SUSE-SU-2023:0433-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Feb 16 11:23:44 UTC 2023


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2023:0433-1
Rating:             important
References:         #1065729 #1185861 #1185863 #1186449 #1191256 
                    #1192868 #1193629 #1194869 #1195175 #1195655 
                    #1196058 #1199701 #1204063 #1204356 #1204662 
                    #1205495 #1206006 #1206036 #1206056 #1206057 
                    #1206258 #1206363 #1206459 #1206616 #1206677 
                    #1206784 #1207010 #1207034 #1207036 #1207050 
                    #1207125 #1207134 #1207149 #1207158 #1207184 
                    #1207186 #1207190 #1207237 #1207263 #1207269 
                    #1207497 #1207500 #1207501 #1207506 #1207507 
                    #1207734 #1207769 #1207795 #1207842 #1207878 
                    #1207933 SLE-21132 SLE-24682 
Cross-References:   CVE-2020-24588 CVE-2022-4382 CVE-2022-47929
                    CVE-2023-0122 CVE-2023-0179 CVE-2023-0266
                    CVE-2023-0590 CVE-2023-23454 CVE-2023-23455
                   
CVSS scores:
                    CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
                    CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
                    CVE-2022-4382 (NVD) : 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-4382 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
                    CVE-2023-0122 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-0122 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-0179 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-0266 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-0266 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-0590 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-23454 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-23454 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2023-23455 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2023-23455 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Linux Enterprise Desktop 15-SP4
                    SUSE Linux Enterprise High Availability 15-SP4
                    SUSE Linux Enterprise High Performance Computing
                    SUSE Linux Enterprise High Performance Computing 15-SP4
                    SUSE Linux Enterprise Micro 5.3
                    SUSE Linux Enterprise Module for Basesystem 15-SP4
                    SUSE Linux Enterprise Module for Development Tools 15-SP4
                    SUSE Linux Enterprise Module for Legacy Software 15-SP4
                    SUSE Linux Enterprise Module for Live Patching 15-SP4
                    SUSE Linux Enterprise Server
                    SUSE Linux Enterprise Server 15-SP4
                    SUSE Linux Enterprise Server for SAP Applications
                    SUSE Linux Enterprise Server for SAP Applications 15-SP4
                    SUSE Linux Enterprise Workstation Extension 15-SP4
                    SUSE Manager Proxy 4.3
                    SUSE Manager Retail Branch Server 4.3
                    SUSE Manager Server 4.3
                    openSUSE Leap 15.4
                    openSUSE Leap Micro 5.3
______________________________________________________________________________

   An update that solves 9 vulnerabilities, contains two
   features and has 42 fixes is now available.

Description:

   The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in
     net/sched/sch_atm.c because of type confusion (non-negative numbers can
     sometimes indicate a TC_ACT_SHOT condition rather than valid
     classification results) (bsc#1207125).
   - CVE-2023-23454: Fixed denial or service in cbq_classify in
     net/sched/sch_cbq.c (bnc#1207036).
   - CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
   - CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
     package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that
     could have been used in a use-after-free that could have resulted in a
     priviledge escalation to gain ring0 access from the system user
     (bsc#1207134).
   - CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header
     bits (bsc#1207034).
   - CVE-2023-0122: Fixed a NULL pointer dereference vulnerability in
     nvmet_setup_auth(), that allowed an attacker to perform a Pre-Auth
     Denial of Service (DoS) attack on a remote machine (bnc#1207050).
   - CVE-2022-4382: Fixed a use-after-free flaw that was caused by a race
     condition among the superblock operations inside the gadgetfs code
     (bsc#1206258).
   - CVE-2020-24588: Fixed injection of arbitrary network packets against
     devices that support receiving non-SSP A-MSDU frames (which is mandatory
     as part of 802.11n) (bsc#1199701).

   The following non-security bugs were fixed:

   - ACPI: EC: Fix EC address space handler unregistration (bsc#1207149).
   - ACPI: EC: Fix ECDT probe ordering issues (bsc#1207149).
   - ACPI: PRM: Check whether EFI runtime is available (git-fixes).
   - ACPICA: Allow address_space_handler Install and _REG execution as 2
     separate steps (bsc#1207149).
   - ACPICA: include/acpi/acpixf.h: Fix indentation (bsc#1207149).
   - ALSA: control-led: use strscpy in set_led_id() (git-fixes).
   - ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
     (git-fixes).
   - ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list (git-fixes).
   - ALSA: hda/realtek - Turn on power early (git-fixes).
   - ALSA: hda/realtek: Add Acer Predator PH315-54 (git-fixes).
   - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
     (git-fixes).
   - ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform
     (git-fixes).
   - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
   - ALSA: hda/realtek: fix mute/micmute LEDs, speaker do not work for a HP
     platform (git-fixes).
   - ALSA: hda/via: Avoid potential array out-of-bound in
     add_secret_dac_path() (git-fixes).
   - ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle
     (git-fixes).
   - ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume
     (git-fixes).
   - ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
     (git-fixes).
   - ALSA: usb-audio: Make sure to stop endpoints before closing EPs
     (git-fixes).
   - ALSA: usb-audio: Relax hw constraints for implicit fb sync (git-fixes).
   - ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 (git-fixes).
   - ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' (git-fixes).
   - ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' (git-fixes).
   - ARM: dts: imx7d-pico: Use 'clock-frequency' (git-fixes).
   - ARM: dts: imx: Fix pca9547 i2c-mux node name (git-fixes).
   - ARM: dts: vf610: Fix pca9548 i2c-mux node names (git-fixes).
   - ARM: imx: add missing of_node_put() (git-fixes).
   - ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
     (git-fixes).
   - ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
     (git-fixes).
   - ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets (git-fixes).
   - ASoC: fsl_micfil: Correct the number of steps on SX controls (git-fixes).
   - ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
     (git-fixes).
   - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (git-fixes).
   - ASoC: wm8904: fix wrong outputs volume after power reactivation
     (git-fixes).
   - Bluetooth: Fix possible deadlock in rfcomm_sk_state_change (git-fixes).
   - Bluetooth: hci_qca: Fix driver shutdown on closed serdev (git-fixes).
   - Documentation: Remove bogus claim about del_timer_sync() (git-fixes).
   - HID: betop: check shape of output reports (git-fixes).
   - HID: betop: check shape of output reports (git-fixes, bsc#1207186).
   - HID: check empty report_list in bigben_probe() (git-fixes).
   - HID: check empty report_list in hid_validate_values() (git-fixes).
   - HID: drop assumptions on non-empty lists (git-fixes, bsc#1206784).
   - HID: intel_ish-hid: Add check for ishtp_dma_tx_map (git-fixes).
   - HID: playstation: sanity check DualSense calibration data (git-fixes).
   - HID: revert CHERRY_MOUSE_000C quirk (git-fixes).
   - IB/hfi1: Fix expected receive setup error exit issues (git-fixes)
   - IB/hfi1: Immediately remove invalid memory from hardware (git-fixes)
   - IB/hfi1: Reject a zero-length user expected buffer (git-fixes)
   - IB/hfi1: Remove user expected buffer invalidate race (git-fixes)
   - IB/hfi1: Reserve user expected TIDs (git-fixes)
   - IB/mad: Do not call to function that might sleep while in atomic context
     (git-fixes).
   - KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init()
     (bsc#1206616).
   - PCI/PM: Define pci_restore_standard_config() only for CONFIG_PM_SLEEP
     (bsc#1207269).
   - PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() (git-fixes).
   - RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
   - RDMA/core: Fix ib block iterator counter overflow (git-fixes)
   - RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (git-fixes)
   - RDMA/mlx5: Fix validation of max_rd_atomic caps for DC (git-fixes)
   - RDMA/rxe: Prevent faulty rkey generation (git-fixes)
   - RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
   - Revert "ARM: dts: armada-38x: Fix compatible string for gpios"
     (git-fixes).
   - Revert "ARM: dts: armada-39x: Fix compatible string for gpios"
     (git-fixes).
   - Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to
     RMI mode" (git-fixes).
   - Revert "Revert "block, bfq: honor already-setup queue merges""
     (git-fixes).
   - Revert "arm64: dts: meson-sm1-odroid-hc4: disable unused USB PHY0"
     (git-fixes).
   - Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
     (git-fixes).
   - SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
   - SUNRPC: Use BIT() macro in rpc_show_xprt_state() (git-fixes).
   - USB: gadget: Fix use-after-free during usb config switch (git-fixes).
   - USB: misc: iowarrior: fix up header size for
     USB_DEVICE_ID_CODEMERCS_IOW100 (git-fixes).
   - USB: serial: cp210x: add SCALANCE LPE-9000 device id (git-fixes).
   - USB: serial: option: add Quectel EC200U modem (git-fixes).
   - USB: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
   - USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
   - USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
   - USB: serial: option: add Quectel EM05CN (SG) modem (git-fixes).
   - USB: serial: option: add Quectel EM05CN modem (git-fixes).
   - VMCI: Use threaded irqs instead of tasklets (git-fixes).
   - arm64: atomics: format whitespace consistently (git-fixes).
   - arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux (git-fixes).
   - arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity
     (git-fixes).
   - arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX (git-fixes).
   - arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI (git-fixes).
   - arm64: dts: qcom: msm8992-libra: Add CPU regulators (git-fixes).
   - arm64: dts: qcom: msm8992-libra: Fix the memory map (git-fixes).
   - arm64: dts: qcom: msm8992: Do not use sfpb mutex (git-fixes).
   - arm64: efi: Execute runtime services from a dedicated stack (git-fixes).
   - ata: libata: Fix sata_down_spd_limit() when no link speed is reported
     (git-fixes).
   - ath11k: Fix unexpected return buffer manager error for QCA6390
     (git-fixes).
   - bcache: fix set_at_max_writeback_rate() for multiple attached devices
     (git-fixes).
   - bfq: fix use-after-free in bfq_dispatch_request (git-fixes).
   - bfq: fix waker_bfqq inconsistency crash (git-fixes).
   - blk-throttle: prevent overflow while calculating wait time (git-fixes).
   - blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() (git-fixes).
   - blktrace: Fix output non-blktrace event when blk_classic option enabled
     (git-fixes).
   - block, bfq: do not move oom_bfqq (git-fixes).
   - block, bfq: fix null pointer dereference in bfq_bio_bfqg() (git-fixes).
   - block, bfq: fix possible uaf for 'bfqq->bic' (git-fixes).
   - block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq (git-fixes).
   - block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
   - block/bfq_wf2q: correct weight to ioprio (git-fixes).
   - block/bio: remove duplicate append pages code (git-fixes).
   - block: check minor range in device_add_disk() (git-fixes).
   - block: ensure iov_iter advances for added pages (git-fixes).
   - block: fix infinite loop for invalid zone append (git-fixes).
   - block: mq-deadline: Fix dd_finish_request() for zoned devices
     (git-fixes).
   - block: use bdev_get_queue() in bio.c (git-fixes).
   - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
     (git-fixes).
   - bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (git-fixes).
   - bnxt_en: Remove debugfs when pci_register_driver failed (git-fixes).
   - bnxt_en: add dynamic debug support for HWRM messages (git-fixes).
   - bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
     (git-fixes).
   - bnxt_en: fix the handling of PCIE-AER (git-fixes).
   - bnxt_en: refactor bnxt_cancel_reservations() (git-fixes).
   - btrfs: add helper to delete a dir entry from a log tree (bsc#1207263).
   - btrfs: avoid inode logging during rename and link when possible
     (bsc#1207263).
   - btrfs: avoid logging all directory changes during renames (bsc#1207263).
   - btrfs: backport recent fixes for send/receive into SLE15 SP4/SP5
     (bsc#1206036 bsc#1207500 ltc#201363).
   - btrfs: do not log unnecessary boundary keys when logging directory
     (bsc#1207263).
   - btrfs: fix assertion failure when logging directory key range item
     (bsc#1207263).
   - btrfs: fix processing of delayed data refs during backref walking
     (bsc#1206056 bsc#1207507 ltc#201367).
   - btrfs: fix processing of delayed tree block refs during backref walking
     (bsc#1206057 bsc#1207506 ltc#201368).
   - btrfs: fix race between quota enable and quota rescan ioctl
     (bsc#1207158).
   - btrfs: fix race between quota rescan and disable leading to NULL pointer
     deref (bsc#1207158).
   - btrfs: fix trace event name typo for FLUSH_DELAYED_REFS (git-fixes).
   - btrfs: join running log transaction when logging new name (bsc#1207263).
   - btrfs: move QUOTA_ENABLED check to rescan_should_stop from
     btrfs_qgroup_rescan_worker (bsc#1207158).
   - btrfs: pass the dentry to btrfs_log_new_name() instead of the inode
     (bsc#1207263).
   - btrfs: prepare extents to be logged before locking a log tree path
     (bsc#1207263).
   - btrfs: put initial index value of a directory in a constant
     (bsc#1207263).
   - btrfs: qgroup: remove duplicated check in adding qgroup relations
     (bsc#1207158).
   - btrfs: qgroup: remove outdated TODO comments (bsc#1207158).
   - btrfs: remove unnecessary NULL check for the new inode during rename
     exchange (bsc#1207263).
   - btrfs: remove useless path release in the fast fsync path (bsc#1207263).
   - btrfs: remove write and wait of struct walk_control (bsc#1207263).
   - btrfs: stop copying old dir items when logging a directory (bsc#1207263).
   - btrfs: stop doing unnecessary log updates during a rename (bsc#1207263).
   - btrfs: stop trying to log subdirectories created in past transactions
     (bsc#1207263).
   - btrfs: use single variable to track return value at btrfs_log_inode()
     (bsc#1207263).
   - bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() (git-fixes).
   - can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
     (git-fixes).
   - cifs: Fix uninitialized memory read for smb311 posix symlink create
     (git-fixes).
   - cifs: avoid re-lookups in dfs_cache_find() (bsc#1193629).
   - cifs: do not include page data when checking signature (git-fixes).
   - cifs: do not query ifaces on smb1 mounts (git-fixes).
   - cifs: don't take exclusive lock for updating target hints (bsc#1193629).
   - cifs: fix double free on failed kerberos auth (git-fixes).
   - cifs: fix file info setting in cifs_open_file() (git-fixes).
   - cifs: fix file info setting in cifs_query_path_info() (git-fixes).
   - cifs: fix potential deadlock in cache_refresh_path() (git-fixes).
   - cifs: fix potential memory leaks in session setup (bsc#1193629).
   - cifs: fix race in assemble_neg_contexts() (bsc#1193629).
   - cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
     (bsc#1193629).
   - cifs: handle cache lookup errors different than -ENOENT (bsc#1193629).
   - cifs: ignore ipc reconnect failures during dfs failover (bsc#1193629).
   - cifs: protect access of TCP_Server_Info::{dstaddr,hostname}
     (bsc#1193629).
   - cifs: remove duplicate code in __refresh_tcon() (bsc#1193629).
   - cifs: remove redundant assignment to the variable match (bsc#1193629).
   - cifs: remove unused function (bsc#1193629).
   - comedi: adv_pci1760: Fix PWM instruction handling (git-fixes).
   - config: arm64: Fix Freescale LPUART dependency (boo#1204063).
   - cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist (git-fixes).
   - cpufreq: armada-37xx: stop using 0 as NULL pointer (git-fixes).
   - crypto: fixed DH and ECDH implemention for FIPS PCT
     (jsc#SLE-21132,bsc#1191256,bsc#1207184).
   - dm btree: add a defensive bounds check to insert_at() (git-fixes).
   - dm cache: Fix ABBA deadlock between shrink_slab and
     dm_cache_metadata_abort (git-fixes).
   - dm cache: Fix UAF in destroy() (git-fixes).
   - dm cache: set needs_check flag after aborting metadata (git-fixes).
   - dm clone: Fix UAF in clone_dtr() (git-fixes).
   - dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
   - dm integrity: clear the journal on suspend (git-fixes).
   - dm integrity: flush the journal on suspend (git-fixes).
   - dm ioctl: fix misbehavior if list_versions races with module loading
     (git-fixes).
   - dm ioctl: prevent potential spectre v1 gadget (git-fixes).
   - dm raid: fix address sanitizer warning in raid_resume (git-fixes).
   - dm raid: fix address sanitizer warning in raid_status (git-fixes).
   - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     (git-fixes).
   - dm thin: Fix ABBA deadlock between shrink_slab and
     dm_pool_abort_metadata (git-fixes).
   - dm thin: Fix UAF in run_timer_softirq() (git-fixes).
   - dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
   - dm thin: resume even if in FAIL mode (git-fixes).
   - dm writecache: set a default MAX_WRITEBACK_JOBS (git-fixes).
   - dm: fix alloc_dax error handling in alloc_dev (git-fixes).
   - dm: requeue IO if mapping table not yet available (git-fixes).
   - dmaengine: Fix double increment of client_count in dma_chan_get()
     (git-fixes).
   - dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable
     (git-fixes).
   - dmaengine: idxd: Let probe fail when workqueue cannot be enabled
     (git-fixes).
   - dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
     (git-fixes).
   - dmaengine: lgm: Move DT parsing after initialization (git-fixes).
   - dmaengine: tegra210-adma: fix global intr clear (git-fixes).
   - dmaengine: ti: k3-udma: Do conditional decrement of
     UDMA_CHAN_RT_PEER_BCNT_REG (git-fixes).
   - dmaengine: xilinx_dma: call of_node_put() when breaking out of
     for_each_child_of_node() (git-fixes).
   - docs: Fix the docs build with Sphinx 6.0 (git-fixes).
   - driver core: Fix test_async_probe_init saves device in wrong array
     (git-fixes).
   - drivers: net: xgene: disable napi when register irq failed in
     xgene_enet_open() (git-fixes).
   - drivers:md:fix a potential use-after-free bug (git-fixes).
   - drm/amd/display: Calculate output_color_space after pixel encoding
     adjustment (git-fixes).
   - drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix (git-fixes).
   - drm/amd/display: Fix set scaling doesn's work (git-fixes).
   - drm/amd/display: Take emulated dc_sink into account for HDCP
     (bsc#1207734).
   - drm/amd/display: fix issues with driver unload (git-fixes).
   - drm/amdgpu: complete gfxoff allow signal during suspend without delay
     (git-fixes).
   - drm/amdgpu: disable runtime pm on several sienna cichlid cards(v2)
     (git-fixes).
   - drm/amdgpu: drop experimental flag on aldebaran (git-fixes).
   - drm/hyperv: Add error message for fb size greater than allocated
     (git-fixes).
   - drm/i915/adlp: Fix typo for reference clock (git-fixes).
   - drm/i915/display: Check source height is > 0 (git-fixes).
   - drm/i915/gt: Reset twice (git-fixes).
   - drm/i915/selftest: fix intel_selftest_modify_policy argument types
     (git-fixes).
   - drm/i915: Fix potential bit_17 double-free (git-fixes).
   - drm/i915: re-disable RC6p on Sandy Bridge (git-fixes).
   - drm/msm/adreno: Make adreno quirks not overwrite each other (git-fixes).
   - drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux
     transfer (git-fixes).
   - drm/msm: another fix for the headless Adreno GPU (git-fixes).
   - drm/panfrost: fix GENERIC_ATOMIC64 dependency (git-fixes).
   - drm/vc4: hdmi: make CEC adapter name unique (git-fixes).
   - drm/virtio: Fix GEM handle creation UAF (git-fixes).
   - drm: Add orientation quirk for Lenovo ideapad D330-10IGL (git-fixes).
   - dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY (git-fixes).
   - dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY (git-fixes).
   - dt-bindings: msm: dsi-controller-main: Fix description of core clock
     (git-fixes).
   - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2
     constraint (git-fixes).
   - dt-bindings: msm: dsi-phy-28nm: Add missing qcom,
     dsi-phy-regulator-ldo-mode (git-fixes).
   - efi: fix potential NULL deref in efi_mem_reserve_persistent (git-fixes).
   - efi: fix userspace infinite retry read efivars after EFI runtime
     services page fault (git-fixes).
   - efi: rt-wrapper: Add missing include (git-fixes).
   - efi: tpm: Avoid READ_ONCE() for accessing the event log (git-fixes).
   - ext4: Fixup pages without buffers (bsc#1205495).
   - extcon: usbc-tusb320: fix kernel-doc warning (git-fixes).
   - fbcon: Check font dimension limits (git-fixes).
   - fbdev: omapfb: avoid stack overflow warning (git-fixes).
   - firewire: fix memory leak for payload of request subaction to IEC
     61883-1 FCP region (git-fixes).
   - firmware: arm_scmi: Harden shared memory access in fetch_notification
     (git-fixes).
   - firmware: arm_scmi: Harden shared memory access in fetch_response
     (git-fixes).
   - fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
     (git-fixes).
   - fs: remove __sync_filesystem (git-fixes).
   - ftrace/x86: Add back ftrace_expected for ftrace bug reports (git-fixes).
   - ftrace: Clean comments related to FTRACE_OPS_FL_PER_CPU (git-fixes).
   - git_sort: add usb-linus branch for gregkh/usb
   - gsmi: fix null-deref in gsmi_get_variable (git-fixes).
   - hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap()
     (git-fixes).
   - i2c: mv64xxx: Add atomic_xfer method to driver (git-fixes).
   - i2c: mv64xxx: Remove shutdown method from driver (git-fixes).
   - i40e: Disallow ip4 and ip6 l4_4_bytes (git-fixes).
   - i40e: Fix error handling in i40e_init_module() (git-fixes).
   - i40e: Fix not setting default xps_cpus after reset (git-fixes).
   - igb: Allocate MSI-X vector when testing (git-fixes).
   - iio: adc: berlin2-adc: Add missing of_node_put() in error path
     (git-fixes).
   - iio: adc: stm32-dfsdm: fill module aliases (git-fixes).
   - iio: hid: fix the retval in accel_3d_capture_sample (git-fixes).
   - iio: hid: fix the retval in gyro_3d_capture_sample (git-fixes).
   - iio: imu: fxos8700: fix ACCEL measurement range selection (git-fixes).
   - iio: imu: fxos8700: fix IMU data bits returned to user space (git-fixes).
   - iio: imu: fxos8700: fix MAGN sensor scale and unit (git-fixes).
   - iio: imu: fxos8700: fix failed initialization ODR mode assignment
     (git-fixes).
   - iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
     (git-fixes).
   - iio: imu: fxos8700: fix incorrect ODR mode readback (git-fixes).
   - iio: imu: fxos8700: fix map label of channel type to MAGN sensor
     (git-fixes).
   - iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
     (git-fixes).
   - iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN (git-fixes).
   - iio:adc:twl6030: Enable measurement of VAC (git-fixes).
   - iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
     (git-fixes).
   - ipmi:ssif: Add 60ms time internal between write retries (bsc#1206459).
   - ipmi:ssif: Increase the message retry time (bsc#1206459).
   - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to
     network (git-fixes).
   - ixgbevf: Fix resource leak in ixgbevf_init_module() (git-fixes).
   - jbd2: use the correct print format (git-fixes).
   - kABI workaround for struct acpi_ec (bsc#1207149).
   - kABI: Preserve TRACE_EVENT_FL values (git-fixes).
   - kabi/severities: add mlx5 internal symbols
   - l2tp: Do not sleep and disable BH under writer-side sk_callback_lock
     (git-fixes).
   - loop: Fix the max_loop commandline argument treatment when it is set to
     0 (git-fixes).
   - md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
   - md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
   - md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
   - md: protect md_unregister_thread from reentrancy (git-fixes).
   - mei: me: add meteor lake point M DID (git-fixes).
   - memory: atmel-sdramc: Fix missing clk_disable_unprepare in
     atmel_ramc_probe() (git-fixes).
   - memory: mvebu-devbus: Fix missing clk_disable_unprepare in
     mvebu_devbus_probe() (git-fixes).
   - memory: tegra: Remove clients SID override programming (git-fixes).
   - misc: fastrpc: Do not remove map on creater_process and device_release
     (git-fixes).
   - misc: fastrpc: Fix use-after-free race condition for maps (git-fixes).
   - mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
   - mm: compaction: kABI: avoid pglist_data kABI breakage (bsc#1207010).
   - mm: compaction: support triggering of proactive compaction by user
     (bsc#1207010).
   - mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
     (git-fixes).
   - mmc: sunxi-mmc: Fix clock refcount imbalance during unbind (git-fixes).
   - module: Do not wait for GOING modules (bsc#1196058, bsc#1186449,
     bsc#1204356, bsc#1204662).
   - mt76: fix use-after-free by removing a non-RCU wcid pointer (git-fixes).
   - mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in
     mt7921_mcu_tx_done_event (git-fixes).
   - nbd: Fix hung on disconnect request if socket is closed before
     (git-fixes).
   - nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
     (git-fixes).
   - nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
   - nbd: fix io hung while disconnecting device (git-fixes).
   - nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
   - net/mlx4: Check retval of mlx4_bitmap_init (git-fixes).
   - net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
   - net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1207842).
   - net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
     (git-fixes).
   - net: ena: Fix error handling in ena_init() (git-fixes).
   - net: liquidio: release resources when liquidio driver open failed
     (git-fixes).
   - net: liquidio: simplify if expression (git-fixes).
   - net: macvlan: Use built-in RCU list checking (git-fixes).
   - net: macvlan: fix memory leaks of macvlan_common_newlink (git-fixes).
   - net: mdio: validate parameter addr in mdiobus_get_phy() (git-fixes).
   - net: nfc: Fix use-after-free in local_cleanup() (git-fixes).
   - net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
     (git-fixes).
   - net: phy: meson-gxl: Add generic dummy stubs for MMD register access
     (git-fixes).
   - net: tun: Fix memory leaks of napi_get_frags (git-fixes).
   - net: tun: Fix use-after-free in tun_detach() (git-fixes).
   - net: tun: call napi_schedule_prep() to ensure we own a napi (git-fixes).
   - net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem
     (git-fixes).
   - net: usb: sr9700: Handle negative len (git-fixes).
   - net: wan: Add checks for NULL for utdm in undo_uhdlc_init and
     unmap_si_regs (git-fixes).
   - netrom: Fix use-after-free caused by accept on already connected socket
     (git-fixes).
   - netrom: Fix use-after-free of a listening socket (git-fixes).
   - nilfs2: fix general protection fault in nilfs_btree_insert() (git-fixes).
   - null_blk: fix ida error handling in null_add_dev() (git-fixes).
   - octeontx2-af: Fix reference count issue in rvu_sdp_init()
     (jsc#SLE-24682).
   - octeontx2-af: debugsfs: fix pci device refcount leak (git-fixes).
   - octeontx2-pf: Add check for devm_kcalloc (git-fixes).
   - octeontx2-pf: Fix potential memory leak in otx2_init_tc()
     (jsc#SLE-24682).
   - of/address: Return an error when no valid dma-ranges are found
     (git-fixes).
   - phy: Revert "phy: qualcomm: usb28nm: Add MDM9607 init sequence"
     (git-fixes).
   - phy: phy-can-transceiver: Skip warning if no "max-bitrate" (git-fixes).
   - phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
     rockchip_usb2phy_power_on() (git-fixes).
   - phy: ti: fix Kconfig warning and operator precedence (git-fixes).
   - pinctrl: amd: Add dynamic debugging for active GPIOs (git-fixes).
   - pinctrl: rockchip: fix mux route data for rk3568 (git-fixes).
   - platform/surface: aggregator: Add missing call to
     ssam_request_sync_free() (git-fixes).
   - platform/surface: aggregator: Ignore command messages not intended for
     us (git-fixes).
   - platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
     (git-fixes).
   - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting
     (git-fixes).
   - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if
     present (git-fixes).
   - platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight
     during probe (git-fixes).
   - platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
     (git-fixes).
   - powerpc/64s/radix: Fix RWX mapping with relocated kernel (bsc#1194869).
   - powerpc/64s/radix: Fix crash with unaligned relocated kernel
     (bsc#1194869).
   - powerpc/64s: Fix local irq disable when PMIs are disabled (bsc#1195655
     ltc#1195655 git-fixes).
   - powerpc/kexec_file: Count hot-pluggable memory in FDT estimate
     (bsc#1194869).
   - powerpc/kexec_file: Fix division by zero in extra size estimation
     (bsc#1194869).
   - powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
   - powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
   - powerpc/vmlinux.lds: Add an explicit symbol for the SRWX boundary
     (bsc#1194869).
   - powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
     (bsc#1194869).
   - powerpc: move __end_rodata to cover arch read-only sections
     (bsc#1194869).
   - qlcnic: fix sleep-in-atomic-context bugs caused by msleep (git-fixes).
   - r8152: add vendor/device ID pair for Microsoft Devkit (git-fixes).
   - r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (git-fixes).
   - regulator: da9211: Use irq handler when ready (git-fixes).
   - rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage
   - s390/qeth: fix various format strings (git-fixes).
   - sched/core: Fix arch_scale_freq_tick() on tickless systems (git-fixes)
   - sched/core: Introduce sched_asym_cpucap_active() (git-fixes)
   - sched/cpuset: Fix dl_cpu_busy() panic due to empty (git-fixes)
   - sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() (git-fixes)
   - sched/tracing: Report TASK_RTLOCK_WAIT tasks as (git-fixes)
   - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() (git-fixes)
   - sched: Avoid double preemption in __cond_resched_*lock*() (git-fixes)
   - scsi: Revert "scsi: core: map PQ=1, PDT=other values to
     SCSI_SCAN_TARGET_PRESENT" (git-fixes).
   - scsi: core: Fix a race between scsi_done() and scsi_timeout()
     (git-fixes).
   - scsi: efct: Fix possible memleak in efct_device_init() (git-fixes).
   - scsi: elx: libefc: Fix second parameter type in state callbacks
     (git-fixes).
   - scsi: fcoe: Fix possible name leak when device_register() fails
     (git-fixes).
   - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
     (git-fixes).
   - scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
   - scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
   - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
     (git-fixes).
   - scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
   - scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
   - scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
   - scsi: mpt3sas: Fix possible resource leaks in
     mpt3sas_transport_port_add() (git-fixes).
   - scsi: mpt3sas: Remove scsi_dma_map() error messages (git-fixes).
   - scsi: scsi_debug: Fix a warning in resp_report_zones() (git-fixes).
   - scsi: scsi_debug: Fix a warning in resp_verify() (git-fixes).
   - scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
   - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
     (git-fixes).
   - scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
   - scsi: storvsc: Correct reporting of Hyper-V I/O size limits (git-fixes).
   - scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
     (bsc#1206006).
   - scsi: tracing: Fix compile error in trace_array calls when TRACING is
     disabled (git-fixes).
   - scsi: ufs: Stop using the clock scaling lock in the error handler
     (git-fixes).
   - scsi: ufs: core: Enable link lost interrupt (git-fixes).
   - sctp: fail if no bound addresses can be used for a given scope
     (bsc#1206677).
   - selftests/vm: remove ARRAY_SIZE define from individual tests (git-fixes).
   - selftests: Provide local define of __cpuid_count() (git-fixes).
   - serial: 8250_dma: Fix DMA Rx rearm race (git-fixes).
   - serial: atmel: fix incorrect baudrate setup (git-fixes).
   - serial: pch_uart: Pass correct sg to dma_unmap_sg() (git-fixes).
   - sfc: fix potential memleak in __ef100_hard_start_xmit() (git-fixes).
   - soc: imx8m: Fix incorrect check for of_clk_get_by_name() (git-fixes).
   - spi: spidev: remove debug messages that access spidev->spi without
     locking (git-fixes).
   - staging: mt7621-dts: change some node hex addresses to lower case
     (git-fixes).
   - staging: vchiq_arm: fix enum vchiq_status return types (git-fixes).
   - swim3: add missing major.h include (git-fixes).
   - tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent (git-fixes).
   - thermal/core: Remove duplicate information when an error occurs
     (git-fixes).
   - thunderbolt: Do not call PM runtime functions in tb_retimer_scan()
     (git-fixes).
   - thunderbolt: Do not report errors if on-board retimers are found
     (git-fixes).
   - thunderbolt: Use correct function to calculate maximum USB3 link rate
     (git-fixes).
   - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation.
   - tick/sched: Fix non-kernel-doc comment (git-fixes).
   - tomoyo: fix broken dependency on *.conf.default (git-fixes).
   - tools: fix ARRAY_SIZE defines in tools and selftests hdrs (git-fixes).
   - tracing/hist: Fix issue of losting command info in error_log (git-fixes).
   - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
     (git-fixes).
   - tracing/hist: Fix wrong return value in parse_action_params()
     (git-fixes).
   - tracing/osnoise: Make osnoise_main to sleep for microseconds (git-fixes).
   - tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro
     (git-fixes).
   - tracing/probes: Handle system names with hyphens (git-fixes).
   - tracing: Add '__rel_loc' using trace event macros (git-fixes).
   - tracing: Add DYNAMIC flag for dynamic events (git-fixes).
   - tracing: Add trace_event helper macros __string_len() and
     __assign_str_len() (git-fixes).
   - tracing: Avoid -Warray-bounds warning for __rel_loc macro (git-fixes).
   - tracing: Do not use out-of-sync va_list in event printing (git-fixes).
   - tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
   - tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
   - tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
     (git-fixes).
   - tracing: Fix infinite loop in tracing_read_pipe on overflowed
     print_trace_line (git-fixes).
   - tracing: Fix issue of missing one synthetic field (git-fixes).
   - tracing: Fix mismatched comment in __string_len (git-fixes).
   - tracing: Fix possible memory leak in __create_synth_event() error path
     (git-fixes).
   - tracing: Fix race where histograms can be called before the event
     (git-fixes).
   - tracing: Fix sleeping function called from invalid context on RT kernel
     (git-fixes).
   - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     (git-fixes).
   - tracing: Fix warning on variable 'struct trace_array' (git-fixes).
   - tracing: Have TRACE_DEFINE_ENUM affect trace event types as well
     (git-fixes).
   - tracing: Have syscall trace events use trace_event_buffer_lock_reserve()
     (git-fixes).
   - tracing: Have type enum modifications copy the strings (git-fixes).
   - tracing: Make tp_printk work on syscall tracepoints (git-fixes).
   - tracing: Use alignof__(struct {type b;}) instead of offsetof()
     (git-fixes).
   - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
     (git-fixes).
   - tty: fix possible null-ptr-defer in spk_ttyio_release (git-fixes).
   - tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
     (git-fixes).
   - usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
     (git-fixes).
   - usb: acpi: add helper to check port lpm capability using acpi _DSM
     (git-fixes).
   - usb: cdns3: remove fetched trb from cache before dequeuing (git-fixes).
   - usb: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
   - usb: dwc3: qcom: enable vbus override when in OTG dr-mode (git-fixes).
   - usb: fotg210-udc: Fix ages old endianness issues (git-fixes).
   - usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
     (git-fixes).
   - usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
     (git-fixes).
   - usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait (git-fixes).
   - usb: gadget: f_hid: fix f_hidg lifetime vs cdev (git-fixes).
   - usb: gadget: f_hid: fix refcount leak on error path (git-fixes).
   - usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
     (git-fixes).
   - usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints
     (git-fixes).
   - usb: gadget: g_webcam: Send color matching descriptor per frame
     (git-fixes).
   - usb: gadget: udc: core: Print error code in usb_gadget_probe_driver()
     (git-fixes).
   - usb: gadget: udc: core: Revise comments for USB ep enable/disable
     (git-fixes).
   - usb: gadget: udc: core: Use pr_fmt() to prefix messages (git-fixes).
   - usb: gadget: udc: core: remove usage of list iterator past the loop body
     (git-fixes).
   - usb: host: ehci-fsl: Fix module alias (git-fixes).
   - usb: typec: altmodes/displayport: Add pin assignment helper (git-fixes).
   - usb: typec: altmodes/displayport: Fix pin assignment calculation
     (git-fixes).
   - usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
     (git-fixes).
   - usb: xhci: Check endpoint is valid before dereferencing it (git-fixes).
   - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid
     UAF (git-fixes).
   - vfs: make sync_filesystem return errors from ->sync_fs (git-fixes).
   - virtio-blk: modify the value type of num in virtio_queue_rq()
     (git-fixes).
   - virtio-net: correctly enable callback during start_xmit (git-fixes).
   - virtio_pci: modify ENOENT to EINVAL (git-fixes).
   - w1: fix WARNING after calling w1_process() (git-fixes).
   - w1: fix deadloop in __w1_remove_master_device() (git-fixes).
   - wait: Fix __wait_event_hrtimeout for RT/DL tasks (git-fixes)
   - watchdog: diag288_wdt: do not use stack buffers for hardware data
     (bsc#1207497).
   - watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
   - wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
     (git-fixes).
   - wifi: mac80211: sdata can be NULL during AMPDU start (git-fixes).
   - wifi: mt76: mt7921: add mt7921_mutex_acquire at
     mt7921_sta_set_decap_offload (git-fixes).
   - wifi: mt76: mt7921e: fix race issue between reset and suspend/resume
     (git-fixes).
   - wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (git-fixes).
   - wifi: mt76: sdio: poll sta stat when device transmits data (git-fixes).
   - wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (git-fixes).
   - x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
     (git-fixes).
   - x86/hyperv: Restore VP assist page after cpu offlining/onlining
     (git-fixes).
   - xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init()
     (git-fixes).
   - xfs: fix incorrect error-out in xfs_remove (git-fixes).
   - xfs: fix incorrect i_nlink caused by inode racing (git-fixes).
   - xfs: fix maxlevels comparisons in the btree staging code (git-fixes).
   - xfs: fix memory leak in xfs_errortag_init (git-fixes).
   - xfs: get rid of assert from xfs_btree_islastblock (git-fixes).
   - xfs: get root inode correctly at bulkstat (git-fixes).
   - xfs: initialize the check_owner object fully (git-fixes).
   - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (git-fixes).
   - xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (git-fixes).
   - xfs: return errors in xfs_fs_sync_fs (git-fixes).
   - xfs: xfstest fails with error missing kernel patch (git-fixes
     bsc#1207501 ltc#201370).
   - xhci-pci: set the dma max_seg_size (git-fixes).
   - xhci: Fix null pointer dereference when host dies (git-fixes).
   - zram: Delete patch for regression addressed (bsc#1207933).
   - zram: do not lookup algorithm in backends table (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap Micro 5.3:

      zypper in -t patch openSUSE-Leap-Micro-5.3-2023-433=1

   - openSUSE Leap 15.4:

      zypper in -t patch openSUSE-SLE-15.4-2023-433=1

   - SUSE Linux Enterprise Workstation Extension 15-SP4:

      zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-433=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP4:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-433=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise Module for Legacy Software 15-SP4:

      zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-433=1

   - SUSE Linux Enterprise Module for Development Tools 15-SP4:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-433=1

   - SUSE Linux Enterprise Module for Basesystem 15-SP4:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-433=1

   - SUSE Linux Enterprise Micro 5.3:

      zypper in -t patch SUSE-SLE-Micro-5.3-2023-433=1

   - SUSE Linux Enterprise High Availability 15-SP4:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-433=1



Package List:

   - openSUSE Leap Micro 5.3 (aarch64 x86_64):

      kernel-default-5.14.21-150400.24.46.1
      kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.14.21-150400.24.46.1
      cluster-md-kmp-default-debuginfo-5.14.21-150400.24.46.1
      dlm-kmp-default-5.14.21-150400.24.46.1
      dlm-kmp-default-debuginfo-5.14.21-150400.24.46.1
      gfs2-kmp-default-5.14.21-150400.24.46.1
      gfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-5.14.21-150400.24.46.1
      kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
      kernel-default-base-rebuild-5.14.21-150400.24.46.1.150400.24.17.3
      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      kernel-default-devel-5.14.21-150400.24.46.1
      kernel-default-devel-debuginfo-5.14.21-150400.24.46.1
      kernel-default-extra-5.14.21-150400.24.46.1
      kernel-default-extra-debuginfo-5.14.21-150400.24.46.1
      kernel-default-livepatch-5.14.21-150400.24.46.1
      kernel-default-livepatch-devel-5.14.21-150400.24.46.1
      kernel-default-optional-5.14.21-150400.24.46.1
      kernel-default-optional-debuginfo-5.14.21-150400.24.46.1
      kernel-obs-build-5.14.21-150400.24.46.1
      kernel-obs-build-debugsource-5.14.21-150400.24.46.1
      kernel-obs-qa-5.14.21-150400.24.46.1
      kernel-syms-5.14.21-150400.24.46.1
      kselftests-kmp-default-5.14.21-150400.24.46.1
      kselftests-kmp-default-debuginfo-5.14.21-150400.24.46.1
      ocfs2-kmp-default-5.14.21-150400.24.46.1
      ocfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
      reiserfs-kmp-default-5.14.21-150400.24.46.1
      reiserfs-kmp-default-debuginfo-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (aarch64 ppc64le x86_64):

      kernel-kvmsmall-5.14.21-150400.24.46.1
      kernel-kvmsmall-debuginfo-5.14.21-150400.24.46.1
      kernel-kvmsmall-debugsource-5.14.21-150400.24.46.1
      kernel-kvmsmall-devel-5.14.21-150400.24.46.1
      kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.46.1
      kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (ppc64le x86_64):

      kernel-debug-5.14.21-150400.24.46.1
      kernel-debug-debuginfo-5.14.21-150400.24.46.1
      kernel-debug-debugsource-5.14.21-150400.24.46.1
      kernel-debug-devel-5.14.21-150400.24.46.1
      kernel-debug-devel-debuginfo-5.14.21-150400.24.46.1
      kernel-debug-livepatch-devel-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (aarch64):

      cluster-md-kmp-64kb-5.14.21-150400.24.46.1
      cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
      dlm-kmp-64kb-5.14.21-150400.24.46.1
      dlm-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
      dtb-allwinner-5.14.21-150400.24.46.1
      dtb-altera-5.14.21-150400.24.46.1
      dtb-amazon-5.14.21-150400.24.46.1
      dtb-amd-5.14.21-150400.24.46.1
      dtb-amlogic-5.14.21-150400.24.46.1
      dtb-apm-5.14.21-150400.24.46.1
      dtb-apple-5.14.21-150400.24.46.1
      dtb-arm-5.14.21-150400.24.46.1
      dtb-broadcom-5.14.21-150400.24.46.1
      dtb-cavium-5.14.21-150400.24.46.1
      dtb-exynos-5.14.21-150400.24.46.1
      dtb-freescale-5.14.21-150400.24.46.1
      dtb-hisilicon-5.14.21-150400.24.46.1
      dtb-lg-5.14.21-150400.24.46.1
      dtb-marvell-5.14.21-150400.24.46.1
      dtb-mediatek-5.14.21-150400.24.46.1
      dtb-nvidia-5.14.21-150400.24.46.1
      dtb-qcom-5.14.21-150400.24.46.1
      dtb-renesas-5.14.21-150400.24.46.1
      dtb-rockchip-5.14.21-150400.24.46.1
      dtb-socionext-5.14.21-150400.24.46.1
      dtb-sprd-5.14.21-150400.24.46.1
      dtb-xilinx-5.14.21-150400.24.46.1
      gfs2-kmp-64kb-5.14.21-150400.24.46.1
      gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
      kernel-64kb-5.14.21-150400.24.46.1
      kernel-64kb-debuginfo-5.14.21-150400.24.46.1
      kernel-64kb-debugsource-5.14.21-150400.24.46.1
      kernel-64kb-devel-5.14.21-150400.24.46.1
      kernel-64kb-devel-debuginfo-5.14.21-150400.24.46.1
      kernel-64kb-extra-5.14.21-150400.24.46.1
      kernel-64kb-extra-debuginfo-5.14.21-150400.24.46.1
      kernel-64kb-livepatch-devel-5.14.21-150400.24.46.1
      kernel-64kb-optional-5.14.21-150400.24.46.1
      kernel-64kb-optional-debuginfo-5.14.21-150400.24.46.1
      kselftests-kmp-64kb-5.14.21-150400.24.46.1
      kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
      ocfs2-kmp-64kb-5.14.21-150400.24.46.1
      ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
      reiserfs-kmp-64kb-5.14.21-150400.24.46.1
      reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (noarch):

      kernel-devel-5.14.21-150400.24.46.1
      kernel-docs-5.14.21-150400.24.46.2
      kernel-docs-html-5.14.21-150400.24.46.2
      kernel-macros-5.14.21-150400.24.46.1
      kernel-source-5.14.21-150400.24.46.1
      kernel-source-vanilla-5.14.21-150400.24.46.1

   - openSUSE Leap 15.4 (s390x):

      kernel-zfcpdump-5.14.21-150400.24.46.1
      kernel-zfcpdump-debuginfo-5.14.21-150400.24.46.1
      kernel-zfcpdump-debugsource-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):

      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      kernel-default-extra-5.14.21-150400.24.46.1
      kernel-default-extra-debuginfo-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP4 (ppc64le s390x x86_64):

      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      kernel-default-livepatch-5.14.21-150400.24.46.1
      kernel-default-livepatch-devel-5.14.21-150400.24.46.1
      kernel-livepatch-5_14_21-150400_24_46-default-1-150400.9.3.3
      kernel-livepatch-5_14_21-150400_24_46-default-debuginfo-1-150400.9.3.3
      kernel-livepatch-SLE15-SP4_Update_8-debugsource-1-150400.9.3.3

   - SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):

      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      reiserfs-kmp-default-5.14.21-150400.24.46.1
      reiserfs-kmp-default-debuginfo-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-5.14.21-150400.24.46.1
      kernel-obs-build-debugsource-5.14.21-150400.24.46.1
      kernel-syms-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):

      kernel-docs-5.14.21-150400.24.46.2
      kernel-source-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):

      kernel-default-5.14.21-150400.24.46.1
      kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      kernel-default-devel-5.14.21-150400.24.46.1
      kernel-default-devel-debuginfo-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64):

      kernel-64kb-5.14.21-150400.24.46.1
      kernel-64kb-debuginfo-5.14.21-150400.24.46.1
      kernel-64kb-debugsource-5.14.21-150400.24.46.1
      kernel-64kb-devel-5.14.21-150400.24.46.1
      kernel-64kb-devel-debuginfo-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):

      kernel-devel-5.14.21-150400.24.46.1
      kernel-macros-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):

      kernel-zfcpdump-5.14.21-150400.24.46.1
      kernel-zfcpdump-debuginfo-5.14.21-150400.24.46.1
      kernel-zfcpdump-debugsource-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):

      kernel-default-5.14.21-150400.24.46.1
      kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1

   - SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.14.21-150400.24.46.1
      cluster-md-kmp-default-debuginfo-5.14.21-150400.24.46.1
      dlm-kmp-default-5.14.21-150400.24.46.1
      dlm-kmp-default-debuginfo-5.14.21-150400.24.46.1
      gfs2-kmp-default-5.14.21-150400.24.46.1
      gfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debuginfo-5.14.21-150400.24.46.1
      kernel-default-debugsource-5.14.21-150400.24.46.1
      ocfs2-kmp-default-5.14.21-150400.24.46.1
      ocfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1


References:

   https://www.suse.com/security/cve/CVE-2020-24588.html
   https://www.suse.com/security/cve/CVE-2022-4382.html
   https://www.suse.com/security/cve/CVE-2022-47929.html
   https://www.suse.com/security/cve/CVE-2023-0122.html
   https://www.suse.com/security/cve/CVE-2023-0179.html
   https://www.suse.com/security/cve/CVE-2023-0266.html
   https://www.suse.com/security/cve/CVE-2023-0590.html
   https://www.suse.com/security/cve/CVE-2023-23454.html
   https://www.suse.com/security/cve/CVE-2023-23455.html
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1185861
   https://bugzilla.suse.com/1185863
   https://bugzilla.suse.com/1186449
   https://bugzilla.suse.com/1191256
   https://bugzilla.suse.com/1192868
   https://bugzilla.suse.com/1193629
   https://bugzilla.suse.com/1194869
   https://bugzilla.suse.com/1195175
   https://bugzilla.suse.com/1195655
   https://bugzilla.suse.com/1196058
   https://bugzilla.suse.com/1199701
   https://bugzilla.suse.com/1204063
   https://bugzilla.suse.com/1204356
   https://bugzilla.suse.com/1204662
   https://bugzilla.suse.com/1205495
   https://bugzilla.suse.com/1206006
   https://bugzilla.suse.com/1206036
   https://bugzilla.suse.com/1206056
   https://bugzilla.suse.com/1206057
   https://bugzilla.suse.com/1206258
   https://bugzilla.suse.com/1206363
   https://bugzilla.suse.com/1206459
   https://bugzilla.suse.com/1206616
   https://bugzilla.suse.com/1206677
   https://bugzilla.suse.com/1206784
   https://bugzilla.suse.com/1207010
   https://bugzilla.suse.com/1207034
   https://bugzilla.suse.com/1207036
   https://bugzilla.suse.com/1207050
   https://bugzilla.suse.com/1207125
   https://bugzilla.suse.com/1207134
   https://bugzilla.suse.com/1207149
   https://bugzilla.suse.com/1207158
   https://bugzilla.suse.com/1207184
   https://bugzilla.suse.com/1207186
   https://bugzilla.suse.com/1207190
   https://bugzilla.suse.com/1207237
   https://bugzilla.suse.com/1207263
   https://bugzilla.suse.com/1207269
   https://bugzilla.suse.com/1207497
   https://bugzilla.suse.com/1207500
   https://bugzilla.suse.com/1207501
   https://bugzilla.suse.com/1207506
   https://bugzilla.suse.com/1207507
   https://bugzilla.suse.com/1207734
   https://bugzilla.suse.com/1207769
   https://bugzilla.suse.com/1207795
   https://bugzilla.suse.com/1207842
   https://bugzilla.suse.com/1207878
   https://bugzilla.suse.com/1207933



More information about the sle-security-updates mailing list