SUSE-CU-2025:6709-1: Security update of bci/bci-sle15-kernel-module-devel
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Sep 3 07:17:26 UTC 2025
SUSE Container Update Advisory: bci/bci-sle15-kernel-module-devel
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6709-1
Container Tags : bci/bci-sle15-kernel-module-devel:15.7 , bci/bci-sle15-kernel-module-devel:15.7-44.12 , bci/bci-sle15-kernel-module-devel:latest
Container Release : 44.12
Severity : important
Type : security
References : 1139073 1204142 1212476 1216545 1218588 1218664 1219338 1225707
1227082 1228664 1230216 1232234 1233300 1235515 1235613 1235837
1236333 1236897 1238896 1239061 1239470 1240058 1240323 1240696
1240885 1240966 1240998 1241166 1241200 1241345 1241537 1242086
1242414 1242837 1242960 1242965 1242993 1243042 1243068 1243100
1243197 1243479 1243669 1243678 1243806 1244309 1244337 1244457
1244735 1244749 1244750 1244792 1244801 1245084 1245151 1245201
1245202 1245216 1245260 1245431 1245440 1245457 1245498 1245499
1245504 1245506 1245508 1245510 1245540 1245598 1245599 1245621
1245646 1245647 1245649 1245650 1245654 1245658 1245660 1245664
1245665 1245666 1245668 1245669 1245670 1245671 1245675 1245676
1245677 1245679 1245682 1245683 1245684 1245686 1245688 1245689
1245690 1245691 1245695 1245705 1245708 1245711 1245713 1245714
1245719 1245723 1245729 1245730 1245731 1245735 1245737 1245744
1245745 1245746 1245747 1245748 1245749 1245750 1245751 1245752
1245757 1245758 1245765 1245768 1245769 1245777 1245781 1245789
1245812 1245937 1245938 1245939 1245942 1245943 1245945 1245946
1245951 1245952 1245954 1245955 1245957 1245966 1245970 1245976
1245980 1245983 1245986 1246000 1246002 1246006 1246008 1246020
1246023 1246029 1246031 1246037 1246041 1246042 1246044 1246045
1246047 1246049 1246050 1246055 1246073 1246093 1246098 1246109
1246113 1246122 1246125 1246134 1246171 1246173 1246178 1246179
1246182 1246183 1246186 1246188 1246195 1246203 1246212 1246217
1246220 1246221 1246236 1246240 1246243 1246244 1246246 1246249
1246250 1246253 1246258 1246262 1246264 1246266 1246268 1246273
1246283 1246285 1246286 1246287 1246290 1246292 1246293 1246295
1246297 1246333 1246334 1246337 1246342 1246349 1246354 1246358
1246361 1246364 1246370 1246375 1246384 1246385 1246386 1246387
1246438 1246443 1246449 1246453 1246473 1246490 1246506 1246547
1246644 1246695 1246777 1246781 1246870 1246879 1246911 1246965
1247018 1247021 1247023 1247028 1247031 1247033 1247035 1247061
1247062 1247064 1247079 1247089 1247091 1247097 1247098 1247101
1247103 1247104 1247113 1247118 1247123 1247125 1247128 1247132
1247138 1247141 1247143 1247145 1247146 1247147 1247149 1247150
1247151 1247152 1247153 1247154 1247156 1247160 1247164 1247169
1247170 1247171 1247172 1247174 1247176 1247177 1247178 1247181
1247209 1247210 1247227 1247233 1247234 1247236 1247238 1247241
1247251 1247252 1247253 1247255 1247265 1247271 1247273 1247274
1247276 1247277 1247278 1247279 1247282 1247284 1247285 1247288
1247289 1247293 1247308 1247311 1247314 1247317 1247347 1247348
1247349 1247374 1247437 1247450 1247712 1247831 CVE-2019-11135
CVE-2024-10041 CVE-2024-36028 CVE-2024-36348 CVE-2024-36349 CVE-2024-36350
CVE-2024-36357 CVE-2024-39298 CVE-2024-42134 CVE-2024-44963 CVE-2024-49861
CVE-2024-56742 CVE-2024-57947 CVE-2025-21839 CVE-2025-21854 CVE-2025-21872
CVE-2025-22090 CVE-2025-23163 CVE-2025-27613 CVE-2025-27614 CVE-2025-37798
CVE-2025-37856 CVE-2025-37864 CVE-2025-37885 CVE-2025-37920 CVE-2025-37984
CVE-2025-38034 CVE-2025-38035 CVE-2025-38047 CVE-2025-38051 CVE-2025-38052
CVE-2025-38058 CVE-2025-38061 CVE-2025-38062 CVE-2025-38063 CVE-2025-38064
CVE-2025-38074 CVE-2025-38084 CVE-2025-38085 CVE-2025-38087 CVE-2025-38088
CVE-2025-38089 CVE-2025-38090 CVE-2025-38091 CVE-2025-38094 CVE-2025-38095
CVE-2025-38097 CVE-2025-38098 CVE-2025-38099 CVE-2025-38100 CVE-2025-38102
CVE-2025-38105 CVE-2025-38106 CVE-2025-38107 CVE-2025-38108 CVE-2025-38109
CVE-2025-38110 CVE-2025-38111 CVE-2025-38112 CVE-2025-38113 CVE-2025-38114
CVE-2025-38115 CVE-2025-38117 CVE-2025-38118 CVE-2025-38120 CVE-2025-38122
CVE-2025-38123 CVE-2025-38124 CVE-2025-38126 CVE-2025-38127 CVE-2025-38129
CVE-2025-38131 CVE-2025-38132 CVE-2025-38135 CVE-2025-38136 CVE-2025-38138
CVE-2025-38142 CVE-2025-38143 CVE-2025-38145 CVE-2025-38147 CVE-2025-38148
CVE-2025-38149 CVE-2025-38151 CVE-2025-38153 CVE-2025-38154 CVE-2025-38155
CVE-2025-38157 CVE-2025-38158 CVE-2025-38159 CVE-2025-38161 CVE-2025-38162
CVE-2025-38165 CVE-2025-38166 CVE-2025-38173 CVE-2025-38174 CVE-2025-38177
CVE-2025-38180 CVE-2025-38181 CVE-2025-38182 CVE-2025-38183 CVE-2025-38186
CVE-2025-38187 CVE-2025-38188 CVE-2025-38189 CVE-2025-38192 CVE-2025-38193
CVE-2025-38194 CVE-2025-38197 CVE-2025-38198 CVE-2025-38200 CVE-2025-38202
CVE-2025-38203 CVE-2025-38204 CVE-2025-38206 CVE-2025-38210 CVE-2025-38211
CVE-2025-38212 CVE-2025-38213 CVE-2025-38214 CVE-2025-38215 CVE-2025-38217
CVE-2025-38220 CVE-2025-38222 CVE-2025-38225 CVE-2025-38226 CVE-2025-38227
CVE-2025-38229 CVE-2025-38231 CVE-2025-38236 CVE-2025-38238 CVE-2025-38239
CVE-2025-38244 CVE-2025-38246 CVE-2025-38248 CVE-2025-38249 CVE-2025-38250
CVE-2025-38256 CVE-2025-38257 CVE-2025-38259 CVE-2025-38264 CVE-2025-38265
CVE-2025-38268 CVE-2025-38272 CVE-2025-38273 CVE-2025-38275 CVE-2025-38277
CVE-2025-38279 CVE-2025-38283 CVE-2025-38286 CVE-2025-38287 CVE-2025-38288
CVE-2025-38289 CVE-2025-38290 CVE-2025-38291 CVE-2025-38292 CVE-2025-38293
CVE-2025-38299 CVE-2025-38300 CVE-2025-38303 CVE-2025-38304 CVE-2025-38305
CVE-2025-38307 CVE-2025-38310 CVE-2025-38312 CVE-2025-38313 CVE-2025-38315
CVE-2025-38317 CVE-2025-38319 CVE-2025-38323 CVE-2025-38326 CVE-2025-38328
CVE-2025-38332 CVE-2025-38334 CVE-2025-38335 CVE-2025-38336 CVE-2025-38337
CVE-2025-38338 CVE-2025-38342 CVE-2025-38343 CVE-2025-38344 CVE-2025-38345
CVE-2025-38348 CVE-2025-38349 CVE-2025-38350 CVE-2025-38352 CVE-2025-38353
CVE-2025-38354 CVE-2025-38355 CVE-2025-38356 CVE-2025-38361 CVE-2025-38362
CVE-2025-38363 CVE-2025-38364 CVE-2025-38365 CVE-2025-38369 CVE-2025-38371
CVE-2025-38373 CVE-2025-38375 CVE-2025-38376 CVE-2025-38377 CVE-2025-38380
CVE-2025-38382 CVE-2025-38384 CVE-2025-38385 CVE-2025-38386 CVE-2025-38387
CVE-2025-38389 CVE-2025-38391 CVE-2025-38392 CVE-2025-38393 CVE-2025-38395
CVE-2025-38396 CVE-2025-38399 CVE-2025-38400 CVE-2025-38401 CVE-2025-38403
CVE-2025-38404 CVE-2025-38406 CVE-2025-38409 CVE-2025-38410 CVE-2025-38412
CVE-2025-38414 CVE-2025-38415 CVE-2025-38416 CVE-2025-38417 CVE-2025-38420
CVE-2025-38424 CVE-2025-38425 CVE-2025-38426 CVE-2025-38427 CVE-2025-38428
CVE-2025-38429 CVE-2025-38430 CVE-2025-38436 CVE-2025-38443 CVE-2025-38448
CVE-2025-38449 CVE-2025-38453 CVE-2025-38455 CVE-2025-38457 CVE-2025-38460
CVE-2025-38461 CVE-2025-38462 CVE-2025-38463 CVE-2025-38465 CVE-2025-38467
CVE-2025-38468 CVE-2025-38470 CVE-2025-38471 CVE-2025-38473 CVE-2025-38474
CVE-2025-38475 CVE-2025-38476 CVE-2025-38477 CVE-2025-38478 CVE-2025-38480
CVE-2025-38481 CVE-2025-38482 CVE-2025-38483 CVE-2025-38485 CVE-2025-38487
CVE-2025-38489 CVE-2025-38494 CVE-2025-38495 CVE-2025-38496 CVE-2025-38497
CVE-2025-38498 CVE-2025-46835 CVE-2025-48384 CVE-2025-48385 CVE-2025-8058
-----------------------------------------------------------------
The container bci/bci-sle15-kernel-module-devel was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2964-1
Released: Fri Aug 22 14:52:39 2025
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1240058,1246965,CVE-2025-8058
This update for glibc fixes the following issues:
- CVE-2025-8058: Fixed double-free after allocation failure in regcomp. (bsc#1246965)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2970-1
Released: Mon Aug 25 10:27:57 2025
Summary: Security update for pam
Type: security
Severity: moderate
References: 1232234,1246221,CVE-2024-10041
This update for pam fixes the following issues:
- Improve previous CVE-2024-10041 fix which led to CPU performance issues (bsc#1232234)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2997-1
Released: Wed Aug 27 14:04:03 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1139073,1204142,1219338,1225707,1227082,1228664,1230216,1233300,1235515,1235613,1235837,1236333,1236897,1238896,1239061,1239470,1240323,1240696,1240885,1240966,1240998,1241166,1241200,1241345,1241537,1242086,1242414,1242837,1242960,1242965,1242993,1243042,1243068,1243100,1243479,1243669,1243678,1243806,1244309,1244337,1244457,1244735,1244749,1244750,1244792,1244801,1245084,1245151,1245201,1245202,1245216,1245260,1245431,1245440,1245457,1245498,1245499,1245504,1245506,1245508,1245510,1245540,1245598,1245599,1245621,1245646,1245647,1245649,1245650,1245654,1245658,1245660,1245664,1245665,1245666,1245668,1245669,1245670,1245671,1245675,1245676,1245677,1245679,1245682,1245683,1245684,1245686,1245688,1245689,1245690,1245691,1245695,1245705,1245708,1245711,1245713,1245714,1245719,1245723,1245729,1245730,1245731,1245735,1245737,1245744,1245745,1245746,1245747,1245748,1245749,1245750,1245751,1245752,1245757,1245758,1245765,1245768,1245769,1245777,1245781,1245789,1245812,1245937,1
245945,1245951,1245952,1245954,1245955,1245957,1245966,1245970,1245976,1245980,1245983,1245986,1246000,1246002,1246006,1246008,1246020,1246023,1246029,1246031,1246037,1246041,1246042,1246044,1246045,1246047,1246049,1246050,1246055,1246073,1246093,1246098,1246109,1246113,1246122,1246125,1246134,1246171,1246173,1246178,1246179,1246182,1246183,1246186,1246188,1246195,1246203,1246212,1246217,1246220,1246236,1246240,1246243,1246244,1246246,1246249,1246250,1246253,1246258,1246262,1246264,1246266,1246268,1246273,1246283,1246285,1246286,1246287,1246290,1246292,1246293,1246295,1246297,1246333,1246334,1246337,1246342,1246349,1246354,1246358,1246361,1246364,1246370,1246375,1246384,1246385,1246386,1246387,1246438,1246443,1246449,1246453,1246473,1246490,1246506,1246547,1246644,1246695,1246777,1246781,1246870,1246879,1246911,1247018,1247021,1247023,1247028,1247031,1247033,1247035,1247061,1247062,1247064,1247079,1247089,1247091,1247097,1247098,1247101,1247103,1247104,1247113,1247118,1247123,124712
5,1247128,1247132,1247138,1247141,1247143,1247145,1247146,1247147,1247149,1247150,1247151,1247152,1247153,1247154,1247156,1247160,1247164,1247169,1247170,1247171,1247172,1247174,1247176,1247177,1247178,1247181,1247209,1247210,1247227,1247233,1247234,1247236,1247238,1247241,1247251,1247252,1247253,1247255,1247265,1247271,1247273,1247274,1247276,1247277,1247278,1247279,1247282,1247284,1247285,1247288,1247289,1247293,1247308,1247311,1247314,1247317,1247347,1247348,1247349,1247374,1247437,1247450,1247712,1247831,CVE-2019-11135,CVE-2024-36028,CVE-2024-36348,CVE-2024-36349,CVE-2024-36350,CVE-2024-36357,CVE-2024-39298,CVE-2024-42134,CVE-2024-44963,CVE-2024-49861,CVE-2024-56742,CVE-2024-57947,CVE-2025-21839,CVE-2025-21854,CVE-2025-21872,CVE-2025-22090,CVE-2025-23163,CVE-2025-37798,CVE-2025-37856,CVE-2025-37864,CVE-2025-37885,CVE-2025-37920,CVE-2025-37984,CVE-2025-38034,CVE-2025-38035,CVE-2025-38047,CVE-2025-38051,CVE-2025-38052,CVE-2025-38058,CVE-2025-38061,CVE-2025-38062,CVE-2025-38063,CVE
-2025-38064,CVE-2025-38074,CVE-2025-38084,CVE-2025-38085,CVE-2025-38087,CVE-2025-38088,CVE-2025-38089,CVE-2025-38090,CVE-2025-38091,CVE-2025-38094,CVE-2025-38095,CVE-2025-38097,CVE-2025-38098,CVE-2025-38099,CVE-2025-38100,CVE-2025-38102,CVE-2025-38105,CVE-2025-38106,CVE-2025-38107,CVE-2025-38108,CVE-2025-38109,CVE-2025-38110,CVE-2025-38111,CVE-2025-38112,CVE-2025-38113,CVE-2025-38114,CVE-2025-38115,CVE-2025-38117,CVE-2025-38118,CVE-2025-38120,CVE-2025-38122,CVE-2025-38123,CVE-2025-38124,CVE-2025-38126,CVE-2025-38127,CVE-2025-38129,CVE-2025-38131,CVE-2025-38132,CVE-2025-38135,CVE-2025-38136,CVE-2025-38138,CVE-2025-38142,CVE-2025-38143,CVE-2025-38145,CVE-2025-38147,CVE-2025-38148,CVE-2025-38149,CVE-2025-38151,CVE-2025-38153,CVE-2025-38154,CVE-2025-38155,CVE-2025-38157,CVE-2025-38158,CVE-2025-38159,CVE-2025-38161,CVE-2025-38162,CVE-2025-38165,CVE-2025-38166,CVE-2025-38173,CVE-2025-38174,CVE-2025-38177,CVE-2025-38180,CVE-2025-38181,CVE-2025-38182,CVE-2025-38183,CVE-2025-38186,CVE-2025-3
8187,CVE-2025-38188,CVE-2025-38189,CVE-2025-38192,CVE-2025-38193,CVE-2025-38194,CVE-2025-38197,CVE-2025-38198,CVE-2025-38200,CVE-2025-38202,CVE-2025-38203,CVE-2025-38204,CVE-2025-38206,CVE-2025-38210,CVE-2025-38211,CVE-2025-38212,CVE-2025-38213,CVE-2025-38214,CVE-2025-38215,CVE-2025-38217,CVE-2025-38220,CVE-2025-38222,CVE-2025-38225,CVE-2025-38226,CVE-2025-38227,CVE-2025-38229,CVE-2025-38231,CVE-2025-38236,CVE-2025-38238,CVE-2025-38239,CVE-2025-38244,CVE-2025-38246,CVE-2025-38248,CVE-2025-38249,CVE-2025-38250,CVE-2025-38256,CVE-2025-38257,CVE-2025-38259,CVE-2025-38264,CVE-2025-38265,CVE-2025-38268,CVE-2025-38272,CVE-2025-38273,CVE-2025-38275,CVE-2025-38277,CVE-2025-38279,CVE-2025-38283,CVE-2025-38286,CVE-2025-38287,CVE-2025-38288,CVE-2025-38289,CVE-2025-38290,CVE-2025-38291,CVE-2025-38292,CVE-2025-38293,CVE-2025-38299,CVE-2025-38300,CVE-2025-38303,CVE-2025-38304,CVE-2025-38305,CVE-2025-38307,CVE-2025-38310,CVE-2025-38312,CVE-2025-38313,CVE-2025-38315,CVE-2025-38317,CVE-2025-38319,CV
E-2025-38323,CVE-2025-38326,CVE-2025-38328,CVE-2025-38332,CVE-2025-38334,CVE-2025-38335,CVE-2025-38336,CVE-2025-38337,CVE-2025-38338,CVE-2025-38342,CVE-2025-38343,CVE-2025-38344,CVE-2025-38345,CVE-2025-38348,CVE-2025-38349,CVE-2025-38350,CVE-2025-38352,CVE-2025-38353,CVE-2025-38354,CVE-2025-38355,CVE-2025-38356,CVE-2025-38361,CVE-2025-38362,CVE-2025-38363,CVE-2025-38364,CVE-2025-38365,CVE-2025-38369,CVE-2025-38371,CVE-2025-38373,CVE-2025-38375,CVE-2025-38376,CVE-2025-38377,CVE-2025-38380,CVE-2025-38382,CVE-2025-38384,CVE-2025-38385,CVE-2025-38386,CVE-2025-38387,CVE-2025-38389,CVE-2025-38391,CVE-2025-38392,CVE-2025-38393,CVE-2025-38395,CVE-2025-38396,CVE-2025-38399,CVE-2025-38400,CVE-2025-38401,CVE-2025-38403,CVE-2025-38404,CVE-2025-38406,CVE-2025-38409,CVE-2025-38410,CVE-2025-38412,CVE-2025-38414,CVE-2025-38415,CVE-2025-38416,CVE-2025-38417,CVE-2025-38420,CVE-2025-38424,CVE-2025-38425,CVE-2025-38426,CVE-2025-38427,CVE-2025-38428,CVE-2025-38429,CVE-2025-38430,CVE-2025-38436,CVE-2025-
38443,CVE-2025-38448,CVE-2025-38449,CVE-2025-38453,CVE-2025-38455,CVE-2025-38457,CVE-2025-38460,CVE-2025-38461,CVE-2025-38462,CVE-2025-38463,CVE-2025-38465,CVE-2025-38467,CVE-2025-38468,CVE-2025-38470,CVE-2025-38471,CVE-2025-38473,CVE-2025-38474,CVE-2025-38475,CVE-2025-38476,CVE-2025-38477,CVE-2025-38478,CVE-2025-38480,CVE-2025-38481,CVE-2025-38482,CVE-2025-38483,CVE-2025-38485,CVE-2025-38487,CVE-2025-38489,CVE-2025-38494,CVE-2025-38495,CVE-2025-38496,CVE-2025-38497,CVE-2025-38498
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2019-11135: enabled CONFIG_X86_INTEL_TSX_MODE_AUTO (bsc#1139073, bsc#1246695)
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-39298:mm/memory-failure: fix handling of dissolved but not taken off from buddy pages (bsc#1227082).
- CVE-2024-42134: virtio-pci: Check if is_avq is NULL (bsc#1228664).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38047: x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38106: io_uring/sqpoll: do not put task_struct on tctx setup failure (bsc#1245664).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38256: io_uring/rsrc: fix folio unpinning (bsc#1246188).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: kABI workaround for bpf: Do not include stack ptr register in precision backtracking bookkeeping (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38453: kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (bsc#1247234).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38475: smc: Fix various oops due to inet_sock type confusion (bsc#1247308).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- accel/ivpu: Remove copy engine support (stable-fixes).
- acpi: LPSS: Remove AudioDSP related ID (git-fixes).
- acpi: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- acpi: processor: perflib: Fix initial _PPC limit application (git-fixes).
- acpica: Refuse to evaluate a method if arguments are missing (stable-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- alsa: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- alsa: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- alsa: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- alsa: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- alsa: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes).
- alsa: hda/tegra: Add Tegra264 support (stable-fixes).
- alsa: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- alsa: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- alsa: hda: Ignore unsol events for cards being shut down (stable-fixes).
- alsa: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- alsa: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- alsa: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- alsa: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- asoc: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- asoc: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- asoc: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- asoc: amd: yc: update quirk data for HP Victus (stable-fixes).
- asoc: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- asoc: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- asoc: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- asoc: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- asoc: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- asoc: fsl_sai: Force a software reset when starting in consumer mode (git-fixes).
- asoc: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- asoc: mediatek: use reserved memory or enable buffer pre-allocation (git-fixes).
- asoc: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- asoc: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- bluetooth: HCI: Set extended advertising data synchronously (git-fixes).
- bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- bluetooth: btintel: Check if controller is ISO capable on btintel_classify_pkt_type (git-fixes).
- bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- bluetooth: hci_core: add missing braces when using macro parameters (git-fixes).
- bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() (git-fixes).
- bonding: Correctly support GSO ESP offload (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: hkdf - skip TVs with unapproved salt lengths in FIPS mode (bsc#1241200 bsc#1246134).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dax: add a sysfs knob to control memmap_on_memory behavior (bsc#1235515,jsc#PED-12731).
- dax: add a sysfs knob to control memmap_on_memory behavior (bsc#1235515,jsc#PED-12731).
- devlink: Add support for u64 parameters (jsc#PED-12745).
- devlink: Add support for u64 parameters (jsc#PED-12745).
- devlink: avoid param type value translations (jsc#PED-12745).
- devlink: avoid param type value translations (jsc#PED-12745).
- devlink: define enum for attr types of dynamic attributes (jsc#PED-12745).
- devlink: define enum for attr types of dynamic attributes (jsc#PED-12745).
- devlink: introduce devlink_nl_put_u64() (jsc#PED-12745).
- devlink: introduce devlink_nl_put_u64() (jsc#PED-12745).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- documentatiion/ABI: add ABI documentation for sys-bus-dax (bsc#1235515,jsc#PED-12731).
- documentation/ABI: add ABI documentation for sys-bus-dax (bsc#1235515,jsc#PED-12731).
- documentation: ACPI: Fix parent device references (git-fixes).
- documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- dpll: Add basic Microchip ZL3073x support (jsc#PED-12745).
- dpll: Add basic Microchip ZL3073x support (jsc#PED-12745).
- dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-12745).
- dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-12745).
- dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-12745).
- dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-12745).
- dpll: zl3073x: Fetch invariants during probe (jsc#PED-12745).
- dpll: zl3073x: Fetch invariants during probe (jsc#PED-12745).
- dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-12745).
- dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-12745).
- dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-12745).
- dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-12745).
- dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-12745).
- dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-12745).
- dpll: zl3073x: Register DPLL devices and pins (jsc#PED-12745).
- dpll: zl3073x: Register DPLL devices and pins (jsc#PED-12745).
- drm/amd/display: Check dce_hwseq before dereferencing it (stable-fixes).
- drm/amd/display: Correct non-OLED pre_T11_delay (stable-fixes).
- drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/display: Fix RMCM programming seq errors (stable-fixes).
- drm/amd/display: Fix mpv playback corruption on weston (stable-fixes).
- drm/amd/display: Free memory allocation (stable-fixes).
- drm/amd/display: fix initial backlight brightness calculation (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics (stable-fixes).
- drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes).
- drm/amdgpu/ip_discovery: add missing ip_discovery fw (stable-fixes).
- drm/amdgpu: Add kicker device detection (stable-fixes).
- drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences (stable-fixes).
- drm/amdgpu: Increase reset counter only on success (stable-fixes).
- drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git-fixes).
- drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes).
- drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdgpu: seq64 memory unmap uses uninterruptible lock (stable-fixes).
- drm/amdkfd: Do not call mmput from MMU notifier callback (git-fixes).
- drm/amdkfd: Fix instruction hazard in gfx12 trap handler (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/amdkfd: remove gfx 12 trap handler page size cap (stable-fixes).
- drm/bridge: aux-hpd-bridge: fix assignment of the of_node (git-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/connector: hdmi: Evaluate limited range after computing format (git-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git-fixes).
- drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/imagination: Fix kernel crash when hard resetting the GPU (git-fixes).
- drm/mediatek: Add wait_event_timeout when disabling plane (git-fixes).
- drm/mediatek: only announce AFBC if really supported (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/nouveau: check ioctl command codes better (git-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/v3d: Disable interrupts before resetting the GPU (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- drm/xe/bmg: fix compressed VRAM handling (git-fixes).
- drm/xe/guc: Dead CT helper (stable-fixes).
- drm/xe/guc: Explicitly exit CT safe mode on unwind (git-fixes).
- drm/xe/guc_submit: add back fix (git-fixes).
- drm/xe/mocs: Initialize MOCS index early (stable-fixes).
- drm/xe/pf: Clear all LMTT pages on alloc (git-fixes).
- drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes).
- drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes).
- drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes).
- drm/xe/pm: Correct comment of xe_pm_set_vram_threshold() (git-fixes).
- drm/xe/uapi: Correct sync type definition in comments (git-fixes).
- drm/xe/vf: Disable CSC support on VF (git-fixes).
- drm/xe: Allocate PF queue size on pow2 boundary (git-fixes).
- drm/xe: Allow bo mapping on multiple ggtts (stable-fixes).
- drm/xe: Fix DSB buffer coherency (stable-fixes).
- drm/xe: Fix build without debugfs (git-fixes).
- drm/xe: Fix early wedge on GuC load failure (git-fixes).
- drm/xe: Fix taking invalid lock on wedge (stable-fixes).
- drm/xe: Move DSB l2 flush to a more sensible place (git-fixes).
- drm/xe: Replace double space with single space after comma (stable-fixes).
- drm/xe: add interface to request physical alignment for buffer objects (stable-fixes).
- drm/xe: move DPT l2 flush to a more sensible place (git-fixes).
- dt-bindings: dpll: Add DPLL device and pin (jsc#PED-12745).
- dt-bindings: dpll: Add DPLL device and pin (jsc#PED-12745).
- dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-12745).
- dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-12745).
- e1000: Move cancel_work_sync to avoid deadlock (git-fixes).
- enable SMC_LO (a.k.a SMC-D) (jsc#PED-13248).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fix dma_unmap_sg() nents value (git-fixes)
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hid: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- hid: core: do not bypass hid_hw_raw_request (stable-fixes).
- hid: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- hid: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- hid: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- hid: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- ib/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- ice, irdma: fix an off by one in error handling code (bsc#1247712).
- ice, irdma: move interrupts code to irdma (bsc#1247712).
- ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712).
- ice: count combined queues using Rx/Tx count (bsc#1247712).
- ice: devlink PF MSI-X max and min parameter (bsc#1247712).
- ice: enable_rdma devlink param (bsc#1247712).
- ice: fix eswitch code memory leak in reset scenario (git-fixes).
- ice: get rid of num_lan_msix field (bsc#1247712).
- ice: init flow director before RDMA (bsc#1247712).
- ice: remove splitting MSI-X between features (bsc#1247712).
- ice: simplify VF MSI-X managing (bsc#1247712).
- ice: treat dyn_allowed only as suggestion (bsc#1247712).
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- input: iqs7222 - explicitly define number of external channels (git-fixes).
- input: xpad - adjust error handling for disconnect (git-fixes).
- input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- input: xpad - support Acer NGR 200 Controller (stable-fixes).
- io_uring/timeout: fix multishot updates (bsc#1247021).
- io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- irdma: free iwdev->rf after removing MSI-X (bsc#1247712).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- kABI fixes for struct memory_block changes (bsc#1235515,jsc#PED-12731).
- kABI fixes for struct memory_block changes (bsc#1235515,jsc#PED-12731).
- kABI workaround for fw_attributes_class_get() (stable-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kabi/severities: ignore two unused/dropped symbols from MEI
- kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745).
- kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled Fixes: 485ae1da2b88 ('kernel-obs-qa: Use srchash for dependency as well')
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- kvm: SVM: Fix SNP AP destroy race with VMRUN (git-fixes).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- logitech C-270 even more broken (stable-fixes).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes).
- media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: verisilicon: Fix AV1 decoder clock frequency (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- mei: vsc: Destroy mutex after freeing the IRQ (git-fixes).
- mei: vsc: Do not re-init VSC from mei_vsc_hw_reset() on stop (git-fixes).
- mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable-fixes).
- mei: vsc: Event notifier fixes (git-fixes).
- mei: vsc: Fix 'BUG: Invalid wait context' lockdep error (git-fixes).
- mei: vsc: Run event callback from a workqueue (git-fixes).
- mei: vsc: Unset the event callback on remove and probe errors (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mm/memory_hotplug: allow architecture to override memmap on memory support check (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: allow architecture to override memmap on memory support check (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: allow memmap on memory hotplug request to fallback (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: allow memmap on memory hotplug request to fallback (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: embed vmem_altmap details in memory block (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: embed vmem_altmap details in memory block (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: export mhp_supports_memmap_on_memory() (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: export mhp_supports_memmap_on_memory() (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval (git-fixes).
- mm/memory_hotplug: replace an open-coded kmemdup() in (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: replace an open-coded kmemdup() in (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: simplify ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE kconfig (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: simplify ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE kconfig (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: split memmap_on_memory requests across memblocks (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: split memmap_on_memory requests across memblocks (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: support memmap_on_memory when memmap is not aligned to pageblocks (bsc#1235515,jsc#PED-12731).
- mm/memory_hotplug: support memmap_on_memory when memmap is not aligned to pageblocks (bsc#1235515,jsc#PED-12731).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/mlx5: HWS, fix missing ip_version handling in definer (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net/smc: Fix lookup of netdev by using ib_device_get_netdev() (git-fixes bsc#1246217).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netlink: fix policy dump for int with validation callback (jsc#PED-12745).
- netlink: fix policy dump for int with validation callback (jsc#PED-12745).
- netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-12745).
- netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-12745).
- netlink: specs: nfsd: replace underscores with dashes in names (git-fixes).
- netlink: specs: tc: replace underscores with dashes in names (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfs: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- nfs: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- nfs: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- nfs: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- nfsd: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nfsv4.2: another fix for listxattr (git-fixes).
- nfsv4.2: fix listxattr to return selinux security label (git-fixes).
- nfsv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- nfsv4: Always set NLINK even if the server does not support it (git-fixes).
- nfsv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- pci/msi: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- pci: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- pci: endpoint: Fix configfs group list head handling (git-fixes).
- pci: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- pci: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- pci: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- pci: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- pci: rockchip-host: Fix 'Unexpected Completion' log message (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: Fix initialization order for firmware_attributes_class (git-fixes).
- platform/x86: dell-sysman: Directly use firmware_attributes_class (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: firmware_attributes_class: Move include linux/device/class.h (stable-fixes).
- platform/x86: firmware_attributes_class: Simplify API (stable-fixes).
- platform/x86: hp-bioscfg: Directly use firmware_attributes_class (stable-fixes).
- platform/x86: hp-bioscfg: Fix class device unregistration (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: make fw_attr_class constant (stable-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Directly use firmware_attributes_class (stable-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- pm / devfreq: Check governor before using governor->name (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- powerpc/pseries/dlpar: Search DRC index from ibm,drc-indexes for IO add (bsc#1243042 ltc#212167).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- pwm: rockchip: Round period/duty down on apply, up on get (git-fixes).
- rdma/core: Rate limit GID cache warning messages (git-fixes)
- rdma/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- rdma/hns: Drop GFP_NOWARN (git-fixes)
- rdma/hns: Fix -Wframe-larger-than issue (git-fixes)
- rdma/hns: Fix HW configurations not cleared in error flow (git-fixes)
- rdma/hns: Fix accessing uninitialized resources (git-fixes)
- rdma/hns: Fix double destruction of rsv_qp (git-fixes)
- rdma/hns: Get message length of ack_req from FW (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- rdma/mlx5: Fix CC counters query for MPV (git-fixes)
- rdma/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- rdma/mlx5: Fix UMR modifying of mkey page size (git-fixes)
- rdma/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- rdma/mlx5: Fix vport loopback for MPV device (git-fixes)
- rdma/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- rdma/mlx5: reduce stack usage in mlx5_ib_ufile_hw_cleanup (git-fixes)
- rdma/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- rdma/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- rdma/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- re-enable qmi_wwan for arm64 (bsc#1246113)
- reapply 'wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()' (git-fixes).
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- revert 'ACPI: battery: negate current when discharging' (stable-fixes).
- revert 'cgroup_freezer: cgroup_freezing: Check if not frozen' (bsc#1219338).
- revert 'drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1' (stable-fixes).
- revert 'drm/nouveau: check ioctl command codes better' (git-fixes).
- revert 'drm/xe/xe2: Enable Indirect Ring State support for Xe2' (git-fixes).
- revert 'mmc: sdhci: Disable SD card clock before changing parameters' (git-fixes).
- revert 'usb: xhci: Implement xhci_handshake_check_state() helper' (git-fixes).
- revert 'vgacon: Add check for vc_origin address range in vgacon_scroll()' (stable-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too.
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: fnic: Add and improve logs in FDMI and FDMI ABTS paths (bsc#1246644).
- scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (git-fixes).
- scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (git-fixes).
- scsi: fnic: Set appropriate logging level for log message (bsc#1246644).
- scsi: fnic: Turn off FDMI ACTIVE flags on link down (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- smb3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- smb3: send channel sequence number in SMB3 requests after reconnects (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- sprintf.h requires stdarg.h (git-fixes).
- sprintf.h: mask additional include (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- supported.conf: Mark ZL3073X modules supported
- supported.conf: add missing entries for armv7hl
- supported.conf: move nvme-apple to optional again
- supported.conf: sort entries again
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thermal: trip: Use READ_ONCE() for lockless access to trip properties (git-fixes).
- thermal: trip: Use common set of trip type names (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- update config files (bsc#1243678)
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- usb: serial: option: add Foxconn T99W640 (stable-fixes).
- usb: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements (git-fixes).
- wifi: cfg80211: fix S1G beacon head validation in nl80211 (git-fixes).
- wifi: cfg80211: remove scan request n_channels counted_by (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Create separate links for VLAN interfaces (stable-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: finish link init before RCU publish (git-fixes).
- wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: nl80211: Set num_sub_specs before looping through sub_specs (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rt2x00: fix remove callback type mismatch (git-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (bsc#1246449).
- x86/CPU/AMD: Improve the erratum 1386 workaround (git-fixes).
- x86/CPU/AMD: Terminate the erratum_1386_microcode array (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/cpu: Avoid running off the end of an AMD erratum table (git-fixes).
- x86/cpu: Expose only stepping min/max interface (git-fixes).
- x86/cpu: Introduce new microcode matching helper (git-fixes).
- x86/cpu: Move AMD erratum 1386 table over to 'x86_cpu_id' (git-fixes).
- x86/cpu: Replace PEBS use of 'x86_cpu_desc' use with 'x86_cpu_id' (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/mtrr: Rename mtrr_overwrite_state() to guest_force_mtrr_state() (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3012-1
Released: Fri Aug 29 02:07:38 2025
Summary: security update for git, git-lfs, obs-scm-bridge, python-PyYAML
Type: security
Severity: important
References: 1212476,1216545,1218588,1218664,1243197,1245938,1245939,1245942,1245943,1245946,CVE-2025-27613,CVE-2025-27614,CVE-2025-46835,CVE-2025-48384,CVE-2025-48385
This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues:
git was updated from version 2.43.0 to 2.51.0 (bsc#1243197):
- Security issues fixed:
* CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitk(bsc#1245938)
* CVE-2025-27614 Fixed arbitrary script execution via repository clonation in gitk(bsc#1245939)
* CVE-2025-46835 Fixed arbitrary writable file creation in Git GUI when untrusted repository is cloned (bsc#1245942)
* CVE-2025-48384 Fixed the unintentional execution of a script after checkout due to CRLF transforming (bsc#1245943)
* CVE-2025-48385 Fixed arbitrary code execution due to protocol injection via fetching advertised bundle(bsc#1245946)
- Other changes and bugs fixed:
- Other changes and bugs fixed:
* Added SHA256 support (bsc#1243197)
* Git moved to /usr/libexec/git/git and updated AppArmor profile
accordingly (bsc#1218588)
* gitweb AppArmor profile: allow reading etc/gitweb-common.conf (bsc#1218664)
* Do not replace apparmor configuration (bsc#1216545)
* Fixed the Python version required (bsc#1212476)
- Version Updates Release Notes:
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.51.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.1.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.49.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.1.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.1.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.2.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.1.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.3.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.2.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.1.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.44.0.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.3.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.adoc
* https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.adoc
git-lfs is included in version 3.7.0.
python-PyYAML was updated from version 6.0.1 to 6.0.2:
- Added support for Cython 3.x and Python 3.13
obs-scm-bridge was updated from version 0.5.4 to 0.7.4:
- New Features and Improvements:
* Manifest File Support: Support has been added for a `_manifest file`, which serves as a successor to the `_subdirs`
file.
* Control Over Git Information: A new noobsinfo query parameter was added to hide git information in source and binary
files.
* Enhanced Submodule Handling: The system now records the configured branch of submodules and stays on that branch
during checkout.
* Git SHA Tracking: In project mode, the tool now uses git SHA sums instead of md5sum to track package sources.
* SSH URL Support: ssh:// SCM URLs can now be used.
* Improved Error Messages: Error reporting for invalid files within package subdirectories has been improved.
* Standardized Config Location: In project mode, the _config file is now always located in the top-level directory,
even when using subdirs.
* Reduced Unnecessary Changes: In project mode, unnecessary modifications to the package meta URL are now avoided.
* Limit Asset Handling: A new mechanism has been introduced to limit how assets are handled.
* Branch Information Export: The trackingbranch is now exported to scmsync.obsinfo.
- Bugs fixed:
* Syntax Fix: A syntax issue was corrected.
* Git Submodule Parsing: The .gitsubmodule parser was fixed to correctly handle files that contain a mix of spaces and
tabs.
The following package changes have been done:
- glibc-2.38-150600.14.37.1 updated
- pam-1.3.0-150000.6.86.1 updated
- glibc-locale-base-2.38-150600.14.37.1 updated
- kernel-macros-6.4.0-150700.53.11.1 updated
- glibc-locale-2.38-150600.14.37.1 updated
- kernel-devel-6.4.0-150700.53.11.1 updated
- glibc-devel-2.38-150600.14.37.1 updated
- git-core-2.51.0-150600.3.12.1 updated
- kernel-default-devel-6.4.0-150700.53.11.1 updated
- kernel-syms-6.4.0-150700.53.11.1 updated
- container:registry.suse.com-bci-bci-base-15.7-6d58784f25ab2a6683cd03e5c220cdb204e4d82db4b49ea1b4635dbd52b60a5b-0 updated
More information about the sle-container-updates
mailing list