SUSE-IU-2021:620-1: Security update of suse-sles-15-sp3-chost-byos-v20210827-hvm-ssd-x86_64

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Sep 2 06:10:19 UTC 2021


SUSE Image Update Advisory: suse-sles-15-sp3-chost-byos-v20210827-hvm-ssd-x86_64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2021:620-1
Image Tags        : suse-sles-15-sp3-chost-byos-v20210827-hvm-ssd-x86_64:20210827
Image Release     : 
Severity          : critical
Type              : security
References        : 1057452 1065729 1085224 1094840 1102408 1102408 1113295 1138715
                        1138746 1152472 1152489 1153274 1154353 1155518 1156395 1166028
                        1170511 1171962 1172505 1176389 1176447 1176940 1177120 1179243
                        1179416 1180092 1180814 1181805 1182421 1182422 1183543 1183545
                        1183871 1184114 1184350 1184631 1184804 1184994 1185308 1185377
                        1185615 1185646 1185791 1185972 1185991 1185993 1186194 1186206
                        1186347 1186397 1186482 1186483 1186687 1187115 1187215 1187470
                        1187476 1187495 1187585 1187774 1188036 1188063 1188080 1188101
                        1188121 1188126 1188176 1188267 1188268 1188269 1188287 1188323
                        1188348 1188348 1188366 1188405 1188445 1188504 1188571 1188620
                        1188683 1188703 1188720 1188746 1188747 1188748 1188752 1188770
                        1188771 1188772 1188773 1188774 1188777 1188838 1188876 1188881
                        1188885 1188893 1188973 1189206 1189465 1189465 1189520 1189521
                        CVE-2020-12049 CVE-2020-13529 CVE-2020-26137 CVE-2021-20266 CVE-2021-20271
                        CVE-2021-21781 CVE-2021-22543 CVE-2021-33910 CVE-2021-3421 CVE-2021-35039
                        CVE-2021-3609 CVE-2021-3612 CVE-2021-36222 CVE-2021-3659 CVE-2021-3672
                        CVE-2021-3711 CVE-2021-3712 CVE-2021-37576 CVE-2021-38185 CVE-2021-38185
-----------------------------------------------------------------

The container suse-sles-15-sp3-chost-byos-v20210827-hvm-ssd-x86_64 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2606-1
Released:    Wed Aug  4 13:16:09 2021
Summary:     Recommended update for libcbor
Type:        recommended
Severity:    moderate
References:  1102408
This update for libcbor fixes the following issues:

- Implement a fix to avoid building shared library twice. (bsc#1102408)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2625-1
Released:    Thu Aug  5 12:10:27 2021
Summary:     Recommended update for supportutils
Type:        recommended
Severity:    moderate
References:  1185991,1185993,1186347,1186397,1186687,1188348
This update for supportutils fixes the following issues:

ethtool was updated to version 3.1.17:

- Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)
- Adding ethtool options g l m to network.txt (jsc#SLE-18240)
- lsof options to improve performance (bsc#1186687)
- Exclude rhn.conf from etc.txt (bsc#1186347)
- analyzevmcore supports local directories (bsc#1186397)
- getappcore checks for valid compression binary (bsc#1185991)
- getappcore does not trigger errors with help message (bsc#1185993)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2627-1
Released:    Thu Aug  5 12:10:46 2021
Summary:     Recommended maintenance update for systemd-default-settings
Type:        recommended
Severity:    moderate
References:  1188348
This update for systemd-default-settings fixes the following issue:

- Solve a downgrade issue between SUSE Linux Enterprise SP3 and lower (bsc#1188348)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2682-1
Released:    Thu Aug 12 20:06:19 2021
Summary:     Security update for rpm
Type:        security
Severity:    important
References:  1179416,1181805,1183543,1183545,CVE-2021-20266,CVE-2021-20271,CVE-2021-3421
This update for rpm fixes the following issues:

- Changed default package verification level to 'none' to be compatible to rpm-4.14.1
- Made illegal obsoletes a warning
- Fixed a potential access of freed mem in ndb's glue code (bsc#1179416)
- Added support for enforcing signature policy and payload verification step to
  transactions (jsc#SLE-17817)
- Added :humansi and :hmaniec query formatters for human readable output
- Added query selectors for whatobsoletes and whatconflicts
- Added support for sorting caret higher than base version
- rpm does no longer require the signature header to be in a contiguous
  region when signing (bsc#1181805)

Security fixes:

- CVE-2021-3421: A flaw was found in the RPM package in the read functionality. This flaw allows an
  attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM
  repository, to cause RPM database corruption. The highest threat from this vulnerability is to
  data integrity (bsc#1183543)

- CVE-2021-20271: A flaw was found in RPM's signature check functionality when reading a package file.
  This flaw allows an attacker who can convince a victim to install a seemingly verifiable package,
  whose signature header was modified, to cause RPM database corruption and execute code. The highest
  threat from this vulnerability is to data integrity, confidentiality, and system availability (bsc#1183545)

- CVE-2021-20266: A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker
  who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability
  is to system availability.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2687-1
Released:    Sat Aug 14 10:16:41 2021
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1065729,1085224,1094840,1113295,1152472,1152489,1153274,1154353,1155518,1156395,1170511,1176447,1176940,1179243,1180092,1180814,1183871,1184114,1184350,1184631,1184804,1185308,1185377,1185791,1186194,1186206,1186482,1186483,1187215,1187476,1187495,1187585,1188036,1188080,1188101,1188121,1188126,1188176,1188267,1188268,1188269,1188323,1188366,1188405,1188445,1188504,1188620,1188683,1188703,1188720,1188746,1188747,1188748,1188752,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188893,1188973,CVE-2021-21781,CVE-2021-22543,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
- CVE-2021-3609: Fixed a potential local privilege escalation in the  CAN BCM networking protocol (bsc#1187215).
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).

The following non-security bugs were fixed:

- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: DPTF: Fix reading of attributes (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
- ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
- ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
- ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
- ALSA: pcm: Fix mmap capability check (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usx2y: Avoid camelCase (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
- ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
- ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
- ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
- ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
- ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt5682: Disable irq on shutdown (git-fixes).
- ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
- ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
- ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
- Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
- Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
- Bluetooth: Remove spurious error message (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
- Bluetooth: btintel: Check firmware version before download (bsc#1188893).
- Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
- Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
- Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
- Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
- Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
- Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
- Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
- Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
- Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
- Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
- Bluetooth: btusb: Add *setup* function for new generation Intel controllers (bsc#1188893).
- Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
- Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
- Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
- Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
- Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
- Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
- Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
- Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
- Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
- Bluetooth: hci_intel: enable on new platform (bsc#1188893).
- Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
- Bluetooth: hci_qca: fix potential GPF (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: intel-gw: Fix INTx enable (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
- RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
- RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
- RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
- RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
- RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
- RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
- RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
- RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'Bluetooth: btintel: Fix endianness issue for TLV version information' (bsc#1188893).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- Revert 'drm/i915: Propagate errors on awaiting already signaled fences' (git-fixes).
- Revert 'drm: add a locked version of drm_is_current_master' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- Revert 'iwlwifi: remove wide_cmd_header field' (bsc#1187495).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
- bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
- bonding: fix build issue (git-fixes).
- bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
- bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
- bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- coresight: Propagate symlink failure (git-fixes).
- coresight: core: Fix use of uninitialized pointer (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
- docs: virt/kvm: close inline string literal (bsc#1188703).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
- drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
- drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
- drm/amd/display: Fix build warnings (git-fixes).
- drm/amd/display: Fix off-by-one error in DML (git-fixes).
- drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
- drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
- drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
- drm/amdgpu: wait for moving fence after pinning (git-fixes).
- drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
- drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge/sii8620: fix dependency on extcon (git-fixes).
- drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
- drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
- drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
- drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
- drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
- drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/msm: Fix error return code in msm_drm_init() (git-fixes).
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/rockchip: lvds: Fix an error handling path (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/scheduler: Fix hang when sched_entity released (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
- drm/vc4: crtc: Skip the TXP (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
- drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
- drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
- drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
- drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- drm: add a locked version of drm_is_current_master (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
- drm: bridge: add missing word in Analogix help text (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm: rockchip: add missing registers for RK3066 (git-fixes).
- drm: rockchip: add missing registers for RK3188 (git-fixes).
- drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
- i40e: fix PTP on 5Gb links (jsc#SLE-13701).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- integrity: use arch_ima_get_secureboot instead of checking EFI_SECURE_BOOT when loading MokListRT (bsc#1188366).
- intel_th: Wait until port is in reset before programming it (git-fixes).
- iwl-trans: move dev_cmd_offs, page_offs to a common trans header (bsc#1187495).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (git-fixes).
- iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (git-fixes).
- iwlwifi: acpi: evaluate dsm to disable 5.8GHz channels (bsc#1187495).
- iwlwifi: acpi: in non acpi compilations remove iwl_sar_geo_init (bsc#1187495).
- iwlwifi: acpi: prepare SAR profile selection code for multiple sizes (bsc#1187495).
- iwlwifi: acpi: remove dummy definition of iwl_sar_set_profile() (bsc#1187495).
- iwlwifi: acpi: rename geo structs to contain versioning (bsc#1187495).
- iwlwifi: acpi: support ppag table command v2 (bsc#1187495).
- iwlwifi: add a common struct for all iwl_tx_power_cmd versions (bsc#1187495).
- iwlwifi: add trans op to set PNVM (bsc#1187495).
- iwlwifi: align RX status flags with firmware (bsc#1187495).
- iwlwifi: api: fix u32 -> __le32 (bsc#1187495).
- iwlwifi: bump FW API to 57 for AX devices (bsc#1187495).
- iwlwifi: bump FW API to 59 for AX devices (bsc#1187495).
- iwlwifi: calib: Demote seemingly unintentional kerneldoc header (bsc#1187495).
- iwlwifi: dbg: Do not touch the tlv data (bsc#1187495).
- iwlwifi: dbg: add debug host notification (DHN) time point (bsc#1187495).
- iwlwifi: dbg: add dumping special device memory (bsc#1187495).
- iwlwifi: dbg: remove IWL_FW_INI_TIME_POINT_WDG_TIMEOUT (bsc#1187495).
- iwlwifi: do not export acpi functions unnecessarily (bsc#1187495).
- iwlwifi: dvm: Demote a couple of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: devices: Fix function documentation formatting issues (bsc#1187495).
- iwlwifi: dvm: lib: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: rxon: Demote non-conformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: scan: Demote a few nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: sta: Demote a bunch of nonconformant kernel-doc headers (bsc#1187495).
- iwlwifi: dvm: tx: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: enable twt by default (bsc#1187495).
- iwlwifi: fix 11ax disabled bit in the regulatory capability flags (bsc#1187495).
- iwlwifi: fix sar geo table initialization (bsc#1187495).
- iwlwifi: fw: add default value for iwl_fw_lookup_cmd_ver (bsc#1187495).
- iwlwifi: fw: move assert descriptor parser to common code (bsc#1187495).
- iwlwifi: increase PNVM load timeout (bsc#1187495).
- iwlwifi: iwl-drv: Provide descriptions debugfs dentries (bsc#1187495).
- iwlwifi: iwl-trans: move tfd to trans layer (bsc#1187495).
- iwlwifi: move PNVM implementation to common code (bsc#1187495).
- iwlwifi: move all bus-independent TX functions to common code (bsc#1187495).
- iwlwifi: move bc_pool to a common trans header (bsc#1187495).
- iwlwifi: move bc_table_dword to a common trans header (bsc#1187495).
- iwlwifi: msix: limit max RX queues for 9000 family (bsc#1187495).
- iwlwifi: mvm: Add FTM initiator RTT smoothing logic (bsc#1187495).
- iwlwifi: mvm: Do not install CMAC/GMAC key in AP mode (bsc#1187495).
- iwlwifi: mvm: add PROTECTED_TWT firmware API (bsc#1187495).
- iwlwifi: mvm: add a get lmac id function (bsc#1187495).
- iwlwifi: mvm: add an option to add PASN station (bsc#1187495).
- iwlwifi: mvm: add d3 prints (bsc#1187495).
- iwlwifi: mvm: add support for new WOWLAN_TSC_RSC_PARAM version (bsc#1187495).
- iwlwifi: mvm: add support for new version of WOWLAN_TKIP_SETTING_API_S (bsc#1187495).
- iwlwifi: mvm: add support for range request command ver 11 (bsc#1187495).
- iwlwifi: mvm: add support for responder dynamic config command version 3 (bsc#1187495).
- iwlwifi: mvm: assign SAR table revision to the command later (bsc#1187495).
- iwlwifi: mvm: avoid possible NULL pointer dereference (bsc#1187495).
- iwlwifi: mvm: clear all scan UIDs (bsc#1187495).
- iwlwifi: mvm: d3: parse wowlan status version 11 (bsc#1187495).
- iwlwifi: mvm: d3: support GCMP ciphers (bsc#1187495).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: mvm: do not check if CSA event is running before removing (bsc#1187495).
- iwlwifi: mvm: do not send a CSA command the firmware does not know (bsc#1187495).
- iwlwifi: mvm: fix error print when session protection ends (git-fixes).
- iwlwifi: mvm: fix suspicious rcu usage warnings (bsc#1187495).
- iwlwifi: mvm: fix the type we use in the PPAG table validity checks (bsc#1187495).
- iwlwifi: mvm: get number of stations from TLV (bsc#1187495).
- iwlwifi: mvm: ignore the scan duration parameter (bsc#1187495).
- iwlwifi: mvm: initiator: add option for adding a PASN responder (bsc#1187495).
- iwlwifi: mvm: location: set the HLTK when PASN station is added (bsc#1187495).
- iwlwifi: mvm: ops: Remove unused static struct 'iwl_mvm_debug_names' (bsc#1187495).
- iwlwifi: mvm: prepare roc_done_wk to work sync (bsc#1187495).
- iwlwifi: mvm: process ba-notifications also when sta rcu is invalid (bsc#1187495).
- iwlwifi: mvm: re-enable TX after channel switch (bsc#1187495).
- iwlwifi: mvm: read and parse SKU ID if available (bsc#1187495).
- iwlwifi: mvm: remove memset of kek_kck command (bsc#1187495).
- iwlwifi: mvm: remove redundant log in iwl_mvm_tvqm_enable_txq() (bsc#1187495).
- iwlwifi: mvm: remove redundant support_umac_log field (bsc#1187495).
- iwlwifi: mvm: responder: allow to set only the HLTK for an associated station (bsc#1187495).
- iwlwifi: mvm: ring the doorbell and wait for PNVM load completion (bsc#1187495).
- iwlwifi: mvm: rs-fw: handle VHT extended NSS capability (bsc#1187495).
- iwlwifi: mvm: send stored PPAG command instead of local (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT feature if supported by firmware (bsc#1187495).
- iwlwifi: mvm: set PROTECTED_TWT in MAC data policy (bsc#1187495).
- iwlwifi: mvm: set enabled in the PPAG command properly (bsc#1187495).
- iwlwifi: mvm: stop claiming NL80211_EXT_FEATURE_SET_SCAN_DWELL (bsc#1187495).
- iwlwifi: mvm: store PPAG enabled/disabled flag properly (bsc#1187495).
- iwlwifi: mvm: support ADD_STA_CMD_API_S ver 12 (bsc#1187495).
- iwlwifi: mvm: support more GTK rekeying algorithms (bsc#1187495).
- iwlwifi: mvm: support new KEK KCK api (bsc#1187495).
- iwlwifi: mvm: tx: Demote misuse of kernel-doc headers (bsc#1187495).
- iwlwifi: mvm: use CHECKSUM_COMPLETE (bsc#1187495).
- iwlwifi: mvm: utils: Fix some doc-rot (bsc#1187495).
- iwlwifi: pcie: avoid potential PNVM leaks (bsc#1187495).
- iwlwifi: pcie: do not disable interrupts for reg_lock (bsc#1187495).
- iwlwifi: pcie: fix context info freeing (git-fixes).
- iwlwifi: pcie: fix the xtal latency value for a few qu devices (bsc#1187495).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- iwlwifi: pcie: implement set_pnvm op (bsc#1187495).
- iwlwifi: pcie: make iwl_pcie_txq_update_byte_cnt_tbl bus independent (bsc#1187495).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices (bsc#1187495).
- iwlwifi: phy-ctxt: add new API VER 3 for phy context cmd (bsc#1187495).
- iwlwifi: pnvm: do not skip everything when not reloading (bsc#1187495).
- iwlwifi: pnvm: do not try to load after failures (bsc#1187495).
- iwlwifi: pnvm: increment the pointer before checking the TLV (bsc#1187495).
- iwlwifi: pnvm: set the PNVM again if it was already loaded (bsc#1187495).
- iwlwifi: provide gso_type to GSO packets (bsc#1187495).
- iwlwifi: queue: bail out on invalid freeing (bsc#1187495).
- iwlwifi: read and parse PNVM file (bsc#1187495).
- iwlwifi: regulatory: regulatory capabilities api change (bsc#1187495).
- iwlwifi: remove iwl_validate_sar_geo_profile() export (bsc#1187495).
- iwlwifi: remove wide_cmd_header field (bsc#1187495).
- iwlwifi: rs: Demote non-compliant kernel-doc headers (bsc#1187495).
- iwlwifi: rs: align to new TLC config command API (bsc#1187495).
- iwlwifi: rs: set RTS protection for all non legacy rates (bsc#1187495).
- iwlwifi: sta: defer ADDBA transmit in case reclaimed SN != next SN (bsc#1187495).
- iwlwifi: stats: add new api fields for statistics cmd/ntfy (bsc#1187495).
- iwlwifi: support REDUCE_TX_POWER_CMD version 6 (bsc#1187495).
- iwlwifi: support version 3 of GEO_TX_POWER_LIMIT (bsc#1187495).
- iwlwifi: support version 5 of the alive notification (bsc#1187495).
- iwlwifi: thermal: support new temperature measurement API (bsc#1187495).
- iwlwifi: update prph scratch structure to include PNVM data (bsc#1187495).
- iwlwifi: use correct group for alive notification (bsc#1187495).
- iwlwifi: wowlan: adapt to wowlan status API version 10 (bsc#1187495).
- iwlwifi: yoyo: add support for internal buffer allocation in D3 (bsc#1187495).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- ixgbevf: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- kABI compatibility fix for max98373_priv struct (git-fixes).
- kABI workaround for btintel symbol changes (bsc#1188893).
- kABI workaround for intel_th_driver (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- kabi/severities: ignore kABI of iwlwifi symbols (bsc#1187495) iwlwifi driver consists of several modules and all exported symbols are internal uses. Let's ignore kABI checks of those.
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- kernel-binary.spec: Remove obsolete and wrong comment mkmakefile is repleced by echo on newer kernel
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: class: The -ENOTSUPP should never be seen by user space (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- mac80211: consider per-CPU statistics if present (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- mac80211: reset profile_periodicity/ema_ap (git-fixes).
- mac80211_hwsim: add concurrent channels scanning support over virtio (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: fix fixed-rate tx status reporting (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: mt7915: fix IEEE80211_HE_PHY_CAP7_MAX_NC for station mode (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mvpp2: suppress warning (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net/sched: act_ct: remove and free nf_table callbacks (jsc#SLE-15172).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: fec_ptp: fix issue caused by refactor the fec_devtype (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: ipw2x00,iwlegacy,iwlwifi: Remove in_interrupt() from debug macros (bsc#1187495).
- net: iwlwifi: Remove in_interrupt() from tracing macro (bsc#1187495).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: netdevsim: use xso.real_dev instead of xso.dev in callback functions of struct xfrmdev_ops (bsc#1176447).
- net: phy: fix save wrong speed and duplex problem if autoneg is on (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: phy: realtek: add delay to fix RXC generation issue (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo (bsc#1176447).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- prctl: PR_{G,S}ET_IO_FLUSHER to support controlling memory reclaim (bsc#1188752).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- rtw88: 8822c: fix lc calibration timing (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- scsi: ibmvfc: Fix command state accounting and stale response detection (jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: 8250_pci: Add support for new HPE serial device (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: fsl_lpuart: remove RTSCTS handling from get_mctrl() (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- skbuff: Fix build with SKB extensions disabled (jsc#SLE-15172).
- skbuff: Release nfct refcount on napi stolen or re-used skbs (jsc#SLE-15172).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- thermal/drivers/int340x/processor_thermal: Fix tcc setting (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- thunderbolt: Bond lanes only when dual_link_port != NULL in alloc_dev_default() (git-fixes).
- timers: Fix get_next_timer_interrupt() with no timers pending (git-fixes)
- tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing/histograms: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(&port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: update power supply once partner accepts (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: Fix xfrm offload fallback fail case (bsc#1176447).
- xfrm: delete xfrm4_output_finish xfrm6_output_finish declarations (bsc#1176447).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- xsk: Fix missing validation for skb and unaligned mode (jsc#SLE-13706).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2689-1
Released:    Mon Aug 16 10:54:52 2021
Summary:     Security update for cpio
Type:        security
Severity:    important
References:  1189206,CVE-2021-38185
This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2760-1
Released:    Tue Aug 17 17:11:14 2021
Summary:     Security update for c-ares
Type:        security
Severity:    important
References:  1188881,CVE-2021-3672
This update for c-ares fixes the following issues:

Version update to git snapshot 1.17.1+20200724:

- CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881)
- If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash
- Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response
- Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing
- Use unbuffered /dev/urandom for random data to prevent early startup performance issues

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2763-1
Released:    Tue Aug 17 17:16:22 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465
This update for cpio fixes the following issues:

- A regression in last update would cause builds to hang on various architectures(bsc#1189465)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2780-1
Released:    Thu Aug 19 16:09:15 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465,CVE-2021-38185
This update for cpio fixes the following issues:

- A regression in the previous update could lead to crashes (bsc#1189465)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2786-1
Released:    Fri Aug 20 02:02:23 2021
Summary:     Recommended update for bash
Type:        recommended
Severity:    important
References:  1057452,1188287
This update for bash fixes the following issues:

- Allow process group assignment even for modern kernels (bsc#1057452, bsc#1188287)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2800-1
Released:    Fri Aug 20 10:43:04 2021
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1188571,CVE-2021-36222
This update for krb5 fixes the following issues:

- CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2805-1
Released:    Mon Aug 23 07:01:37 2021
Summary:     Recommended update for dracut
Type:        recommended
Severity:    moderate
References:  1185615,1185646,1187115,1187470,1187774
This update for dracut fixes the following issues:

- Correct man pages regarding the 'INITRD_MODULES' as some parts already invalid. (bsc#1187115)
- Fixed an issue when running mkinitrd inproper arch is being expanded. (bsc#1185615)
- Fix for 'suse-initrd' exclude modules that are built-in to prevent failing modules to be installed. (bsc#1185646)
- Fix informing on usage of obsolete -f parameter. (bsc#1187470)
- Fix reference to 'insmodpost module' in the documentation. (bsc#1187774)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2809-1
Released:    Mon Aug 23 12:12:31 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1166028,1171962,1184994,1185972,1188063,CVE-2020-13529,CVE-2021-33910
This update for systemd fixes the following issues:

- Updated to version 246.15
- CVE-2021-33910: Fixed a denial of service issue in systemd. (bsc#1188063)
- CVE-2020-13529: Fixed an issue that allows crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. (bsc#1185972)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2810-1
Released:    Mon Aug 23 12:14:30 2021
Summary:     Security update for dbus-1
Type:        security
Severity:    moderate
References:  1172505,CVE-2020-12049
This update for dbus-1 fixes the following issues:

- CVE-2020-12049: truncated messages lead to resource exhaustion. (bsc#1172505)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2817-1
Released:    Mon Aug 23 15:05:36 2021
Summary:     Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3
Type:        security
Severity:    moderate
References:  1102408,1138715,1138746,1176389,1177120,1182421,1182422,CVE-2020-26137
This patch updates the Python AWS SDK stack in SLE 15:

General:

# aws-cli

- Version updated to upstream release v1.19.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-boto3

- Version updated to upstream release 1.17.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-botocore

- Version updated to upstream release 1.20.9
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-urllib3

- Version updated to upstream release 1.25.10
  For a detailed list of all changes, please refer to the changelog file of this package.

# python-service_identity

- Added this new package to resolve runtime dependencies for other packages.
  Version: 18.1.0

# python-trustme

- Added this new package to resolve runtime dependencies for other packages.
  Version: 0.6.0

Security fixes:

# python-urllib3:
  
- CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated
  by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2830-1
Released:    Tue Aug 24 16:20:18 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1189520,1189521,CVE-2021-3711,CVE-2021-3712
This update for openssl-1_1 fixes the following security issues:

- CVE-2021-3711: A bug in the implementation of the SM2 decryption code
  could lead to buffer overflows. [bsc#1189520]

- CVE-2021-3712: a bug in the code for printing certificate details could
  lead to a buffer overrun that a malicious actor could exploit to crash
  the application, causing a denial-of-service attack. [bsc#1189521]



More information about the sle-security-updates mailing list