SUSE-SU-2022:4053-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Nov 17 20:23:46 UTC 2022


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:4053-1
Rating:             important
References:         #1032323 #1065729 #1152489 #1198702 #1200465 
                    #1200788 #1201725 #1202638 #1202686 #1202700 
                    #1203066 #1203098 #1203387 #1203391 #1203496 
                    #1203802 #1204053 #1204166 #1204168 #1204354 
                    #1204355 #1204382 #1204402 #1204415 #1204417 
                    #1204431 #1204439 #1204470 #1204479 #1204574 
                    #1204575 #1204619 #1204635 #1204637 #1204646 
                    #1204647 #1204653 #1204728 #1204753 #1204754 
                    PED-1931 SLE-13847 SLE-24559 SLE-9246 
Cross-References:   CVE-2021-4037 CVE-2022-2153 CVE-2022-2964
                    CVE-2022-2978 CVE-2022-3176 CVE-2022-3424
                    CVE-2022-3521 CVE-2022-3524 CVE-2022-3535
                    CVE-2022-3542 CVE-2022-3545 CVE-2022-3565
                    CVE-2022-3577 CVE-2022-3586 CVE-2022-3594
                    CVE-2022-3621 CVE-2022-3625 CVE-2022-3629
                    CVE-2022-3640 CVE-2022-3646 CVE-2022-3649
                    CVE-2022-39189 CVE-2022-42703 CVE-2022-43750
                   
CVSS scores:
                    CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
                    CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
                    CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Enterprise Storage 7.1
                    SUSE Linux Enterprise Desktop 15-SP3
                    SUSE Linux Enterprise High Availability 15-SP3
                    SUSE Linux Enterprise High Performance Computing
                    SUSE Linux Enterprise High Performance Computing 15-SP3
                    SUSE Linux Enterprise Micro 5.1
                    SUSE Linux Enterprise Micro 5.2
                    SUSE Linux Enterprise Module for Basesystem 15-SP3
                    SUSE Linux Enterprise Module for Development Tools 15-SP3
                    SUSE Linux Enterprise Module for Legacy Software 15-SP3
                    SUSE Linux Enterprise Module for Live Patching 15-SP3
                    SUSE Linux Enterprise Server
                    SUSE Linux Enterprise Server 15-SP3
                    SUSE Linux Enterprise Server for SAP Applications
                    SUSE Linux Enterprise Server for SAP Applications 15-SP3
                    SUSE Linux Enterprise Workstation Extension 15-SP3
                    SUSE Manager Proxy 4.2
                    SUSE Manager Retail Branch Server 4.2
                    SUSE Manager Server 4.2
                    openSUSE Leap 15.3
                    openSUSE Leap 15.4
                    openSUSE Leap Micro 5.2
______________________________________________________________________________

   An update that solves 24 vulnerabilities, contains four
   features and has 16 fixes is now available.

Description:


   The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2021-4037: Fixed function logic vulnerability that allowed local
     users to create files for the XFS file-system with an unintended group
     ownership and with group execution and SGID permission bits set
     (bnc#1198702).
   - CVE-2022-2153: Fixed vulnerability in KVM that could allow an
     unprivileged local attacker on the host to cause DoS (bnc#1200788).
   - CVE-2022-2964: Fixed memory corruption issues in ax88179_178a devices
     (bnc#1202686).
   - CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
     lead to local privilege escalation or DoS (bnc#1202700).
   - CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
     (bnc#1203391).
   - CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
     gru_fault() and gru_handle_user_call_os() that could lead to kernel
     panic (bsc#1204166).
   - CVE-2022-3521: Fixed race condition in kcm_tx_work() in
     net/kcm/kcmsock.c (bnc#1204355).
   - CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
     handler (bnc#1204354).
   - CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
     drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
   - CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
     drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
   - CVE-2022-3545: Fixed use-after-free in area_cache_get() in
     drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
   - CVE-2022-3565: Fixed use-after-free in del_timer() in
     drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
   - CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
     driver that could lead to local privilege escalation or DoS
     (bnc#1204470).
   - CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
     allow a local unprivileged user to cause a denial of service
     (bnc#1204439).
   - CVE-2022-3594: Fixed excessive data logging in intr_callback() in
     drivers/net/usb/r8152.c (bnc#1204479).
   - CVE-2022-3621: Fixed null pointer dereference in
     nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
   - CVE-2022-3625: Fixed use-after-free in
     devlink_param_set()/devlink_param_get() in net/core/devlink.c
     (bnc#1204637).
   - CVE-2022-3629: Fixed memory leak in vsock_connect() in
     net/vmw_vsock/af_vsock.c (bnc#1204635).
   - CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
     net/bluetooth/l2cap_core.c (bnc#1204619).
   - CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
     fs/nilfs2/segment.c (bnc#1204646).
   - CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
     fs/nilfs2/inode.c (bnc#1204647).
   - CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
     unprivileged guest users to compromise the guest kernel via TLB flush
     operations on preempted vCPU (bnc#1203066).
   - CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
     anon_vma double reuse (bnc#1204168).
   - CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
     client to corrupt the monitor's internal memory (bnc#1204653).

   The following non-security bugs were fixed:

   - ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
     (git-fixes).
   - ACPI: HMAT: Release platform device in case of
     platform_device_add_data() fails (git-fixes).
   - ACPI: extlog: Handle multiple records (git-fixes).
   - ACPI: processor idle: Practically limit "Dummy wait" workaround to old
     Intel systems (bnc#1203802).
   - ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
   - ALSA: Use del_timer_sync() before freeing timer (git-fixes).
   - ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
     (git-fixes).
   - ALSA: aoa: Fix I2S device accounting (git-fixes).
   - ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
     (git-fixes).
   - ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
   - ALSA: au88x0: use explicitly signed char (git-fixes).
   - ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
   - ALSA: hda/hdmi: Do not skip notification handling during PM operation
     (git-fixes).
   - ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
     (git-fixes).
   - ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
   - ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
   - ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
   - ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
   - ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
   - ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
   - ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
     (git-fixes).
   - ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
     (git-fixes).
   - ALSA: hda/sigmatel: Fix unused variable warning for beep power change
     (git-fixes).
   - ALSA: hda/sigmatel: Keep power up while beep is enabled (git-fixes).
   - ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
   - ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
   - ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
   - ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
   - ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
   - ALSA: rme9652: use explicitly signed char (git-fixes).
   - ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
   - ALSA: usb-audio: Fix potential memory leaks (git-fixes).
   - ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
     (git-fixes).
   - ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
   - ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
     (git-fixes).
   - ASoC: nau8824: Fix semaphore unbalance at error paths (git-fixes).
   - ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
   - ASoC: tas2770: Reinit regcache on reset (git-fixes).
   - ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
   - ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
   - ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
   - ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
   - ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
   - Bluetooth: L2CAP: Fix user-after-free (git-fixes).
   - Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
     (git-fixes).
   - Bluetooth: hci_core: Fix not handling link timeouts propertly
     (git-fixes).
   - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
     (git-fixes).
   - HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
   - HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
   - HID: multitouch: Add memory barriers (git-fixes).
   - HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
   - HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
   - HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
   - IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD
     (git-fixes)
   - IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
   - IB/core: Only update PKEY and GID caches on respective events (git-fixes)
   - IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
   - IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
   - IB/hfi1: Fix possible null-pointer dereference in
     _extend_sdma_tx_descs() (git-fixes)
   - IB/mlx4: Add support for REJ due to timeout (git-fixes)
   - IB/mlx4: Use port iterator and validation APIs (git-fixes)
   - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
     (git-fixes)
   - IB/rdmavt: Add __init/__exit annotations to module init/exit funcs
     (git-fixes)
   - IB/srpt: Remove redundant assignment to ret (git-fixes)
   - Input: i8042 - fix refount leak on sparc (git-fixes).
   - Input: xpad - add supported devices as contributed on github (git-fixes).
   - Input: xpad - fix wireless 360 controller breaking after suspend
     (git-fixes).
   - KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
     (git-fixes).
   - KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
   - KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
   - KVM: s390: clear kicked_mask before sleeping again (git-fixes).
   - KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
     (git-fixes).
   - KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
   - KVM: s390: split kvm_s390_real_to_abs (git-fixes).
   - KVM: s390x: fix SCK locking (git-fixes).
   - KVM: x86/emulator: Fix handing of POP SS to correctly set
     interruptibility (git-fixes).
   - PCI: Dynamically map ECAM regions (bsc#1204382).
   - PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
     (git-fixes).
   - PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
     (git-fixes).
   - PM: domains: Fix handling of unavailable/disabled idle states
     (git-fixes).
   - PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
   - RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
   - RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
   - RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
   - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
     (git-fixes)
   - RDMA/cma: Fix arguments order in net device validation (git-fixes)
   - RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
   - RDMA/cxgb4: Remove MW support (git-fixes)
   - RDMA/efa: Free IRQ vectors on error flow (git-fixes)
   - RDMA/efa: Remove double QP type assignment (git-fixes)
   - RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
   - RDMA/hfi1: Fix potential integer multiplication overflow errors
     (git-fixes)
   - RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP
     (git-fixes)
   - RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
   - RDMA/iwcm: Release resources if iw_cm module initialization fails
     (git-fixes)
   - RDMA/mlx4: Return missed an error if device does not support steering
     (git-fixes)
   - RDMA/mlx5: Add missing check for return value in get namespace flow
     (git-fixes)
   - RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
   - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
     (git-fixes)
   - RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled
     (git-fixes)
   - RDMA/mlx5: Set user priority for DCT (git-fixes)
   - RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
     (git-fixes)
   - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
   - RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
   - RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
   - RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
   - RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL
     (git-fixes)
   - RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
   - RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
   - RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
   - RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
   - RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
   - RDMA/rxe: Fix failure during driver load (git-fixes)
   - RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
   - RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
   - RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
   - RDMA/rxe: Fix rnr retry behavior (git-fixes)
   - RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
   - RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
   - RDMA/rxe: Generate a completion for unsupported/invalid opcode
     (git-fixes)
   - RDMA/rxe: Remove unused pkt->offset (git-fixes)
   - RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
   - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     (git-fixes)
   - RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
     (git-fixes)
   - RDMA/siw: Fix a condition race issue in MPA request processing
     (git-fixes)
   - RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
     (git-fixes)
   - RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
   - RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
   - RDMA: Verify port when creating flow rule (git-fixes)
   - RDMA: remove useless condition in siw_create_cq() (git-fixes)
   - RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
   - Revert "drivers/video/backlight/platform_lcd.c: add support for
     (bsc#1152489)
   - Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in
     suspend/resume time" (git-fixes).
   - Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes).
   - Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
   - Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
   - USB: serial: console: move mutex_unlock() before usb_serial_put()
     (git-fixes).
   - USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
   - USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
   - USB: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
   - USB: serial: option: add Quectel RM520N (git-fixes).
   - USB: serial: option: add Quectel RM520N (git-fixes).
   - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     (git-fixes).
   - USB: serial: qcserial: add new usb-id for Dell branded EM7455
     (git-fixes).
   - arm64: assembler: add cond_yield macro (git-fixes)
   - ata: fix ata_id_has_devslp() (git-fixes).
   - ata: fix ata_id_has_dipm() (git-fixes).
   - ata: fix ata_id_has_ncq_autosense() (git-fixes).
   - ata: fix ata_id_sense_reporting_enabled() and
     ata_id_has_sense_reporting() (git-fixes).
   - ata: libahci_platform: Sanity check the DT child nodes number
     (git-fixes).
   - can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
   - can: gs_usb: gs_can_open(): fix race dev->can.state condition
     (git-fixes).
   - can: kvaser_usb: Fix possible completions during init_completion
     (git-fixes).
   - can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
   - can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
   - can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
   - can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
     error path (git-fixes).
   - cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
   - clk: bcm2835: Make peripheral PLLC critical (git-fixes).
   - clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
     (git-fixes).
   - clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
   - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
     (git-fixes).
   - clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
   - clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
     (git-fixes).
   - clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
   - clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
     (git-fixes).
   - clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
   - clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
   - clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
   - clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
   - clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
     (git-fixes).
   - clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
   - clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
     (git-fixes).
   - crypto: akcipher - default implementation for setting a private key
     (git-fixes).
   - crypto: arm64/sha - fix function types (git-fixes)
   - crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
   - crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
   - crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
   - crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
   - crypto: cavium - prevent integer overflow loading firmware (git-fixes).
   - crypto: ccp - Release dma channels before dmaengine unrgister
     (git-fixes).
   - crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
   - device property: Fix documentation for *_match_string() APIs (git-fixes).
   - dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
     __cleanup() (git-fixes).
   - dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
     API failure (git-fixes).
   - dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
     (git-fixes).
   - docs: update mediator information in CoC docs (git-fixes).
   - drivers: serial: jsm: fix some leaks in probe (git-fixes).
   - drm/amd/display: Limit user regamma to a valid value (git-fixes).
   - drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
   - drm/amdgpu: fix initial connector audio value (git-fixes).
   - drm/amdgpu: use dirty framebuffer helper (git-fixes).
   - drm/bridge: Avoid uninitialized variable warning (git-fixes).
   - drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
   - drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
   - drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
   - drm/mipi-dsi: Detach devices when removing the host (git-fixes).
   - drm/msm/dpu: Fix comment typo (git-fixes).
   - drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
   - drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
   - drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
   - drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
   - drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
   - drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
     (git-fixes).
   - drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
     (git-fixes).
   - drm/omap: dss: Fix refcount leak bugs (git-fixes).
   - drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
   - drm/scheduler: quieten kernel-doc warnings (git-fixes).
   - drm/udl: Restore display mode on resume (git-fixes).
   - drm: Prevent drm_copy_field() to attempt copying a NULL pointer
     (git-fixes).
   - drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
   - drm: bridge: adv7511: fix CEC power down control register offset
     (git-fixes).
   - drm: fix drm_mipi_dbi build errors (git-fixes).
   - drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
   - drm:pl111: Add of_node_put() when breaking out of
     for_each_available_child_of_node() (git-fixes).
   - dyndbg: fix module.dyndbg handling (git-fixes).
   - dyndbg: let query-modname override actual module name (git-fixes).
   - efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
   - efi: libstub: drop pointless get_memory_map() call (git-fixes).
   - exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053
     bsc#1201725).
   - fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
   - fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
   - firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
   - firmware: google: Test spinlock on panic path to avoid lockups
     (git-fixes).
   - fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
     (git-fixes).
   - gpio: rockchip: request GPIO mux to pinctrl when setting direction
     (git-fixes).
   - hid: hid-logitech-hidpp: avoid unnecessary assignments in
     hidpp_connect_event (git-fixes).
   - hwmon/coretemp: Handle large core ID value (git-fixes).
   - iio: ABI: Fix wrong format of differential capacitance channel ABI
     (git-fixes).
   - iio: adc: ad7923: fix channel readings for some variants (git-fixes).
   - iio: adc: at91-sama5d2_adc: check return status for pressure and touch
     (git-fixes).
   - iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
   - iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
     (git-fixes).
   - iio: adc: mcp3911: use correct id bits (git-fixes).
   - iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
   - iio: inkern: only release the device node when done with it (git-fixes).
   - iio: light: tsl2583: Fix module unloading (git-fixes).
   - iio: pressure: dps310: Refactor startup procedure (git-fixes).
   - iio: pressure: dps310: Reset chip after timeout (git-fixes).
   - irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
     (git-fixes).
   - kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
   - kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
   - kbuild: remove the target in signal traps when interrupted (git-fixes).
   - kbuild: sink stdout from cmd for silent build (git-fixes).
   - kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
     (jsc#SLE-24559).
   - kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
   - lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
     (git-fixes).
   - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
     (git-fixes).
   - locking/csd_lock: Change csdlock_debug from early_param to __setup
     (git-fixes).
   - mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
   - mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
   - mac802154: Fix LQI recording (git-fixes).
   - mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
   - media: aspeed-video: ignore interrupts that are not enabled (git-fixes).
   - media: cedrus: Set the platform driver data earlier (git-fixes).
   - media: coda: Add more H264 levels for CODA960 (git-fixes).
   - media: coda: Fix reported H264 profile (git-fixes).
   - media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
   - media: dvb_vb2: fix possible out of bound access (git-fixes).
   - media: v4l2-dv-timings: add sanity checks for blanking values
     (git-fixes).
   - media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
     (git-fixes).
   - media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
     (git-fixes).
   - memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
   - memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
     (git-fixes).
   - mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
     (git-fixes).
   - mfd: intel_soc_pmic: Fix an error handling path in
     intel_soc_pmic_i2c_probe() (git-fixes).
   - mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
     lp8788_irq_init() (git-fixes).
   - mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
   - mfd: sm501: Add check for platform_driver_register() (git-fixes).
   - misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
   - mm, memcg: avoid stale protection values when cgroup is above protection
     (bsc#1204754).
   - mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
     (bsc#1204575).
   - mm: memcontrol: fix occasional OOMs due to proportional memory.low
     reclaim (bsc#1204754).
   - mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
   - mmc: core: Fix kernel panic when remove non-standard SDIO card
     (git-fixes).
   - mmc: core: Replace with already defined values for readability
     (git-fixes).
   - mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
   - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
   - mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
   - mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
   - mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
     (git-fixes).
   - mtd: devices: docg3: check the return value of devm_ioremap() in the
     probe (git-fixes).
   - mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
   - mtd: rawnand: marvell: Use correct logic for nand-keep-config
     (git-fixes).
   - mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
     (git-fixes).
   - net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
   - net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
   - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
   - net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
   - net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
   - openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
   - openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
   - openvswitch: switch from WARN to pr_warn (git-fixes).
   - padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).
   - padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).
   - parisc/sticon: fix reverse colors (bsc#1152489) Backporting notes: 	*
     context changes
   - parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)
   - phy: qualcomm: call clk_disable_unprepare in the error handling
     (git-fixes).
   - pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
   - pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
     (git-fixes).
   - pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
   - pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
     (git-fixes).
   - platform/x86: msi-laptop: Change DMI match / alias strings to fix module
     autoloading (git-fixes).
   - platform/x86: msi-laptop: Fix old-ec check for backlight registering
     (git-fixes).
   - platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
   - power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
     (git-fixes).
   - powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
   - powerpc/fadump: align destination address to pagesize (bsc#1204728
     ltc#200074).
   - powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
     (jsc#SLE-13847 git-fixes).
   - powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
   - powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h
     (bsc#1065729).
   - powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
   - powerpc/powernv: add missing of_node_put() in opal_export_attrs()
     (bsc#1065729).
   - powerpc/pseries: Interface to represent PAPR firmware attributes
     (bsc#1200465 ltc#197256 jsc#PED-1931).
   - quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
   - regulator: pfuze100: Fix the global-out-of-bounds access in
     pfuze100_regulator_probe() (git-fixes).
   - regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
   - reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
   - rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
   - rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
     (git-fixes).
   - s390/hypfs: avoid error message under KVM (bsc#1032323).
   - sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
     (git-fixes).
   - sbitmap: fix possible io hung due to lost wakeup (git-fixes).
   - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
     (git-fixes).
   - scsi: mpt3sas: Fix return value check of dma_get_required_mask()
     (git-fixes).
   - scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
   - selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
     ltc#197256 jsc#PED-1931).
   - selftests/powerpc: Skip energy_scale_info test on older firmware
     (git-fixes).
   - serial: Create uart_xmit_advance() (git-fixes).
   - serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
     (git-fixes).
   - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
     (git-fixes).
   - soc: qcom: smem_state: Add refcounting for the 'state->of_node'
     (git-fixes).
   - soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
   - soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
   - soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
   - soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
   - soc: sunxi_sram: Make use of the helper function
     devm_platform_ioremap_resource() (git-fixes).
   - spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
     (git-fixes).
   - spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
   - spi: qup: add missing clk_disable_unprepare on error in
     spi_qup_pm_resume_runtime() (git-fixes).
   - spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
     (git-fixes).
   - spi: s3c64xx: Fix large transfers with DMA (git-fixes).
   - staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
     (git-fixes).
   - staging: vt6655: fix potential memory leak (git-fixes).
   - staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
   - struct pci_config_window kABI workaround (bsc#1204382).
   - thermal: intel_powerclamp: Use first online CPU as control_cpu
     (git-fixes).
   - thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
     to avoid crash (git-fixes).
   - tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data
     (git-fixes).
   - tty: serial: fsl_lpuart: disable dma rx/tx use flags in
     lpuart_dma_shutdown (git-fixes).
   - tty: xilinx_uartps: Fix the ignore_status (git-fixes).
   - uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
   - uas: ignore UAS for Thinkplus chips (git-fixes).
   - usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
   - usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
   - usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
   - usb: bdc: change state when port disconnected (git-fixes).
   - usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
     (git-fixes).
   - usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
   - usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
   - usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
   - usb: gadget: function: fix dangling pnp_string in f_printer.c
     (git-fixes).
   - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
     (git-fixes).
   - usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
   - usb: mon: make mmapped memory read only (git-fixes).
   - usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
   - usb: typec: ucsi: Remove incorrect warning (git-fixes).
   - usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).
   - usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).
   - usb: xhci-mtk: add some schedule error number (git-fixes).
   - usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).
   - usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).
   - usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
     (git-fixes).
   - vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
   - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
     (git-fixes).
   - watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
   - watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
     (git-fixes).
   - wifi: ath10k: add peer map clean up for peer delete in
     ath10k_sta_state() (git-fixes).
   - wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
   - wifi: brcmfmac: fix invalid address access when enabling SCAN log level
     (git-fixes).
   - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
     (git-fixes).
   - wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
   - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
     (other cases) (git-fixes).
   - wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
   - wifi: mac80211: allow bw change during channel switch in mesh
     (git-fixes).
   - wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
     fast-rx (git-fixes).
   - wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
   - wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
   - wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
   - wifi: rt2x00: set SoC wmac clock register (git-fixes).
   - wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
   - wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
   - wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
   - wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
   - wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
   - wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
     (git-fixes).
   - wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
   - wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
     (git-fixes).
   - xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
   - xfs: enable big timestamps (bsc#1203387).
   - xfs: enable new inode btree counters feature (bsc#1203387).
   - xfs: explicitly define inode timestamp range (bsc#1203387).
   - xfs: fix memory corruption during remote attr value buffer invalidation
     (git-fixes).
   - xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
   - xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
   - xfs: move incore structures out of xfs_da_format.h (git-fixes).
   - xfs: quota: move to time64_t interfaces (bsc#1203387).
   - xfs: redefine xfs_ictimestamp_t (bsc#1203387).
   - xfs: redefine xfs_timestamp_t (bsc#1203387).
   - xfs: refactor remote attr value buffer invalidation (git-fixes).
   - xfs: remove obsolete AGF counter debugging (git-fixes).
   - xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
   - xfs: reserve data and rt quota at the same time (bsc#1203496).
   - xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
   - xfs: store inode btree block counts in AGI header (bsc#1203387).
   - xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
   - xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
   - xfs: use the finobt block counts to speed up mount times (bsc#1203387).
   - xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
   - xfs: widen ondisk quota expiration timestamps to handle y2038+
     (bsc#1203387).
   - xhci: Do not show warning for reinit on known broken suspend (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap Micro 5.2:

      zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4053=1

   - openSUSE Leap 15.4:

      zypper in -t patch openSUSE-SLE-15.4-2022-4053=1

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-SLE-15.3-2022-4053=1

   - SUSE Linux Enterprise Workstation Extension 15-SP3:

      zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4053=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-4053=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise Module for Legacy Software 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-4053=1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4053=1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4053=1

   - SUSE Linux Enterprise Micro 5.2:

      zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4053=1

   - SUSE Linux Enterprise Micro 5.1:

      zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4053=1

   - SUSE Linux Enterprise High Availability 15-SP3:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-4053=1



Package List:

   - openSUSE Leap Micro 5.2 (aarch64 x86_64):

      kernel-default-5.3.18-150300.59.101.1
      kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1

   - openSUSE Leap 15.4 (aarch64):

      dtb-al-5.3.18-150300.59.101.1
      dtb-zte-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150300.59.101.1
      cluster-md-kmp-default-debuginfo-5.3.18-150300.59.101.1
      dlm-kmp-default-5.3.18-150300.59.101.1
      dlm-kmp-default-debuginfo-5.3.18-150300.59.101.1
      gfs2-kmp-default-5.3.18-150300.59.101.1
      gfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-5.3.18-150300.59.101.1
      kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-base-rebuild-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      kernel-default-devel-5.3.18-150300.59.101.1
      kernel-default-devel-debuginfo-5.3.18-150300.59.101.1
      kernel-default-extra-5.3.18-150300.59.101.1
      kernel-default-extra-debuginfo-5.3.18-150300.59.101.1
      kernel-default-livepatch-5.3.18-150300.59.101.1
      kernel-default-livepatch-devel-5.3.18-150300.59.101.1
      kernel-default-optional-5.3.18-150300.59.101.1
      kernel-default-optional-debuginfo-5.3.18-150300.59.101.1
      kernel-obs-build-5.3.18-150300.59.101.1
      kernel-obs-build-debugsource-5.3.18-150300.59.101.1
      kernel-obs-qa-5.3.18-150300.59.101.1
      kernel-syms-5.3.18-150300.59.101.1
      kselftests-kmp-default-5.3.18-150300.59.101.1
      kselftests-kmp-default-debuginfo-5.3.18-150300.59.101.1
      ocfs2-kmp-default-5.3.18-150300.59.101.1
      ocfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
      reiserfs-kmp-default-5.3.18-150300.59.101.1
      reiserfs-kmp-default-debuginfo-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (aarch64 x86_64):

      cluster-md-kmp-preempt-5.3.18-150300.59.101.1
      cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
      dlm-kmp-preempt-5.3.18-150300.59.101.1
      dlm-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
      gfs2-kmp-preempt-5.3.18-150300.59.101.1
      gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-5.3.18-150300.59.101.1
      kernel-preempt-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-debugsource-5.3.18-150300.59.101.1
      kernel-preempt-devel-5.3.18-150300.59.101.1
      kernel-preempt-devel-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-extra-5.3.18-150300.59.101.1
      kernel-preempt-extra-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-livepatch-devel-5.3.18-150300.59.101.1
      kernel-preempt-optional-5.3.18-150300.59.101.1
      kernel-preempt-optional-debuginfo-5.3.18-150300.59.101.1
      kselftests-kmp-preempt-5.3.18-150300.59.101.1
      kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
      ocfs2-kmp-preempt-5.3.18-150300.59.101.1
      ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.101.1
      reiserfs-kmp-preempt-5.3.18-150300.59.101.1
      reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (ppc64le x86_64):

      kernel-debug-5.3.18-150300.59.101.1
      kernel-debug-debuginfo-5.3.18-150300.59.101.1
      kernel-debug-debugsource-5.3.18-150300.59.101.1
      kernel-debug-devel-5.3.18-150300.59.101.1
      kernel-debug-devel-debuginfo-5.3.18-150300.59.101.1
      kernel-debug-livepatch-devel-5.3.18-150300.59.101.1
      kernel-kvmsmall-5.3.18-150300.59.101.1
      kernel-kvmsmall-debuginfo-5.3.18-150300.59.101.1
      kernel-kvmsmall-debugsource-5.3.18-150300.59.101.1
      kernel-kvmsmall-devel-5.3.18-150300.59.101.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.101.1
      kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (aarch64):

      cluster-md-kmp-64kb-5.3.18-150300.59.101.1
      cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
      dlm-kmp-64kb-5.3.18-150300.59.101.1
      dlm-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
      dtb-al-5.3.18-150300.59.101.1
      dtb-allwinner-5.3.18-150300.59.101.1
      dtb-altera-5.3.18-150300.59.101.1
      dtb-amd-5.3.18-150300.59.101.1
      dtb-amlogic-5.3.18-150300.59.101.1
      dtb-apm-5.3.18-150300.59.101.1
      dtb-arm-5.3.18-150300.59.101.1
      dtb-broadcom-5.3.18-150300.59.101.1
      dtb-cavium-5.3.18-150300.59.101.1
      dtb-exynos-5.3.18-150300.59.101.1
      dtb-freescale-5.3.18-150300.59.101.1
      dtb-hisilicon-5.3.18-150300.59.101.1
      dtb-lg-5.3.18-150300.59.101.1
      dtb-marvell-5.3.18-150300.59.101.1
      dtb-mediatek-5.3.18-150300.59.101.1
      dtb-nvidia-5.3.18-150300.59.101.1
      dtb-qcom-5.3.18-150300.59.101.1
      dtb-renesas-5.3.18-150300.59.101.1
      dtb-rockchip-5.3.18-150300.59.101.1
      dtb-socionext-5.3.18-150300.59.101.1
      dtb-sprd-5.3.18-150300.59.101.1
      dtb-xilinx-5.3.18-150300.59.101.1
      dtb-zte-5.3.18-150300.59.101.1
      gfs2-kmp-64kb-5.3.18-150300.59.101.1
      gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
      kernel-64kb-5.3.18-150300.59.101.1
      kernel-64kb-debuginfo-5.3.18-150300.59.101.1
      kernel-64kb-debugsource-5.3.18-150300.59.101.1
      kernel-64kb-devel-5.3.18-150300.59.101.1
      kernel-64kb-devel-debuginfo-5.3.18-150300.59.101.1
      kernel-64kb-extra-5.3.18-150300.59.101.1
      kernel-64kb-extra-debuginfo-5.3.18-150300.59.101.1
      kernel-64kb-livepatch-devel-5.3.18-150300.59.101.1
      kernel-64kb-optional-5.3.18-150300.59.101.1
      kernel-64kb-optional-debuginfo-5.3.18-150300.59.101.1
      kselftests-kmp-64kb-5.3.18-150300.59.101.1
      kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
      ocfs2-kmp-64kb-5.3.18-150300.59.101.1
      ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.101.1
      reiserfs-kmp-64kb-5.3.18-150300.59.101.1
      reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (noarch):

      kernel-devel-5.3.18-150300.59.101.1
      kernel-docs-5.3.18-150300.59.101.1
      kernel-docs-html-5.3.18-150300.59.101.1
      kernel-macros-5.3.18-150300.59.101.1
      kernel-source-5.3.18-150300.59.101.1
      kernel-source-vanilla-5.3.18-150300.59.101.1

   - openSUSE Leap 15.3 (s390x):

      kernel-zfcpdump-5.3.18-150300.59.101.1
      kernel-zfcpdump-debuginfo-5.3.18-150300.59.101.1
      kernel-zfcpdump-debugsource-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      kernel-default-extra-5.3.18-150300.59.101.1
      kernel-default-extra-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-debugsource-5.3.18-150300.59.101.1
      kernel-preempt-extra-5.3.18-150300.59.101.1
      kernel-preempt-extra-debuginfo-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      kernel-default-livepatch-5.3.18-150300.59.101.1
      kernel-default-livepatch-devel-5.3.18-150300.59.101.1
      kernel-livepatch-5_3_18-150300_59_101-default-1-150300.7.3.1

   - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      reiserfs-kmp-default-5.3.18-150300.59.101.1
      reiserfs-kmp-default-debuginfo-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-5.3.18-150300.59.101.1
      kernel-obs-build-debugsource-5.3.18-150300.59.101.1
      kernel-syms-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):

      kernel-preempt-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-debugsource-5.3.18-150300.59.101.1
      kernel-preempt-devel-5.3.18-150300.59.101.1
      kernel-preempt-devel-debuginfo-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):

      kernel-docs-5.3.18-150300.59.101.1
      kernel-source-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-5.3.18-150300.59.101.1
      kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      kernel-default-devel-5.3.18-150300.59.101.1
      kernel-default-devel-debuginfo-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):

      kernel-preempt-5.3.18-150300.59.101.1
      kernel-preempt-debuginfo-5.3.18-150300.59.101.1
      kernel-preempt-debugsource-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):

      kernel-64kb-5.3.18-150300.59.101.1
      kernel-64kb-debuginfo-5.3.18-150300.59.101.1
      kernel-64kb-debugsource-5.3.18-150300.59.101.1
      kernel-64kb-devel-5.3.18-150300.59.101.1
      kernel-64kb-devel-debuginfo-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):

      kernel-devel-5.3.18-150300.59.101.1
      kernel-macros-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):

      kernel-zfcpdump-5.3.18-150300.59.101.1
      kernel-zfcpdump-debuginfo-5.3.18-150300.59.101.1
      kernel-zfcpdump-debugsource-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):

      kernel-default-5.3.18-150300.59.101.1
      kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):

      kernel-default-5.3.18-150300.59.101.1
      kernel-default-base-5.3.18-150300.59.101.1.150300.18.58.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1

   - SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150300.59.101.1
      cluster-md-kmp-default-debuginfo-5.3.18-150300.59.101.1
      dlm-kmp-default-5.3.18-150300.59.101.1
      dlm-kmp-default-debuginfo-5.3.18-150300.59.101.1
      gfs2-kmp-default-5.3.18-150300.59.101.1
      gfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debuginfo-5.3.18-150300.59.101.1
      kernel-default-debugsource-5.3.18-150300.59.101.1
      ocfs2-kmp-default-5.3.18-150300.59.101.1
      ocfs2-kmp-default-debuginfo-5.3.18-150300.59.101.1


References:

   https://www.suse.com/security/cve/CVE-2021-4037.html
   https://www.suse.com/security/cve/CVE-2022-2153.html
   https://www.suse.com/security/cve/CVE-2022-2964.html
   https://www.suse.com/security/cve/CVE-2022-2978.html
   https://www.suse.com/security/cve/CVE-2022-3176.html
   https://www.suse.com/security/cve/CVE-2022-3424.html
   https://www.suse.com/security/cve/CVE-2022-3521.html
   https://www.suse.com/security/cve/CVE-2022-3524.html
   https://www.suse.com/security/cve/CVE-2022-3535.html
   https://www.suse.com/security/cve/CVE-2022-3542.html
   https://www.suse.com/security/cve/CVE-2022-3545.html
   https://www.suse.com/security/cve/CVE-2022-3565.html
   https://www.suse.com/security/cve/CVE-2022-3577.html
   https://www.suse.com/security/cve/CVE-2022-3586.html
   https://www.suse.com/security/cve/CVE-2022-3594.html
   https://www.suse.com/security/cve/CVE-2022-3621.html
   https://www.suse.com/security/cve/CVE-2022-3625.html
   https://www.suse.com/security/cve/CVE-2022-3629.html
   https://www.suse.com/security/cve/CVE-2022-3640.html
   https://www.suse.com/security/cve/CVE-2022-3646.html
   https://www.suse.com/security/cve/CVE-2022-3649.html
   https://www.suse.com/security/cve/CVE-2022-39189.html
   https://www.suse.com/security/cve/CVE-2022-42703.html
   https://www.suse.com/security/cve/CVE-2022-43750.html
   https://bugzilla.suse.com/1032323
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1152489
   https://bugzilla.suse.com/1198702
   https://bugzilla.suse.com/1200465
   https://bugzilla.suse.com/1200788
   https://bugzilla.suse.com/1201725
   https://bugzilla.suse.com/1202638
   https://bugzilla.suse.com/1202686
   https://bugzilla.suse.com/1202700
   https://bugzilla.suse.com/1203066
   https://bugzilla.suse.com/1203098
   https://bugzilla.suse.com/1203387
   https://bugzilla.suse.com/1203391
   https://bugzilla.suse.com/1203496
   https://bugzilla.suse.com/1203802
   https://bugzilla.suse.com/1204053
   https://bugzilla.suse.com/1204166
   https://bugzilla.suse.com/1204168
   https://bugzilla.suse.com/1204354
   https://bugzilla.suse.com/1204355
   https://bugzilla.suse.com/1204382
   https://bugzilla.suse.com/1204402
   https://bugzilla.suse.com/1204415
   https://bugzilla.suse.com/1204417
   https://bugzilla.suse.com/1204431
   https://bugzilla.suse.com/1204439
   https://bugzilla.suse.com/1204470
   https://bugzilla.suse.com/1204479
   https://bugzilla.suse.com/1204574
   https://bugzilla.suse.com/1204575
   https://bugzilla.suse.com/1204619
   https://bugzilla.suse.com/1204635
   https://bugzilla.suse.com/1204637
   https://bugzilla.suse.com/1204646
   https://bugzilla.suse.com/1204647
   https://bugzilla.suse.com/1204653
   https://bugzilla.suse.com/1204728
   https://bugzilla.suse.com/1204753
   https://bugzilla.suse.com/1204754



More information about the sle-security-updates mailing list