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache 'down' if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Remove unused abnormal interrupt of type RAS (git-fixes)
- RDMA/irdma: Fix misspelling of 'accept*' (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (stable-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (stable-fixes).
- USB: misc: yurex: fix race between read and write (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes).
- Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450).
- add bug reference for a mana change (bsc#1229769).
- add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036).
- afs: Revert 'afs: Hide silly-rename files from userspace' (git-fixes).
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- block: print symbolic error name instead of error code (bsc#1231872).
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (bsc#1230414 bsc#1229450).
- bpf: Allow helpers to accept pointers with a fixed size (git-fixes).
- bpf: Check for helper calls in check_subprogs() (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: Exclude Rust CUs with pahole (bsc#1230414 bsc#1229450).
- bus: integrator-lm: fix OF node leak in probe() (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231383).
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).
- clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885).
- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075)
- crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075)
- debugfs: fix automount d_fsdata usage (git-fixes).
- dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813).
- drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes).
- drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes).
- drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (stable-fixes).
- drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Check null pointers before using dc->clk_mgr (stable-fixes).
- drm/amd/display: Check stream before comparing them (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable-fixes).
- drm/amd/display: Fix index out of bounds in DCN30 color transformation (stable-fixes).
- drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (stable-fixes).
- drm/amd/display: Fix index out of bounds in degamma hardware format translation (stable-fixes).
- drm/amd/display: Fix system hang while resume with TBT monitor (stable-fixes).
- drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (stable-fixes).
- drm/amd/display: Initialize get_bytes_per_element's default to 1 (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: ensure the fw_info is not null before using it (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu: Replace one-element array with flexible-array member (stable-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable-fixes).
- drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes).
- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/printer: Allow NULL data in devcoredump printer (stable-fixes).
- drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/radeon: Replace one-element array with flexible-array member (stable-fixes).
- drm/radeon: properly handle vbios fake edid sizing (git-fixes).
- drm/rockchip: define gamma registers for RK3399 (stable-fixes).
- drm/rockchip: support gamma control on RK3399 (stable-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: komeda: Fix an issue related to normalized zpos (stable-fixes).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- erofs: avoid consecutive detection for Highmem memory (git-fixes).
- erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (git-fixes).
- erofs: fix pcluster use-after-free on UP platforms (git-fixes).
- erofs: fix potential overflow calculating xattr_isize (git-fixes).
- erofs: stop parsing non-compact HEAD index if clusterofs is invalid (git-fixes).
- exportfs: use pr_debug for unreachable debug statements (git-fixes).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- fat: fix uninitialized variable (git-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to 'fgraph:online' (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).
- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes).
- fs/namespace: fnic: Switch to use %ptTd (git-fixes).
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).
- fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: imx-lpi2c: return -EINVAL when i2c peripheral clk does not work (bsc#1227885).
- i2c: imx-lpi2c: use bulk clk API (bsc#1227885).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: xiic: Fix RX IRQ busy check (stable-fixes).
- i2c: xiic: Fix broken locking on tx_msg (stable-fixes).
- i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i2c: xiic: Switch from waitqueue to completion (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: Use devm_clk_get_enabled() (stable-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path (git-fixes).
- ice: Unbind the workqueue (bsc#1231344).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813).
- ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes).
- kab: fix after net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes).
- kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes).
- kabi: fix after KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes).
- kabi: fix after kvm: add guest_state_{enter,exit}_irqoff() (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kvm/arm64: rework guest entry logic (git-fixes).
- kvm: Add support for arch compat vm ioctls (git-fixes).
- kvm: add guest_state_{enter,exit}_irqoff() (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797)
- net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: socket: suppress unused warning (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: usbnet: fix name regression (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (stable-fixes).
- nvme-multipath: system fails to create generic nvme device (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- parport: Proper fix for array out-of-bounds access (git-fixes).
- platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Consolidate and cache per-cpu patching context (bsc#1194869).
- powerpc/code-patching: Do not call is_vmalloc_or_module_addr() without CONFIG_MODULES (bsc#1194869).
- powerpc/code-patching: Fix error handling in do_patch_instruction() (bsc#1194869).
- powerpc/code-patching: Fix oops with DEBUG_VM enabled (bsc#1194869).
- powerpc/code-patching: Fix unmap_patch_area() error handling (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/code-patching: Pre-map patch area (bsc#1194869).
- powerpc/code-patching: Remove #ifdef CONFIG_STRICT_KERNEL_RWX (bsc#1194869).
- powerpc/code-patching: Remove pr_debug()/pr_devel() messages and fix check() (bsc#1194869).
- powerpc/code-patching: Reorganise do_patch_instruction() to ease error handling (bsc#1194869).
- powerpc/code-patching: Speed up page mapping/unmapping (bsc#1194869).
- powerpc/code-patching: Use WARN_ON and fix check in poking_init (bsc#1194869).
- powerpc/code-patching: Use jump_label to check if poking_init() is done (bsc#1194869).
- powerpc/code-patching: Use temporary mm for Radix MMU (bsc#1194869).
- powerpc/code-patching: introduce patch_instructions() (bsc#1194869).
- powerpc/ftrace: Use patch_instruction() return directly (bsc#1194869).
- powerpc/imc-pmu: Fix use of mutex in IRQs disabled section (bsc#1054914 git-fixes).
- powerpc/imc-pmu: Use the correct spinlock initializer (bsc#1054914 git-fixes).
- powerpc/inst: Refactor ___get_user_instr() (bsc#1194869).
- powerpc/lib: Add __init attribute to eligible functions (bsc#1194869).
- powerpc/tlb: Add local flush for page given mm_struct and psize (bsc#1194869).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Merge vdso64 and vdso32 into a single directory (bsc#1194869).
- powerpc/vdso: Rework VDSO32 makefile to add a prefix to object files (bsc#1194869).
- powerpc/vdso: augment VDSO32 functions to support 64 bits build (bsc#1194869).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- powerpc: Allow clearing and restoring registers independent of saved breakpoint state (bsc#1194869).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full (bsc#1231327)
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232632).
- sched/isolation: Prevent boot crash when the boot CPU is (bsc#1231327)
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (git-fixes).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- spi: bcm63xx: Enable module autoloading (stable-fixes).
- spi: bcm63xx: Fix module autoloading (git-fixes).
- spi: lpspi: Silence error message upon deferred probe (stable-fixes).
- spi: lpspi: Simplify some error message (git-fixes).
- spi: lpspi: release requested DMA channels (stable-fixes).
- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes).
- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes).
- static_call: Do not make __static_call_return0 static (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/uprobes: Use trace_event_buffer_reserve() helper (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: yurex: Fix inconsistent locking bug in yurex_read() (git-fixes).
- usb: yurex: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usbnet: ipheth: fix carrier detection in modes 1 and 4 (stable-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio-net: synchronize probe with ndo_set_features (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- virtio_net: fixing XDP for fully checksummed packets handling (git-fixes).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes).
- wifi: ath9k: fix parameter check in ath9k_init_debug() (stable-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes).
- wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- workqueue: Avoid using isolated cpus' timers on (bsc#1231327)
- workqueue: mark power efficient workqueue as unbounded if (bsc#1231327)
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405).
- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
The following package changes have been done:
- kernel-rt-5.14.21-150500.13.76.1 updated
More information about the sle-container-updates
mailing list