SUSE-CU-2025:1085-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Feb 19 08:16:48 UTC 2025
SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1085-1
Container Tags : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.5.105 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release : 17.5.105
Severity : important
Type : security
References : 1012628 1194869 1215199 1216813 1218470 1220711 1221326 1222803
1224049 1225897 1226980 1228086 1228592 1229228 1229833 1231016
1231088 1231472 1231792 1232087 1232101 1232158 1232161 1232421
1232882 1233055 1233112 1233221 1233248 1233259 1233260 1233265
1233488 1233522 1233638 1233642 1233752 1233778 1234195 1234313
1234619 1234635 1234683 1234693 1234726 1234765 1234825 1234863
1234887 1234888 1234893 1234898 1234901 1234906 1234923 1234931
1234934 1234947 1234957 1235000 1235001 1235011 1235031 1235032
1235035 1235037 1235038 1235039 1235040 1235042 1235043 1235046
1235050 1235051 1235053 1235054 1235057 1235059 1235065 1235070
1235073 1235100 1235112 1235115 1235117 1235122 1235123 1235125
1235132 1235133 1235155 1235160 1235217 1235219 1235220 1235222
1235223 1235224 1235227 1235230 1235241 1235244 1235249 1235251
1235252 1235389 1235390 1235391 1235406 1235410 1235412 1235413
1235415 1235416 1235417 1235418 1235423 1235424 1235425 1235426
1235427 1235428 1235429 1235430 1235433 1235437 1235439 1235441
1235444 1235445 1235449 1235451 1235454 1235458 1235459 1235464
1235466 1235473 1235479 1235480 1235483 1235486 1235487 1235488
1235489 1235491 1235494 1235495 1235496 1235497 1235498 1235500
1235502 1235503 1235519 1235520 1235521 1235523 1235526 1235528
1235532 1235533 1235534 1235537 1235538 1235545 1235552 1235555
1235557 1235563 1235564 1235565 1235568 1235570 1235571 1235577
1235578 1235582 1235583 1235584 1235587 1235611 1235612 1235616
1235622 1235627 1235632 1235635 1235638 1235641 1235643 1235645
1235646 1235647 1235650 1235653 1235656 1235657 1235663 1235686
1235700 1235705 1235707 1235708 1235710 1235714 1235716 1235720
1235723 1235727 1235730 1235737 1235739 1235745 1235747 1235750
1235753 1235759 1235764 1235768 1235776 1235777 1235778 1235779
1235793 1235798 1235806 1235808 1235812 1235814 1235818 1235842
1235865 1235874 1235894 1235902 1235903 1235906 1235912 1235914
1235918 1235919 1235920 1235924 1235940 1235941 1235946 1235948
1235952 1235964 1235965 1235967 1235969 1235976 1235977 1236078
1236080 1236082 1236088 1236090 1236091 1236096 1236097 1236098
1236101 1236102 1236104 1236106 1236120 1236125 1236127 1236131
1236138 1236143 1236144 1236145 1236160 1236161 1236163 1236168
1236178 1236180 1236181 1236182 1236190 1236192 1236198 1236227
1236245 1236247 1236248 1236260 1236262 1236282 1236628 1236680
1236683 1236685 1236688 1236694 1236696 1236698 1236703 1236732
1236733 1236757 1236758 1236760 1236761 1236878 1236960 1237040
1237041 CVE-2023-52489 CVE-2023-52923 CVE-2024-12133 CVE-2024-26810
CVE-2024-36476 CVE-2024-39282 CVE-2024-43913 CVE-2024-45828 CVE-2024-46858
CVE-2024-46896 CVE-2024-47141 CVE-2024-47143 CVE-2024-47809 CVE-2024-48873
CVE-2024-48881 CVE-2024-49569 CVE-2024-49948 CVE-2024-49951 CVE-2024-49978
CVE-2024-49998 CVE-2024-50051 CVE-2024-50106 CVE-2024-50151 CVE-2024-50199
CVE-2024-50251 CVE-2024-50258 CVE-2024-50299 CVE-2024-50304 CVE-2024-52332
CVE-2024-53091 CVE-2024-53095 CVE-2024-53164 CVE-2024-53168 CVE-2024-53170
CVE-2024-53172 CVE-2024-53175 CVE-2024-53185 CVE-2024-53187 CVE-2024-53194
CVE-2024-53195 CVE-2024-53196 CVE-2024-53197 CVE-2024-53198 CVE-2024-53203
CVE-2024-53227 CVE-2024-53230 CVE-2024-53231 CVE-2024-53232 CVE-2024-53233
CVE-2024-53236 CVE-2024-53239 CVE-2024-53685 CVE-2024-53690 CVE-2024-54680
CVE-2024-55639 CVE-2024-55881 CVE-2024-55916 CVE-2024-56369 CVE-2024-56372
CVE-2024-56531 CVE-2024-56532 CVE-2024-56533 CVE-2024-56538 CVE-2024-56543
CVE-2024-56546 CVE-2024-56548 CVE-2024-56557 CVE-2024-56558 CVE-2024-56568
CVE-2024-56569 CVE-2024-56570 CVE-2024-56571 CVE-2024-56572 CVE-2024-56573
CVE-2024-56574 CVE-2024-56575 CVE-2024-56577 CVE-2024-56578 CVE-2024-56584
CVE-2024-56587 CVE-2024-56588 CVE-2024-56589 CVE-2024-56590 CVE-2024-56592
CVE-2024-56593 CVE-2024-56594 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597
CVE-2024-56598 CVE-2024-56600 CVE-2024-56601 CVE-2024-56602 CVE-2024-56603
CVE-2024-56606 CVE-2024-56607 CVE-2024-56608 CVE-2024-56609 CVE-2024-56610
CVE-2024-56611 CVE-2024-56614 CVE-2024-56615 CVE-2024-56616 CVE-2024-56617
CVE-2024-56619 CVE-2024-56620 CVE-2024-56622 CVE-2024-56623 CVE-2024-56625
CVE-2024-56629 CVE-2024-56630 CVE-2024-56631 CVE-2024-56632 CVE-2024-56634
CVE-2024-56635 CVE-2024-56636 CVE-2024-56637 CVE-2024-56641 CVE-2024-56642
CVE-2024-56643 CVE-2024-56644 CVE-2024-56648 CVE-2024-56649 CVE-2024-56650
CVE-2024-56651 CVE-2024-56654 CVE-2024-56656 CVE-2024-56658 CVE-2024-56659
CVE-2024-56660 CVE-2024-56661 CVE-2024-56662 CVE-2024-56663 CVE-2024-56664
CVE-2024-56665 CVE-2024-56670 CVE-2024-56672 CVE-2024-56675 CVE-2024-56677
CVE-2024-56678 CVE-2024-56679 CVE-2024-56681 CVE-2024-56683 CVE-2024-56687
CVE-2024-56688 CVE-2024-56690 CVE-2024-56691 CVE-2024-56693 CVE-2024-56694
CVE-2024-56698 CVE-2024-56700 CVE-2024-56701 CVE-2024-56704 CVE-2024-56705
CVE-2024-56707 CVE-2024-56708 CVE-2024-56709 CVE-2024-56712 CVE-2024-56715
CVE-2024-56716 CVE-2024-56722 CVE-2024-56723 CVE-2024-56724 CVE-2024-56725
CVE-2024-56726 CVE-2024-56727 CVE-2024-56728 CVE-2024-56729 CVE-2024-56739
CVE-2024-56741 CVE-2024-56745 CVE-2024-56746 CVE-2024-56747 CVE-2024-56748
CVE-2024-56759 CVE-2024-56760 CVE-2024-56763 CVE-2024-56765 CVE-2024-56766
CVE-2024-56767 CVE-2024-56769 CVE-2024-56774 CVE-2024-56775 CVE-2024-56776
CVE-2024-56777 CVE-2024-56778 CVE-2024-56779 CVE-2024-56780 CVE-2024-56787
CVE-2024-57791 CVE-2024-57792 CVE-2024-57793 CVE-2024-57795 CVE-2024-57798
CVE-2024-57801 CVE-2024-57802 CVE-2024-57804 CVE-2024-57809 CVE-2024-57838
CVE-2024-57849 CVE-2024-57850 CVE-2024-57857 CVE-2024-57874 CVE-2024-57876
CVE-2024-57882 CVE-2024-57884 CVE-2024-57887 CVE-2024-57888 CVE-2024-57890
CVE-2024-57892 CVE-2024-57893 CVE-2024-57896 CVE-2024-57897 CVE-2024-57899
CVE-2024-57903 CVE-2024-57904 CVE-2024-57906 CVE-2024-57907 CVE-2024-57908
CVE-2024-57910 CVE-2024-57911 CVE-2024-57912 CVE-2024-57913 CVE-2024-57915
CVE-2024-57916 CVE-2024-57917 CVE-2024-57922 CVE-2024-57926 CVE-2024-57929
CVE-2024-57931 CVE-2024-57932 CVE-2024-57933 CVE-2024-57935 CVE-2024-57936
CVE-2024-57938 CVE-2024-57940 CVE-2024-57946 CVE-2025-0395 CVE-2025-21632
CVE-2025-21645 CVE-2025-21646 CVE-2025-21649 CVE-2025-21650 CVE-2025-21651
CVE-2025-21652 CVE-2025-21653 CVE-2025-21655 CVE-2025-21656 CVE-2025-21662
CVE-2025-21663 CVE-2025-21664 CVE-2025-21666 CVE-2025-21669 CVE-2025-21670
CVE-2025-21674 CVE-2025-21675 CVE-2025-21676 CVE-2025-21678 CVE-2025-21682
CVE-2025-26465 CVE-2025-26466
-----------------------------------------------------------------
The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:499-1
Released: Thu Feb 13 09:14:42 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1012628,1194869,1215199,1216813,1218470,1220711,1221326,1222803,1224049,1225897,1226980,1228592,1229833,1231016,1231088,1232087,1232101,1232158,1232161,1232421,1232882,1233055,1233112,1233221,1233248,1233259,1233260,1233488,1233522,1233638,1233642,1233778,1234195,1234619,1234635,1234683,1234693,1234726,1234825,1234863,1234887,1234888,1234893,1234898,1234901,1234906,1234923,1234931,1234934,1234947,1234957,1235000,1235001,1235011,1235031,1235032,1235035,1235037,1235038,1235039,1235040,1235042,1235043,1235046,1235050,1235051,1235053,1235054,1235057,1235059,1235065,1235070,1235073,1235100,1235112,1235115,1235117,1235122,1235123,1235125,1235132,1235133,1235155,1235160,1235217,1235219,1235220,1235222,1235223,1235224,1235227,1235230,1235241,1235244,1235249,1235251,1235252,1235389,1235390,1235391,1235406,1235410,1235412,1235413,1235415,1235416,1235417,1235418,1235423,1235424,1235425,1235426,1235427,1235428,1235429,1235430,1235433,1235437,1235439,1235441,1235444,1235445,1235449,1
235451,1235454,1235458,1235459,1235464,1235466,1235473,1235479,1235480,1235483,1235486,1235487,1235488,1235489,1235491,1235494,1235495,1235496,1235497,1235498,1235500,1235502,1235503,1235519,1235520,1235521,1235523,1235526,1235528,1235532,1235533,1235534,1235537,1235538,1235545,1235552,1235555,1235557,1235563,1235564,1235565,1235568,1235570,1235571,1235577,1235578,1235582,1235583,1235584,1235587,1235611,1235612,1235616,1235622,1235627,1235632,1235635,1235638,1235641,1235643,1235645,1235646,1235647,1235650,1235653,1235656,1235657,1235663,1235686,1235700,1235705,1235707,1235708,1235710,1235714,1235716,1235720,1235723,1235727,1235730,1235737,1235739,1235745,1235747,1235750,1235753,1235759,1235764,1235768,1235776,1235777,1235778,1235779,1235793,1235798,1235806,1235808,1235812,1235814,1235818,1235842,1235865,1235874,1235894,1235902,1235903,1235906,1235914,1235918,1235919,1235920,1235924,1235940,1235941,1235946,1235948,1235952,1235964,1235965,1235967,1235969,1235976,1235977,1236078,123608
0,1236082,1236088,1236090,1236091,1236096,1236097,1236098,1236101,1236102,1236104,1236106,1236120,1236125,1236127,1236131,1236138,1236143,1236144,1236145,1236160,1236161,1236163,1236168,1236178,1236180,1236181,1236182,1236190,1236192,1236198,1236227,1236245,1236247,1236248,1236260,1236262,1236628,1236680,1236683,1236685,1236688,1236694,1236696,1236698,1236703,1236732,1236733,1236757,1236758,1236760,1236761,CVE-2023-52489,CVE-2023-52923,CVE-2024-26810,CVE-2024-36476,CVE-2024-39282,CVE-2024-43913,CVE-2024-45828,CVE-2024-46858,CVE-2024-46896,CVE-2024-47141,CVE-2024-47143,CVE-2024-47809,CVE-2024-48873,CVE-2024-48881,CVE-2024-49569,CVE-2024-49948,CVE-2024-49951,CVE-2024-49978,CVE-2024-49998,CVE-2024-50051,CVE-2024-50106,CVE-2024-50151,CVE-2024-50199,CVE-2024-50251,CVE-2024-50258,CVE-2024-50299,CVE-2024-50304,CVE-2024-52332,CVE-2024-53091,CVE-2024-53095,CVE-2024-53164,CVE-2024-53168,CVE-2024-53170,CVE-2024-53172,CVE-2024-53175,CVE-2024-53185,CVE-2024-53187,CVE-2024-53194,CVE-2024-53195,CV
E-2024-53196,CVE-2024-53197,CVE-2024-53198,CVE-2024-53203,CVE-2024-53227,CVE-2024-53230,CVE-2024-53231,CVE-2024-53232,CVE-2024-53233,CVE-2024-53236,CVE-2024-53239,CVE-2024-53685,CVE-2024-53690,CVE-2024-54680,CVE-2024-55639,CVE-2024-55881,CVE-2024-55916,CVE-2024-56369,CVE-2024-56372,CVE-2024-56531,CVE-2024-56532,CVE-2024-56533,CVE-2024-56538,CVE-2024-56543,CVE-2024-56546,CVE-2024-56548,CVE-2024-56557,CVE-2024-56558,CVE-2024-56568,CVE-2024-56569,CVE-2024-56570,CVE-2024-56571,CVE-2024-56572,CVE-2024-56573,CVE-2024-56574,CVE-2024-56575,CVE-2024-56577,CVE-2024-56578,CVE-2024-56584,CVE-2024-56587,CVE-2024-56588,CVE-2024-56589,CVE-2024-56590,CVE-2024-56592,CVE-2024-56593,CVE-2024-56594,CVE-2024-56595,CVE-2024-56596,CVE-2024-56597,CVE-2024-56598,CVE-2024-56600,CVE-2024-56601,CVE-2024-56602,CVE-2024-56603,CVE-2024-56606,CVE-2024-56607,CVE-2024-56608,CVE-2024-56609,CVE-2024-56610,CVE-2024-56611,CVE-2024-56614,CVE-2024-56615,CVE-2024-56616,CVE-2024-56617,CVE-2024-56619,CVE-2024-56620,CVE-2024-
56622,CVE-2024-56623,CVE-2024-56625,CVE-2024-56629,CVE-2024-56630,CVE-2024-56631,CVE-2024-56632,CVE-2024-56634,CVE-2024-56635,CVE-2024-56636,CVE-2024-56637,CVE-2024-56641,CVE-2024-56642,CVE-2024-56643,CVE-2024-56644,CVE-2024-56648,CVE-2024-56649,CVE-2024-56650,CVE-2024-56651,CVE-2024-56654,CVE-2024-56656,CVE-2024-56658,CVE-2024-56659,CVE-2024-56660,CVE-2024-56661,CVE-2024-56662,CVE-2024-56663,CVE-2024-56664,CVE-2024-56665,CVE-2024-56670,CVE-2024-56672,CVE-2024-56675,CVE-2024-56677,CVE-2024-56678,CVE-2024-56679,CVE-2024-56681,CVE-2024-56683,CVE-2024-56687,CVE-2024-56688,CVE-2024-56690,CVE-2024-56691,CVE-2024-56693,CVE-2024-56694,CVE-2024-56698,CVE-2024-56700,CVE-2024-56701,CVE-2024-56704,CVE-2024-56705,CVE-2024-56707,CVE-2024-56708,CVE-2024-56709,CVE-2024-56712,CVE-2024-56715,CVE-2024-56716,CVE-2024-56722,CVE-2024-56723,CVE-2024-56724,CVE-2024-56725,CVE-2024-56726,CVE-2024-56727,CVE-2024-56728,CVE-2024-56729,CVE-2024-56739,CVE-2024-56741,CVE-2024-56745,CVE-2024-56746,CVE-2024-56747,C
VE-2024-56748,CVE-2024-56759,CVE-2024-56760,CVE-2024-56763,CVE-2024-56765,CVE-2024-56766,CVE-2024-56767,CVE-2024-56769,CVE-2024-56774,CVE-2024-56775,CVE-2024-56776,CVE-2024-56777,CVE-2024-56778,CVE-2024-56779,CVE-2024-56780,CVE-2024-56787,CVE-2024-57791,CVE-2024-57792,CVE-2024-57793,CVE-2024-57795,CVE-2024-57798,CVE-2024-57801,CVE-2024-57802,CVE-2024-57804,CVE-2024-57809,CVE-2024-57838,CVE-2024-57849,CVE-2024-57850,CVE-2024-57857,CVE-2024-57874,CVE-2024-57876,CVE-2024-57882,CVE-2024-57884,CVE-2024-57887,CVE-2024-57888,CVE-2024-57890,CVE-2024-57892,CVE-2024-57893,CVE-2024-57896,CVE-2024-57897,CVE-2024-57899,CVE-2024-57903,CVE-2024-57904,CVE-2024-57906,CVE-2024-57907,CVE-2024-57908,CVE-2024-57910,CVE-2024-57911,CVE-2024-57912,CVE-2024-57913,CVE-2024-57915,CVE-2024-57916,CVE-2024-57917,CVE-2024-57922,CVE-2024-57926,CVE-2024-57929,CVE-2024-57931,CVE-2024-57932,CVE-2024-57933,CVE-2024-57935,CVE-2024-57936,CVE-2024-57938,CVE-2024-57940,CVE-2024-57946,CVE-2025-21632,CVE-2025-21645,CVE-2025
-21646,CVE-2025-21649,CVE-2025-21650,CVE-2025-21651,CVE-2025-21652,CVE-2025-21653,CVE-2025-21655,CVE-2025-21656,CVE-2025-21662,CVE-2025-21663,CVE-2025-21664,CVE-2025-21666,CVE-2025-21669,CVE-2025-21670,CVE-2025-21674,CVE-2025-21675,CVE-2025-21676,CVE-2025-21678,CVE-2025-21682
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
- CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
- CVE-2025-21662: net/mlx5: Fix variable not being completed when function returns (bsc#1236198).
- CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
- CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
- CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
- CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
- CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue (bsc#1236144).
- CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143).
- CVE-2025-21632: x86/fpu: Ensure shadow stack is active before 'getting' registers (bsc#1236106).
- CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
- CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
- CVE-2024-57933: gve: guard XSK operations on the existence of queues (bsc#1236178).
- CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
- CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
- CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
- CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
- CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
- CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
- CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (bsc#1235964).
- CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
- CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings (bsc#1235798).
- CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL (bsc#1235793).
- CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs (bsc#1235779).
- CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
- CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without loaded flag (bsc#1235940).
- CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device (bsc#1235906).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-56775: drm/amd/display: Fix handling of plane refcount (bsc#1235657).
- CVE-2024-56774: btrfs: add a sanity check for btrfs root in btrfs_search_slot() (bsc#1235653).
- CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops (bsc#1235503).
- CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
- CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
- CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
- CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
- CVE-2024-56716: netdevsim: prevent bad user input in nsim_dev_health_break_write() (bsc#1235587).
- CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
- CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path (bsc#1235565).
- CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload (bsc#1235564).
- CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS (bsc#1235412).
- CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
- CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
- CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (bsc#1235555).
- CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference (bsc#1235437).
- CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (bsc#1235444).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not support (bsc#1235449).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
- CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb() (bsc#1235520).
- CVE-2024-56635: net: avoid potential UAF in default_operstate() (bsc#1235519).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
- CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (bsc#1235227).
- CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429).
- CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
- CVE-2024-56614: xsk: fix OOB map writes when deleting elements (bsc#1235424).
- CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (bsc#1235391).
- CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
- CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
- CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in can_create() (bsc#1235415).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption model (bsc#1235241).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56569: ftrace: Fix regression with module command in stack_trace_filter (bsc#1235031).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
- CVE-2024-55881: KVM: x86: Play nice with protected guests in complete_hypercall_exit() (bsc#1235745).
- CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree node (bsc#1235737).
- CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
- CVE-2024-53236: xsk: Free skb when TX metadata options are invalid (bsc#1235000).
- CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
- CVE-2024-53198: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (bsc#1234923).
- CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction (bsc#1234906).
- CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use (bsc#1234957).
- CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
- CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
- CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns (bsc#1234893).
- CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching (bsc#1234898).
- CVE-2024-53170: block: fix uaf for flush rq while iterating tags (bsc#1234888).
- CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
- CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (bsc#1233638).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
- CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
- CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed (bsc#1232158).
- CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
- CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (bsc#1235705).
- CVE-2024-26810: vfio/pci: Lock external INTx masking ops (bsc#1222803).
- CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
The following non-security bugs were fixed:
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status bitfields (stable-fixes).
- ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio (stable-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
- ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
- ASoC: rt722: add delay time to wait for the calibration procedure (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- Align git commit ID abbreviation guidelines and checks (git-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
- Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume (stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (stable-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when required (git-fixes).
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- Input: xpad - add support for wooting two he (arm) (stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes bsc#1235778).
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
- PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
- PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
- PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- RDMA/rxe: Fix the warning '__rxe_cleanup+0x12c/0x170 [rdma_rxe]' (git-fixes)
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- Revert 'HID: multitouch: Add support for lenovo Y9000P Touchpad' (stable-fixes).
- Revert 'drm/i915/dpt: Make DPT object unshrinkable' (stable-fixes).
- Revert 'mtd: spi-nor: core: replace dummy buswidth from addr to data' (git-fixes).
- Revert 'usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null' (stable-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
- USB: usblp: return error when setting unsupported protocol (git-fixes).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- afs: Fix directory format encoding struct (git-fixes).
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
- afs: Fix the maximum cell name length (git-fixes).
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-fixes).
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
- bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- cleanup: Add conditional guard support (stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
- cpufreq: amd-pstate: remove global header file (git-fixes).
- cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Do not update global.turbo_disabled after initialization (bsc#1234619).
- cpufreq: intel_pstate: Drop redundant locking from intel_pstate_driver_cleanup() (bsc#1234619).
- cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller (bsc#1234619).
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations (bsc#1234619).
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
- cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo() (bsc#1234619).
- cpufreq: intel_pstate: Refine computation of P-state for given frequency (bsc#1234619).
- cpufreq: intel_pstate: Replace three global.turbo_disabled checks (bsc#1234619).
- cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- cpufreq: intel_pstate: Update the maximum CPU frequency consistently (bsc#1234619).
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
- cpufreq: intel_pstate: Use __ro_after_init for three variables (bsc#1234619).
- cpufreq: intel_pstate: Wait for canceled delayed work to complete (bsc#1234619).
- cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
- cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs (git-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error path (git-fixes).
- devcoredump: cleanup some comments (git-fixes).
- dlm: fix possible lkb_resource null dereference (git-fixes).
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
- docs: media: update location of the media patches (stable-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
- driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-fixes).
- drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
- drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
- drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
- drm/mediatek: Add return value check when reading DPCD (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the display driver (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err (git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm: do not clean up priv->kms prematurely (git-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
- drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
- drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
- drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
- exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
- genksyms: fix memory leak when the same symbol is added from source (git-fixes).
- genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur (git-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-fixes).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
- iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
- iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer (git-fixes).
- iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale (git-fixes).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
- irqchip/gic-v3: Force propagation of the active state with a read-back (stable-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (stable-fixes).
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
- kheaders: Ignore silly-rename files (stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- ktest.pl: Fix typo 'accesing' (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
- landlock: Handle weird files (git-fixes).
- latencytop: use correct kernel-doc format for func params (git-fixes).
- leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
- leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- lib/stackdepot: print disabled message only if truly disabled (git-fixes).
- mac802154: check local interfaces before deleting sdata list (stable-fixes).
- mailbox: pcc: Add support for platform notification handling (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces (stable-fixes).
- mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: uvcvideo: Drop uvcvideo fix due to regression (bsc#1235894)
- media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-fixes).
- memory-failure: use a folio in me_huge_page() (git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling (git-fixes).
- misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set config (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list (git-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
- mm/memory-failure: check the mapcount of the precise page (git-fixes).
- mm/memory-failure: fix crash in split_huge_page_to_list from soft_offline_page (git-fixes).
- mm/memory-failure: pass the folio and the page to collect_procs() (git-fixes).
- mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-fixes).
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- mm/memory_hotplug: use pfn math in place of direct struct page manipulation (git-fixes).
- mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
- mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-fixes).
- mm/migrate: putback split folios when numa hint migration fails (git-fixes).
- mm/migrate: split source folio if it is on deferred split list (git-fixes).
- mm/page_owner: remove free_ts from page_owner output (git-fixes).
- mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
- mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
- mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-fixes).
- mm: memory-failure: fetch compound head after extra page refcnt is held (git-fixes).
- mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-fixes).
- mm: memory-failure: fix race window when trying to get hugetlb folio (git-fixes).
- mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Cleanup 'mana' debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
- nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
- nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
- nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- ocfs2: temporarily disable upstream patch (bsc#1236138)
- padata: add pd get/put refcnt helper (git-fixes).
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1225897).
- pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
- powerpc/iommu: Move pSeries specific functions to pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- rcuscale: Move rcu_scale_writer() (git-fixes)
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- regulator: core: Add missing newline character (git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
- remoteproc: core: Fix ida_free call while not allocated (git-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
- sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
- selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- srcu: Only accelerate on enqueue time (git-fixes)
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
- staging: media: max96712: fix kernel oops when removing module (git-fixes).
- thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
- tty: serial: 8250: Fix another runtime PM usage counter underflow (git-fixes).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- uio: Fix return value of poll (git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
- usb: gadget: f_tcm: Do not free command immediately (git-fixes).
- usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- usb: typec: tcpm/tcpci_maxim: fix error code in max_contaminant_read_resistance_kohm() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
- usbnet: ipheth: break up NCM header size computation (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header (git-fixes).
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- vmscan,migrate: fix page count imbalance on node stats when demoting pages (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- wifi: mac80211: Fix common size calculation for ML element (git-fixes).
- wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
- xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:500-1
Released: Thu Feb 13 09:26:54 2025
Summary: Recommended update for mdadm
Type: recommended
Severity: moderate
References: 1233265
This update for mdadm fixes the following issue:
- mdopen: add /sbin to PATH when call system('modprobe md_mod') (bsc#1233265).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:501-1
Released: Thu Feb 13 10:53:21 2025
Summary: Recommended update for permissions
Type: recommended
Severity: moderate
References: 1236960
This update for permissions fixes the following issues:
- Version update 20240826.
- Reintroduced nscd socket, this is a whitelisting for glibc (bsc#1236960).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:508-1
Released: Thu Feb 13 12:29:31 2025
Summary: Recommended update for findutils
Type: recommended
Severity: moderate
References: 1231472
This update for findutils fixes the following issue:
- fix crash when file system loop was encountered (bsc#1231472).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:515-1
Released: Thu Feb 13 12:58:42 2025
Summary: Recommended update for dracut
Type: recommended
Severity: moderate
References: 1228086,1231792,1235912
This update for dracut fixes the following issue:
- Version update 059+suse.552.g232957b4
- fixes related to getting live image size (bsc#1235912).
- fixes for booting from iSCSI offload with bnx2i (bsc#1228086).
- rework timeout for devices added via --mount and --add-device (bsc#1231792).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:547-1
Released: Fri Feb 14 08:26:30 2025
Summary: Recommended update for systemd
Type: recommended
Severity: moderate
References: 1229228,1233752,1234313,1234765
This update for systemd fixes the following issues:
- Fix agetty failing to open credentials directory (bsc#1229228)
- stdio-bridge: fix polled fds
- hwdb: comment out the entry for Logitech MX Keys for Mac
- core/unit-serialize: fix serialization of markers
- locale-setup: do not load locale from environemnt when /etc/locale.conf is unchanged
- core: fix assert when AddDependencyUnitFiles is called with invalid parameter
- Fix systemd-network recommending libidn2-devel (bsc#1234765)
- tpm2-util: also retry unsealing after policy_pcr returns PCR_CHANGED (bsc#1233752 bsc#1234313)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:548-1
Released: Fri Feb 14 11:19:24 2025
Summary: Security update for libtasn1
Type: security
Severity: important
References: 1236878,CVE-2024-12133
This update for libtasn1 fixes the following issues:
- CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes
quadratic time to complete. (bsc#1236878)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:582-1
Released: Tue Feb 18 15:55:29 2025
Summary: Security update for glibc
Type: security
Severity: low
References: 1236282,CVE-2025-0395
This update for glibc fixes the following issues:
- CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:585-1
Released: Tue Feb 18 17:42:14 2025
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1237040,1237041,CVE-2025-26465,CVE-2025-26466
This update for openssh fixes the following issues:
- CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040).
- CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server (bsc#1237041).
The following package changes have been done:
- dracut-059+suse.552.g232957b4-150600.3.17.2 updated
- findutils-4.8.0-150300.3.3.2 updated
- glibc-locale-base-2.38-150600.14.23.1 updated
- glibc-2.38-150600.14.23.1 updated
- kernel-default-6.4.0-150600.23.38.1 updated
- libsystemd0-254.23-150600.4.25.1 updated
- libtasn1-6-4.13-150000.4.11.1 updated
- libtasn1-4.13-150000.4.11.1 updated
- libudev1-254.23-150600.4.25.1 updated
- mdadm-4.3-150600.3.9.2 updated
- openssh-clients-9.6p1-150600.6.15.2 updated
- openssh-common-9.6p1-150600.6.15.2 updated
- openssh-server-9.6p1-150600.6.15.2 updated
- openssh-9.6p1-150600.6.15.2 updated
- permissions-20240826-150600.10.18.2 updated
- systemd-254.23-150600.4.25.1 updated
- udev-254.23-150600.4.25.1 updated
More information about the sle-container-updates
mailing list