SUSE-IU-2024:1497-1: Security update of suse-sles-15-sp5-chost-byos-v20241011-x86_64-gen2
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Oct 14 07:01:40 UTC 2024
SUSE Image Update Advisory: suse-sles-15-sp5-chost-byos-v20241011-x86_64-gen2
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1497-1
Image Tags : suse-sles-15-sp5-chost-byos-v20241011-x86_64-gen2:20241011
Image Release :
Severity : important
Type : security
References : 1193629 1194111 1194765 1194869 1196261 1196516 1196894 1198017
1199769 1203329 1203330 1203360 1205462 1206006 1206258 1206843
1207158 1208783 1210644 1213580 1213632 1214285 1216223 1216834
1217761 1220382 1220428 1220877 1220962 1221269 1221326 1221610
1221630 1221645 1221650 1221765 1222335 1222350 1222372 1222387
1222629 1222634 1222808 1222967 1222973 1223074 1223191 1223508
1223600 1223720 1223742 1223777 1223803 1223807 1223848 1224085
1224105 1224415 1224496 1224510 1224542 1224578 1224639 1225162
1225352 1225428 1225524 1225578 1225582 1225773 1225814 1225827
1225832 1225903 1225903 1226003 1226168 1226530 1226606 1226613
1226662 1226666 1226742 1226765 1226798 1226801 1226846 1226860
1226874 1226875 1226885 1226915 1227079 1227216 1227233 1227378
1227487 1227623 1227726 1227761 1227807 1227819 1227830 1227832
1227863 1227867 1227890 1227929 1227937 1227958 1227999 1228020
1228065 1228114 1228410 1228426 1228427 1228429 1228446 1228447
1228449 1228450 1228452 1228456 1228463 1228466 1228467 1228469
1228480 1228481 1228482 1228483 1228484 1228485 1228487 1228489
1228491 1228493 1228494 1228495 1228496 1228501 1228503 1228507
1228509 1228513 1228515 1228516 1228526 1228531 1228563 1228564
1228567 1228576 1228576 1228579 1228584 1228588 1228590 1228615
1228616 1228620 1228635 1228636 1228647 1228654 1228656 1228658
1228660 1228661 1228662 1228667 1228673 1228677 1228687 1228706
1228708 1228710 1228718 1228720 1228721 1228722 1228724 1228726
1228727 1228733 1228748 1228766 1228771 1228779 1228780 1228801
1228850 1228857 1228866 1228959 1228964 1228966 1228967 1228979
1228988 1228989 1228991 1228992 1229014 1229028 1229031 1229034
1229042 1229054 1229086 1229086 1229136 1229154 1229156 1229187
1229188 1229190 1229287 1229289 1229290 1229292 1229296 1229297
1229301 1229303 1229304 1229305 1229307 1229309 1229312 1229314
1229315 1229317 1229318 1229319 1229327 1229334 1229341 1229345
1229346 1229347 1229349 1229350 1229351 1229354 1229356 1229357
1229358 1229359 1229360 1229362 1229363 1229364 1229366 1229370
1229373 1229374 1229381 1229382 1229383 1229386 1229388 1229391
1229392 1229394 1229395 1229398 1229399 1229400 1229407 1229409
1229410 1229411 1229413 1229414 1229417 1229418 1229429 1229444
1229453 1229453 1229454 1229476 1229481 1229482 1229488 1229489
1229490 1229493 1229495 1229497 1229500 1229503 1229506 1229507
1229508 1229509 1229510 1229512 1229516 1229521 1229522 1229523
1229524 1229525 1229526 1229527 1229528 1229529 1229531 1229533
1229535 1229536 1229537 1229540 1229544 1229545 1229546 1229547
1229548 1229554 1229555 1229557 1229558 1229559 1229560 1229562
1229564 1229565 1229566 1229568 1229569 1229572 1229572 1229573
1229573 1229576 1229581 1229585 1229588 1229596 1229598 1229603
1229604 1229605 1229607 1229608 1229611 1229612 1229613 1229614
1229615 1229616 1229617 1229619 1229620 1229622 1229623 1229624
1229625 1229626 1229628 1229629 1229630 1229631 1229632 1229633
1229635 1229636 1229637 1229638 1229639 1229641 1229642 1229643
1229645 1229657 1229658 1229662 1229662 1229664 1229707 1229739
1229743 1229746 1229753 1229754 1229755 1229756 1229759 1229761
1229764 1229767 1229768 1229781 1229784 1229787 1229788 1229789
1229790 1229792 1229810 1229820 1229830 1229899 1229928 1229947
1230015 1230110 1230129 1230130 1230145 1230170 1230171 1230174
1230175 1230176 1230178 1230180 1230185 1230192 1230193 1230194
1230200 1230204 1230209 1230211 1230212 1230217 1230224 1230227
1230229 1230230 1230233 1230244 1230245 1230247 1230248 1230267
1230269 1230330 1230339 1230340 1230366 1230392 1230398 1230413
1230431 1230433 1230434 1230440 1230442 1230444 1230450 1230451
1230454 1230506 1230507 1230511 1230515 1230516 1230517 1230524
1230533 1230535 1230549 1230556 1230582 1230589 1230591 1230592
1230699 1230700 1230701 1230702 1230703 1230705 1230706 1230707
1230709 1230710 1230711 1230712 1230719 1230724 1230725 1230730
1230731 1230732 1230733 1230747 1230748 1230751 1230752 1230756
1230761 1230766 1230767 1230768 1230771 1230772 1230776 1230783
1230786 1230791 1230794 1230796 1230802 1230806 1230808 1230810
1230812 1230813 1230814 1230815 1230821 1230825 1230830 1230840
1230894 1231013 1231017 1231116 1231120 1231146 1231180 1231181
1231229 CVE-2021-4204 CVE-2021-4441 CVE-2021-47106 CVE-2021-47517
CVE-2021-47546 CVE-2022-0500 CVE-2022-23222 CVE-2022-38457 CVE-2022-40133
CVE-2022-4382 CVE-2022-48645 CVE-2022-48706 CVE-2022-48808 CVE-2022-48865
CVE-2022-48868 CVE-2022-48869 CVE-2022-48870 CVE-2022-48871 CVE-2022-48872
CVE-2022-48873 CVE-2022-48875 CVE-2022-48878 CVE-2022-48880 CVE-2022-48881
CVE-2022-48882 CVE-2022-48883 CVE-2022-48884 CVE-2022-48885 CVE-2022-48886
CVE-2022-48887 CVE-2022-48888 CVE-2022-48889 CVE-2022-48890 CVE-2022-48891
CVE-2022-48893 CVE-2022-48896 CVE-2022-48898 CVE-2022-48899 CVE-2022-48901
CVE-2022-48903 CVE-2022-48904 CVE-2022-48905 CVE-2022-48906 CVE-2022-48907
CVE-2022-48909 CVE-2022-48910 CVE-2022-48911 CVE-2022-48912 CVE-2022-48913
CVE-2022-48914 CVE-2022-48915 CVE-2022-48916 CVE-2022-48917 CVE-2022-48918
CVE-2022-48919 CVE-2022-48920 CVE-2022-48921 CVE-2022-48923 CVE-2022-48923
CVE-2022-48924 CVE-2022-48925 CVE-2022-48926 CVE-2022-48927 CVE-2022-48928
CVE-2022-48929 CVE-2022-48930 CVE-2022-48931 CVE-2022-48932 CVE-2022-48934
CVE-2022-48935 CVE-2022-48937 CVE-2022-48938 CVE-2022-48939 CVE-2022-48940
CVE-2022-48941 CVE-2022-48942 CVE-2022-48943 CVE-2022-48944 CVE-2022-48945
CVE-2023-3610 CVE-2023-52458 CVE-2023-52489 CVE-2023-52498 CVE-2023-52581
CVE-2023-52610 CVE-2023-52859 CVE-2023-52887 CVE-2023-52889 CVE-2023-52893
CVE-2023-52894 CVE-2023-52896 CVE-2023-52898 CVE-2023-52899 CVE-2023-52900
CVE-2023-52901 CVE-2023-52904 CVE-2023-52905 CVE-2023-52906 CVE-2023-52907
CVE-2023-52908 CVE-2023-52909 CVE-2023-52910 CVE-2023-52911 CVE-2023-52912
CVE-2023-52913 CVE-2023-52916 CVE-2024-26631 CVE-2024-26640 CVE-2024-26668
CVE-2024-26669 CVE-2024-26677 CVE-2024-26735 CVE-2024-26759 CVE-2024-26767
CVE-2024-26804 CVE-2024-26808 CVE-2024-26812 CVE-2024-26835 CVE-2024-26837
CVE-2024-26851 CVE-2024-27010 CVE-2024-27011 CVE-2024-27016 CVE-2024-27024
CVE-2024-27079 CVE-2024-27403 CVE-2024-31076 CVE-2024-35897 CVE-2024-35902
CVE-2024-35945 CVE-2024-35971 CVE-2024-36009 CVE-2024-36013 CVE-2024-36270
CVE-2024-36286 CVE-2024-36489 CVE-2024-36929 CVE-2024-36933 CVE-2024-36936
CVE-2024-36962 CVE-2024-37353 CVE-2024-38538 CVE-2024-38554 CVE-2024-38596
CVE-2024-38602 CVE-2024-38632 CVE-2024-38662 CVE-2024-39489 CVE-2024-40905
CVE-2024-40910 CVE-2024-40973 CVE-2024-40978 CVE-2024-40980 CVE-2024-40983
CVE-2024-40995 CVE-2024-41000 CVE-2024-41007 CVE-2024-41009 CVE-2024-41011
CVE-2024-41016 CVE-2024-41020 CVE-2024-41022 CVE-2024-41035 CVE-2024-41036
CVE-2024-41038 CVE-2024-41039 CVE-2024-41042 CVE-2024-41045 CVE-2024-41056
CVE-2024-41060 CVE-2024-41062 CVE-2024-41062 CVE-2024-41065 CVE-2024-41068
CVE-2024-41073 CVE-2024-41079 CVE-2024-41080 CVE-2024-41082 CVE-2024-41087
CVE-2024-41088 CVE-2024-41089 CVE-2024-41092 CVE-2024-41093 CVE-2024-41095
CVE-2024-41097 CVE-2024-41098 CVE-2024-42069 CVE-2024-42074 CVE-2024-42076
CVE-2024-42077 CVE-2024-42080 CVE-2024-42082 CVE-2024-42085 CVE-2024-42086
CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42095
CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42104 CVE-2024-42106
CVE-2024-42107 CVE-2024-42110 CVE-2024-42114 CVE-2024-42115 CVE-2024-42119
CVE-2024-42120 CVE-2024-42121 CVE-2024-42126 CVE-2024-42127 CVE-2024-42130
CVE-2024-42137 CVE-2024-42139 CVE-2024-42142 CVE-2024-42143 CVE-2024-42148
CVE-2024-42152 CVE-2024-42154 CVE-2024-42155 CVE-2024-42156 CVE-2024-42157
CVE-2024-42158 CVE-2024-42162 CVE-2024-42223 CVE-2024-42225 CVE-2024-42228
CVE-2024-42229 CVE-2024-42230 CVE-2024-42232 CVE-2024-42236 CVE-2024-42237
CVE-2024-42238 CVE-2024-42239 CVE-2024-42240 CVE-2024-42244 CVE-2024-42246
CVE-2024-42247 CVE-2024-42259 CVE-2024-42265 CVE-2024-42268 CVE-2024-42271
CVE-2024-42274 CVE-2024-42276 CVE-2024-42277 CVE-2024-42280 CVE-2024-42281
CVE-2024-42283 CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287
CVE-2024-42288 CVE-2024-42289 CVE-2024-42291 CVE-2024-42292 CVE-2024-42295
CVE-2024-42301 CVE-2024-42302 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306
CVE-2024-42308 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312
CVE-2024-42313 CVE-2024-42315 CVE-2024-42318 CVE-2024-42319 CVE-2024-42320
CVE-2024-42322 CVE-2024-43816 CVE-2024-43818 CVE-2024-43819 CVE-2024-43821
CVE-2024-43823 CVE-2024-43828 CVE-2024-43829 CVE-2024-43830 CVE-2024-43831
CVE-2024-43834 CVE-2024-43835 CVE-2024-43837 CVE-2024-43839 CVE-2024-43841
CVE-2024-43842 CVE-2024-43846 CVE-2024-43849 CVE-2024-43853 CVE-2024-43854
CVE-2024-43856 CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863
CVE-2024-43866 CVE-2024-43867 CVE-2024-43871 CVE-2024-43872 CVE-2024-43873
CVE-2024-43879 CVE-2024-43880 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884
CVE-2024-43889 CVE-2024-43890 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894
CVE-2024-43895 CVE-2024-43898 CVE-2024-43899 CVE-2024-43900 CVE-2024-43902
CVE-2024-43903 CVE-2024-43904 CVE-2024-43905 CVE-2024-43907 CVE-2024-43908
CVE-2024-43909 CVE-2024-43912 CVE-2024-43914 CVE-2024-44935 CVE-2024-44938
CVE-2024-44939 CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948
CVE-2024-44950 CVE-2024-44952 CVE-2024-44954 CVE-2024-44967 CVE-2024-44969
CVE-2024-44970 CVE-2024-44971 CVE-2024-44972 CVE-2024-44977 CVE-2024-44982
CVE-2024-44986 CVE-2024-44987 CVE-2024-44988 CVE-2024-44989 CVE-2024-44990
CVE-2024-44998 CVE-2024-44999 CVE-2024-45000 CVE-2024-45001 CVE-2024-45003
CVE-2024-45006 CVE-2024-45007 CVE-2024-45008 CVE-2024-45011 CVE-2024-45013
CVE-2024-45015 CVE-2024-45018 CVE-2024-45020 CVE-2024-45021 CVE-2024-45026
CVE-2024-45028 CVE-2024-45029 CVE-2024-45817 CVE-2024-46673 CVE-2024-46674
CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685
CVE-2024-46686 CVE-2024-46689 CVE-2024-46694 CVE-2024-46702 CVE-2024-46707
CVE-2024-46714 CVE-2024-46715 CVE-2024-46717 CVE-2024-46720 CVE-2024-46721
CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725 CVE-2024-46726
CVE-2024-46727 CVE-2024-46728 CVE-2024-46730 CVE-2024-46731 CVE-2024-46732
CVE-2024-46737 CVE-2024-46738 CVE-2024-46739 CVE-2024-46743 CVE-2024-46744
CVE-2024-46745 CVE-2024-46746 CVE-2024-46747 CVE-2024-46750 CVE-2024-46751
CVE-2024-46752 CVE-2024-46753 CVE-2024-46755 CVE-2024-46756 CVE-2024-46758
CVE-2024-46759 CVE-2024-46761 CVE-2024-46771 CVE-2024-46772 CVE-2024-46773
CVE-2024-46774 CVE-2024-46778 CVE-2024-46780 CVE-2024-46781 CVE-2024-46783
CVE-2024-46784 CVE-2024-46786 CVE-2024-46787 CVE-2024-46791 CVE-2024-46794
CVE-2024-46798 CVE-2024-46822 CVE-2024-46830 CVE-2024-5642 CVE-2024-6232
CVE-2024-6923 CVE-2024-7592
-----------------------------------------------------------------
The container suse-sles-15-sp5-chost-byos-v20241011-x86_64-gen2 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3233-1
Released: Fri Sep 13 08:48:54 2024
Summary: Recommended update for grub2
Type: recommended
Severity: important
References: 1217761,1228866
This update for grub2 fixes the following issues:
- Support powerpc net boot installation when secure boot is enabled (bsc#1217761, bsc#1228866)
- Improved check for disk device when looking for PReP partition
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3237-1
Released: Fri Sep 13 11:49:56 2024
Summary: Recommended update for util-linux
Type: recommended
Severity: moderate
References: 1229476
This update for util-linux fixes the following issue:
- Skip aarch64 decode path for rest of the architectures (bsc#1229476).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3300-1
Released: Wed Sep 18 14:27:53 2024
Summary: Recommended update for ncurses
Type: recommended
Severity: moderate
References: 1229028
This update for ncurses fixes the following issues:
- Allow the terminal description based on static fallback entries to be freed (bsc#1229028)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3315-1
Released: Wed Sep 18 16:26:56 2024
Summary: Recommended update for cpupower
Type: recommended
Severity: moderate
References: 1221765
This update for cpupower fixes the following issue:
- Fix uncore frequency file string (bsc#1221765).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3328-1
Released: Thu Sep 19 09:37:09 2024
Summary: Recommended update for suseconnect-ng
Type: recommended
Severity: important
References: 1229014,1230229
This update for suseconnect-ng fixes the following issue:
- Set the filesystem root on zypper when given (bsc#1230229,bsc#1229014)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3420-1
Released: Tue Sep 24 16:13:23 2024
Summary: Recommended update for libzypp, zypper
Type: recommended
Severity: moderate
References: 1228647,1230267
This update for libzypp, zypper fixes the following issues:
- API refactoring. Prevent zypper from using now private libzypp symbols (bsc#1230267)
- single_rpmtrans: fix installation of .src.rpms (bsc#1228647)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3421-1
Released: Tue Sep 24 17:25:05 2024
Summary: Security update for xen
Type: security
Severity: moderate
References: 1230366,CVE-2024-45817
This update for xen fixes the following issues:
- CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3451-1
Released: Thu Sep 26 09:10:50 2024
Summary: Recommended update for pam-config
Type: recommended
Severity: moderate
References: 1227216
This update for pam-config fixes the following issues:
- Improved check for existence of modules (bsc#1227216)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3470-1
Released: Fri Sep 27 14:34:46 2024
Summary: Security update for python3
Type: security
Severity: important
References: 1227233,1227378,1227999,1228780,1229596,1230227,CVE-2024-5642,CVE-2024-6232,CVE-2024-6923,CVE-2024-7592
This update for python3 fixes the following issues:
- CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780).
- CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API (bsc#1227233).
- CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596).
- CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227)
Bug fixes:
- %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999).
- Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378).
- Remove %suse_update_desktop_file macro as it is not useful any more.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3477-1
Released: Fri Sep 27 15:22:22 2024
Summary: Recommended update for curl
Type: recommended
Severity: moderate
References: 1230516
This update for curl fixes the following issue:
- Make special characters in URL work with aws-sigv4 (bsc#1230516).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3483-1
Released: Fri Sep 27 17:11:54 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1193629,1194111,1194765,1194869,1196261,1196516,1196894,1198017,1203329,1203330,1203360,1205462,1206006,1206258,1206843,1207158,1208783,1210644,1213580,1213632,1214285,1216834,1220428,1220877,1220962,1221269,1221326,1221630,1221645,1222335,1222350,1222372,1222387,1222634,1222808,1222967,1223074,1223191,1223508,1223720,1223742,1223777,1223803,1223807,1224105,1224415,1224496,1224510,1224542,1224578,1224639,1225162,1225352,1225428,1225524,1225578,1225582,1225773,1225814,1225827,1225832,1225903,1226168,1226530,1226613,1226742,1226765,1226798,1226801,1226874,1226885,1227079,1227623,1227761,1227830,1227863,1227867,1227929,1227937,1227958,1228020,1228065,1228114,1228410,1228426,1228427,1228429,1228446,1228447,1228449,1228450,1228452,1228456,1228463,1228466,1228467,1228469,1228480,1228481,1228482,1228483,1228484,1228485,1228487,1228489,1228491,1228493,1228494,1228495,1228496,1228501,1228503,1228509,1228513,1228515,1228516,1228526,1228531,1228563,1228564,1228567,1228576,1228579,1
228584,1228588,1228590,1228615,1228616,1228635,1228636,1228654,1228656,1228658,1228660,1228662,1228667,1228673,1228677,1228687,1228706,1228708,1228710,1228718,1228720,1228721,1228722,1228724,1228726,1228727,1228733,1228748,1228766,1228779,1228801,1228850,1228857,1228959,1228964,1228966,1228967,1228979,1228988,1228989,1228991,1228992,1229042,1229054,1229086,1229136,1229154,1229187,1229188,1229190,1229287,1229290,1229292,1229296,1229297,1229301,1229303,1229304,1229305,1229307,1229309,1229312,1229314,1229315,1229317,1229318,1229319,1229327,1229341,1229345,1229346,1229347,1229349,1229350,1229351,1229354,1229356,1229357,1229358,1229359,1229360,1229366,1229370,1229373,1229374,1229381,1229382,1229383,1229386,1229388,1229391,1229392,1229395,1229398,1229399,1229400,1229407,1229409,1229410,1229411,1229413,1229414,1229417,1229418,1229444,1229453,1229454,1229481,1229482,1229488,1229489,1229490,1229493,1229495,1229497,1229500,1229503,1229506,1229507,1229508,1229509,1229510,1229512,1229516,122952
1,1229522,1229523,1229524,1229525,1229526,1229527,1229528,1229529,1229531,1229533,1229535,1229536,1229537,1229540,1229544,1229545,1229546,1229547,1229548,1229554,1229557,1229558,1229559,1229560,1229562,1229564,1229565,1229566,1229568,1229569,1229572,1229573,1229576,1229581,1229588,1229598,1229603,1229604,1229605,1229608,1229611,1229612,1229613,1229614,1229615,1229616,1229617,1229620,1229622,1229623,1229624,1229625,1229626,1229628,1229629,1229630,1229631,1229632,1229635,1229636,1229637,1229638,1229639,1229641,1229642,1229643,1229645,1229657,1229658,1229662,1229664,1229707,1229739,1229743,1229746,1229754,1229755,1229756,1229759,1229761,1229767,1229768,1229781,1229784,1229787,1229788,1229789,1229792,1229820,1230413,CVE-2021-4204,CVE-2021-4441,CVE-2021-47106,CVE-2021-47517,CVE-2021-47546,CVE-2022-0500,CVE-2022-23222,CVE-2022-38457,CVE-2022-40133,CVE-2022-4382,CVE-2022-48645,CVE-2022-48706,CVE-2022-48808,CVE-2022-48865,CVE-2022-48868,CVE-2022-48869,CVE-2022-48870,CVE-2022-48871,CVE-2022-
48872,CVE-2022-48873,CVE-2022-48875,CVE-2022-48878,CVE-2022-48880,CVE-2022-48881,CVE-2022-48882,CVE-2022-48883,CVE-2022-48884,CVE-2022-48885,CVE-2022-48886,CVE-2022-48887,CVE-2022-48888,CVE-2022-48889,CVE-2022-48890,CVE-2022-48891,CVE-2022-48893,CVE-2022-48896,CVE-2022-48898,CVE-2022-48899,CVE-2022-48903,CVE-2022-48904,CVE-2022-48905,CVE-2022-48906,CVE-2022-48907,CVE-2022-48909,CVE-2022-48910,CVE-2022-48912,CVE-2022-48913,CVE-2022-48914,CVE-2022-48915,CVE-2022-48916,CVE-2022-48917,CVE-2022-48918,CVE-2022-48919,CVE-2022-48920,CVE-2022-48921,CVE-2022-48923,CVE-2022-48924,CVE-2022-48925,CVE-2022-48926,CVE-2022-48927,CVE-2022-48928,CVE-2022-48929,CVE-2022-48930,CVE-2022-48931,CVE-2022-48932,CVE-2022-48934,CVE-2022-48937,CVE-2022-48938,CVE-2022-48939,CVE-2022-48940,CVE-2022-48941,CVE-2022-48942,CVE-2022-48943,CVE-2023-3610,CVE-2023-52458,CVE-2023-52489,CVE-2023-52498,CVE-2023-52581,CVE-2023-52859,CVE-2023-52887,CVE-2023-52889,CVE-2023-52893,CVE-2023-52894,CVE-2023-52896,CVE-2023-52898,CV
E-2023-52899,CVE-2023-52900,CVE-2023-52901,CVE-2023-52904,CVE-2023-52905,CVE-2023-52906,CVE-2023-52907,CVE-2023-52908,CVE-2023-52909,CVE-2023-52910,CVE-2023-52911,CVE-2023-52912,CVE-2023-52913,CVE-2024-26631,CVE-2024-26668,CVE-2024-26669,CVE-2024-26677,CVE-2024-26735,CVE-2024-26808,CVE-2024-26812,CVE-2024-26835,CVE-2024-26851,CVE-2024-27010,CVE-2024-27011,CVE-2024-27016,CVE-2024-27024,CVE-2024-27079,CVE-2024-27403,CVE-2024-31076,CVE-2024-35897,CVE-2024-35902,CVE-2024-35945,CVE-2024-35971,CVE-2024-36009,CVE-2024-36013,CVE-2024-36270,CVE-2024-36286,CVE-2024-36489,CVE-2024-36929,CVE-2024-36933,CVE-2024-36936,CVE-2024-36962,CVE-2024-38554,CVE-2024-38602,CVE-2024-38662,CVE-2024-39489,CVE-2024-40905,CVE-2024-40978,CVE-2024-40980,CVE-2024-40995,CVE-2024-41000,CVE-2024-41007,CVE-2024-41009,CVE-2024-41011,CVE-2024-41016,CVE-2024-41020,CVE-2024-41022,CVE-2024-41035,CVE-2024-41036,CVE-2024-41038,CVE-2024-41039,CVE-2024-41042,CVE-2024-41045,CVE-2024-41056,CVE-2024-41060,CVE-2024-41062,CVE-2024-
41065,CVE-2024-41068,CVE-2024-41073,CVE-2024-41079,CVE-2024-41080,CVE-2024-41087,CVE-2024-41088,CVE-2024-41089,CVE-2024-41092,CVE-2024-41093,CVE-2024-41095,CVE-2024-41097,CVE-2024-41098,CVE-2024-42069,CVE-2024-42074,CVE-2024-42076,CVE-2024-42077,CVE-2024-42080,CVE-2024-42082,CVE-2024-42085,CVE-2024-42086,CVE-2024-42087,CVE-2024-42089,CVE-2024-42090,CVE-2024-42092,CVE-2024-42095,CVE-2024-42097,CVE-2024-42098,CVE-2024-42101,CVE-2024-42104,CVE-2024-42106,CVE-2024-42107,CVE-2024-42110,CVE-2024-42114,CVE-2024-42115,CVE-2024-42119,CVE-2024-42120,CVE-2024-42121,CVE-2024-42126,CVE-2024-42127,CVE-2024-42130,CVE-2024-42137,CVE-2024-42139,CVE-2024-42142,CVE-2024-42143,CVE-2024-42148,CVE-2024-42152,CVE-2024-42155,CVE-2024-42156,CVE-2024-42157,CVE-2024-42158,CVE-2024-42162,CVE-2024-42223,CVE-2024-42225,CVE-2024-42228,CVE-2024-42229,CVE-2024-42230,CVE-2024-42232,CVE-2024-42236,CVE-2024-42237,CVE-2024-42238,CVE-2024-42239,CVE-2024-42240,CVE-2024-42244,CVE-2024-42246,CVE-2024-42247,CVE-2024-42268,C
VE-2024-42271,CVE-2024-42274,CVE-2024-42276,CVE-2024-42277,CVE-2024-42280,CVE-2024-42281,CVE-2024-42283,CVE-2024-42284,CVE-2024-42285,CVE-2024-42286,CVE-2024-42287,CVE-2024-42288,CVE-2024-42289,CVE-2024-42291,CVE-2024-42292,CVE-2024-42295,CVE-2024-42301,CVE-2024-42302,CVE-2024-42308,CVE-2024-42309,CVE-2024-42310,CVE-2024-42311,CVE-2024-42312,CVE-2024-42313,CVE-2024-42315,CVE-2024-42318,CVE-2024-42319,CVE-2024-42320,CVE-2024-42322,CVE-2024-43816,CVE-2024-43818,CVE-2024-43819,CVE-2024-43821,CVE-2024-43823,CVE-2024-43829,CVE-2024-43830,CVE-2024-43831,CVE-2024-43834,CVE-2024-43837,CVE-2024-43839,CVE-2024-43841,CVE-2024-43842,CVE-2024-43846,CVE-2024-43849,CVE-2024-43853,CVE-2024-43854,CVE-2024-43856,CVE-2024-43858,CVE-2024-43860,CVE-2024-43861,CVE-2024-43863,CVE-2024-43866,CVE-2024-43867,CVE-2024-43871,CVE-2024-43872,CVE-2024-43873,CVE-2024-43879,CVE-2024-43880,CVE-2024-43882,CVE-2024-43883,CVE-2024-43884,CVE-2024-43889,CVE-2024-43892,CVE-2024-43893,CVE-2024-43894,CVE-2024-43895,CVE-2024
-43899,CVE-2024-43900,CVE-2024-43902,CVE-2024-43903,CVE-2024-43904,CVE-2024-43905,CVE-2024-43907,CVE-2024-43908,CVE-2024-43909,CVE-2024-44938,CVE-2024-44939,CVE-2024-44947
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
- CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
- CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if-IP-has-been-disabled-on.patch (bsc#1226798)
- CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
- CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
- CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
- CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820).
- CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
- CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
- CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
- CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
- CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
- CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
- CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569).
- CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
- CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
- CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
- CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
- CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-27016: Validate pppoe header (bsc#1223807).
- CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
- CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
- CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
- CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number') (bsc#1222387)
- CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
- CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
- CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-42308: Update DRM patch reference (bsc#1229411)
- CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-26669: Fix chain template offload (bsc#1222350).
- CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
- CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
- CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
- CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
- CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
- CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
- CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
- CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
- CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
- CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
- CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
- CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
- CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42139: Fix improper extts handling (bsc#1228503).
- CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580).
- CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
- CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613).
- CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
- CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).
The following non-security bugs were fixed:
- Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- Indicate support for the Generic Event Device thru _OSC (git-fixes).
- Rework system-level device notification handling (git-fixes).
- Drop nocrt parameter (git-fixes).
- x86: s2 Post-increment variables when getting constraints (git-fixes).
- Do not cross .backup mountpoint from backup volume (git-fixes).
- Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- line6: Fix racy access to midibuf (stable-fixes).
- Relax start tick time check for slave timer elements (git-fixes).
- Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- Re-add ScratchAmp quirk entries (git-fixes).
- Support Yamaha P-125 quirk entry (stable-fixes).
- Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- arm64: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: Restore spec_bar() macro (git-fixes)
- arm64: Add missing .field_width for GIC system registers (git-fixes)
- arm64: Fix the visibility of compat hwcaps (git-fixes)
- arm64: Force HWCAP to be based on the sysreg visible to (git-fixes)
- arm64: Add Cortex-A720 definitions (git-fixes)
- arm64: Add Cortex-A725 definitions (git-fixes)
- arm64: Add Cortex-X1C definitions (git-fixes)
- arm64: Add Cortex-X3 definitions (git-fixes)
- arm64: Add Cortex-X4 definitions (git-fixes)
- arm64: Add Cortex-X925 definitions (git-fixes)
- arm64: Add Neoverse-V3 definitions (git-fixes)
- arm64: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: Expand speculative SSBS workaround (git-fixes)
- arm64: Unify speculative SSBS errata logic (git-fixes) Also update default configuration.
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- wcd938 Correct Soundwire ports mask (git-fixes).
- wsa881 Correct Soundwire ports mask (git-fixes).
- fix irq scheduling issue with PREEMPT_RT (git-fixes).
- Introduce async_schedule_dev_nocall() (bsc#1221269).
- Split async_schedule_node_domain() (bsc#1221269).
- Fix usage of __hci_cmd_sync_status (git-fixes).
- hci_ Fix not handling hibernation actions (git-fixes).
- l2 always unlock channel in l2cap_conless_channel() (git-fixes).
- L2 Fix deadlock (git-fixes).
- Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- remove unused declaring of bpf_kprobe_override (git-fixes).
- fix leak of qgroup extent records after transaction abort (git-fixes).
- make btrfs_destroy_delayed_refs() return void (git-fixes).
- remove unnecessary prototype declarations at disk-io.c (git-fixes).
- update fs features directory asynchronously (bsc#1226168).
- propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418).
- issue a cap release immediately if no cap exists (bsc#1225162).
- periodically flush the cap releases (bsc#1225162).
- Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- cpuidle, Evaluate LPI arch_flags for broadcast timer (git-fixes).
- Fix register ID of SPSR_FIQ (git-fixes).
- add missing MODULE_DESCRIPTION() macros (stable-fixes).
- Add labels for both Valve Steam Deck revisions (stable-fixes).
- Add quirk for Aya Neo KUN (stable-fixes).
- Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes).
- Add quirk for Nanote UMPC-01 (stable-fixes).
- Add quirk for OrangePi Neo (stable-fixes).
- drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes).
- Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes).
- avoid using null object of framebuffer (git-fixes).
- Fix && vs || typos (git-fixes).
- Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- Validate hw_points_num before using it (stable-fixes).
- Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- Actually check flags for all context ops (stable-fixes).
- Add lock around VF RLCG interface (stable-fixes).
- fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- Fix the null pointer dereference to ras_manager (stable-fixes).
- Validate TA binary size (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- Fix the null pointer dereference for smu7 (stable-fixes).
- Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- Fix the param type of set_power_profile_mode (stable-fixes).
- analogix_ properly handle zero sized AUX transactions (stable-fixes).
- tc358768: Attempt to fix DSI horizontal timings (stable-fixes).
- fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_ Skip CSN if topology probing is not done yet (stable-fixes).
- set gp bus_stop bit before hard reset (stable-fixes).
- reset the link phy params before link training (git-fixes).
- cleanup FB if dpu_format_populate_layout fails (git-fixes).
- do not play tricks with debug macros (git-fixes).
- Zero-initialize iosys_map (stable-fixes).
- fix inode->i_blocks for non-512 byte sector size device (git-fixes).
- fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- redefine DIR_DELETED as the bad cluster number (git-fixes).
- support dynamic allocate bh for exfat_entry_set_cache (git-fixes).
- fs/netfs/fscache_ add missing 'n_accesses' check (bsc#1229453).
- Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- Add might_sleep() to disable_irq() (git-fixes).
- Always limit the affinity to online CPUs (git-fixes).
- Do not return error on missing optional irq_request_resources() (git-fixes).
- Take the proposed affinity at face value if force==true (git-fixes).
- genirq/cpuhotplug, x86 Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_ Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
- Do not try to remove non-existing sysfs files (git-fixes).
- Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- Shutdown managed interrupts with unsatifiable affinities (git-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- i2 Improve handling of stuck alerts (git-fixes).
- i2 Send alert notifications to all devices if source not found (git-fixes).
- Convert comma to semicolon (git-fixes).
- ip6_ Fix broken GRO (bsc#1229444).
- ipv6: fix incorrect unregister order (git-fixes).
- Drop bogus fwspec-mapping error handling (git-fixes).
- Fix association race (git-fixes).
- Fix disassociation race (git-fixes).
- Fix domain registration race (git-fixes).
- Fix mapping-creation race (git-fixes).
- Fixed unbalanced fwnode get and put (git-fixes).
- Look for existing mapping only once (git-fixes).
- Refactor __irq_domain_alloc_irqs() (git-fixes).
- Report irq number for NOMAP domains (git-fixes).
- Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413).
- Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413).
- Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413).
- kernel/irq/irqdomain. fix memory leak with using debugfs_lookup() (git-fixes).
- Fix to check symbol prefixes correctly (git-fixes).
- move from strlcpy with unused retval to strscpy (git-fixes).
- protect concurrent access to mem_cgroup_idr (git-fixes).
- mm, fix infinite recursion due to RCU critical section (git-fixes).
- prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- dw_ allow biu and ciu clocks to defer (git-fixes).
- mmc_ Fix NULL dereference on allocation failure (git-fixes).
- ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes).
- ks8851: Fix deadlock with the SPI chip variant (git-fixes).
- ks8851: Fix potential TX stall after interface reopen (git-fixes).
- ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes).
- Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- remove two BUG() from skb_checksum_help() (bsc#1229312).
- qmi_ fix memory leak for not ip packets (git-fixes).
- fix possible cp null dereference (git-fixes).
- initialize noop_qdisc owner (git-fixes).
- pn533: Add poll mod list filling check (git-fixes).
- expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- make the rpc_stat per net namespace (git-fixes).
- add posix ACLs to struct nfsd_attrs (git-fixes).
- add security label to struct nfsd_attrs (git-fixes).
- fix regression with setting ACLs (git-fixes).
- Fix strncpy() fortify warning (git-fixes).
- Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes).
- introduce struct nfsd_attrs (git-fixes).
- move from strlcpy with unused retval to strscpy (git-fixes).
- Optimize DRC bucket pruning (git-fixes).
- return error if nfs4_setacl fails (git-fixes).
- set attributes when creating symlinks (git-fixes).
- use locks_inode_context helper (git-fixes).
- nilfs2: Remove check for PageError (git-fixes).
- nvme_ scan namespaces asynchronously (bsc#1224105).
- ocfs2: use coarse time for new created files (git-fixes).
- Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- platform/x86 Add support for ACPI based probing (jsc#PED-8779).
- platform/x86 Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86 Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86 Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86 Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86 Create static func to handle platdev (jsc#PED-8779).
- platform/x86 Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86 Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86 Move hsmp_test to probe (jsc#PED-8779).
- platform/x86 Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86 Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86 Restructure sysfs group creation (jsc#PED-8779).
- platform/x86 switch to use device_add_groups() (jsc#PED-8779).
- axp288_ Fix constant_charge_voltage writes (git-fixes).
- axp288_ Round constant_charge_voltage writes down (git-fixes).
- Fail build if using recordmcount with binutils v2.37 (bsc#1194869).
- Mark .opd section read-only (bsc#1194869).
- use generic version of arch_is_kernel_initmem_freed() (bsc#1194869).
- xor_ Add '-mhard-float' to CFLAGS (bsc#1194869).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec_ fix cpus node update to FDT (bsc#1194869).
- make the update_cpus_node() function public (bsc#1194869).
- split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- Whitelist dtl slub object for copying to userspace (bsc#1194869).
- Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869).
- RDMA/mana_ Use virtual address in dma regions for MRs (git-fixes).
- Fix incomplete state save in rxe_requester (git-fixes)
- Fix rxe_modify_srq (git-fixes)
- Handle zero length rdma (git-fixes)
- Move work queue code to subroutines (git-fixes)
- s390 get rid of register asm (git-fixes bsc#1227079 bsc#1229187).
- s390 Make use of invalid opcode produce a link error (git-fixes bsc#1227079).
- s390 Split and rework cpacf query functions (git-fixes bsc#1229187).
- s390 fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190).
- s390 fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573).
- s390 Prevent release of buffer in I/O (git-fixes bsc#1229572).
- s390 Panic for set and remove shared access UVC errors (git-fixes bsc#1229188).
- Fix scldiv calculation (git-fixes).
- add a struct rpc_stats arg to rpc_create_args (git-fixes).
- Fix a race to wake a sync task (git-fixes).
- fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- add check for crypto_shash_tfm_digest (git-fixes).
- dbg_orphan_ Fix missed key type checking (git-fixes).
- Fix adding orphan entry twice for the same inode (git-fixes).
- Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- fix potential memory leak in vfio_intx_enable() (git-fixes).
- fix wgds rev 3 exact size (git-fixes).
- duplicate static structs used in driver instances (git-fixes).
- x86 drop the duplicate APM_MINOR_DEV macro (git-fixes).
- x86 Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86 Fix pti_clone_entry_text() for i386 (git-fixes).
- x86 Check if fixed MTRRs exist before saving them (git-fixes).
- x86 Work around false positive kmemleak report in msr_build_context() (git-fixes).
- Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- Fix rpcrdma_reqs_reset() (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3487-1
Released: Fri Sep 27 19:56:02 2024
Summary: Recommended update for logrotate
Type: recommended
Severity: moderate
References:
This update for logrotate fixes the following issues:
- Backport 'ignoreduplicates' configuration flag (jsc#PED-10366)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3503-1
Released: Tue Oct 1 16:13:07 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1228661
This update for glibc fixes the following issue:
- fix memory malloc problem: Initiate tcache shutdown even
without allocations (bsc#1228661).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3521-1
Released: Fri Oct 4 09:29:43 2024
Summary: Recommended update for dracut
Type: recommended
Severity: moderate
References: 1230110,1230330
This update for dracut fixes the following issue:
- Version update, check for presence of legacy rules (bsc#1230330).
- Version update, handle all possible options in `rd.dasd` (bsc#1230110).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3527-1
Released: Fri Oct 4 15:27:07 2024
Summary: Recommended update for e2fsprogs
Type: recommended
Severity: moderate
References: 1230145
This update for e2fsprogs fixes the following issue:
- resize2fs: Check number of group descriptors only if meta_bg is disabled
(bsc#1230145).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3530-1
Released: Fri Oct 4 15:43:33 2024
Summary: Recommended update for libpcap
Type: recommended
Severity: moderate
References: 1230894
This update for libpcap fixes the following issue:
- enable rdma support (bsc#1230894).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3569-1
Released: Wed Oct 9 13:51:41 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1199769,1216223,1220382,1221610,1221650,1222629,1222973,1223600,1223848,1224085,1225903,1226003,1226606,1226662,1226666,1226846,1226860,1226875,1226915,1227487,1227726,1227819,1227832,1227890,1228507,1228576,1228620,1228771,1229031,1229034,1229086,1229156,1229289,1229334,1229362,1229363,1229364,1229394,1229429,1229453,1229572,1229573,1229585,1229607,1229619,1229633,1229662,1229753,1229764,1229790,1229810,1229830,1229899,1229928,1229947,1230015,1230129,1230130,1230170,1230171,1230174,1230175,1230176,1230178,1230180,1230185,1230192,1230193,1230194,1230200,1230204,1230209,1230211,1230212,1230217,1230224,1230230,1230233,1230244,1230245,1230247,1230248,1230269,1230339,1230340,1230392,1230398,1230431,1230433,1230434,1230440,1230442,1230444,1230450,1230451,1230454,1230506,1230507,1230511,1230515,1230517,1230524,1230533,1230535,1230549,1230556,1230582,1230589,1230591,1230592,1230699,1230700,1230701,1230702,1230703,1230705,1230706,1230707,1230709,1230710,1230711,1230712,1230719,1
230724,1230725,1230730,1230731,1230732,1230733,1230747,1230748,1230751,1230752,1230756,1230761,1230766,1230767,1230768,1230771,1230772,1230776,1230783,1230786,1230791,1230794,1230796,1230802,1230806,1230808,1230810,1230812,1230813,1230814,1230815,1230821,1230825,1230830,1231013,1231017,1231116,1231120,1231146,1231180,1231181,CVE-2022-48901,CVE-2022-48911,CVE-2022-48923,CVE-2022-48935,CVE-2022-48944,CVE-2022-48945,CVE-2023-52610,CVE-2023-52916,CVE-2024-26640,CVE-2024-26759,CVE-2024-26767,CVE-2024-26804,CVE-2024-26837,CVE-2024-37353,CVE-2024-38538,CVE-2024-38596,CVE-2024-38632,CVE-2024-40910,CVE-2024-40973,CVE-2024-40983,CVE-2024-41062,CVE-2024-41082,CVE-2024-42154,CVE-2024-42259,CVE-2024-42265,CVE-2024-42304,CVE-2024-42305,CVE-2024-42306,CVE-2024-43828,CVE-2024-43835,CVE-2024-43890,CVE-2024-43898,CVE-2024-43912,CVE-2024-43914,CVE-2024-44935,CVE-2024-44944,CVE-2024-44946,CVE-2024-44948,CVE-2024-44950,CVE-2024-44952,CVE-2024-44954,CVE-2024-44967,CVE-2024-44969,CVE-2024-44970,CVE-2024-4
4971,CVE-2024-44972,CVE-2024-44977,CVE-2024-44982,CVE-2024-44986,CVE-2024-44987,CVE-2024-44988,CVE-2024-44989,CVE-2024-44990,CVE-2024-44998,CVE-2024-44999,CVE-2024-45000,CVE-2024-45001,CVE-2024-45003,CVE-2024-45006,CVE-2024-45007,CVE-2024-45008,CVE-2024-45011,CVE-2024-45013,CVE-2024-45015,CVE-2024-45018,CVE-2024-45020,CVE-2024-45021,CVE-2024-45026,CVE-2024-45028,CVE-2024-45029,CVE-2024-46673,CVE-2024-46674,CVE-2024-46675,CVE-2024-46676,CVE-2024-46677,CVE-2024-46679,CVE-2024-46685,CVE-2024-46686,CVE-2024-46689,CVE-2024-46694,CVE-2024-46702,CVE-2024-46707,CVE-2024-46714,CVE-2024-46715,CVE-2024-46717,CVE-2024-46720,CVE-2024-46721,CVE-2024-46722,CVE-2024-46723,CVE-2024-46724,CVE-2024-46725,CVE-2024-46726,CVE-2024-46727,CVE-2024-46728,CVE-2024-46730,CVE-2024-46731,CVE-2024-46732,CVE-2024-46737,CVE-2024-46738,CVE-2024-46739,CVE-2024-46743,CVE-2024-46744,CVE-2024-46745,CVE-2024-46746,CVE-2024-46747,CVE-2024-46750,CVE-2024-46751,CVE-2024-46752,CVE-2024-46753,CVE-2024-46755,CVE-2024-46756,CV
E-2024-46758,CVE-2024-46759,CVE-2024-46761,CVE-2024-46771,CVE-2024-46772,CVE-2024-46773,CVE-2024-46774,CVE-2024-46778,CVE-2024-46780,CVE-2024-46781,CVE-2024-46783,CVE-2024-46784,CVE-2024-46786,CVE-2024-46787,CVE-2024-46791,CVE-2024-46794,CVE-2024-46798,CVE-2024-46822,CVE-2024-46830
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607).
- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633).
- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
- CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
- CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
- CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
- CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339).
- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
- CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973).
- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
- CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
- CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
- CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
- CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
- CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
- CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
- CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178).
- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
- CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
- CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
- CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
- CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
- CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
- CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507).
- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
- CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
- CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
- CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
- CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582).
- CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700).
- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
- CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
- CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116).
The following non-security bugs were fixed:
- ACPI: battery: create alarm sysfs attribute atomically (git-fixes).
- ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).
- ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).
- ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).
- ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes).
- ACPI: sysfs: validate return type of _STR method (git-fixes).
- af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846).
- af_unix: Fix data races around sk->sk_shutdown (bsc#1226846).
- af_unix: Fix data-races around sk->sk_shutdown (git-fixes).
- ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).
- ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes).
- ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes).
- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
- apparmor: fix possible NULL pointer dereference (stable-fixes).
- arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
- arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).
- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).
- arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).
- arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
- arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
- arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
- arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
- arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
- ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
- ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
- ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
- ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
- ASoC: tegra: Fix CBB error during probe() (git-fixes).
- ASoC: topology: Properly initialize soc_enum values (stable-fixes).
- ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
- ata: pata_macio: Use WARN instead of BUG (stable-fixes).
- blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
- blk-mq: add number of queue calc helper (bsc#1229034).
- blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031).
- blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
- blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034).
- blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034).
- Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
- Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
- Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
- cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181).
- cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013).
- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
- can: bcm: Remove proc entry when dev is unregistered (git-fixes).
- can: j1939: use correct function name in comment (git-fixes).
- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes).
- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
- ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180).
- char: xillybus: Check USB endpoints when probing device (git-fixes).
- clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
- clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes).
- clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes).
- cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).
- crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).
- crypto: virtio - Handle dataq logic with tasklet (git-fixes).
- crypto: virtio - Wait for tasklet to complete on device remove (git-fixes).
- crypto: xor - fix template benchmarking (git-fixes).
- devres: Initialize an uninitialized struct member (stable-fixes).
- driver core: Add debug logs when fwnode links are added/deleted (git-fixes).
- driver core: Add missing parameter description to __fwnode_link_add() (git-fixes).
- driver core: Create __fwnode_link_del() helper function (git-fixes).
- driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes).
- driver core: fw_devlink: Consolidate device link flag computation (git-fixes).
- driver core: Set deferred probe reason when deferred by driver core (git-fixes).
- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
- Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
- Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).
- drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
- drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
- drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
- drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes).
- drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
- drm/amd/display: Check denominator pbn_div before used (stable-fixes).
- drm/amd/display: Check gpio_id before used as array index (stable-fixes).
- drm/amd/display: Check HDCP returned status (stable-fixes).
- drm/amd/display: Check msg_id before processing transcation (stable-fixes).
- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes).
- drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes).
- drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes).
- drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes).
- drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes).
- drm/amd/display: Spinlock before reading event (stable-fixes).
- drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes).
- drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
- drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
- drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
- drm/amdgpu: fix a possible null pointer dereference (git-fixes).
- drm/amdgpu: fix dereference after null check (stable-fixes).
- drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
- drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
- drm/amdgpu: fix overflowed array index read warning (stable-fixes).
- drm/amdgpu: Fix smatch static checker warning (stable-fixes).
- drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
- drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes).
- drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes).
- drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
- drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
- drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
- drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
- drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes).
- drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes).
- drm/amd/pm: check negtive return for table entries (stable-fixes).
- drm/amd/pm: check specific index for aldebaran (stable-fixes).
- drm/amd/pm: Fix negative array index read (stable-fixes).
- drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes).
- drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes).
- drm/amd/pm: fix uninitialized variable warning (stable-fixes).
- drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes).
- drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).
- drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes).
- drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
- drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes).
- drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
- drm/meson: plane: Add error handling (stable-fixes).
- drm/msm/a5xx: disable preemption in submits by default (git-fixes).
- drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
- drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
- drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
- drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
- drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444)
- drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
- drm/msm: fix %s null argument error (git-fixes).
- drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).
- drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).
- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).
- drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
- drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
- exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224085).
- firmware_loader: Block path traversal (git-fixes).
- fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592).
- fuse: update stats for pages in dropped aux writeback list (bsc#1230130).
- fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129).
- genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031).
- genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031).
- genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031).
- genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031).
- genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031).
- genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031).
- genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031).
- gfs2: setattr_chown: Add missing initialization (git-fixes).
- HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
- HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).
- hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).
- hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
- hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).
- hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).
- hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).
- hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
- i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes).
- i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
- i2c: isch: Add missed 'else' (git-fixes).
- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
- i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
- i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).
- IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
- IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes)
- iio: adc: ad7124: fix chip ID mismatch (git-fixes).
- iio: adc: ad7124: fix config comparison (git-fixes).
- iio: adc: ad7606: fix oversampling gpio array (git-fixes).
- iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).
- iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
- iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).
- iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes).
- iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
- Input: ilitek_ts_i2c - add report id message validation (git-fixes).
- Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
- Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Input: uinput - reject requests with unreasonable number of slots (stable-fixes).
- ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
- ipmi:ssif: Improve detecting during probing (bsc#1228771)
- ipmi:ssif: Improve detecting during probing (bsc#1228771)
- jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
- kabi: add __nf_queue_get_refs() for kabi compliance.
- kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes).
- kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031).
- lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034).
- lib/group_cpus: Export group_cpus_evenly() (bsc#1229031).
- lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
- mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
- mailbox: rockchip: fix a typo in module autoloading (git-fixes).
- media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269)
- media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
- media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes).
- media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes).
- media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
- media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
- media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).
- media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
- media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).
- media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
- mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
- mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
- mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
- mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
- mtd: slram: insert break after errors in parsing the map (git-fixes).
- net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
- net: missing check virtio (git-fixes).
- net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
- nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769).
- NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
- NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662).
- NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
- NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
- NFS: Reduce use of uncached readdir (bsc#1226662).
- NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).
- nilfs2: Constify struct kobj_type (git-fixes).
- nilfs2: determine empty node blocks as corrupted (git-fixes).
- nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
- nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
- nilfs2: fix state management in error path of log writing function (git-fixes).
- nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes).
- nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes).
- nilfs2: use default_groups in kobj_type (git-fixes).
- nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes).
- nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
- nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034).
- nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
- nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
- nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
- nvmet-tcp: do not continue for invalid icreq (git-fixes).
- nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
- nvmet-trace: avoid dereferencing pointer too early (git-fixes).
- ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
- ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
- ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
- PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
- PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes).
- PCI/ASPM: Move pci_function_0() upward (bsc#1226915)
- PCI/ASPM: Remove struct aspm_latency (bsc#1226915)
- PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915)
- PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915)
- PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
- PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
- PCI: dwc: Restore MSI Receiver mask during resume (git-fixes).
- pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
- PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).
- PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
- PCI: Support BAR sizes up to 8TB (bsc#1231017)
- PCI: Wait for Link before restoring Downstream Buses (git-fixes).
- PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
- PCI: xilinx-nwl: Fix register misspelling (git-fixes).
- pcmcia: Use resource_size function on resource object (stable-fixes).
- pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
- pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
- platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
- platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).
- platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).
- power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).
- power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).
- power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
- power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).
- RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
- RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
- RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
- RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
- RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
- RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
- RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)
- RDMA/hns: Optimize hem allocation performance (git-fixes)
- RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
- RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
- RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes)
- RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)
- Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
- Revert 'Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE' (git-fixes).
- Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes).
- Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (stable-fixes).
- rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
- scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
- scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429).
- scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429).
- scsi: lpfc: Fix overflow build issue (bsc#1229429).
- scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429).
- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429).
- scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429).
- scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429).
- scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429).
- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429).
- scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034).
- scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
- scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).
- scsi: use block layer helpers to calculate num of queues (bsc#1229034).
- spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
- Squashfs: sanity check symbolic link size (git-fixes).
- staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes).
- thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
- tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).
- tools/virtio: fix build (git-fixes).
- tpm: Clean up TPM space after command failure (git-fixes).
- tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
- tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
- udp: fix receiving fraglist GSO packets (git-fixes).
- uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
- usb: cdnsp: Fix incorrect usb_request status (git-fixes).
- USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
- usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
- usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
- usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes).
- usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes).
- usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes).
- usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes).
- usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
- usbip: Do not submit special requests twice (stable-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- usbnet: ipheth: race between ipheth_close and error handling (git-fixes).
- usbnet: modern method to get random MAC (git-fixes).
- USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
- USB: serial: option: add MeiG Smart SRM825L (git-fixes).
- usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
- usb: uas: set host status byte on data completion error (git-fixes).
- usb: uas: set host status byte on data completion error (stable-fixes).
- USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
- virito: add APIs for retrieving vq affinity (bsc#1229034).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034).
- virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034).
- virtiofs: forbid newlines in tags (bsc#1230591).
- virtio_net: checksum offloading handling fix (git-fixes).
- virtio_net: Fix ''%d' directive writing between 1 and 11 bytes into a region of size 10' warnings (git-fixes).
- virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
- virtio: reenable config if freezing device failed (git-fixes).
- virtio/vsock: fix logic which reduces credit update messages (git-fixes).
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes).
- vsock/virtio: add support for device suspend/resume (git-fixes).
- vsock/virtio: factor our the code to initialize and delete VQs (git-fixes).
- vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes).
- vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes).
- watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
- wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).
- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
- wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).
- wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
- wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).
- wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
- wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
- wifi: rtw88: remove CPT execution branch never used (git-fixes).
- wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).
- x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
- x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).
- x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).
- x86/xen: Convert comma to semicolon (git-fixes).
- xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
- xen: allow mapping ACPI data using a different physical address (bsc#1226003).
- xen: introduce generic helper checking for memory map conflicts (bsc#1226003).
- xen: move checks for e820 conflicts further up (bsc#1226003).
- xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
- xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
- xen/swiotlb: fix allocated size (git-fixes).
- xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).
- xen: use correct end address of kernel for conflict checking (bsc#1226003).
- xfs: do not include bnobt blocks when reserving free block pool (git-fixes).
- xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes).
- xz: cleanup CRC32 edits from 2018 (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3584-1
Released: Thu Oct 10 09:13:08 2024
Summary: Recommended update for wicked
Type: recommended
Severity: moderate
References: 1229555
This update for wicked fixes the following issue:
- compat-suse: fix dummy interfaces configuration with
`INTERFACETYPE=dummy` (bsc#1229555).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3593-1
Released: Thu Oct 10 18:43:13 2024
Summary: Recommended update for rsyslog
Type: recommended
Severity: moderate
References: 1231229
This update for rsyslog fixes the following issue:
- fix PreserveFQDN option before daemon is restarted (bsc#1231229)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3597-1
Released: Fri Oct 11 10:39:52 2024
Summary: Recommended update for bash
Type: recommended
Severity: moderate
References: 1227807
This update for bash fixes the following issues:
- Load completion file eveh if a brace expansion is in the
command line included (bsc#1227807).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3605-1
Released: Fri Oct 11 17:09:43 2024
Summary: Recommended update for grub2
Type: recommended
Severity: moderate
References: 1230840
This update for grub2 fixes the following issue:
- Fix out of memory error in loading loopback file (bsc#1230840).
The following package changes have been done:
- bash-sh-4.4-150400.27.3.2 updated
- bash-4.4-150400.27.3.2 updated
- cpupower-5.14-150500.9.6.2 updated
- curl-8.0.1-150400.5.53.2 updated
- dracut-055+suse.396.g701c6212-150500.3.29.2 updated
- e2fsprogs-1.46.4-150400.3.9.2 updated
- glibc-locale-base-2.31-150300.89.2 updated
- glibc-locale-2.31-150300.89.2 updated
- glibc-2.31-150300.89.2 updated
- grub2-i386-pc-2.06-150500.29.34.2 updated
- grub2-x86_64-efi-2.06-150500.29.34.2 updated
- grub2-2.06-150500.29.34.2 updated
- kernel-default-5.14.21-150500.55.83.1 updated
- libblkid1-2.37.4-150500.9.17.2 updated
- libcom_err2-1.46.4-150400.3.9.2 updated
- libcpupower0-5.14-150500.9.6.2 updated
- libcurl4-8.0.1-150400.5.53.2 updated
- libext2fs2-1.46.4-150400.3.9.2 updated
- libfdisk1-2.37.4-150500.9.17.2 updated
- libmount1-2.37.4-150500.9.17.2 updated
- libncurses6-6.1-150000.5.27.1 updated
- libpcap1-1.10.1-150400.3.6.2 updated
- libpython3_6m1_0-3.6.15-150300.10.72.1 updated
- libreadline7-7.0-150400.27.3.2 updated
- libsmartcols1-2.37.4-150500.9.17.2 updated
- libsolv-tools-base-0.7.30-150500.6.2.2 updated
- libsolv-tools-0.7.30-150500.6.2.2 updated
- libuuid1-2.37.4-150500.9.17.2 updated
- libzypp-17.35.11-150500.6.18.3 updated
- logrotate-3.18.1-150400.3.10.1 updated
- ncurses-utils-6.1-150000.5.27.1 updated
- pam-config-1.1-150200.3.9.1 updated
- python3-base-3.6.15-150300.10.72.1 updated
- python3-3.6.15-150300.10.72.1 updated
- rsyslog-module-relp-8.2306.0-150400.5.30.2 updated
- rsyslog-8.2306.0-150400.5.30.2 updated
- suseconnect-ng-1.12.0-150500.3.29.2 updated
- terminfo-base-6.1-150000.5.27.1 updated
- terminfo-6.1-150000.5.27.1 updated
- util-linux-systemd-2.37.4-150500.9.17.2 updated
- util-linux-2.37.4-150500.9.17.2 updated
- wicked-service-0.6.76-150500.3.36.2 updated
- wicked-0.6.76-150500.3.36.2 updated
- xen-libs-4.17.5_04-150500.3.39.1 updated
- zypper-1.14.77-150500.6.11.3 updated
More information about the sle-container-updates
mailing list