SUSE-SU-2022:4585-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Dec 20 17:38:26 UTC 2022
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4585-1
Rating: important
References: #1065729 #1156395 #1164051 #1184350 #1189297
#1190256 #1193629 #1194869 #1202341 #1203183
#1203391 #1203511 #1203960 #1204228 #1204405
#1204414 #1204631 #1204636 #1204693 #1204780
#1204810 #1204850 #1205007 #1205100 #1205111
#1205113 #1205128 #1205130 #1205149 #1205153
#1205220 #1205264 #1205282 #1205331 #1205332
#1205427 #1205428 #1205473 #1205507 #1205514
#1205521 #1205567 #1205616 #1205617 #1205653
#1205671 #1205679 #1205683 #1205700 #1205705
#1205709 #1205711 #1205744 #1205764 #1205796
#1205882 #1205993 #1206035 #1206036 #1206037
#1206045 #1206046 #1206047 #1206048 #1206049
#1206050 #1206051 #1206056 #1206057 #1206113
#1206114 #1206147 #1206149 #1206207 PED-1573
PED-1706 PED-1936 PED-2684 PED-611 PED-824
PED-849
Cross-References: CVE-2022-2602 CVE-2022-3176 CVE-2022-3566
CVE-2022-3567 CVE-2022-3635 CVE-2022-3643
CVE-2022-3707 CVE-2022-3903 CVE-2022-4095
CVE-2022-4129 CVE-2022-4139 CVE-2022-41850
CVE-2022-41858 CVE-2022-42328 CVE-2022-42329
CVE-2022-42895 CVE-2022-42896 CVE-2022-4378
CVE-2022-43945 CVE-2022-45869 CVE-2022-45888
CVE-2022-45934
CVSS scores:
CVE-2022-2602 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3566 (NVD) : 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3566 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3567 (NVD) : 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3567 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3635 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3635 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3643 (NVD) : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE-2022-3643 (SUSE): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVE-2022-3707 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3903 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3903 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-4095 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-4129 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-4129 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-4139 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41850 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41850 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2022-41858 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42328 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42328 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42329 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42329 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42895 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-42895 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-42896 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42896 (SUSE): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-4378 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43945 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-43945 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45869 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-45869 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-45888 (NVD) : 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45888 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2022-45934 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45934 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that solves 22 vulnerabilities, contains 7
features and has 52 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
- CVE-2022-42328: Guests could trigger denial of service via the netback
driver (bsc#1206114).
- CVE-2022-42329: Guests could trigger denial of service via the netback
driver (bsc#1206113).
- CVE-2022-3643: Guests could trigger NIC interface reset/abort/crash via
netback driver (bsc#1206113).
- CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file
drivers/atm/idt77252.c (bsc#1204631).
- CVE-2022-41850: Fixed a race condition in roccat_report_event() in
drivers/hid/hid-roccat.c (bsc#1203960).
- CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in
l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
- CVE-2022-3567: Fixed a to race condition in
inet6_stream_ops()/inet6_dgram_ops() (bsc#1204414).
- CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in
drivers/net/slip (bsc#1205671).
- CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation
(bsc#1205128).
- CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
- CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver
USB driver (bsc#1205220).
- CVE-2022-45869: Fixed a race condition in the x86 KVM subsystem which
could cause a denial of service (bsc#1205882).
- CVE-2022-45888: Fixed a use-after-free during physical removal of a USB
devices when using drivers/char/xillybus/xillyusb.c (bsc#1205764).
- CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU
to access any physical memory (bsc#1205700).
- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling
Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a
race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2022-42896: Fixed a use-after-free vulnerability in the
net/bluetooth/l2cap_core.c's l2cap_connect() and l2cap_le_connect_req()
which may have allowed code execution and leaking kernel memory
(respectively) remotely via Bluetooth (bsc#1205709).
- CVE-2022-42895: Fixed an information leak in the
net/bluetooth/l2cap_core.c's l2cap_parse_conf_req() which can be used to
leak kernel pointers remotely (bsc#1205705).
- CVE-2022-3566: Fixed a race condition in the functions
tcp_getsockopt/tcp_setsockopt. The manipulation leads to a race
condition (bsc#1204405).
- CVE-2022-2602: Fixed a local privilege escalation vulnerability
involving Unix socket Garbage Collection and io_uring (bsc#1204228).
- CVE-2022-3176: Fixed a use-after-free in io_uring related to
signalfd_poll() and binder_poll() (bsc#1203391).
- CVE-2022-3707: Fixed a double free in the Intel GVT-g graphics driver
(bsc#1204780).
The following non-security bugs were fixed:
- ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() (git-fixes).
- ACPI: HMAT: Fix initiator registration for single-initiator systems
(git-fixes).
- ACPI: HMAT: remove unnecessary variable initialization (git-fixes).
- ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[] (git-fixes).
- ACPI: x86: Add another system to quirk list for forcing StorageD3Enable
(git-fixes).
- ALSA: dice: fix regression for Lexicon I-ONIX FW810S (git-fixes).
- ALSA: hda/ca0132: add quirk for EVGA Z390 DARK (git-fixes).
- ALSA: hda/hdmi - enable runtime pm for more AMD display audio
(git-fixes).
- ALSA: hda/realtek: Add Positivo C6300 model quirk (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41 (git-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
(bsc#1205100).
- ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
(bsc#1205100).
- ALSA: hda: fix potential memleak in 'add_widget_node' (git-fixes).
- ALSA: usb-audio: Add DSD support for Accuphase DAC-60 (git-fixes).
- ALSA: usb-audio: Add quirk entry for M-Audio Micro (git-fixes).
- ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
(git-fixes).
- ALSA: usb-audio: Remove redundant workaround for Roland quirk
(bsc#1205111).
- ALSA: usb-audio: Yet more regression for for the delayed card
registration (bsc#1205111).
- ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue
(git-fixes).
- ARM: at91: rm9200: fix usb device clock id (git-fixes).
- ARM: dts: am335x-pcm-953: Define fixed regulators in root node
(git-fixes).
- ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl (git-fixes).
- ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
(git-fixes).
- ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
(git-fixes).
- ARM: dts: imx7: Fix NAND controller size-cells (git-fixes).
- ARM: mxs: fix memory leak in mxs_machine_init() (git-fixes).
- ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 (git-fixes).
- ASoC: Intel: sof_sdw: add quirk variant for LAPBC710 NUC15 (git-fixes).
- ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source",
"Routee" -> "Route" (git-fixes).
- ASoC: codecs: jz4725b: add missed Line In power control bit (git-fixes).
- ASoC: codecs: jz4725b: fix capture selector naming (git-fixes).
- ASoC: codecs: jz4725b: fix reported volume for Master ctl (git-fixes).
- ASoC: codecs: jz4725b: use right control for Capture Volume (git-fixes).
- ASoC: core: Fix use-after-free in snd_soc_exit() (git-fixes).
- ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N (git-fixes).
- ASoC: fsl_sai: use local device pointer (git-fixes).
- ASoC: max98373: Add checks for devm_kcalloc (git-fixes).
- ASoC: mt6660: Keep the pm_runtime enables before component stuff in
mt6660_i2c_probe (git-fixes).
- ASoC: ops: Fix bounds check for _sx controls (git-fixes).
- ASoC: rt1019: Fix the TDM settings (git-fixes).
- ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove (git-fixes).
- ASoC: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes).
- ASoC: soc-utils: Remove __exit for snd_soc_util_exit() (git-fixes).
- ASoC: stm32: dfsdm: manage cb buffers cleanup (git-fixes).
- ASoC: tas2764: Fix set_tdm_slot in case of single slot (git-fixes).
- ASoC: tas2770: Fix set_tdm_slot in case of single slot (git-fixes).
- ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK (git-fixes).
- Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn()
(git-fixes).
- Bluetooth: Fix not cleanup led when bt_init fails (git-fixes).
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
(git-fixes).
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory
(git-fixes).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm (git-fixes).
- Decrease the number of SMB3 smbdirect client SGEs (bsc#1193629).
- Drivers: hv: Always reserve framebuffer region for Gen1 VMs (git-fixes).
- Drivers: hv: Fix syntax errors in comments (git-fixes).
- Drivers: hv: Never allocate anything besides framebuffer from
framebuffer memory region (git-fixes).
- Drivers: hv: fix repeated words in comments (git-fixes).
- Drivers: hv: remove duplicate word in a comment (git-fixes).
- Drivers: hv: vmbus: Accept hv_sock offers in isolated guests (git-fixes).
- Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
- Drivers: hv: vmbus: Do not wait for the ACPI device upon initialization
(git-fixes).
- Drivers: hv: vmbus: Fix kernel-doc (git-fixes).
- Drivers: hv: vmbus: Optimize vmbus_on_event (git-fixes).
- Drivers: hv: vmbus: Release cpu lock in error case (git-fixes).
- Drivers: hv: vmbus: Use PCI_VENDOR_ID_MICROSOFT for better
discoverability (git-fixes).
- Drivers: hv: vmbus: fix double free in the error path of
vmbus_add_channel_work() (git-fixes).
- Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register()
(git-fixes).
- Drivers: hv: vmbus: fix typo in comment (git-fixes).
- Fix formatting of client smbdirect RDMA logging (bsc#1193629).
- HID: core: fix shift-out-of-bounds in hid_report_raw_event (git-fixes).
- HID: hid-lg4ff: Add check for empty lbuf (git-fixes).
- HID: hyperv: fix possible memory leak in mousevsc_probe() (git-fixes).
- HID: playstation: add initial DualSense Edge controller support
(git-fixes).
- HID: saitek: add madcatz variant of MMO7 mouse device ID (git-fixes).
- Handle variable number of SGEs in client smbdirect send (bsc#1193629).
- IB/hfi1: Correctly move list in sc_disable() (git-fixes)
- IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers (git-fixes)
- Input: goodix - try resetting the controller when no config is set
(git-fixes).
- Input: i8042 - fix leaking of platform device on module removal
(git-fixes).
- Input: iforce - invert valid length check when fetching device IDs
(git-fixes).
- Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
(git-fixes).
- Input: soc_button_array - add Acer Switch V 10 to
dmi_use_low_level_irq[] (git-fixes).
- Input: soc_button_array - add use_low_level_irq module parameter
(git-fixes).
- Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode
(git-fixes).
- KVM: Move wiping of the kvm->vcpus array to common code (git-fixes).
- KVM: SEV: Mark nested locking of vcpu->lock (git-fixes).
- KVM: SVM: Disable SEV-ES support if MMIO caching is disable (git-fixes).
- KVM: SVM: Stuff next_rip on emulated INT3 injection if NRIPS is
supported (git-fixes).
- KVM: SVM: adjust register allocation for __svm_vcpu_run() (git-fixes).
- KVM: SVM: move guest vmsave/vmload back to assembly (git-fixes).
- KVM: SVM: replace regs argument of __svm_vcpu_run() with vcpu_svm
(git-fixes).
- KVM: SVM: retrieve VMCB from assembly (git-fixes).
- KVM: VMX: Add helper to check if the guest PMU has PERF_GLOBAL_CTRL
(git-fixes).
- KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
(git-fixes).
- KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no
vPMU (git-fixes).
- KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled
(bsc#1205007).
- KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING unavailable
(git-fixes).
- KVM: nVMX: Always enable TSC scaling for L2 when it was enabled for L1
(git-fixes).
- KVM: nVMX: Attempt to load PERF_GLOBAL_CTRL on nVMX xfer iff it exists
(git-fixes).
- KVM: nVMX: Rename handle_vm{on,off}() to handle_vmx{on,off}()
(git-fixes).
- KVM: s390: Add a routine for setting userspace CPU state (git-fixes
jsc#PED-611).
- KVM: s390: Simplify SIGP Set Arch handling (git-fixes jsc#PED-611).
- KVM: s390: pv: do not allow userspace to set the clock under PV
(git-fixes).
- KVM: s390: pv: leak the topmost page table when destroy fails
(git-fixes).
- KVM: x86/mmu: Fix wrong/misleading comments in TDP MMU fast zap
(git-fixes).
- KVM: x86/mmu: WARN if old _or_ new SPTE is REMOVED in non-atomic path
(git-fixes).
- KVM: x86/mmu: fix memoryleak in kvm_mmu_vendor_module_init() (git-fixes).
- KVM: x86/pmu: Fix and isolate TSX-specific performance event logic
(git-fixes).
- KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog
(git-fixes).
- KVM: x86/pmu: Use different raw event masks for AMD and Intel
(git-fixes).
- KVM: x86/svm: Account for family 17h event renumberings in
amd_pmc_perf_hw_id (git-fixes).
- KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
kvm_pv_kick_cpu_op() (git-fixes).
- KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest (git-fixes).
- KVM: x86: Mask off reserved bits in CPUID.80000001H (git-fixes).
- KVM: x86: Mask off reserved bits in CPUID.80000006H (git-fixes).
- KVM: x86: Mask off reserved bits in CPUID.80000008H (git-fixes).
- KVM: x86: Mask off reserved bits in CPUID.8000001AH (git-fixes).
- KVM: x86: Report error when setting CPUID if Hyper-V allocation fails
(git-fixes).
- KVM: x86: Retry page fault if MMU reload is pending and root has no sp
(bsc#1205744).
- KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
(git-fixes).
- KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1)
(git-fixes).
- KVM: x86: Use __try_cmpxchg_user() to emulate atomic accesses
(git-fixes).
- KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits
(git-fixes).
- KVM: x86: avoid loading a vCPU after .vm_destroy was called (git-fixes).
- KVM: x86: emulator: em_sysexit should update ctxt->mode (git-fixes).
- KVM: x86: emulator: introduce emulator_recalc_and_set_mode (git-fixes).
- KVM: x86: emulator: update the emulation mode after CR0 write
(git-fixes).
- KVM: x86: emulator: update the emulation mode after rsm (git-fixes).
- KVM: x86: use a separate asm-offsets.c file (git-fixes).
- MIPS: Loongson: Use hwmon_device_register_with_groups() to register
hwmon (git-fixes).
- NFC: nci: Bounds check struct nfc_target arrays (git-fixes).
- NFC: nci: fix memory leak in nci_rx_data_packet() (git-fixes).
- PCI: Move PCI_VENDOR_ID_MICROSOFT/PCI_DEVICE_ID_HYPERV_VIDEO definitions
to pci_ids.h (git-fixes).
- PCI: hv: Add validation for untrusted Hyper-V values (git-fixes).
- PCI: hv: Fix the definition of vector in hv_compose_msi_msg()
(git-fixes).
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cm: Use SLID in the work completion as the DLID in responder side
(git-fixes)
- RDMA/cma: Use output interface for net_dev check (git-fixes)
- RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (git-fixes)
- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)
- RDMA/hfi1: Prevent use of lock before it is initialized (git-fixes)
- RDMA/hfi1: fix potential memory leak in setup_base_ctxt() (git-fixes)
- RDMA/hns: Correct the type of variables participating in the shift
operation (git-fixes)
- RDMA/hns: Disable local invalidate operation (git-fixes)
- RDMA/hns: Fix incorrect clearing of interrupt status register (git-fixes)
- RDMA/hns: Fix supported page size (git-fixes)
- RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift (git-fixes)
- RDMA/hns: Remove magic number (git-fixes)
- RDMA/hns: Remove the num_cqc_timer variable (git-fixes)
- RDMA/hns: Remove the num_qpc_timer variable (git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP
(git-fixes)
- RDMA/hns: Replace tab with space in the right-side comments (git-fixes)
- RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx()
(git-fixes)
- RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (git-fixes)
- RDMA/irdma: Use s/g array in post send only when its valid (git-fixes)
- RDMA/mlx5: Set local port to one when accessing counters (git-fixes)
- RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
(git-fixes)
- RDMA/rtrs-clt: Use the right sg_cnt after ib_dma_map_sg (git-fixes)
- RDMA/rtrs-srv: Fix modinfo output for stringify (git-fixes)
- RDMA/rxe: Limit the number of calls to each tasklet (git-fixes)
- RDMA/rxe: Remove useless pkt parameters (git-fixes)
- Reduce client smbdirect max receive segment size (bsc#1193629).
- SCSI: scsi_probe_lun: retry INQUIRY after timeout (bsc#1189297).
- SMB3: fix lease break timeout when multiple deferred close handles for
the same file (bsc#1193629).
- USB: bcma: Make GPIO explicitly optional (git-fixes).
- USB: serial: option: add Fibocom FM160 0x0111 composition (git-fixes).
- USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
- USB: serial: option: add u-blox LARA-L6 modem (git-fixes).
- USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
- USB: serial: option: remove old LARA-R6 PID (git-fixes).
- arcnet: fix potential memory leak in com20020_probe() (git-fixes).
- arm64/syscall: Include asm/ptrace.h in syscall_wrapper header
(git-fixes).
- arm64: Add AMPERE1 to the Spectre-BHB affected list (git-fixes).
- arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro (git-fixes)
- arm64: dts: imx8: correct clock order (git-fixes).
- arm64: dts: imx8mm: Fix NAND controller size-cells (git-fixes).
- arm64: dts: imx8mn: Fix NAND controller size-cells (git-fixes).
- arm64: dts: juno: Add thermal critical trip points (git-fixes).
- arm64: dts: ls1088a: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: ls208xa: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: lx2160a: specify clock frequencies for the MDIO controllers
(git-fixes).
- arm64: dts: qcom: sa8155p-adp: Specify which LDO modes are allowed
(git-fixes).
- arm64: dts: qcom: sm8150-xperia-kumano: Specify which LDO modes are
allowed (git-fixes).
- arm64: dts: qcom: sm8250-xperia-edo: Specify which LDO modes are allowed
(git-fixes).
- arm64: dts: qcom: sm8350-hdk: Specify which LDO modes are allowed
(git-fixes).
- arm64: dts: rockchip: add enable-strobe-pulldown to emmc phy on nanopi4
(git-fixes).
- arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock
frequency (git-fixes).
- arm64: efi: Fix handling of misaligned runtime regions and drop warning
(git-fixes).
- arm64: entry: avoid kprobe recursion (git-fixes).
- arm64: errata: Add Cortex-A55 to the repeat tlbi list (git-fixes).
Enable CONFIG_ARM64_ERRATUM_2441007, too
- arm64: errata: Remove AES hwcap for COMPAT tasks (git-fixes) Enable
CONFIG_ARM64_ERRATUM_1742098 in arm64/default
- arm64: fix rodata=full again (git-fixes)
- ata: libata-core: do not issue non-internal commands once EH is pending
(git-fixes).
- ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure (git-fixes).
- ata: libata-scsi: simplify __ata_scsi_queuecmd() (git-fixes).
- ata: libata-transport: fix double ata_host_put() in ata_tport_add()
(git-fixes).
- ata: libata-transport: fix error handling in ata_tdev_add() (git-fixes).
- ata: libata-transport: fix error handling in ata_tlink_add() (git-fixes).
- ata: libata-transport: fix error handling in ata_tport_add() (git-fixes).
- audit: fix undefined behavior in bit shift for AUDIT_BIT (git-fixes).
- blk-cgroup: fix missing put device in error path from blkg_conf_pref()
(git-fixes).
- blk-mq: Properly init requests from blk_mq_alloc_request_hctx()
(git-fixes).
- blk-mq: do not create hctx debugfs dir until q->debugfs_dir is created
(git-fixes).
- blk-mq: fix io hung due to missing commit_rqs (git-fixes).
- blk-wbt: call rq_qos_add() after wb_normal is initialized (git-fixes).
- blktrace: Trace remapped requests correctly (git-fixes).
- block/rnbd-srv: Set keep_id to true after mutex_trylock (git-fixes).
- block: add bio_start_io_acct_time() to control start_time (git-fixes).
- block: blk_queue_enter() / __bio_queue_enter() must return -EAGAIN for
nowait (git-fixes).
- block: drop unused includes in <linux/genhd.h> (git-fixes).
- bridge: switchdev: Fix memory leaks when changing VLAN protocol
(git-fixes).
- btrfs: check if root is readonly while setting security xattr
(bsc#1206147).
- btrfs: do not allow compression on nodatacow files (bsc#1206149).
- btrfs: export a helper for compression hard check (bsc#1206149).
- btrfs: fix processing of delayed data refs during backref walking
(bsc#1206056).
- btrfs: fix processing of delayed tree block refs during backref walking
(bsc#1206057).
- btrfs: prevent subvol with swapfile from being deleted (bsc#1206035).
- btrfs: send: always use the rbtree based inode ref management
infrastructure (bsc#1206036).
- btrfs: send: fix failures when processing inodes with no links
(bsc#1206036).
- btrfs: send: fix send failure of a subcase of orphan inodes
(bsc#1206036).
- btrfs: send: fix sending link commands for existing file paths
(bsc#1206036).
- btrfs: send: introduce recorded_ref_alloc and recorded_ref_free
(bsc#1206036).
- btrfs: send: refactor arguments of get_inode_info() (bsc#1206036).
- btrfs: send: remove unused found_type parameter to
lookup_dir_item_inode() (bsc#1206036).
- btrfs: send: remove unused type parameter to iterate_inode_ref_t
(bsc#1206036).
- btrfs: send: use boolean types for current inode status (bsc#1206036).
- bus: sunxi-rsb: Remove the shutdown callback (git-fixes).
- bus: sunxi-rsb: Support atomic transfers (git-fixes).
- ca8210: Fix crash by zero initializing data (git-fixes).
- can: af_can: fix NULL pointer dereference in can_rx_register()
(git-fixes).
- can: cc770: cc770_isa_probe(): add missing free_cc770dev() (git-fixes).
- can: etas_es58x: es58x_init_netdev(): free netdev when register_candev()
(git-fixes).
- can: j1939: j1939_send_one(): fix missing CAN header initialization
(git-fixes).
- can: m_can: Add check for devm_clk_get (git-fixes).
- can: m_can: pci: add missing m_can_class_free_dev() in probe/remove
methods (git-fixes).
- can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev()
(git-fixes).
- capabilities: fix potential memleak on error path from
vfs_getxattr_alloc() (git-fixes).
- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
(git-fixes).
- ceph: allow ceph.dir.rctime xattr to be updatable (bsc#1206050).
- ceph: avoid putting the realm twice when decoding snaps fails
(bsc#1206051).
- ceph: do not update snapshot context when there is no new snapshot
(bsc#1206047).
- ceph: fix inode reference leakage in ceph_get_snapdir() (bsc#1206048).
- ceph: fix memory leak in ceph_readdir when note_last_dentry returns
error (bsc#1206049).
- ceph: properly handle statfs on multifs setups (bsc#1206045).
- ceph: switch netfs read ops to use rreq->inode instead of
rreq->mapping->host (bsc#1206046).
- char: tpm: Protect tpm_pm_suspend with locks (git-fixes).
- cifs: Add constructor/destructors for tcon->cfid (bsc#1193629).
- cifs: Add helper function to check smb1+ server (bsc#1193629).
- cifs: Do not access tcon->cfids->cfid directly from is_path_accessible
(bsc#1193629).
- cifs: Do not use tcon->cfid directly, use the cfid we get from
open_cached_dir (bsc#1193629).
- cifs: Fix connections leak when tlink setup failed (git-fixes).
- cifs: Fix memory leak on the deferred close (bsc#1193629).
- cifs: Fix memory leak when build ntlmssp negotiate blob failed
(bsc#1193629).
- cifs: Fix pages array leak when writedata alloc failed in
cifs_writedata_alloc() (bsc#1193629).
- cifs: Fix pages leak when writedata alloc failed in
cifs_write_from_iter() (bsc#1193629).
- cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
(bsc#1193629).
- cifs: Fix wrong return value checking when GETFLAGS (git-fixes).
- cifs: Fix xid leak in cifs_copy_file_range() (bsc#1193629).
- cifs: Fix xid leak in cifs_create() (bsc#1193629).
- cifs: Fix xid leak in cifs_flock() (bsc#1193629).
- cifs: Fix xid leak in cifs_get_file_info_unix() (bsc#1193629).
- cifs: Fix xid leak in cifs_ses_add_channel() (bsc#1193629).
- cifs: Make tcon contain a wrapper structure cached_fids instead of
cached_fid (bsc#1193629).
- cifs: Move cached-dir functions into a separate file (bsc#1193629).
- cifs: Replace a couple of one-element arrays with flexible-array members
(bsc#1193629).
- cifs: Use after free in debug code (git-fixes).
- cifs: Use help macro to get the header preamble size (bsc#1193629).
- cifs: Use help macro to get the mid header size (bsc#1193629).
- cifs: add check for returning value of SMB2_close_init (git-fixes).
- cifs: add check for returning value of SMB2_set_info_init (git-fixes).
- cifs: add missing spinlock around tcon refcount (bsc#1193629).
- cifs: alloc_mid function should be marked as static (bsc#1193629).
- cifs: always initialize struct msghdr smb_msg completely (bsc#1193629).
- cifs: always iterate smb sessions using primary channel (bsc#1193629).
- cifs: avoid deadlocks while updating iface (bsc#1193629).
- cifs: avoid unnecessary iteration of tcp sessions (bsc#1193629).
- cifs: avoid use of global locks for high contention data (bsc#1193629).
- cifs: cache the dirents for entries in a cached directory (bsc#1193629).
- cifs: change iface_list from array to sorted linked list (bsc#1193629).
- cifs: destage dirty pages before re-reading them for cache=none
(bsc#1193629).
- cifs: do not send down the destination address to sendmsg for a
SOCK_STREAM (bsc#1193629).
- cifs: drop the lease for cached directories on rmdir or rename
(bsc#1193629).
- cifs: during reconnect, update interface if necessary (bsc#1193629).
- cifs: enable caching of directories for which a lease is held
(bsc#1193629).
- cifs: find and use the dentry for cached non-root directories also
(bsc#1193629).
- cifs: fix double-fault crash during ntlmssp (bsc#1193629).
- cifs: fix lock length calculation (bsc#1193629).
- cifs: fix memory leaks in session setup (bsc#1193629).
- cifs: fix missing unlock in cifs_file_copychunk_range() (git-fixes).
- cifs: fix race condition with delayed threads (bsc#1193629).
- cifs: fix skipping to incorrect offset in emit_cached_dirents
(bsc#1193629).
- cifs: fix small mempool leak in SMB2_negotiate() (bsc#1193629).
- cifs: fix static checker warning (bsc#1193629).
- cifs: fix uninitialised var in smb2_compound_op() (bsc#1193629).
- cifs: fix use-after-free caused by invalid pointer `hostname`
(bsc#1193629).
- cifs: fix use-after-free on the link name (bsc#1193629).
- cifs: fix wrong unlock before return from cifs_tree_connect()
(bsc#1193629).
- cifs: improve handlecaching (bsc#1193629).
- cifs: improve symlink handling for smb2+ (bsc#1193629).
- cifs: lease key is uninitialized in smb1 paths (bsc#1193629).
- cifs: lease key is uninitialized in two additional functions when smb1
(bsc#1193629).
- cifs: list_for_each() -> list_for_each_entry() (bsc#1193629).
- cifs: misc: fix spelling typo in comment (bsc#1193629).
- cifs: move from strlcpy with unused retval to strscpy (bsc#1193629).
- cifs: periodically query network interfaces from server (bsc#1193629).
- cifs: populate empty hostnames for extra channels (bsc#1193629).
- cifs: prevent copying past input buffer boundaries (bsc#1193629).
- cifs: remove "cifs_" prefix from init/destroy mids functions
(bsc#1193629).
- cifs: remove initialization value (bsc#1193629).
- cifs: remove minor build warning (bsc#1193629).
- cifs: remove redundant initialization to variable mnt_sign_enabled
(bsc#1193629).
- cifs: remove remaining build warnings (bsc#1193629).
- cifs: remove some camelCase and also some static build warnings
(bsc#1193629).
- cifs: remove unnecessary (void*) conversions (bsc#1193629).
- cifs: remove unnecessary locking of chan_lock while freeing session
(bsc#1193629).
- cifs: remove unnecessary type castings (bsc#1193629).
- cifs: remove unused server parameter from calc_smb_size() (bsc#1193629).
- cifs: remove useless DeleteMidQEntry() (bsc#1193629).
- cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl()
(bsc#1193629).
- cifs: replace kfree() with kfree_sensitive() for sensitive data
(bsc#1193629).
- cifs: return correct error in ->calc_signature() (bsc#1193629).
- cifs: return errors during session setup during reconnects (bsc#1193629).
- cifs: revalidate mapping when doing direct writes (bsc#1193629).
- cifs: secmech: use shash_desc directly, remove sdesc (bsc#1193629).
- cifs: set rc to -ENOENT if we can not get a dentry for the cached dir
(bsc#1193629).
- cifs: skip extra NULL byte in filenames (bsc#1193629).
- cifs: store a pointer to a fid in the cfid structure instead of the
struct (bsc#1193629).
- cifs: truncate the inode and mapping when we simulate fcollapse
(bsc#1193629).
- cifs: update cifs_ses::ip_addr after failover (bsc#1193629).
- cifs: update internal module number (bsc#1193629).
- cifs: use ALIGN() and round_up() macros (bsc#1193629).
- cifs: use LIST_HEAD() and list_move() to simplify code (bsc#1193629).
- cifs: when a channel is not found for server, log its connection id
(bsc#1193629).
- cifs: when insecure legacy is disabled shrink amount of SMB1 code
(bsc#1193629).
- clocksource/drivers/hyperv: add data structure for reference TSC MSR
(git-fixes).
- cpufreq: intel_pstate: Handle no_turbo in frequency invariance
(jsc#PED-849).
- cpufreq: intel_pstate: Support Sapphire Rapids OOB mode (jsc#PED-849).
- cpuidle: intel_idle: Drop redundant backslash at line end (jsc#PED-1936).
- dm btree remove: fix use after free in rebalance_children() (git-fixes).
- dm crypt: make printing of the key constant-time (git-fixes).
- dm era: commit metadata in postsuspend after worker stops (git-fixes).
- dm integrity: fix memory corruption when tag_size is less than digest
size (git-fixes).
- dm mirror log: clear log bits up to BITS_PER_LONG boundary (git-fixes).
- dm raid: fix accesses beyond end of raid member array (git-fixes).
- dm stats: add cond_resched when looping over entries (git-fixes).
- dm thin: fix use-after-free crash in dm_sm_register_threshold_callback
(git-fixes).
- dm: fix double accounting of flush with data (git-fixes).
- dm: interlock pending dm_io and dm_wait_for_bios_completion (git-fixes).
- dm: properly fix redundant bio-based IO accounting (git-fixes).
- dm: remove unnecessary assignment statement in alloc_dev() (git-fixes).
- dm: return early from dm_pr_call() if DM device is suspended (git-fixes).
- dm: revert partial fix for redundant bio-based IO accounting (git-fixes).
- dma-buf: fix racing conflict of dma_heap_add() (git-fixes).
- dmaengine: at_hdmac: Check return code of dma_async_device_register
(git-fixes).
- dmaengine: at_hdmac: Do not allow CPU to reorder channel enable
(git-fixes).
- dmaengine: at_hdmac: Do not call the complete callback on
device_terminate_all (git-fixes).
- dmaengine: at_hdmac: Do not start transactions at tx_submit level
(git-fixes).
- dmaengine: at_hdmac: Fix at_lli struct definition (git-fixes).
- dmaengine: at_hdmac: Fix completion of unissued descriptor in case of
errors (git-fixes).
- dmaengine: at_hdmac: Fix concurrency over descriptor (git-fixes).
- dmaengine: at_hdmac: Fix concurrency over the active list (git-fixes).
- dmaengine: at_hdmac: Fix concurrency problems by removing
atc_complete_all() (git-fixes).
- dmaengine: at_hdmac: Fix descriptor handling when issuing it to hardware
(git-fixes).
- dmaengine: at_hdmac: Fix impossible condition (git-fixes).
- dmaengine: at_hdmac: Fix premature completion of desc in issue_pending
(git-fixes).
- dmaengine: at_hdmac: Free the memset buf without holding the chan lock
(git-fixes).
- dmaengine: at_hdmac: Protect atchan->status with the channel lock
(git-fixes).
- dmaengine: at_hdmac: Start transfer for cyclic channels in issue_pending
(git-fixes).
- dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
(git-fixes).
- dmaengine: pxa_dma: use platform_get_irq_optional (git-fixes).
- dmaengine: ti: k3-udma-glue: fix memory leak when register device fail
(git-fixes).
- docs, kprobes: Fix the wrong location of Kprobes (git-fixes).
- docs/core-api: expand Fedora instructions for GCC plugins (git-fixes).
- drm/amd/display: Add HUBP surface flip interrupt handler (git-fixes).
- drm/amdgpu: disable BACO on special BEIGE_GOBY card (git-fixes).
- drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
(git-fixes).
- drm/amdkfd: Migrate in CPU page fault use current mm (git-fixes).
- drm/amdkfd: avoid recursive lock in migrations back to RAM (git-fixes).
- drm/amdkfd: handle CPU fault on COW mapping (git-fixes).
- drm/drv: Fix potential memory leak in drm_dev_init() (git-fixes).
- drm/hyperv: Add ratelimit on error message (git-fixes).
- drm/hyperv: Do not overwrite dirt_needed value set by host (git-fixes).
- drm/i915/dmabuf: fix sg_table handling in map_dma_buf (git-fixes).
- drm/i915/sdvo: Filter out invalid outputs more sensibly (git-fixes).
- drm/i915/sdvo: Setup DDC fully before output init (git-fixes).
- drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid
(git-fixes).
- drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag (git-fixes).
- drm/msm/hdmi: fix IRQ lifetime (git-fixes).
- drm/panel: simple: set bpc field for logic technologies displays
(git-fixes).
- drm/rockchip: dsi: Force synchronous probe (git-fixes).
- drm/vc4: Fix missing platform_unregister_drivers() call in
vc4_drm_register() (git-fixes).
- drm/vc4: kms: Fix IS_ERR() vs NULL check for vc4_kms (git-fixes).
- drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
(git-fixes).
- dt-bindings: power: gpcv2: add power-domains property (git-fixes).
- e1000e: Fix TX dispatch condition (git-fixes).
- e100: Fix possible use after free in e100_xmit_prepare (git-fixes).
- efi/tpm: Pass correct address to memblock_reserve (git-fixes).
- efi: random: Use 'ACPI reclaim' memory for random seed (git-fixes).
- efi: random: reduce seed size to 32 bytes (git-fixes).
- firmware: arm_scmi: Make Rx chan_setup fail on memory errors (git-fixes).
- firmware: arm_scmi: Suppress the driver's bind attributes (git-fixes).
- firmware: coreboot: Register bus in module init (git-fixes).
- fm10k: Fix error handling in fm10k_init_module() (git-fixes).
- ftrace: Fix null pointer dereference in ftrace_add_mod() (git-fixes).
- ftrace: Fix the possible incorrect kernel message (git-fixes).
- ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
- ftrace: Optimize the allocation for mcount entries (git-fixes).
- fuse: add file_modified() to fallocate (bsc#1205332).
- fuse: fix readdir cache race (bsc#1205331).
- gpio: amd8111: Fix PCI device reference count leak (git-fixes).
- hamradio: fix issue of dev reference count leakage in bpq_device_event()
(git-fixes).
- hv_netvsc: Fix potential dereference of NULL pointer (git-fixes).
- hv_netvsc: Fix race between VF offering and VF association message from
host (bsc#1204850).
- hv_netvsc: Print value of invalid ID in
netvsc_send_{completion,tx_complete}() (git-fixes).
- hv_sock: Add validation for untrusted Hyper-V values (git-fixes).
- hv_sock: Check hv_pkt_iter_first_raw()'s return value (git-fixes).
- hv_sock: Copy packets sent by Hyper-V out of the ring buffer (git-fixes).
- hwmon: (coretemp) Check for null before removing sysfs attrs (git-fixes).
- hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
(git-fixes).
- hwmon: (i5500_temp) fix missing pci_disable_device() (git-fixes).
- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
(git-fixes).
- hwmon: (ina3221) Fix shunt sum critical calculation (git-fixes).
- hwmon: (ltc2947) fix temperature scaling (git-fixes).
- i2c: i801: add lis3lv02d's I2C address for Vostro 5568 (git-fixes).
- i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set (git-fixes).
- i2c: npcm7xx: Fix error handling in npcm_i2c_init() (git-fixes).
- i2c: piix4: Fix adapter not be removed in piix4_remove() (git-fixes).
- i2c: tegra: Allocate DMA memory for DMA engine (git-fixes).
- i2c: xiic: Add platform module alias (git-fixes).
- ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533 git-fixes).
- ieee802154: cc2520: Fix error return code in cc2520_hw_init()
(git-fixes).
- iio: adc: at91_adc: fix possible memory leak in
at91_adc_allocate_trigger() (git-fixes).
- iio: adc: mp2629: fix potential array out of bound access (git-fixes).
- iio: adc: mp2629: fix wrong comparison of channel (git-fixes).
- iio: core: Fix entry not deleted when iio_register_sw_trigger_type()
fails (git-fixes).
- iio: health: afe4403: Fix oob read in afe4403_read_raw (git-fixes).
- iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
(git-fixes).
- iio: light: apds9960: fix wrong register for gesture gain (git-fixes).
- iio: light: rpr0521: add missing Kconfig dependencies (git-fixes).
- iio: ms5611: Simplify IO callback parameters (git-fixes).
- iio: pressure: ms5611: changed hardcoded SPI speed to value limited
(git-fixes).
- iio: pressure: ms5611: fixed value compensation bug (git-fixes).
- iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
(git-fixes).
- init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash (git-fixes).
- intel_idle: Add AlderLake support (jsc#PED-824).
- intel_idle: Fix SPR C6 optimization (jsc#PED-824 jsc#PED-1936).
- intel_idle: Fix the 'preferred_cstates' module parameter (jsc#PED-824
jsc#PED-1936).
- intel_idle: make SPR C1 and C1E be independent (jsc#PED-1936).
- io-wq: Remove duplicate code in io_workqueue_create() (bnc#1205113).
- io-wq: do not retry task_work creation failure on fatal conditions
(bnc#1205113).
- io-wq: ensure we exit if thread group is exiting (git-fixes).
- io-wq: exclusively gate signal based exit on get_signal() return
(git-fixes).
- io-wq: fix cancellation on create-worker failure (bnc#1205113).
- io-wq: fix silly logic error in io_task_work_match() (bnc#1205113).
- io_uring: correct __must_hold annotation (git-fixes).
- io_uring: drop ctx->uring_lock before acquiring sqd->lock (git-fixes).
- io_uring: ensure IORING_REGISTER_IOWQ_MAX_WORKERS works with SQPOLL
(git-fixes).
- io_uring: fix io_timeout_remove locking (git-fixes).
- io_uring: fix missing mb() before waitqueue_active (git-fixes).
- io_uring: fix missing sigmask restore in io_cqring_wait() (git-fixes).
- io_uring: fix possible poll event lost in multi shot mode (git-fixes).
- io_uring: pin SQPOLL data before unlocking ring lock (git-fixes).
- ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
- kABI: Fix kABI after "KVM: x86/pmu: Use different raw event masks for
AMD and Intel" (git-fixes).
- kbuild: Unify options for BTF generation for vmlinux and modules
(bsc#1204693).
- kexec: turn all kexec_mutex acquisitions into trylocks (git-fixes).
- mISDN: fix misuse of put_device() in mISDN_register_device() (git-fixes).
- mISDN: fix possible memory leak in mISDN_dsp_element_register()
(git-fixes).
- mac80211: radiotap: Use BIT() instead of shifts (git-fixes).
- mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() (git-fixes).
- macsec: Fix invalid error code set (git-fixes).
- macsec: add missing attribute validation for offload (git-fixes).
- macsec: clear encryption keys from the stack after setting up offload
(git-fixes).
- macsec: delete new rxsc when offload fails (git-fixes).
- macsec: fix detection of RXSCs when toggling offloading (git-fixes).
- macsec: fix secy->n_rx_sc accounting (git-fixes).
- md/raid5: Ensure stripe_fill happens on non-read IO with journal
(git-fixes).
- md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
(git-fixes).
- md: Replace snprintf with scnprintf (git-fixes, bsc#1164051).
- media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE (git-fixes).
- media: dvb-frontends/drxk: initialize err to 0 (git-fixes).
- media: meson: vdec: fix possible refcount leak in vdec_probe()
(git-fixes).
- media: rkisp1: Do not pass the quantization to rkisp1_csm_config()
(git-fixes).
- media: rkisp1: Initialize color space on resizer sink and source pads
(git-fixes).
- media: rkisp1: Use correct macro for gradient registers (git-fixes).
- media: rkisp1: Zero v4l2_subdev_format fields in when validating links
(git-fixes).
- media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (git-fixes).
- media: v4l: subdev: Fail graciously when getting try data for NULL state
(git-fixes).
- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
(git-fixes).
- mmc: core: Fix ambiguous TRIM and DISCARD arg (git-fixes).
- mmc: core: properly select voltage range without power cycle (git-fixes).
- mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
(git-fixes).
- mmc: mmc_test: Fix removal of debugfs file (git-fixes).
- mmc: sdhci-brcmstb: Enable Clock Gating to save power (git-fixes).
- mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: sdhci-brcmstb: Re-organize flags (git-fixes).
- mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check (git-fixes).
- mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA
(git-fixes).
- mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD#
debounce timeout (git-fixes).
- mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
(git-fixes).
- mmc: sdhci-sprd: Fix no reset data and command after voltage switch
(git-fixes).
- mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mtd: parsers: bcm47xxpart: Fix halfblock reads (git-fixes).
- mtd: parsers: bcm47xxpart: print correct offset on read error
(git-fixes).
- mtd: spi-nor: intel-spi: Disable write protection only if asked
(git-fixes).
- nbd: Fix incorrect error handle when first_minor is illegal in
nbd_dev_add (git-fixes).
- net/smc: Avoid overwriting the copies of clcsock callback functions
(git-fixes).
- net/smc: Fix an error code in smc_lgr_create() (git-fixes).
- net/smc: Fix possible access to freed memory in link clear (git-fixes).
- net/smc: Fix possible leaked pernet namespace in smc_init() (git-fixes).
- net/smc: Fix slab-out-of-bounds issue in fallback (git-fixes).
- net/smc: Fix sock leak when release after smc_shutdown() (git-fixes).
- net/smc: Forward wakeup to smc socket waitqueue after fallback
(git-fixes).
- net/smc: Only save the original clcsock callback functions (git-fixes).
- net/smc: Send directly when TCP_CORK is cleared (git-fixes).
- net/smc: kABI workarounds for struct smc_link (git-fixes).
- net/smc: kABI workarounds for struct smc_sock (git-fixes).
- net/smc: send directly on setting TCP_NODELAY (git-fixes).
- net/x25: Fix skb leak in x25_lapb_receive_frame() (git-fixes).
- net: ethernet: nixge: fix NULL dereference (git-fixes).
- net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed
(git-fixes).
- net: ethernet: ti: am65-cpsw: fix error handling in
am65_cpsw_nuss_probe() (git-fixes).
- net: hyperv: remove use of bpf_op_t (git-fixes).
- net: mdio: fix unbalanced fwnode reference count in
mdio_device_release() (git-fixes).
- net: mdiobus: fix unbalanced node reference count (git-fixes).
- net: phy: fix null-ptr-deref while probe() failed (git-fixes).
- net: phy: marvell: add sleep time after enabling the loopback bit
(git-fixes).
- net: phy: mscc: macsec: clear encryption keys when freeing a flow
(git-fixes).
- net: smsc95xx: add support for Microchip EVB-LAN8670-USB (git-fixes).
- net: stmmac: work around sporadic tx issue on link-up (git-fixes).
- net: thunderbolt: Fix error handling in tbnet_init() (git-fixes).
- net: thunderbolt: fix memory leak in tbnet_open() (git-fixes).
- net: thunderx: Fix the ACPI memory leak (git-fixes).
- net: usb: qmi_wwan: add Telit 0x103a composition (git-fixes).
- net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type
(git-fixes).
- net: wwan: iosm: fix kernel test robot reported error (git-fixes).
- nfc/nci: fix race with opening and closing (git-fixes).
- nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
(git-fixes).
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (git-fixes).
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
(git-fixes).
- nfc: st-nci: fix incorrect sizing calculations in EVT_TRANSACTION
(git-fixes).
- nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
(git-fixes).
- nfc: st-nci: fix memory leaks in EVT_TRANSACTION (git-fixes).
- nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
(git-fixes).
- nilfs2: fix deadlock in nilfs_count_free_blocks() (git-fixes).
- nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty
(git-fixes).
- nilfs2: fix use-after-free bug of ns_writer on remount (git-fixes).
- nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition
failure (git-fixes).
- panic, kexec: make __crash_kexec() NMI safe (git-fixes).
- parport_pc: Avoid FIFO port location truncation (git-fixes).
- phy: ralink: mt7621-pci: add sentinel to quirks table (git-fixes).
- phy: stm32: fix an error code in probe (git-fixes).
- pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
(git-fixes).
- pinctrl: intel: Save and restore pins in "direct IRQ" mode (git-fixes).
- pinctrl: rockchip: list all pins in a possible mux route for PX30
(git-fixes).
- pinctrl: single: Fix potential division by zero (git-fixes).
- platform/surface: aggregator: Do not check for repeated unsequenced
packets (git-fixes).
- platform/x86/intel/pmt: Sapphire Rapids PMT errata fix (jsc#PED-2684
bsc#1205683).
- platform/x86/intel: hid: add quirk to support Surface Go 3 (git-fixes).
- platform/x86/intel: pmc: Do not unconditionally attach Intel PMC when
virtualized (git-fixes).
- platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017)
(git-fixes).
- platform/x86: asus-wmi: add missing pci_dev_put() in
asus_wmi_set_xusb2pr() (git-fixes).
- platform/x86: hp-wmi: Ignore Smart Experience App event (git-fixes).
- platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi (git-fixes).
- platform/x86: ideapad-laptop: Disable touchpad_switch (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2
2-in-1 (git-fixes).
- powerpc/64: Fix build failure with allyesconfig in book3s_64_entry.S
(bsc#1194869).
- powerpc/boot: Explicitly disable usage of SPE instructions (bsc#1156395).
- powerpc/kvm: Fix kvm_use_magic_page (bsc#1156395).
- powerpc/pseries/vas: Declare pseries_vas_fault_thread_fn() as static
(bsc#1194869).
- proc: avoid integer type confusion in get_proc_long (git-fixes).
- proc: proc_skip_spaces() shouldn't think it is working on C strings
(git-fixes).
- rbd: fix possible memory leak in rbd_sysfs_init() (git-fixes).
- regulator: core: fix UAF in destroy_regulator() (git-fixes).
- regulator: core: fix kobject release warning and memory leak in
regulator_register() (git-fixes).
- regulator: twl6030: re-add TWL6032_SUBCLASS (git-fixes).
- ring-buffer: Include dropped pages in counting dirty patches (git-fixes).
- ring_buffer: Do not deactivate non-existant pages (git-fixes).
- s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
(bsc#1205427 LTC#200502).
- s390/pci: add missing EX_TABLE entries to
__pcistg_mio_inuser()/__pcilg_mio_inuser() (bsc#1205427 LTC#200502).
- s390/uaccess: add missing EX_TABLE entries to __clear_user(),
copy_in_user_mvcos(), copy_in_user_mvc(), clear_user_xc() and
__strnlen_user() (bsc#1205428 LTC#200501).
- s390: fix nospec table alignments (git-fixes).
- sched: Clear ttwu_pending after enqueue_task() (git fixes (sched/core)).
- sched: Disable sched domain debugfs creation on ppc64 unless
sched_verbose is specified (bnc#1205653).
- scripts/faddr2line: Fix regression in name resolution on ppc64le
(git-fixes).
- scsi: ibmvfc: Avoid path failures during live migration (bsc#1065729).
- scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 (bsc#1156395).
- scsi: megaraid_sas: Correct value passed to scsi_device_lookup()
(git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
(git-fixes).
- scsi: qedf: Populate sysfs attributes for vport (git-fixes).
- scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
(git-fixes).
- scsi: storvsc: Drop DID_TARGET_FAILURE use (git-fixes).
- scsi: storvsc: Fix handling of srb_status and capacity change events
(git-fixes).
- scsi: storvsc: Fix typo in comment (git-fixes).
- scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (git-fixes).
- scsi: storvsc: remove an extraneous "to" in a comment (git-fixes).
- scsi: zfcp: Fix double free of FSF request when qdio send fails
(git-fixes).
- selftests/intel_pstate: fix build for ARCH=x86_64 (git-fixes).
- selftests: mptcp: fix mibit vs mbit mix up (git-fixes).
- selftests: mptcp: make sendfile selftest work (git-fixes).
- selftests: mptcp: more stable simult_flows tests (git-fixes).
- selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload
(git-fixes).
- serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios()
(git-fixes).
- serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs (git-fixes).
- serial: 8250: Flush DMA Rx on RLSI (git-fixes).
- serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in
omap8250_remove() (git-fixes).
- serial: 8250: omap: Flush PM QOS work on remove (git-fixes).
- serial: 8250_lpss: Configure DMA also w/o DMA filter (git-fixes).
- serial: 8250_omap: remove wait loop from Errata i202 workaround
(git-fixes).
- serial: imx: Add missing .thaw_noirq hook (git-fixes).
- siox: fix possible memory leak in siox_device_add() (git-fixes).
- slimbus: stream: correct presence rate frequencies (git-fixes).
- smb2: small refactor in smb2_check_message() (bsc#1193629).
- smb3: Move the flush out of smb2_copychunk_range() into its callers
(bsc#1193629).
- smb3: add dynamic trace points for tree disconnect (bsc#1193629).
- smb3: add trace point for SMB2_set_eof (bsc#1193629).
- smb3: allow deferred close timeout to be configurable (bsc#1193629).
- smb3: check xattr value length earlier (bsc#1193629).
- smb3: clarify multichannel warning (bsc#1193629).
- smb3: do not log confusing message when server returns no network
interfaces (bsc#1193629).
- smb3: fix empty netname context on secondary channels (bsc#1193629).
- smb3: fix oops in calculating shash_setkey (bsc#1193629).
- smb3: fix temporary data corruption in collapse range (bsc#1193629).
- smb3: fix temporary data corruption in insert range (bsc#1193629).
- smb3: improve SMB3 change notification support (bsc#1193629).
- smb3: interface count displayed incorrectly (bsc#1193629).
- smb3: missing inode locks in punch hole (bsc#1193629).
- smb3: missing inode locks in zero range (bsc#1193629).
- smb3: must initialize two ACL struct fields to zero (bsc#1193629).
- smb3: remove unneeded null check in cifs_readdir (bsc#1193629).
- smb3: rename encryption/decryption TFMs (bsc#1193629).
- smb3: use filemap_write_and_wait_range instead of filemap_write_and_wait
(bsc#1193629).
- smb3: use netname when available on secondary channels (bsc#1193629).
- smb3: workaround negprot bug in some Samba servers (bsc#1193629).
- soc: imx8m: Enable OCOTP clock before reading the register (git-fixes).
- soundwire: intel: Initialize clock stop timeout (bsc#1205507).
- soundwire: qcom: check for outanding writes before doing a read
(git-fixes).
- soundwire: qcom: reinit broadcast completion (git-fixes).
- speakup: fix a segfault caused by switching consoles (git-fixes).
- spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld()
(git-fixes).
- spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input
clock (git-fixes).
- spi: stm32: Print summary 'callbacks suppressed' message (git-fixes).
- spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every
run (git-fixes).
- spi: tegra210-quad: Fix duplicate resource error (git-fixes).
- thunderbolt: Add DP OUT resource when DP tunnel is discovered
(git-fixes).
- tools: hv: Remove an extraneous "the" (git-fixes).
- tools: hv: kvp: remove unnecessary (void*) conversions (git-fixes).
- tools: iio: iio_generic_buffer: Fix read size (git-fixes).
- tracing/ring-buffer: Have polling block on watermark (git-fixes).
- tracing: Fix memory leak in test_gen_synth_cmd() and
test_empty_synth_event() (git-fixes).
- tracing: Fix memory leak in tracing_read_pipe() (git-fixes).
- tracing: Fix wild-memory-access in register_synth_event() (git-fixes).
- tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
(git-fixes).
- tracing: kprobe: Fix potential null-ptr-deref on trace_array in
kprobe_event_gen_test_exit() (git-fixes).
- tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in
kprobe_event_gen_test_exit() (git-fixes).
- tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
(git-fixes).
- tty: serial: fsl_lpuart: do not break the on-going transfer when global
reset (git-fixes).
- usb: add NO_LPM quirk for Realforce 87U Keyboard (git-fixes).
- usb: cdns3: host: fix endless superspeed hub port reset (git-fixes).
- usb: cdnsp: Fix issue with Clear Feature Halt Endpoint (git-fixes).
- usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1 (git-fixes).
- usb: chipidea: fix deadlock in ci_otg_del_timer (git-fixes).
- usb: dwc3: exynos: Fix remove() function (git-fixes).
- usb: dwc3: gadget: Clear ep descriptor last (git-fixes).
- usb: dwc3: gadget: Return -ESHUTDOWN on ep disable (git-fixes).
- usb: dwc3: gadget: conditionally remove requests (git-fixes).
- usb: smsc: use eth_hw_addr_set() (git-fixes).
- usb: typec: mux: Enter safe mode only when pins need to be reconfigured
(git-fixes).
- usb: xhci-mtk: check boundary before check tt (git-fixes).
- usb: xhci-mtk: update fs bus bandwidth by bw_budget_table (git-fixes).
- usbnet: smsc95xx: Do not reset PHY behind PHY driver's back (git-fixes).
- v3 of "PCI: hv: Only reuse existing IRTE allocation for Multi-MSI"
- video/fbdev/stifb: Implement the stifb_fillrect() function (git-fixes).
- virtio-blk: Use blk_validate_block_size() to validate block size
(git-fixes).
- vmxnet3: correctly report encapsulated LRO packet (git-fixes).
- vmxnet3: use correct intrConf reference when using extended queues
(git-fixes).
- wifi: airo: do not assign -1 to unsigned char (git-fixes).
- wifi: ath11k: Fix QCN9074 firmware boot on x86 (git-fixes).
- wifi: ath11k: avoid deadlock during regulatory update in
ath11k_regd_update() (git-fixes).
- wifi: cfg80211: do not allow multi-BSSID in S1G (git-fixes).
- wifi: cfg80211: fix buffer overflow in elem comparison (git-fixes).
- wifi: cfg80211: fix memory leak in query_regdb_file() (git-fixes).
- wifi: cfg80211: silence a sparse RCU warning (git-fixes).
- wifi: mac80211: Fix ack frame idr leak when mesh has no route
(git-fixes).
- wifi: mac80211: fix memory free error when registering wiphy fail
(git-fixes).
- wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support
(git-fixes).
- wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration
(git-fixes).
- wifi: wext: use flex array destination for memcpy() (git-fixes).
- wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST
attribute (git-fixes).
- wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL
attribute (git-fixes).
- wifi: wilc1000: validate number of channels (git-fixes).
- wifi: wilc1000: validate pairwise and authentication suite offsets
(git-fixes).
- x86/Xen: streamline (and fix) PV CPU enumeration (git-fixes).
- x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from
S3 (bsc#1206037).
- x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
- x86/entry: Work around Clang __bdos() bug (git-fixes).
- x86/extable: Extend extable functionality (git-fixes).
- x86/fpu: Drop fpregs lock before inheriting FPU permissions
(bnc#1205282).
- x86/futex: Remove .fixup usage (git-fixes).
- x86/hyperv: Disable hardlockup detector by default in Hyper-V guests
(git-fixes).
- x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition (git-fixes).
- x86/hyperv: Update 'struct hv_enlightened_vmcs' definition (git-fixes).
- x86/hyperv: fix invalid writes to MSRs during root partition kexec
(git-fixes).
- x86/kexec: Fix double-free of elf header buffer (bsc#1205567).
- x86/microcode/AMD: Apply the patch early on every logical thread
(bsc#1205264).
- x86/uaccess: Implement macros for CMPXCHG on user addresses (git-fixes).
- xen/gntdev: Accommodate VMA splitting (git-fixes).
- xen/pcpu: fix possible memory leak in register_pcpu() (git-fixes).
- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
(git-fixes).
- xfs: convert XLOG_FORCED_SHUTDOWN() to xlog_is_shutdown() (git-fixes).
- xfs: fix perag reference leak on iteration race with growfs (git-fixes).
- xfs: fix xfs_ifree() error handling to not leak perag ref (git-fixes).
- xfs: reserve quota for dir expansion when linking/unlinking files
(bsc#1205616).
- xfs: reserve quota for target dir expansion when renaming files
(bsc#1205679).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4585=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4585=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-4585=1
- SUSE Linux Enterprise Module for Live Patching 15-SP4:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-4585=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-4585=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4585=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4585=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4585=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-4585=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
kernel-default-5.14.21-150400.24.38.1
kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.38.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.38.1
dlm-kmp-default-5.14.21-150400.24.38.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.38.1
gfs2-kmp-default-5.14.21-150400.24.38.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-5.14.21-150400.24.38.1
kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
kernel-default-base-rebuild-5.14.21-150400.24.38.1.150400.24.13.2
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
kernel-default-devel-5.14.21-150400.24.38.1
kernel-default-devel-debuginfo-5.14.21-150400.24.38.1
kernel-default-extra-5.14.21-150400.24.38.1
kernel-default-extra-debuginfo-5.14.21-150400.24.38.1
kernel-default-livepatch-5.14.21-150400.24.38.1
kernel-default-livepatch-devel-5.14.21-150400.24.38.1
kernel-default-optional-5.14.21-150400.24.38.1
kernel-default-optional-debuginfo-5.14.21-150400.24.38.1
kernel-obs-build-5.14.21-150400.24.38.1
kernel-obs-build-debugsource-5.14.21-150400.24.38.1
kernel-obs-qa-5.14.21-150400.24.38.1
kernel-syms-5.14.21-150400.24.38.1
kselftests-kmp-default-5.14.21-150400.24.38.1
kselftests-kmp-default-debuginfo-5.14.21-150400.24.38.1
ocfs2-kmp-default-5.14.21-150400.24.38.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.38.1
reiserfs-kmp-default-5.14.21-150400.24.38.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
kernel-kvmsmall-5.14.21-150400.24.38.1
kernel-kvmsmall-debuginfo-5.14.21-150400.24.38.1
kernel-kvmsmall-debugsource-5.14.21-150400.24.38.1
kernel-kvmsmall-devel-5.14.21-150400.24.38.1
kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.38.1
kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-5.14.21-150400.24.38.1
kernel-debug-debuginfo-5.14.21-150400.24.38.1
kernel-debug-debugsource-5.14.21-150400.24.38.1
kernel-debug-devel-5.14.21-150400.24.38.1
kernel-debug-devel-debuginfo-5.14.21-150400.24.38.1
kernel-debug-livepatch-devel-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (aarch64):
cluster-md-kmp-64kb-5.14.21-150400.24.38.1
cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
dlm-kmp-64kb-5.14.21-150400.24.38.1
dlm-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
dtb-allwinner-5.14.21-150400.24.38.1
dtb-altera-5.14.21-150400.24.38.1
dtb-amazon-5.14.21-150400.24.38.1
dtb-amd-5.14.21-150400.24.38.1
dtb-amlogic-5.14.21-150400.24.38.1
dtb-apm-5.14.21-150400.24.38.1
dtb-apple-5.14.21-150400.24.38.1
dtb-arm-5.14.21-150400.24.38.1
dtb-broadcom-5.14.21-150400.24.38.1
dtb-cavium-5.14.21-150400.24.38.1
dtb-exynos-5.14.21-150400.24.38.1
dtb-freescale-5.14.21-150400.24.38.1
dtb-hisilicon-5.14.21-150400.24.38.1
dtb-lg-5.14.21-150400.24.38.1
dtb-marvell-5.14.21-150400.24.38.1
dtb-mediatek-5.14.21-150400.24.38.1
dtb-nvidia-5.14.21-150400.24.38.1
dtb-qcom-5.14.21-150400.24.38.1
dtb-renesas-5.14.21-150400.24.38.1
dtb-rockchip-5.14.21-150400.24.38.1
dtb-socionext-5.14.21-150400.24.38.1
dtb-sprd-5.14.21-150400.24.38.1
dtb-xilinx-5.14.21-150400.24.38.1
gfs2-kmp-64kb-5.14.21-150400.24.38.1
gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
kernel-64kb-5.14.21-150400.24.38.1
kernel-64kb-debuginfo-5.14.21-150400.24.38.1
kernel-64kb-debugsource-5.14.21-150400.24.38.1
kernel-64kb-devel-5.14.21-150400.24.38.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.38.1
kernel-64kb-extra-5.14.21-150400.24.38.1
kernel-64kb-extra-debuginfo-5.14.21-150400.24.38.1
kernel-64kb-livepatch-devel-5.14.21-150400.24.38.1
kernel-64kb-optional-5.14.21-150400.24.38.1
kernel-64kb-optional-debuginfo-5.14.21-150400.24.38.1
kselftests-kmp-64kb-5.14.21-150400.24.38.1
kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
ocfs2-kmp-64kb-5.14.21-150400.24.38.1
ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
reiserfs-kmp-64kb-5.14.21-150400.24.38.1
reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (noarch):
kernel-devel-5.14.21-150400.24.38.1
kernel-docs-5.14.21-150400.24.38.1
kernel-docs-html-5.14.21-150400.24.38.1
kernel-macros-5.14.21-150400.24.38.1
kernel-source-5.14.21-150400.24.38.1
kernel-source-vanilla-5.14.21-150400.24.38.1
- openSUSE Leap 15.4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.38.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.38.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
kernel-default-extra-5.14.21-150400.24.38.1
kernel-default-extra-debuginfo-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Live Patching 15-SP4 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
kernel-default-livepatch-5.14.21-150400.24.38.1
kernel-default-livepatch-devel-5.14.21-150400.24.38.1
kernel-livepatch-5_14_21-150400_24_38-default-1-150400.9.3.2
kernel-livepatch-5_14_21-150400_24_38-default-debuginfo-1-150400.9.3.2
kernel-livepatch-SLE15-SP4_Update_6-debugsource-1-150400.9.3.2
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
reiserfs-kmp-default-5.14.21-150400.24.38.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.14.21-150400.24.38.1
kernel-obs-build-debugsource-5.14.21-150400.24.38.1
kernel-syms-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
kernel-docs-5.14.21-150400.24.38.1
kernel-source-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-5.14.21-150400.24.38.1
kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
kernel-default-devel-5.14.21-150400.24.38.1
kernel-default-devel-debuginfo-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64):
kernel-64kb-5.14.21-150400.24.38.1
kernel-64kb-debuginfo-5.14.21-150400.24.38.1
kernel-64kb-debugsource-5.14.21-150400.24.38.1
kernel-64kb-devel-5.14.21-150400.24.38.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
kernel-devel-5.14.21-150400.24.38.1
kernel-macros-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.38.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.38.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.38.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
kernel-default-5.14.21-150400.24.38.1
kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.38.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.38.1
dlm-kmp-default-5.14.21-150400.24.38.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.38.1
gfs2-kmp-default-5.14.21-150400.24.38.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debuginfo-5.14.21-150400.24.38.1
kernel-default-debugsource-5.14.21-150400.24.38.1
ocfs2-kmp-default-5.14.21-150400.24.38.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.38.1
References:
https://www.suse.com/security/cve/CVE-2022-2602.html
https://www.suse.com/security/cve/CVE-2022-3176.html
https://www.suse.com/security/cve/CVE-2022-3566.html
https://www.suse.com/security/cve/CVE-2022-3567.html
https://www.suse.com/security/cve/CVE-2022-3635.html
https://www.suse.com/security/cve/CVE-2022-3643.html
https://www.suse.com/security/cve/CVE-2022-3707.html
https://www.suse.com/security/cve/CVE-2022-3903.html
https://www.suse.com/security/cve/CVE-2022-4095.html
https://www.suse.com/security/cve/CVE-2022-4129.html
https://www.suse.com/security/cve/CVE-2022-4139.html
https://www.suse.com/security/cve/CVE-2022-41850.html
https://www.suse.com/security/cve/CVE-2022-41858.html
https://www.suse.com/security/cve/CVE-2022-42328.html
https://www.suse.com/security/cve/CVE-2022-42329.html
https://www.suse.com/security/cve/CVE-2022-42895.html
https://www.suse.com/security/cve/CVE-2022-42896.html
https://www.suse.com/security/cve/CVE-2022-4378.html
https://www.suse.com/security/cve/CVE-2022-43945.html
https://www.suse.com/security/cve/CVE-2022-45869.html
https://www.suse.com/security/cve/CVE-2022-45888.html
https://www.suse.com/security/cve/CVE-2022-45934.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1164051
https://bugzilla.suse.com/1184350
https://bugzilla.suse.com/1189297
https://bugzilla.suse.com/1190256
https://bugzilla.suse.com/1193629
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1202341
https://bugzilla.suse.com/1203183
https://bugzilla.suse.com/1203391
https://bugzilla.suse.com/1203511
https://bugzilla.suse.com/1203960
https://bugzilla.suse.com/1204228
https://bugzilla.suse.com/1204405
https://bugzilla.suse.com/1204414
https://bugzilla.suse.com/1204631
https://bugzilla.suse.com/1204636
https://bugzilla.suse.com/1204693
https://bugzilla.suse.com/1204780
https://bugzilla.suse.com/1204810
https://bugzilla.suse.com/1204850
https://bugzilla.suse.com/1205007
https://bugzilla.suse.com/1205100
https://bugzilla.suse.com/1205111
https://bugzilla.suse.com/1205113
https://bugzilla.suse.com/1205128
https://bugzilla.suse.com/1205130
https://bugzilla.suse.com/1205149
https://bugzilla.suse.com/1205153
https://bugzilla.suse.com/1205220
https://bugzilla.suse.com/1205264
https://bugzilla.suse.com/1205282
https://bugzilla.suse.com/1205331
https://bugzilla.suse.com/1205332
https://bugzilla.suse.com/1205427
https://bugzilla.suse.com/1205428
https://bugzilla.suse.com/1205473
https://bugzilla.suse.com/1205507
https://bugzilla.suse.com/1205514
https://bugzilla.suse.com/1205521
https://bugzilla.suse.com/1205567
https://bugzilla.suse.com/1205616
https://bugzilla.suse.com/1205617
https://bugzilla.suse.com/1205653
https://bugzilla.suse.com/1205671
https://bugzilla.suse.com/1205679
https://bugzilla.suse.com/1205683
https://bugzilla.suse.com/1205700
https://bugzilla.suse.com/1205705
https://bugzilla.suse.com/1205709
https://bugzilla.suse.com/1205711
https://bugzilla.suse.com/1205744
https://bugzilla.suse.com/1205764
https://bugzilla.suse.com/1205796
https://bugzilla.suse.com/1205882
https://bugzilla.suse.com/1205993
https://bugzilla.suse.com/1206035
https://bugzilla.suse.com/1206036
https://bugzilla.suse.com/1206037
https://bugzilla.suse.com/1206045
https://bugzilla.suse.com/1206046
https://bugzilla.suse.com/1206047
https://bugzilla.suse.com/1206048
https://bugzilla.suse.com/1206049
https://bugzilla.suse.com/1206050
https://bugzilla.suse.com/1206051
https://bugzilla.suse.com/1206056
https://bugzilla.suse.com/1206057
https://bugzilla.suse.com/1206113
https://bugzilla.suse.com/1206114
https://bugzilla.suse.com/1206147
https://bugzilla.suse.com/1206149
https://bugzilla.suse.com/1206207
More information about the sle-security-updates
mailing list