SUSE-SU-2023:2653-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Jun 27 12:30:30 UTC 2023
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:2653-1
Rating: important
References:
* #1065729
* #1172073
* #1191731
* #1193629
* #1195655
* #1195921
* #1203906
* #1205650
* #1205756
* #1205758
* #1205760
* #1205762
* #1205803
* #1206024
* #1206578
* #1207553
* #1208604
* #1208758
* #1209287
* #1209288
* #1209856
* #1209982
* #1210165
* #1210294
* #1210449
* #1210450
* #1210498
* #1210533
* #1210551
* #1210647
* #1210741
* #1210775
* #1210783
* #1210791
* #1210806
* #1210940
* #1210947
* #1211037
* #1211043
* #1211044
* #1211089
* #1211105
* #1211113
* #1211131
* #1211205
* #1211263
* #1211280
* #1211281
* #1211449
* #1211465
* #1211519
* #1211564
* #1211590
* #1211592
* #1211686
* #1211687
* #1211688
* #1211689
* #1211690
* #1211691
* #1211692
* #1211693
* #1211714
* #1211796
* #1211804
* #1211807
* #1211808
* #1211847
* #1211855
* #1211960
Cross-References:
* CVE-2022-4269
* CVE-2022-45884
* CVE-2022-45885
* CVE-2022-45886
* CVE-2022-45887
* CVE-2022-45919
* CVE-2023-1079
* CVE-2023-1380
* CVE-2023-1382
* CVE-2023-2002
* CVE-2023-2124
* CVE-2023-2156
* CVE-2023-2162
* CVE-2023-2269
* CVE-2023-2483
* CVE-2023-2513
* CVE-2023-28410
* CVE-2023-3006
* CVE-2023-30456
* CVE-2023-31084
* CVE-2023-31436
* CVE-2023-32233
* CVE-2023-33288
CVSS scores:
* CVE-2022-4269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-4269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45884 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45884 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-45885 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45885 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-45886 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45886 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-45887 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45887 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-45919 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-45919 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1079 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1079 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1380 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-1380 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-1382 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1382 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2002 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2002 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2023-2124 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2124 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2162 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2162 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-2269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2269 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2483 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2513 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2513 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-28410 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-28410 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-3006 ( SUSE ): 4.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-3006 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-30456 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2023-30456 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-31084 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31084 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31436 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-31436 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-32233 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-32233 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-33288 ( SUSE ): 4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-33288 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP4
* Development Tools Module 15-SP4
* Legacy Module 15-SP4
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Workstation Extension 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes
can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
* CVE-2023-28410: Fixed improper restriction of operations within the bounds
of a memory buffer in some Intel(R) i915 Graphics drivers that may have
allowed an authenticated user to potentially enable escalation of privilege
via local access (bsc#1211263).
* CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
of the RPL protocol (bsc#1211131).
* CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
* CVE-2023-3006: Fixed a known cache speculation vulnerability, known as
Branch History Injection (BHI) or Spectre-BHB, for the new hw AmpereOne
(bsc#1211855).
* CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive
locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-
ioctl.c (bsc#1210806).
* CVE-2023-1079: Fixed a use-after-free problem that could have been triggered
in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device
(bsc#1208604).
* CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create
(bsc#1210647).
* CVE-2023-33288: Fixed a use-after-free in bq24190_remove in
drivers/power/supply/bq24190_charger.c (bsc#1211590).
* CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in
dvb_net.c that lead to a use-after-free (bsc#1205760).
* CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a
use-after-free when a device is disconnected (bsc#1205758).
* CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a
dvb_frontend_detach call (bsc#1205762).
* CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur
if there is a disconnect after an open, because of the lack of a wait_event
(bsc#1205803).
* CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
dvb_register_device dynamically allocating fops (bsc#1205756).
* CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-
core/dvb_frontend.c (bsc#1210783).
* CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized
execution of management commands, compromising the confidentiality,
integrity, and availability of Bluetooth communication (bsc#1210533).
* CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because
lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
* CVE-2023-30456: Fixed an issue in arch/x86/kvm/vmx/nested.c with nVMX on
x86_64 lacks consistency checks for CR0 and CR4 (bsc#1210294).
* CVE-2022-4269: Fixed a flaw was found inside the Traffic Control (TC)
subsystem (bsc#1206024).
* CVE-2023-32233: Fixed a use-after-free in Netfilter nf_tables when
processing batch requests (bsc#1211043).
* CVE-2023-1380: Fixed a slab-out-of-bound read problem in
brcmf_get_assoc_ies() (bsc#1209287).
* CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem
(bsc#1211105).
* CVE-2023-2483: Fixed a use after free bug in emac_remove caused by a race
condition (bsc#1211037).
* CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could
have lead to denial-of-service or potentially privilege escalation
(bsc#1210498).
The following non-security bugs were fixed:
* 3c589_cs: Fix an error handling path in tc589_probe() (git-fixes).
* ACPI: EC: Fix oops when removing custom query handlers (git-fixes).
* ACPI: bus: Ensure that notify handlers are not running after removal (git-
fixes).
* ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-
fixes).
* ACPI: tables: Add support for NBFT (bsc#1195921).
* ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
acpi_db_display_objects (git-fixes).
* ACPICA: Avoid undefined behavior: applying zero offset to null pointer (git-
fixes).
* ALSA: caiaq: input: Add error handling for unsupported input methods in
`snd_usb_caiaq_input_init` (git-fixes).
* ALSA: cs46xx: mark snd_cs46xx_download_image as static (git-fixes).
* ALSA: firewire-digi00x: prevent potential use after free (git-fixes).
* ALSA: hda/ca0132: add quirk for EVGA X299 DARK (git-fixes).
* ALSA: hda/realtek: Add a quirk for HP EliteDesk 805 (git-fixes).
* ALSA: hda/realtek: Add quirk for 2nd ASUS GU603 (git-fixes).
* ALSA: hda/realtek: Add quirk for ASUS UM3402YAR using CS35L41 (git-fixes).
* ALSA: hda/realtek: Add quirk for Clevo L140AU (git-fixes).
* ALSA: hda/realtek: Add quirk for HP EliteBook G10 laptops (git-fixes).
* ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6 (git-fixes).
* ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15 (git-
fixes).
* ALSA: hda/realtek: Enable headset onLenovo M70/M90 (git-fixes).
* ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop (git-fixes).
* ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop (git-
fixes).
* ALSA: hda/realtek: support HP Pavilion Aero 13-be0xxx Mute LED (git-fixes).
* ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table (git-fixes).
* ALSA: hda: Fix Oops by 9.1 surround channel names (git-fixes).
* ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go (git-fixes).
* ALSA: usb-audio: Add quirk for Pioneer DDJ-800 (git-fixes).
* ARM64: dts: Add DTS files for bcmbca SoC BCM6858 (git-fixes).
* ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings (git-fixes).
* ARM: dts: qcom: ipq8064: Fix the PCI I/O port range (git-fixes).
* ARM: dts: qcom: ipq8064: reduce pci IO size to 64K (git-fixes).
* ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15 (git-
fixes).
* ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg (git-fixes).
* ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750 (git-
fixes).
* ASoC: fsl_micfil: Fix error handler with pm_runtime_enable (git-fixes).
* ASoC: lpass: Fix for KASAN use_after_free out of bounds (git-fixes).
* ASoC: rt5682: Disable jack detection interrupt during suspend (git-fixes).
* ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm (git-
fixes).
* Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp (git-
fixes).
* Bluetooth: btintel: Add LE States quirk support (git-fixes).
* Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set (git-
fixes).
* HID: logitech-hidpp: Do not use the USB serial for USB devices (git-fixes).
* HID: logitech-hidpp: Reconcile USB and Unifying serials (git-fixes).
* HID: microsoft: Add rumble support to latest xbox controllers (bsc#1211280).
* HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs (git-fixes).
* HID: wacom: Force pen out of prox if no events have been received in a while
(git-fixes).
* HID: wacom: Set a default resolution for older tablets (git-fixes).
* HID: wacom: add three styli to wacom_intuos_get_tool_type (git-fixes).
* HID: wacom: avoid integer overflow in wacom_intuos_inout() (git-fixes).
* HID: wacom: generic: Set battery quirk only when we see battery data (git-
fixes).
* IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order (git-fixes)
* IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests
(git-fixes)
* IB/hifi1: add a null check of kzalloc_node in hfi1_ipoib_txreq_init (git-
fixes)
* Input: xpad - add constants for GIP interface numbers (git-fixes).
* KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() (git-
fixes).
* KVM: Destroy target device if coalesced MMIO unregistration fails (git-
fixes)
* KVM: Disallow user memslot with size that exceeds "unsigned long" (git-
fixes)
* KVM: Do not create VM debugfs files outside of the VM directory (git-fixes)
* KVM: Do not set Accessed/Dirty bits for ZERO_PAGE (git-fixes)
* KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
(git-fixes).
* KVM: Prevent module exit until all VMs are freed (git-fixes)
* KVM: SVM: Do not rewrite guest ICR on AVIC IPI virtualization failure (git-
fixes).
* KVM: SVM: Fix benign "bool vs. int" comparison in svm_set_cr0() (git-fixes).
* KVM: SVM: Require logical ID to be power-of-2 for AVIC entry (git-fixes).
* KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid (git-
fixes).
* KVM: SVM: hyper-v: placate modpost section mismatch error (git-fixes).
* KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper (git-fixes).
* KVM: VMX: Resume guest immediately when injecting #GP on ECREATE (git-
fixes).
* KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking shadow (git-
fixes).
* KVM: VMX: Use is_64_bit_mode() to check 64-bit mode in SGX handler (git-
fixes).
* KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid() (git-fixes).
* KVM: arm64: Do not arm a hrtimer for an already pending timer (git-fixes)
* KVM: arm64: Do not return from void function (git-fixes)
* KVM: arm64: Fix PAR_TO_HPFAR() to work independently of PA_BITS. (git-fixes)
* KVM: arm64: Fix S1PTW handling on RO memslots (git-fixes)
* KVM: arm64: Fix bad dereference on MTE-enabled systems (git-fixes)
* KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg() (git-fixes)
* KVM: arm64: Fix kvm init failure when mode!=vhe and VA_BITS=52. (git-fixes)
* KVM: arm64: Free hypervisor allocations if vector slot init fails (git-
fixes)
* KVM: arm64: GICv4.1: Fix race with doorbell on VPE (git-fixes)
* KVM: arm64: Limit length in kvm_vm_ioctl_mte_copy_tags() to INT_MAX (git-
fixes)
* KVM: arm64: PMU: Restore the guest's EL0 event counting after (git-fixes)
* KVM: arm64: Reject 32bit user PSTATE on asymmetric systems (git-fixes)
* KVM: arm64: Stop handle_exit() from handling HVC twice when an SError (git-
fixes)
* KVM: arm64: Treat PMCR_EL1.LC as RES1 on asymmetric systems (git-fixes)
* KVM: arm64: nvhe: Eliminate kernel-doc warnings (git-fixes)
* KVM: arm64: vgic: Fix exit condition in scan_its_table() (git-fixes)
* KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS (git-
fixes).
* KVM: nVMX: Do not use Enlightened MSR Bitmap for L3 (git-fixes).
* KVM: nVMX: Document that ignoring memory failures for VMCLEAR is deliberate
(git-fixes).
* KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted (git-
fixes).
* KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check fails (git-
fixes).
* KVM: nVMX: Prioritize TSS T-flag #DBs over Monitor Trap Flag (git-fixes).
* KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1 (git-fixes).
* KVM: nVMX: Treat General Detect #DB (DR7.GD=1) as fault-like (git-fixes).
* KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER (git-fixes).
* KVM: x86/emulator: Emulate RDPID only if it is enabled in guest (git-fixes).
* KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs (git-
fixes).
* KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU does not support
global_ctrl (git-fixes).
* KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user() (git-
fixes).
* KVM: x86/vmx: Do not skip segment attributes if unusable bit is set (git-
fixes).
* KVM: x86/xen: Fix memory leak in kvm_xen_write_hypercall_page() (git-fixes).
* KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() (git-fixes).
* KVM: x86: Do not change ICR on write to APIC_SELF_IPI (git-fixes).
* KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception (git-fixes).
* KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI (git-
fixes).
* KVM: x86: Mask off reserved bits in CPUID.8000001FH (git-fixes).
* KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES
(git-fixes).
* KVM: x86: Protect the unused bits in MSR exiting flags (git-fixes).
* KVM: x86: Remove a redundant guest cpuid check in kvm_set_cr4() (git-fixes).
* KVM: x86: Report deprecated x87 features in supported CPUID (git-fixes).
* KVM: x86: do not set st->preempted when going back to user space (git-
fixes).
* KVM: x86: fix typo in __try_cmpxchg_user causing non-atomicness (git-fixes).
* KVM: x86: ioapic: Fix level-triggered EOI and userspace I/OAPIC reconfigure
race (git-fixes).
* PCI/ASPM: Remove pcie_aspm_pm_state_change() (git-fixes).
* PM: hibernate: Do not get block device exclusively in test_resume mode (git-
fixes).
* PM: hibernate: Turn snapshot_test into global variable (git-fixes).
* PM: hibernate: fix load_image_and_restore() error path (git-fixes).
* RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
* RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx (git-fixes)
* RDMA/bnxt_re: Fix the page_size used during the MR creation (git-fixes)
* RDMA/cm: Trace icm_send_rej event before the cm state is reset (git-fixes)
* RDMA/core: Fix multiple -Warray-bounds warnings (git-fixes)
* RDMA/efa: Fix unsupported page sizes in device (git-fixes)
* RDMA/hns: Fix base address table allocation (git-fixes)
* RDMA/hns: Fix timeout attr in query qp for HIP08 (git-fixes)
* RDMA/hns: Modify the value of long message loopback slice (git-fixes)
* RDMA/irdma: Add SW mechanism to generate completions on error
(jsc#SLE-18383).
* RDMA/irdma: Do not generate SW completions for NOPs (jsc#SLE-18383).
* RDMA/irdma: Fix Local Invalidate fencing (git-fixes)
* RDMA/irdma: Fix RQ completion opcode (jsc#SLE-18383).
* RDMA/irdma: Fix drain SQ hang with no completion (jsc#SLE-18383).
* RDMA/irdma: Fix inline for multiple SGE's (jsc#SLE-18383).
* RDMA/irdma: Prevent QP use after free (git-fixes)
* RDMA/irdma: Remove enum irdma_status_code (jsc#SLE-18383).
* RDMA/irdma: Remove excess error variables (jsc#SLE-18383).
* RDMA/mana: Remove redefinition of basic u64 type (bsc#1210741 jsc#PED-4022).
* RDMA/mana: hide new rdma_driver_ids (bsc#1210741 jsc#PED-4022).
* RDMA/mana_ib: Add a driver for Microsoft Azure Network Adapter (bsc#1210741
jsc#PED-4022).
* RDMA/mana_ib: Prevent array underflow in mana_ib_create_qp_raw()
(bsc#1210741 jsc#PED-4022).
* RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (jsc#SLE-19255).
* RDMA/mlx5: Fix flow counter query via DEVX (git-fixes)
* RDMA/mlx5: Use correct device num_ports when modify DC (git-fixes)
* RDMA/rxe: Remove tasklet call from rxe_cq.c (git-fixes)
* RDMA/siw: Fix potential page_array out of range access (git-fixes)
* RDMA/siw: Remove namespace check from siw_netdev_event() (git-fixes)
* RDMA/srpt: Add a check for valid 'mad_agent' pointer (git-fixes)
* Revert "KVM: set owner of cpu and vm file operations" (git-fixes)
* SMB3.1.1: add new tree connect ShareFlags (bsc#1193629).
* SMB3: Add missing locks to protect deferred close file list (git-fixes).
* SMB3: Close all deferred handles of inode in case of handle lease break
(bsc#1193629).
* SMB3: Close deferred file handles in case of handle lease break
(bsc#1193629).
* SMB3: drop reference to cfile before sending oplock break (bsc#1193629).
* SMB3: force unmount was failing to close deferred close files (bsc#1193629).
* SUNRPC: fix breakage caused by introduction of rq_xprt_ctxt (bsc#1210775).
* USB / dwc3: Fix a checkpatch warning in core.c (git-fixes).
* USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value (git-
fixes).
* USB: core: Add routines for endpoint checks in old drivers (git-fixes).
* USB: sisusbvga: Add endpoint checks (git-fixes).
* USB: usbtmc: Fix direction for 0-length ioctl control messages (git-fixes).
* apparmor: add a kernel label to use on kernel objects (bsc#1211113).
* arm64: dts: Add DTS files for bcmbca SoC BCM4912 (git-fixes).
* arm64: dts: Add DTS files for bcmbca SoC BCM63158 (git-fixes).
* arm64: dts: Add base DTS file for bcmbca device Asus GT-AX6000 (git-fixes).
* arm64: dts: broadcom: bcm4908: add DT for Netgear RAXE500 (git-fixes).
* arm64: dts: qcom: msm8996: Add missing DWC3 quirks (git-fixes).
* arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly (git-
fixes) Enable workaround and fix kABI breakage.
* arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (git-fixes)
* arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (git-fixes).
* asm-generic/io.h: suppress endianness warnings for readq() and writeq()
(git-fixes).
* ata: libata-scsi: Use correct device no in ata_find_dev() (git-fixes).
* ata: pata_octeon_cf: drop kernel-doc notation (git-fixes).
* block: add a bdev_max_zone_append_sectors helper (git-fixes).
* bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() (git-
fixes).
* bnxt: Do not read past the end of test names (jsc#SLE-18978).
* bnxt: prevent skb UAF after handing over to PTP worker (jsc#SLE-18978).
* bnxt_en: Add missing 200G link speed reporting (jsc#SLE-18978).
* bnxt_en: Avoid order-5 memory allocation for TPA data (jsc#SLE-18978).
* bnxt_en: Do not initialize PTP on older P3/P4 chips (jsc#SLE-18978).
* bnxt_en: Fix mqprio and XDP ring checking logic (jsc#SLE-18978).
* bnxt_en: Fix reporting of test result in ethtool selftest (jsc#SLE-18978).
* bnxt_en: Fix typo in PCI id to device description string mapping
(jsc#SLE-18978).
* bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
(jsc#SLE-18978).
* bnxt_en: set missing reload flag in devlink features (jsc#SLE-18978).
* can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag (git-fixes).
* can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag (git-fixes).
* can: kvaser_pciefd: Call request_irq() before enabling interrupts (git-
fixes).
* can: kvaser_pciefd: Clear listen-only bit if not explicitly requested (git-
fixes).
* can: kvaser_pciefd: Disable interrupts in probe error path (git-fixes).
* can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt (git-fixes).
* can: kvaser_pciefd: Empty SRB buffer in probe (git-fixes).
* can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop() (git-
fixes).
* can: kvaser_usb: Add struct kvaser_usb_busparams (git-fixes).
* can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device (git-fixes).
* can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT (git-fixes).
* can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
{leaf,usbcan}_cmd_can_error_event (git-fixes).
* can: kvaser_usb_leaf: Fix overread with an invalid command (git-fixes).
* cassini: Fix a memory leak in the error handling path of cas_init_one()
(git-fixes).
* ceph: force updating the msg pointer in non-split case (bsc#1211804).
* cgroup.c: add helper __cset_cgroup_from_root to cleanup duplicated codes
(bsc#1203906).
* cgroup: Homogenize cgroup_get_from_id() return value (bsc#1205650).
* cgroup: Honor caller's cgroup NS when resolving path (bsc#1205650).
* cgroup: Make cgroup_get_from_id() prettier (bsc#1205650).
* cgroup: Reorganize css_set_lock and kernfs path processing (bsc#1205650).
* cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
(bsc#1205650).
* cgroup: reduce dependency on cgroup_mutex (bsc#1205650).
* cifs: Avoid a cast in add_lease_context() (bsc#1193629).
* cifs: Simplify SMB2_open_init() (bsc#1193629).
* cifs: Simplify SMB2_open_init() (bsc#1193629).
* cifs: Simplify SMB2_open_init() (bsc#1193629).
* cifs: avoid dup prefix path in dfs_get_automount_devname() (git-fixes).
* cifs: avoid potential races when handling multiple dfs tcons (bsc#1208758).
* cifs: fix pcchunk length type in smb2_copychunk_range (bsc#1193629).
* cifs: fix potential race when tree connecting ipc (bsc#1208758).
* cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
(bsc#1208758).
* cifs: fix sharing of DFS connections (bsc#1208758).
* cifs: fix smb1 mount regression (bsc#1193629).
* cifs: mapchars mount option ignored (bsc#1193629).
* cifs: missing lock when updating session status (bsc#1193629).
* cifs: print smb3_fs_context::source when mounting (bsc#1193629).
* cifs: protect access of TCP_Server_Info::{origin,leaf}_fullpath
(bsc#1208758).
* cifs: protect session status check in smb2_reconnect() (bsc#1208758).
* cifs: release leases for deferred close handles when freezing (bsc#1193629).
* cifs: update internal module version number for cifs.ko (bsc#1193629).
* clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling (git-fixes).
* clk: qcom: regmap: add PHY clock source implementation (git-fixes).
* clk: tegra20: fix gcc-7 constant overflow warning (git-fixes).
* configfs: fix possible memory leak in configfs_create_dir() (git-fixes).
* crypto: acomp - define max size for destination (jsc#PED-3692)
* crypto: drivers - move from strlcpy with unused retval to (jsc#PED-3692)
* crypto: qat - Fix unsigned function returning negative (jsc#PED-3692)
* crypto: qat - Removes the x86 dependency on the QAT drivers (jsc#PED-3692)
* crypto: qat - abstract PFVF messages with struct pfvf_message (jsc#PED-3692)
* crypto: qat - abstract PFVF receive logic (jsc#PED-3692)
* crypto: qat - abstract PFVF send function (jsc#PED-3692)
* crypto: qat - add PFVF support to enable the reset of ring (jsc#PED-3692)
* crypto: qat - add PFVF support to the GEN4 host driver (jsc#PED-3692)
* crypto: qat - add VF and PF wrappers to common send function (jsc#PED-3692)
* crypto: qat - add backlog mechanism (jsc#PED-3692)
* crypto: qat - add check for invalid PFVF protocol version 0 (jsc#PED-3692)
* crypto: qat - add check to validate firmware images (jsc#PED-3692)
* crypto: qat - add limit to linked list parsing (jsc#PED-3692)
* crypto: qat - add misc workqueue (jsc#PED-3692)
* crypto: qat - add missing restarting event notification in (jsc#PED-3692)
* crypto: qat - add param check for DH (jsc#PED-3692)
* crypto: qat - add param check for RSA (jsc#PED-3692)
* crypto: qat - add pfvf_ops (jsc#PED-3692)
* crypto: qat - add resubmit logic for decompression (jsc#PED-3692)
* crypto: qat - add support for 401xx devices (jsc#PED-3692)
* crypto: qat - add support for compression for 4xxx (jsc#PED-3692)
* crypto: qat - add the adf_get_pmisc_base() helper function (jsc#PED-3692)
* crypto: qat - allow detection of dc capabilities for 4xxx (jsc#PED-3692)
* crypto: qat - change PFVF ACK behaviour (jsc#PED-3692)
* crypto: qat - change behaviour of (jsc#PED-3692)
* crypto: qat - change bufferlist logic interface (jsc#PED-3692)
* crypto: qat - config VFs based on ring-to-svc mapping (jsc#PED-3692)
* crypto: qat - differentiate between pf2vf and vf2pf offset (jsc#PED-3692)
* crypto: qat - disable AER if an error occurs in probe (jsc#PED-3692)
* crypto: qat - do not handle PFVF sources for qat_4xxx (jsc#PED-3692)
* crypto: qat - do not rely on min version (jsc#PED-3692)
* crypto: qat - enable deflate for QAT GEN4 (jsc#PED-3692)
* crypto: qat - enable power management for QAT GEN4 (jsc#PED-3692)
* crypto: qat - exchange device capabilities over PFVF (jsc#PED-3692)
* crypto: qat - exchange ring-to-service mappings over PFVF (jsc#PED-3692)
* crypto: qat - expose deflate through acomp api for QAT GEN2 (jsc#PED-3692)
* crypto: qat - expose device config through sysfs for 4xxx (jsc#PED-3692)
* crypto: qat - expose device state through sysfs for 4xxx (jsc#PED-3692)
* crypto: qat - extend buffer list interface (jsc#PED-3692)
* crypto: qat - extend crypto capability detection for 4xxx (jsc#PED-3692)
* crypto: qat - extract send and wait from (jsc#PED-3692)
* crypto: qat - fix DMA transfer direction (jsc#PED-3692)
* crypto: qat - fix ETR sources enabled by default on GEN2 (jsc#PED-3692)
* crypto: qat - fix VF IDs in PFVF log messages (jsc#PED-3692)
* crypto: qat - fix a signedness bug in get_service_enabled() (jsc#PED-3692)
* crypto: qat - fix a typo in a comment (jsc#PED-3692)
* crypto: qat - fix access to PFVF interrupt registers for GEN4 (jsc#PED-3692)
* crypto: qat - fix definition of ring reset results (jsc#PED-3692)
* crypto: qat - fix error return code in adf_probe (jsc#PED-3692)
* crypto: qat - fix handling of VF to PF interrupts (jsc#PED-3692)
* crypto: qat - fix initialization of pfvf cap_msg structures (jsc#PED-3692)
* crypto: qat - fix initialization of pfvf rts_map_msg (jsc#PED-3692)
* crypto: qat - fix off-by-one error in PFVF debug print (jsc#PED-3692)
* crypto: qat - fix wording and formatting in code comment (jsc#PED-3692)
* crypto: qat - flush vf workqueue at driver removal (jsc#PED-3692)
* crypto: qat - free irq in case of failure (jsc#PED-3692)
* crypto: qat - free irqs only if allocated (jsc#PED-3692)
* crypto: qat - generalize crypto request buffers (jsc#PED-3692)
* crypto: qat - get compression extended capabilities (jsc#PED-3692)
* crypto: qat - handle retries due to collisions in (jsc#PED-3692)
* crypto: qat - honor CRYPTO_TFM_REQ_MAY_SLEEP flag (jsc#PED-3692)
* crypto: qat - improve logging of PFVF messages (jsc#PED-3692)
* crypto: qat - improve the ACK timings in PFVF send (jsc#PED-3692)
* crypto: qat - introduce support for PFVF block messages (jsc#PED-3692)
* crypto: qat - leverage bitfield.h utils for PFVF messages (jsc#PED-3692)
* crypto: qat - leverage read_poll_timeout in PFVF send (jsc#PED-3692)
* crypto: qat - leverage the GEN2 VF mask definiton (jsc#PED-3692)
* crypto: qat - make PFVF message construction direction (jsc#PED-3692)
* crypto: qat - make PFVF send and receive direction agnostic (jsc#PED-3692)
* crypto: qat - move VF message handler to adf_vf2pf_msg.c (jsc#PED-3692)
* crypto: qat - move and rename GEN4 error register definitions (jsc#PED-3692)
* crypto: qat - move interrupt code out of the PFVF handler (jsc#PED-3692)
* crypto: qat - move pfvf collision detection values (jsc#PED-3692)
* crypto: qat - move vf2pf interrupt helpers (jsc#PED-3692)
* crypto: qat - pass the PF2VF responses back to the callers (jsc#PED-3692)
* crypto: qat - prevent spurious MSI interrupt in VF (jsc#PED-3692)
* crypto: qat - re-enable interrupts for legacy PFVF messages (jsc#PED-3692)
* crypto: qat - re-enable registration of algorithms (jsc#PED-3692)
* crypto: qat - refactor PF top half for PFVF (jsc#PED-3692)
* crypto: qat - refactor pfvf version request messages (jsc#PED-3692)
* crypto: qat - refactor submission logic (jsc#PED-3692)
* crypto: qat - relocate PFVF PF related logic (jsc#PED-3692)
* crypto: qat - relocate PFVF VF related logic (jsc#PED-3692)
* crypto: qat - relocate PFVF disabled function (jsc#PED-3692)
* crypto: qat - relocate and rename adf_sriov_prepare_restart() (jsc#PED-3692)
* crypto: qat - relocate backlog related structures (jsc#PED-3692)
* crypto: qat - relocate bufferlist logic (jsc#PED-3692)
* crypto: qat - relocate qat_algs_alloc_flags() (jsc#PED-3692)
* crypto: qat - remove duplicated logic across GEN2 drivers (jsc#PED-3692)
* crypto: qat - remove empty sriov_configure() (jsc#PED-3692)
* crypto: qat - remove line wrapping for pfvf_ops functions (jsc#PED-3692)
* crypto: qat - remove the unnecessary get_vintmsk_offset() (jsc#PED-3692)
* crypto: qat - remove unmatched CPU affinity to cluster IRQ (jsc#PED-3692)
* crypto: qat - remove unnecessary tests to detect PFVF support (jsc#PED-3692)
* crypto: qat - remove unneeded assignment (jsc#PED-3692)
* crypto: qat - remove unneeded braces (jsc#PED-3692)
* crypto: qat - remove unneeded packed attribute (jsc#PED-3692)
* crypto: qat - remove unused PFVF stubs (jsc#PED-3692)
* crypto: qat - rename and relocate GEN2 config function (jsc#PED-3692)
* crypto: qat - rename bufferlist functions (jsc#PED-3692)
* crypto: qat - rename pfvf collision constants (jsc#PED-3692)
* crypto: qat - reorganize PFVF code (jsc#PED-3692)
* crypto: qat - reorganize PFVF protocol definitions (jsc#PED-3692)
* crypto: qat - replace deprecated MSI API (jsc#PED-3692)
* crypto: qat - replace disable_vf2pf_interrupts() (jsc#PED-3692)
* crypto: qat - replace get_current_node() with numa_node_id() (jsc#PED-3692)
* crypto: qat - rework the VF2PF interrupt handling logic (jsc#PED-3692)
* crypto: qat - set CIPHER capability for QAT GEN2 (jsc#PED-3692)
* crypto: qat - set COMPRESSION capability for DH895XCC (jsc#PED-3692)
* crypto: qat - set COMPRESSION capability for QAT GEN2 (jsc#PED-3692)
* crypto: qat - set DMA mask to 48 bits for Gen2 (jsc#PED-3692)
* crypto: qat - set PFVF_MSGORIGIN just before sending (jsc#PED-3692)
* crypto: qat - share adf_enable_pf2vf_comms() from (jsc#PED-3692)
* crypto: qat - simplify adf_enable_aer() (jsc#PED-3692)
* crypto: qat - simplify code and axe the use of a deprecated (jsc#PED-3692)
* crypto: qat - split PFVF message decoding from handling (jsc#PED-3692)
* crypto: qat - stop using iommu_present() (jsc#PED-3692)
* crypto: qat - store the PFVF protocol version of the (jsc#PED-3692)
* crypto: qat - store the ring-to-service mapping (jsc#PED-3692)
* crypto: qat - support fast ACKs in the PFVF protocol (jsc#PED-3692)
* crypto: qat - support the reset of ring pairs on PF (jsc#PED-3692)
* crypto: qat - test PFVF registers for spurious interrupts on (jsc#PED-3692)
* crypto: qat - use enums for PFVF protocol codes (jsc#PED-3692)
* crypto: qat - use hweight for bit counting (jsc#PED-3692)
* crypto: qat - use pre-allocated buffers in datapath (jsc#PED-3692)
* crypto: qat - use reference to structure in dma_map_single() (jsc#PED-3692)
* crypto: qat - use u32 variables in all GEN4 pfvf_ops (jsc#PED-3692)
* crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs() (git-fixes).
* cxgb4: fix missing unlock on ETHOFLD desc collect fail path (jsc#SLE-18992).
* debugfs: fix error when writing negative value to atomic_t debugfs file
(git-fixes).
* dma: gpi: remove spurious unlock in gpi_ch_init (git-fixes).
* dmaengine: at_xdmac: do not enable all cyclic channels (git-fixes).
* dmaengine: dw-edma: Fix to change for continuous transfer (git-fixes).
* dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
(git-fixes).
* dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual
Addressing (git-fixes).
* dmaengine: idxd: Only call idxd_enable_system_pasid() if succeeded in
enabling SVA feature (git-fixes).
* dmaengine: idxd: Separate user and kernel pasid enabling (git-fixes).
* dmaengine: mv_xor_v2: Fix an error code (git-fixes).
* do not reuse connection if share marked as isolated (bsc#1193629).
* docs: networking: fix x25-iface.rst heading & index order (git-fixes).
* drivers: base: component: fix memory leak with using debugfs_lookup() (git-
fixes).
* drivers: base: dd: fix memory leak with using debugfs_lookup() (git-fixes).
* drm-hyperv: Add a bug reference to two existing changes (bsc#1211281).
* drm/amd/display: Fix hang when skipping modeset (git-fixes).
* drm/amd/display: Use DC_LOG_DC in the trasform pixel function (git-fixes).
* drm/amd/display: fix flickering caused by S/G mode (git-fixes).
* drm/amd: Fix an out of bounds error in BIOS parser (git-fixes).
* drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx
ras (git-fixes).
* drm/amdgpu: Fix vram recover does not work after whole GPU reset (v2) (git-
fixes).
* drm/amdgpu: add a missing lock for AMDGPU_SCHED (git-fixes).
* drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
(git-fixes).
* drm/displayid: add displayid_get_header() and check bounds better (git-
fixes).
* drm/exynos: fix g2d_open/close helper function definitions (git-fixes).
* drm/i915/dg2: Add HDMI pixel clock frequencies 267.30 and 319.89 MHz (git-
fixes).
* drm/i915/dg2: Add additional HDMI pixel clock frequencies (git-fixes).
* drm/i915/dg2: Support 4k at 30 on HDMI (git-fixes).
* drm/i915/dp: prevent potential div-by-zero (git-fixes).
* drm/mipi-dsi: Set the fwnode for mipi_dsi_device (git-fixes).
* drm/msm/dp: Clean up handling of DP AUX interrupts (git-fixes).
* drm/msm/dp: unregister audio driver during unbind (git-fixes).
* drm/msm/dpu: Add INTF_5 interrupts (git-fixes).
* drm/msm/dpu: Move non-MDP_TOP INTF_INTR offsets out of hwio header (git-
fixes).
* drm/msm/dpu: Remove duplicate register defines from INTF (git-fixes).
* drm/sched: Remove redundant check (git-fixes).
* drm/tegra: Avoid potential 32-bit integer overflow (git-fixes).
* drm/ttm/pool: Fix ttm_pool_alloc error path (git-fixes).
* drm/ttm: optimize pool allocations a bit v2 (git-fixes).
* dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type (git-fixes).
* dt-bindings: ata: ahci-ceva: Cover all 4 iommus entries (git-fixes).
* dt-bindings: ata: ahci-ceva: convert to yaml (git-fixes).
* dt-bindings: iio: adc: renesas,rcar-gyroadc: Fix adi,ad7476 compatible value
(git-fixes).
* dt-bindings: usb: snps,dwc3: Fix "snps,hsphy_interface" type (git-fixes).
* f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).
* fbdev: arcfb: Fix error handling in arcfb_probe() (git-fixes).
* fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe()
(git-fixes).
* fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards (git-fixes).
* fbdev: udlfb: Fix endpoint check (git-fixes).
* firmware: arm_ffa: Check if ffa_driver remove is present before executing
(git-fixes).
* firmware: arm_ffa: Set reserved/MBZ fields to zero in the memory descriptors
(git-fixes).
* fuse: always revalidate rename target dentry (bsc#1211808).
* fuse: fix attr version comparison in fuse_read_update_size() (bsc#1211807).
* futex: Resend potentially swallowed owner death notification (git-fixes).
* google/gve:fix repeated words in comments (bsc#1211519).
* gpio: mockup: Fix mode of debugfs files (git-fixes).
* gve: Adding a new AdminQ command to verify driver (bsc#1211519).
* gve: Cache link_speed value from device (git-fixes).
* gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519).
* gve: Fix spelling mistake "droping" -> "dropping" (bsc#1211519).
* gve: Handle alternate miss completions (bsc#1211519).
* gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
* gve: Remove the code of clearing PBA bit (git-fixes).
* gve: Secure enough bytes in the first TX desc for all TCP pkts (git-fixes).
* gve: enhance no queue page list detection (bsc#1211519).
* i2c: omap: Fix standard mode false ACK readings (git-fixes).
* i2c: tegra: Fix PEC support for SMBUS block read (git-fixes).
* i40e: Add checking for null for nlmsg_find_attr() (jsc#SLE-18378).
* i40e: Fix ADQ rate limiting for PF (jsc#SLE-18378).
* i40e: Fix DMA mappings leak (jsc#SLE-18378).
* i40e: Fix VF hang when reset is triggered on another VF (jsc#SLE-18378).
* i40e: Fix VF set max MTU size (jsc#SLE-18378).
* i40e: Fix VF's MAC Address change on VM (jsc#SLE-18378).
* i40e: Fix adding ADQ filter to TC0 (jsc#SLE-18378).
* i40e: Fix calculating the number of queue pairs (jsc#SLE-18378).
* i40e: Fix erroneous adapter reinitialization during recovery process
(jsc#SLE-18378).
* i40e: Fix ethtool rx-flow-hash setting for X722 (jsc#SLE-18378).
* i40e: Fix flow-type by setting GL_HASH_INSET registers (jsc#SLE-18378).
* i40e: Fix for VF MAC address 0 (jsc#SLE-18378).
* i40e: Fix incorrect address type for IPv6 flow rules (jsc#SLE-18378).
* i40e: Fix interface init with MSI interrupts (no MSI-X) (jsc#SLE-18378).
* i40e: Fix kernel crash during module removal (jsc#SLE-18378).
* i40e: Fix kernel crash during reboot when adapter is in recovery mode
(jsc#SLE-18378).
* i40e: Fix set max_tx_rate when it is lower than 1 Mbps (jsc#SLE-18378).
* i40e: Fix the inability to attach XDP program on downed interface
(jsc#SLE-18378).
* i40e: Refactor tc mqprio checks (jsc#SLE-18378).
* i40e: add double of VLAN header when computing the max MTU (jsc#SLE-18378).
* i40e: fix accessing vsi->active_filters without holding lock
(jsc#SLE-18378).
* i40e: fix flow director packet filter programming (jsc#SLE-18378).
* i40e: fix i40e_setup_misc_vector() error handling (jsc#SLE-18378).
* i40e: fix registers dump after run ethtool adapter self test
(jsc#SLE-18378).
* iavf/iavf_main: actually log ->src mask when talking about it
(jsc#SLE-18385).
* iavf: Detach device during reset task (jsc#SLE-18385).
* iavf: Disallow changing rx/tx-frames and rx/tx-frames-irq (jsc#SLE-18385).
* iavf: Do not restart Tx queues after reset task failure (jsc#SLE-18385).
* iavf: Fix 'tc qdisc show' listing too many queues (jsc#SLE-18385).
* iavf: Fix a crash during reset task (jsc#SLE-18385).
* iavf: Fix bad page state (jsc#SLE-18385).
* iavf: Fix cached head and tail value for iavf_get_tx_pending
(jsc#SLE-18385).
* iavf: Fix error handling in iavf_init_module() (jsc#SLE-18385).
* iavf: Fix max_rate limiting (jsc#SLE-18385).
* iavf: Fix race condition between iavf_shutdown and iavf_remove
(jsc#SLE-18385).
* iavf: Fix set max MTU size with port VLAN and jumbo frames (jsc#SLE-18385).
* iavf: fix hang on reboot with ice (jsc#SLE-18385).
* iavf: fix inverted Rx hash condition leading to disabled hash
(jsc#SLE-18385).
* iavf: fix non-tunneled IPv6 UDP packet type and hashing (jsc#SLE-18385).
* ice: Fix interrupt moderation settings getting cleared (jsc#SLE-18375).
* ice: Set txq_teid to ICE_INVAL_TEID on ring creation (jsc#SLE-18375).
* igb: Add lock to avoid data race (jsc#SLE-18379).
* igb: Enable SR-IOV after reinit (jsc#SLE-18379).
* igb: Initialize mailbox message for VF reset (jsc#SLE-18379).
* igb: conditionalize I2C bit banging on external thermal sensor support
(jsc#SLE-18379).
* igb: revert rtnl_lock() that causes deadlock (jsc#SLE-18379).
* igbvf: Regard vf reset nack as success (jsc#SLE-18379).
* igc: Add checking for basetime less than zero (jsc#SLE-18377).
* igc: Add ndo_tx_timeout support (jsc#SLE-18377).
* igc: Enhance Qbv scheduling by using first flag bit (jsc#SLE-18377).
* igc: Fix PPS delta between two synchronized end-points (jsc#SLE-18377).
* igc: Lift TAPRIO schedule restriction (jsc#SLE-18377).
* igc: Reinstate IGC_REMOVED logic and implement it properly (jsc#SLE-18377).
* igc: Set Qbv start_time and end_time to end_time if not being configured in
GCL (jsc#SLE-18377).
* igc: Use strict cycles for Qbv scheduling (jsc#SLE-18377).
* igc: allow BaseTime 0 enrollment for Qbv (jsc#SLE-18377).
* igc: fix the validation logic for taprio's gate list (jsc#SLE-18377).
* igc: read before write to SRRCTL register (jsc#SLE-18377).
* igc: recalculate Qbv end_time by considering cycle time (jsc#SLE-18377).
* igc: return an error if the mac type is unknown in
igc_ptp_systim_to_hwtstamp() (jsc#SLE-18377).
* iio: accel: st_accel: Fix invalid mount_matrix on devices without ACPI _ONT
method (git-fixes).
* iio: adc: ad7192: Change "shorted" channels to differential (git-fixes).
* iio: adc: ad_sigma_delta: Fix IRQ issue by setting IRQ_DISABLE_UNLAZY flag
(git-fixes).
* iio: adc: mxs-lradc: fix the order of two cleanup operations (git-fixes).
* iio: adc: palmas_gpadc: fix NULL dereference on rmmod (git-fixes).
* iio: dac: mcp4725: Fix i2c_master_send() return value handling (git-fixes).
* iio: imu: inv_icm42600: fix timestamp reset (git-fixes).
* iio: light: vcnl4035: fixed chip ID check (git-fixes).
* intel/igbvf: free irq on the error path in igbvf_request_msix()
(jsc#SLE-18379).
* ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
* iwlwifi: cfg: Add missing MODULE_FIRMWARE() for *.pnvm (bsc#1207553).
* ixgbe: Allow flow hash to be set via ethtool (jsc#SLE-18384).
* ixgbe: Enable setting RSS table to default values (jsc#SLE-18384).
* ixgbe: Fix panic during XDP_TX with > 64 CPUs (jsc#SLE-18384).
* ixgbe: add double of VLAN header when computing the max MTU (jsc#SLE-18384).
* ixgbe: allow to increase MTU to 3K with XDP enabled (jsc#SLE-18384).
* ixgbe: fix pci device refcount leak (jsc#SLE-18384).
* ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
(jsc#SLE-18384).
* kABI workaround for btbcm.c (git-fixes).
* kABI workaround for mt76_poll_msec() (git-fixes).
* kABI: Fix kABI after backport Emulate RDPID only if it is enabled in guest
(git-fixes)
* kabi/severities: added Microsoft mana symbold (bsc#1210551)
* kernel-binary: install expoline.o (boo#1210791 bsc#1211089)
* kernel-source: Remove unused macro variant_symbols
* kernel-spec-macros: Fix up obsolete_rebuilds_subpackage to generate
obsoletes correctly (boo#1172073 bsc#1191731).
* kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always catchup mode
(git-fixes).
* leds: Fix reference to led_set_brightness() in doc (git-fixes).
* leds: TI_LMU_COMMON: select REGMAP instead of depending on it (git-fixes).
* leds: tca6507: Fix error handling of using fwnode_property_read_string (git-
fixes).
* libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value (git-fixes).
* locking/rwsem: Add __always_inline annotation to __down_read_common() and
inlined callers (git-fixes).
* mailbox: zynqmp: Fix IPI isr handling (git-fixes).
* mailbox: zynqmp: Fix typo in IPI documentation (git-fixes).
* mce: fix set_mce_nospec to always unmap the whole page (git-fixes).
* media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and
buffer_finish() (git-fixes).
* media: netup_unidvb: fix use-after-free at del_timer() (git-fixes).
* media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish (git-
fixes).
* media: radio-shark: Add endpoint checks (git-fixes).
* media: rcar_fdp1: Fix the correct variable assignments (git-fixes).
* media: rcar_fdp1: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
* memstick: r592: Fix UAF bug in r592_remove due to race condition
(bsc#1211449).
* mfd: dln2: Fix memory leak in dln2_probe() (git-fixes).
* mfd: tqmx86: Correct board names for TQMxE39x (git-fixes).
* mfd: tqmx86: Do not access I2C_DETECT register through io_base (git-fixes).
* misc: fastrpc: reject new invocations during device removal (git-fixes).
* misc: fastrpc: return -EPIPE to invocations on device removal (git-fixes).
* mmc: sdhci-esdhc-imx: make "no-mmc-hs400" works (git-fixes).
* mmc: vub300: fix invalid response handling (git-fixes).
* mt76: mt7915: fix incorrect testmode ipg on band 1 caused by wmm_idx (git-
fixes).
* mtd: rawnand: ingenic: fix empty stub helper definitions (git-fixes).
* mtd: rawnand: marvell: do not set the NAND frequency select (git-fixes).
* mtd: rawnand: marvell: ensure timing values are written (git-fixes).
* net/iucv: Fix size of interrupt data (bsc#1211465 git-fixes).
* net: accept UFOv6 packages in virtio_net_hdr_to_skb (git-fixes).
* net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (git-fixes).
* net: mana: Add new MANA VF performance counters for easier troubleshooting
(bsc#1209982).
* net: mana: Add support for auxiliary device (bsc#1210741 jsc#PED-4022).
* net: mana: Add support for jumbo frame (bsc#1210551).
* net: mana: Check if netdev/napi_alloc_frag returns single page
(bsc#1210551).
* net: mana: Define and process GDMA response code GDMA_STATUS_MORE_ENTRIES
(bsc#1210741 jsc#PED-4022).
* net: mana: Define data structures for allocating doorbell page from GDMA
(bsc#1210741 jsc#PED-4022).
* net: mana: Define data structures for protection domain and memory
registration (bsc#1210741 jsc#PED-4022).
* net: mana: Define max values for SGL entries (bsc#1210741 jsc#PED-4022).
* net: mana: Enable RX path to handle various MTU sizes (bsc#1210551).
* net: mana: Export Work Queue functions for use by RDMA driver (bsc#1210741
jsc#PED-4022).
* net: mana: Fix perf regression: remove rx_cqes, tx_cqes counters (git-
fixes).
* net: mana: Handle vport sharing between devices (bsc#1210741 jsc#PED-4022).
* net: mana: Move header files to a common location (bsc#1210741
jsc#PED-4022).
* net: mana: Record port number in netdev (bsc#1210741 jsc#PED-4022).
* net: mana: Record the physical address for doorbell page region (bsc#1210741
jsc#PED-4022).
* net: mana: Refactor RX buffer allocation code to prepare for various MTU
(bsc#1210551).
* net: mana: Rename mana_refill_rxoob and remove some empty lines
(bsc#1210551).
* net: mana: Set the DMA device max segment size (bsc#1210741 jsc#PED-4022).
* net: mana: Use napi_build_skb in RX path (bsc#1210551).
* net: mdio: mvusb: Fix an error handling path in mvusb_mdio_probe() (git-
fixes).
* net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
(bsc#1211564).
* net: phy: dp83867: add w/a for packet errors seen with short cables (git-
fixes).
* net: qrtr: correct types of trace event parameters (git-fixes).
* net: skip virtio_net_hdr_set_proto if protocol already set (git-fixes).
* net: tun: avoid disabling NAPI twice (git-fixes).
* net: tun: fix bugs for oversize packet when napi frags enabled (git-fixes).
* net: tun: stop NAPI when detaching queues (git-fixes).
* net: tun: unlink NAPI from device on destruction (git-fixes).
* net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 (git-fixes).
* net: virtio_net_hdr_to_skb: count transport header in UFO (git-fixes).
* nilfs2: do not write dirty data after degenerating to read-only (git-fixes).
* nilfs2: fix infinite loop in nilfs_mdt_get_block() (git-fixes).
* nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() (git-
fixes).
* nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association (git-
fixes).
* nvme-multipath: fix hang when disk goes live over reconnect (git-fixes).
* nvme-pci: add quirks for Samsung X5 SSDs (git-fixes).
* nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs (git-
fixes).
* nvme-pci: avoid the deepest sleep state on ZHITAI TiPro5000 SSDs (git-
fixes).
* nvme-pci: avoid the deepest sleep state on ZHITAI TiPro7000 SSDs (git-
fixes).
* nvme-pci: clear the prp2 field when not used (git-fixes).
* nvme-pci: disable write zeroes on various Kingston SSD (git-fixes).
* nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-
fixes).
* nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN (git-fixes).
* nvme-pci: set min_align_mask before calculating max_hw_sectors (git-fixes).
* nvme-tcp: fix a possible UAF when failing to allocate an io queue (git-
fixes).
* nvme-tcp: fix bogus request completion when failing to send AER (git-fixes).
* nvme-tcp: lockdep: annotate in-kernel sockets (git-fixes).
* nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH (git-fixes).
* nvme: also return I/O command effects from nvme_command_effects (git-fixes).
* nvme: check for duplicate identifiers earlier (git-fixes).
* nvme: cleanup __nvme_check_ids (git-fixes).
* nvme: fix discard support without oncs (git-fixes).
* nvme: fix interpretation of DMRSL (git-fixes).
* nvme: fix multipath crash caused by flush request when blktrace is enabled
(git-fixes).
* nvme: fix passthrough csi check (git-fixes).
* nvme: generalize the nvme_multi_css check in nvme_scan_ns (git-fixes).
* nvme: move the Samsung X5 quirk entry to the core quirks (git-fixes).
* nvme: rename nvme_validate_or_alloc_ns to nvme_scan_ns (git-fixes).
* nvme: set non-mdts limits in nvme_scan_work (git-fixes).
* nvmet-tcp: add bounds check on Transfer Tag (git-fixes).
* nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown
(git-fixes).
* nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() (git-fixes).
* nvmet: fix mar and mor off-by-one errors (git-fixes).
* nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked (git-fixes).
* nvmet: fix workqueue MEM_RECLAIM flushing dependency (git-fixes).
* nvmet: move the call to nvmet_ns_changed out of nvmet_ns_revalidate (git-
fixes).
* nvmet: use NVME_CMD_EFFECTS_CSUPP instead of open coding it (git-fixes).
* phy: st: miphy28lp: use _poll_timeout functions for waits (git-fixes).
* phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and
ulpi_port (git-fixes).
* pinctrl: qcom: lpass-lpi: set output value before enabling output (git-
fixes).
* pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration
(git-fixes).
* platform/x86: hp-wmi: Support touchpad on/off (git-fixes).
* platform/x86: thinkpad_acpi: Fix platform profiles on T490 (git-fixes).
* platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i (git-
fixes).
* platform/x86: touchscreen_dmi: Add upside-down quirk for GDIX1002 ts on the
Juno Tablet (git-fixes).
* power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of
pm_runtime_get_sync (git-fixes).
* power: supply: bq27xxx: Add cache parameter to
bq27xxx_battery_current_and_status() (git-fixes).
* power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
stabilize (git-fixes).
* power: supply: bq27xxx: Ensure power_supply_changed() is called on current
sign changes (git-fixes).
* power: supply: bq27xxx: Fix I2C IRQ race on remove (git-fixes).
* power: supply: bq27xxx: Fix poll_interval handling and races on remove (git-
fixes).
* power: supply: bq27xxx: expose battery data when CI=1 (git-fixes).
* power: supply: leds: Fix blink to LED on transition (git-fixes).
* power: supply: sbs-charger: Fix INHIBITED bit for Status reg (git-fixes).
* powerpc/iommu: DMA address offset is incorrectly calculated with 2MB TCEs
(jsc#SLE-19556 git-fixes).
* powerpc/rtas: use memmove for potentially overlapping buffer copy
(bsc#1065729).
* powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).
* pstore: Revert pmsg_lock back to a normal mutex (git-fixes).
* purgatory: fix disabling debug info (git-fixes).
* pwm: meson: Fix axg ao mux parents (git-fixes).
* pwm: meson: Fix g12a ao clk81 name (git-fixes).
* qed/qed_dev: guard against a possible division by zero (jsc#SLE-19001).
* qed/qed_mng_tlv: correctly zero out ->min instead of ->hour (jsc#SLE-19001).
* qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
(jsc#SLE-19001).
* qed: allow sleep in qed_mcp_trace_dump() (jsc#SLE-19001).
* qede: execute xdp_do_flush() before napi_complete_done() (jsc#SLE-19001).
* r8152: fix flow control issue of RTL8156A (git-fixes).
* r8152: fix the poor throughput for 2.5G devices (git-fixes).
* r8152: move setting r8153b_rx_agg_chg_indicate() (git-fixes).
* regmap: cache: Return error in cache sync operations for REGCACHE_NONE (git-
fixes).
* regulator: mt6359: add read check for PMIC MT6359 (git-fixes).
* regulator: pca9450: Fix BUCK2 enable_mask (git-fixes).
* remoteproc: stm32_rproc: Add mutex protection for workqueue (git-fixes).
* ring-buffer: Ensure proper resetting of atomic variables in
ring_buffer_reset_online_cpus (git-fixes).
* ring-buffer: Fix kernel-doc (git-fixes).
* ring-buffer: Sync IRQ works before buffer destruction (git-fixes).
* rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB
* rtmutex: Ensure that the top waiter is always woken up (git-fixes).
* s390/ap: fix crash on older machines based on QCI info missing (bsc#1210947)
* s390/ctcm: Fix return type of ctc{mp,}m_tx() (git-fixes bsc#1211686).
* s390/dasd: fix hanging blockdevice after request requeue (git-fixes
bsc#1211687).
* s390/extmem: return correct segment type in __segment_load() (bsc#1210450
git-fixes).
* s390/kprobes: fix current_kprobe never cleared after kprobes reenter (git-
fixes bsc#1211688).
* s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
(git-fixes bsc#1211689).
* s390/lcs: Fix return type of lcs_start_xmit() (git-fixes bsc#1211690).
* s390/mem_detect: fix detect_memory() error handling (git-fixes bsc#1211691).
* s390/netiucv: Fix return type of netiucv_tx() (git-fixes bsc#1211692).
* s390/qdio: fix do_sqbs() inline assembly constraint (git-fixes bsc#1211693).
* s390/qeth: fix use-after-free in hsci (bsc#1210449 git-fixes).
* s390/uaccess: add missing earlyclobber annotations to __clear_user()
(bsc#1209856 git-fixes).
* s390/vdso: remove -nostdlib compiler flag (git-fixes bsc#1211714).
* s390x: Fixed hard lockups while running stress-ng and LPAR hangs
(bsc#1195655 ltc#195733).
* scsi: core: Improve scsi_vpd_inquiry() checks (git-fixes).
* scsi: hisi_sas: Handle NCQ error when IPTT is valid (git-fixes).
* scsi: libsas: Add sas_ata_device_link_abort() (git-fixes).
* scsi: libsas: Grab the ATA port lock in sas_ata_device_link_abort() (git-
fixes).
* scsi: lpfc: Add new RCQE status for handling DMA failures (bsc#1211847).
* scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by
lpfc_nlp_not_used() (bsc#1211847).
* scsi: lpfc: Fix verbose logging for SCSI commands issued to SES devices
(bsc#1211847).
* scsi: lpfc: Match lock ordering of lpfc_cmd->buf_lock and hbalock for abort
paths (bsc#1211847).
* scsi: lpfc: Replace blk_irq_poll intr handler with threaded IRQ
(bsc#1211847).
* scsi: lpfc: Update congestion warning notification period (bsc#1211847).
* scsi: lpfc: Update lpfc version to 14.2.0.12 (bsc#1211847).
* scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS (git-fixes).
* scsi: megaraid_sas: Fix fw_crash_buffer_show() (git-fixes).
* scsi: qedi: Fix use after free bug in qedi_remove() (git-fixes).
* scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting()
(bsc#1211960).
* scsi: qla2xxx: Fix hang in task management (bsc#1211960).
* scsi: qla2xxx: Fix mem access after free (bsc#1211960).
* scsi: qla2xxx: Fix task management cmd fail due to unavailable resource
(bsc#1211960).
* scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
* scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
* scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).
* scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).
* scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
(bsc#1211960).
* scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
* scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
* scsi: ses: Handle enclosure with just a primary component gracefully (git-
fixes).
* scsi: storvsc: Do not pass unused PFNs to Hyper-V host (git-fixes).
* selftests mount: Fix mount_setattr_test builds failed (git-fixes).
* selftests/resctrl: Allow ->setup() to return errors (git-fixes).
* selftests/resctrl: Check for return value after write_schemata() (git-
fixes).
* selftests/resctrl: Extend CPU vendor detection (git-fixes).
* selftests/resctrl: Move ->setup() call outside of test specific branches
(git-fixes).
* selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
(git-fixes).
* selftests/sgx: Add "test_encl.elf" to TEST_FILES (git-fixes).
* selftests: mptcp: connect: skip if MPTCP is not supported (git-fixes).
* selftests: mptcp: pm nl: skip if MPTCP is not supported (git-fixes).
* selftests: mptcp: sockopt: skip if MPTCP is not supported (git-fixes).
* selftests: seg6: disable DAD on IPv6 router cfg for srv6_end_dt4_l3vpn_test
(git-fixes).
* selftests: srv6: make srv6_end_dt46_l3vpn_test more robust (git-fixes).
* selftests: xsk: Disable IPv6 on VETH1 (git-fixes).
* selftets: seg6: disable rp_filter by default in srv6_end_dt4_l3vpn_test
(git-fixes).
* selinux: do not use make's grouped targets feature yet (git-fixes).
* serial: 8250: Reinit port->pm on port specific driver unbind (git-fixes).
* serial: 8250_bcm7271: balance clk_enable calls (git-fixes).
* serial: 8250_bcm7271: fix leak in `brcmuart_probe` (git-fixes).
* serial: 8250_exar: Add support for USR298x PCI Modems (git-fixes).
* serial: 8250_tegra: Fix an error handling path in tegra_uart_probe() (git-
fixes).
* serial: Add support for Advantech PCI-1611U card (git-fixes).
* serial: arc_uart: fix of_iomap leak in `arc_serial_probe` (git-fixes).
* serial: qcom-geni: fix enabling deactivated interrupt (git-fixes).
* serial: stm32: re-introduce an irq flag condition in usart_receive_chars
(git-fixes).
* sfc: Change VF mac via PF as first preference if available (git-fixes).
* sfc: Fix module EEPROM reporting for QSFP modules (git-fixes).
* sfc: Fix use-after-free due to selftest_work (git-fixes).
* sfc: correctly advertise tunneled IPv6 segmentation (git-fixes).
* sfc: ef10: do not overwrite offload features at NIC reset (git-fixes).
* sfc: fix TX channel offset when using legacy interrupts (git-fixes).
* sfc: fix considering that all channels have TX queues (git-fixes).
* sfc: fix null pointer dereference in efx_hard_start_xmit (git-fixes).
* sfc: fix wrong tx channel offset with efx_separate_tx_channels (git-fixes).
* sfc: include vport_id in filter spec hash and equal() (git-fixes).
* smb3: display debug information better for encryption (bsc#1193629).
* smb3: fix problem remounting a share after shutdown (bsc#1193629).
* smb3: improve parallel reads of large files (bsc#1193629).
* smb3: make query_on_disk_id open context consistent and move to common code
(bsc#1193629).
* smb3: move some common open context structs to smbfs_common (bsc#1193629).
* soundwire: qcom: correct setting ignore bit on v1.5.1 (git-fixes).
* soundwire: qcom: gracefully handle too many ports in DT (git-fixes).
* spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3 (git-fixes).
* spi: spi-imx: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
(git-fixes).
* staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE (git-fixes).
* struct ci_hdrc: hide new member at end (git-fixes).
* supported.conf: mark mana_ib supported
* swiotlb: relocate PageHighMem test away from rmem_swiotlb_setup (git-fixes).
* thunderbolt: Clear registers properly when auto clear isn't in use
(bsc#1210165).
* thunderbolt: Mask ring interrupt on Intel hardware as well (bsc#1210165).
* tools/virtio: compile with -pthread (git-fixes).
* tools/virtio: fix the vringh test for virtio ring changes (git-fixes).
* tools/virtio: fix virtio_test execution (git-fixes).
* tools/virtio: initialize spinlocks in vring_test.c (git-fixes).
* tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (git-
fixes).
* tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (git-fixes).
* tpm/tpm_tis: Disable interrupts for more Lenovo devices (git-fixes).
* tracing: Fix permissions for the buffer_percent file (git-fixes).
* tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of
UARTCTRL_SBK (git-fixes).
* usb-storage: fix deadlock when a scsi command timeouts more than once (git-
fixes).
* usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
* usb: dwc3: Align DWC3_EP_* flag macros (git-fixes).
* usb: dwc3: Fix a repeated word checkpatch warning (git-fixes).
* usb: dwc3: Fix ep0 handling when getting reset while doing control transfer
(git-fixes).
* usb: dwc3: debugfs: Resume dwc3 before accessing registers (git-fixes).
* usb: dwc3: drd: use helper to get role-switch-default-mode (git-fixes).
* usb: dwc3: ep0: Do not prepare beyond Setup stage (git-fixes).
* usb: dwc3: gadget: Delay issuing End Transfer (git-fixes).
* usb: dwc3: gadget: Execute gadget stop after halting the controller (git-
fixes).
* usb: dwc3: gadget: Improve dwc3_gadget_suspend() and dwc3_gadget_resume()
(git-fixes).
* usb: dwc3: gadget: Only End Transfer for ep0 data phase (git-fixes).
* usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive (git-
fixes).
* usb: dwc3: remove a possible unnecessary 'out of memory' message (git-
fixes).
* usb: gadget: f_fs: Add unbind event before functionfs_unbind (git-fixes).
* usb: gadget: u_ether: Fix host MAC address case (git-fixes).
* usb: mtu3: fix kernel panic at qmu transfer done irq handler (git-fixes).
* usb: typec: altmodes/displayport: fix pin_assignment_show (git-fixes).
* usb: typec: tcpm: fix multiple times discover svids error (git-fixes).
* usb: usbfs: Enforce page requirements for mmap (git-fixes).
* usb: usbfs: Use consistent mmap functions (git-fixes).
* usrmerge: Remove usrmerge compatibility symlink in buildroot (boo#1211796).
* vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
(git-fixes).
* vdpa: fix use-after-free on vp_vdpa_remove (git-fixes).
* vhost/net: Clear the pending messages when the backend is removed (git-
fixes).
* virtio-net: Keep stop() to follow mirror sequence of open() (git-fixes).
* virtio-net: execute xdp_do_flush() before napi_complete_done() (git-fixes).
* virtio_net: bugfix overflow inside xdp_linearize_page() (git-fixes).
* virtio_net: split free_unused_bufs() (git-fixes).
* virtio_net: suppress cpu stall when free_unused_bufs (git-fixes).
* watchdog: dw_wdt: Fix the error handling path of dw_wdt_drv_probe() (git-
fixes).
* watchdog: sp5100_tco: Immediately trigger upon starting (git-fixes).
* wifi: ath11k: Fix SKB corruption in REO destination ring (git-fixes).
* wifi: ath: Silence memcpy run-time false positive warning (git-fixes).
* wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex (git-fixes).
* wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
(git-fixes).
* wifi: iwlwifi: fix OEM's name in the ppag approved list (git-fixes).
* wifi: iwlwifi: fw: fix DBGI dump (git-fixes).
* wifi: iwlwifi: mvm: do not trust firmware n_channels (git-fixes).
* wifi: iwlwifi: mvm: fix OEM's name in the tas approved list (git-fixes).
* wifi: iwlwifi: mvm: fix cancel_delayed_work_sync() deadlock (git-fixes).
* wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf (git-
fixes).
* wifi: iwlwifi: pcie: fix possible NULL pointer dereference (git-fixes).
* wifi: mac80211: fix min center freq offset tracing (git-fixes).
* wifi: mt76: add flexible polling wait-interval support (git-fixes).
* wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset (git-
fixes).
* wifi: mt76: mt7921e: fix probe timeout after reboot (git-fixes).
* wifi: mt76: mt7921e: improve reliability of dma reset (git-fixes).
* wifi: rtl8xxxu: RTL8192EU always needs full init (git-fixes).
* workqueue: Fix hung time report of worker pools (bsc#1211044).
* workqueue: Interrupted create_worker() is not a repeated event
(bsc#1211044).
* workqueue: Print backtraces from CPUs with hung CPU bound workqueues
(bsc#1211044).
* workqueue: Warn when a new worker could not be created (bsc#1211044).
* workqueue: Warn when a rescuer could not be created (bsc#1211044).
* x86, sched: Fix undefined reference to init_freq_invariance_cppc() build
error (git-fixes).
* x86/MCE/AMD: Use an u64 for bank_map (git-fixes).
* x86/alternative: Make debug-alternative selective (bsc#1206578).
* x86/alternative: Report missing return thunk details (git-fixes).
* x86/alternative: Support relocations in alternatives (bsc#1206578).
* x86/amd: Use IBPB for firmware calls (git-fixes).
* x86/boot: Skip realmode init code when running as Xen PV guest (git-fixes).
* x86/bugs: Add "unknown" reporting for MMIO Stale Data (git-fixes).
* x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
(git-fixes).
* x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
(git-fixes).
* x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
(git-fixes).
* x86/delay: Fix the wrong asm constraint in delay_loop() (git-fixes).
* x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y (git-fixes).
* x86/fault: Cast an argument to the proper address space in prefetch() (git-
fixes).
* x86/fpu/xsave: Initialize offset/size cache early (bsc#1211205).
* x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly (git-
fixes).
* x86/fpu: Fix the init_fpstate size check with the actual size (git-fixes).
* x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN (git-fixes).
* x86/hyperv: Block root partition functionality in a Confidential VM (git-
fixes).
* x86/lib/memmove: Decouple ERMS from FSRM (bsc#1206578).
* x86/mce: relocate set{clear}_mce_nospec() functions (git-fixes). This is a
preparation for the next patch
* x86/microcode/AMD: Add a @cpu parameter to the reloading functions (git-
fixes).
* x86/microcode/AMD: Fix mixed steppings support (git-fixes).
* x86/microcode/AMD: Track patch allocation size explicitly (git-fixes).
* x86/microcode: Add a parameter to microcode_check() to store CPU
capabilities (git-fixes).
* x86/microcode: Add explicit CPU vendor dependency (git-fixes).
* x86/microcode: Adjust late loading result reporting message (git-fixes).
* x86/microcode: Rip out the OLD_INTERFACE (git-fixes).
* x86/mm: Cleanup the control_va_addr_alignment() __setup handler (git-fixes).
* x86/mm: Use proper mask when setting PUD mapping (git-fixes).
* x86/nospec: Unwreck the RSB stuffing (git-fixes).
* x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
* x86/pat: Fix x86_has_pat_wp() (git-fixes).
* x86/pm: Add enumeration check before spec MSRs save/restore setup (git-
fixes).
* x86/reboot: Disable SVM, not just VMX, when stopping CPUs (git-fixes).
* x86/resctrl: Fix min_cbm_bits for AMD (git-fixes).
* x86/sev: Add SEV-SNP guest feature negotiation support (git-fixes).
* x86/signal: Fix the value returned by strict_sas_size() (git-fixes).
* x86/speculation/mmio: Print SMT warning (git-fixes).
* x86/speculation: Identify processors vulnerable to SMT RSB predictions (git-
fixes).
* x86/static_call: Serialize __static_call_fixup() properly (git-fixes).
* x86/syscall: Include asm/ptrace.h in syscall_wrapper header (git-fixes).
* x86/topology: Fix duplicated core ID within a package (git-fixes).
* x86/topology: Fix multiple packages shown on a single-package system (git-
fixes).
* x86/tsx: Add a feature bit for TSX control MSR support (git-fixes).
* x86: Fix return value of __setup handlers (git-fixes).
* x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm() (git-fixes).
* xen/netback: do not do grant copy across page boundary (git-fixes).
* xen/netback: use same error messages for same errors (git-fixes).
* xhci-pci: Only run d3cold avoidance quirk for s2idle (git-fixes).
* xhci: Fix incorrect tracking of free space on transfer rings (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2653=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-2653=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-2653=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-2653=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-2653=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-2653=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-2653=1
* Development Tools Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-2653=1
* Legacy Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-2653=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-2653=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-2653=1
* SUSE Linux Enterprise Workstation Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-2653=1
## Package List:
* openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
* kernel-default-5.14.21-150400.24.66.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-default-livepatch-devel-5.14.21-150400.24.66.1
* kernel-default-extra-5.14.21-150400.24.66.1
* cluster-md-kmp-default-5.14.21-150400.24.66.1
* kernel-syms-5.14.21-150400.24.66.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.66.1
* reiserfs-kmp-default-5.14.21-150400.24.66.1
* kselftests-kmp-default-5.14.21-150400.24.66.1
* kernel-default-devel-5.14.21-150400.24.66.1
* ocfs2-kmp-default-5.14.21-150400.24.66.1
* kernel-obs-build-debugsource-5.14.21-150400.24.66.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.66.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.66.1
* dlm-kmp-default-5.14.21-150400.24.66.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.66.1
* kernel-default-livepatch-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-obs-build-5.14.21-150400.24.66.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-optional-5.14.21-150400.24.66.1
* kernel-obs-qa-5.14.21-150400.24.66.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.66.1
* gfs2-kmp-default-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-devel-5.14.21-150400.24.66.1
* kernel-debug-devel-debuginfo-5.14.21-150400.24.66.1
* kernel-debug-debuginfo-5.14.21-150400.24.66.1
* kernel-debug-livepatch-devel-5.14.21-150400.24.66.1
* kernel-debug-debugsource-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-default-base-rebuild-5.14.21-150400.24.66.1.150400.24.29.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.66.1
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.66.1
* kernel-kvmsmall-devel-5.14.21-150400.24.66.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.66.1
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (noarch)
* kernel-source-5.14.21-150400.24.66.1
* kernel-macros-5.14.21-150400.24.66.1
* kernel-source-vanilla-5.14.21-150400.24.66.1
* kernel-docs-html-5.14.21-150400.24.66.2
* kernel-devel-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.66.2
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.66.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (aarch64)
* dtb-rockchip-5.14.21-150400.24.66.1
* kernel-64kb-devel-5.14.21-150400.24.66.1
* dtb-lg-5.14.21-150400.24.66.1
* dtb-cavium-5.14.21-150400.24.66.1
* dtb-nvidia-5.14.21-150400.24.66.1
* dtb-hisilicon-5.14.21-150400.24.66.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.66.1
* gfs2-kmp-64kb-5.14.21-150400.24.66.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* ocfs2-kmp-64kb-5.14.21-150400.24.66.1
* dlm-kmp-64kb-5.14.21-150400.24.66.1
* dtb-arm-5.14.21-150400.24.66.1
* dtb-qcom-5.14.21-150400.24.66.1
* kselftests-kmp-64kb-5.14.21-150400.24.66.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* dtb-renesas-5.14.21-150400.24.66.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.66.1
* dtb-exynos-5.14.21-150400.24.66.1
* kernel-64kb-optional-5.14.21-150400.24.66.1
* kernel-64kb-debuginfo-5.14.21-150400.24.66.1
* dtb-broadcom-5.14.21-150400.24.66.1
* dtb-freescale-5.14.21-150400.24.66.1
* dtb-xilinx-5.14.21-150400.24.66.1
* dtb-amlogic-5.14.21-150400.24.66.1
* dtb-apm-5.14.21-150400.24.66.1
* kernel-64kb-debugsource-5.14.21-150400.24.66.1
* dtb-allwinner-5.14.21-150400.24.66.1
* dtb-mediatek-5.14.21-150400.24.66.1
* kernel-64kb-livepatch-devel-5.14.21-150400.24.66.1
* dtb-marvell-5.14.21-150400.24.66.1
* dtb-sprd-5.14.21-150400.24.66.1
* reiserfs-kmp-64kb-5.14.21-150400.24.66.1
* cluster-md-kmp-64kb-5.14.21-150400.24.66.1
* dtb-apple-5.14.21-150400.24.66.1
* kernel-64kb-extra-5.14.21-150400.24.66.1
* dtb-altera-5.14.21-150400.24.66.1
* dtb-amd-5.14.21-150400.24.66.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* dtb-amazon-5.14.21-150400.24.66.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.66.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
* dtb-socionext-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.66.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (aarch64)
* kernel-64kb-debugsource-5.14.21-150400.24.66.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.66.1
* kernel-64kb-debuginfo-5.14.21-150400.24.66.1
* kernel-64kb-devel-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* kernel-default-devel-5.14.21-150400.24.66.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (noarch)
* kernel-macros-5.14.21-150400.24.66.1
* kernel-devel-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.66.1
* Basesystem Module 15-SP4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.66.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.66.1
* Development Tools Module 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.66.2
* Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* kernel-syms-5.14.21-150400.24.66.1
* kernel-obs-build-debugsource-5.14.21-150400.24.66.1
* kernel-obs-build-5.14.21-150400.24.66.1
* Development Tools Module 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.66.1
* Legacy Module 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.66.1
* Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* reiserfs-kmp-default-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-default-livepatch-5.14.21-150400.24.66.1
* kernel-default-livepatch-devel-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-1-150400.9.3.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* kernel-livepatch-SLE15-SP4_Update_13-debugsource-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_66-default-1-150400.9.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-debuginfo-5.14.21-150400.24.66.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* ocfs2-kmp-default-5.14.21-150400.24.66.1
* cluster-md-kmp-default-5.14.21-150400.24.66.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.66.1
* dlm-kmp-default-5.14.21-150400.24.66.1
* gfs2-kmp-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.66.1
* SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)
* kernel-default-extra-5.14.21-150400.24.66.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debuginfo-5.14.21-150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.66.1
## References:
* https://www.suse.com/security/cve/CVE-2022-4269.html
* https://www.suse.com/security/cve/CVE-2022-45884.html
* https://www.suse.com/security/cve/CVE-2022-45885.html
* https://www.suse.com/security/cve/CVE-2022-45886.html
* https://www.suse.com/security/cve/CVE-2022-45887.html
* https://www.suse.com/security/cve/CVE-2022-45919.html
* https://www.suse.com/security/cve/CVE-2023-1079.html
* https://www.suse.com/security/cve/CVE-2023-1380.html
* https://www.suse.com/security/cve/CVE-2023-1382.html
* https://www.suse.com/security/cve/CVE-2023-2002.html
* https://www.suse.com/security/cve/CVE-2023-2124.html
* https://www.suse.com/security/cve/CVE-2023-2156.html
* https://www.suse.com/security/cve/CVE-2023-2162.html
* https://www.suse.com/security/cve/CVE-2023-2269.html
* https://www.suse.com/security/cve/CVE-2023-2483.html
* https://www.suse.com/security/cve/CVE-2023-2513.html
* https://www.suse.com/security/cve/CVE-2023-28410.html
* https://www.suse.com/security/cve/CVE-2023-3006.html
* https://www.suse.com/security/cve/CVE-2023-30456.html
* https://www.suse.com/security/cve/CVE-2023-31084.html
* https://www.suse.com/security/cve/CVE-2023-31436.html
* https://www.suse.com/security/cve/CVE-2023-32233.html
* https://www.suse.com/security/cve/CVE-2023-33288.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1172073
* https://bugzilla.suse.com/show_bug.cgi?id=1191731
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1195655
* https://bugzilla.suse.com/show_bug.cgi?id=1195921
* https://bugzilla.suse.com/show_bug.cgi?id=1203906
* https://bugzilla.suse.com/show_bug.cgi?id=1205650
* https://bugzilla.suse.com/show_bug.cgi?id=1205756
* https://bugzilla.suse.com/show_bug.cgi?id=1205758
* https://bugzilla.suse.com/show_bug.cgi?id=1205760
* https://bugzilla.suse.com/show_bug.cgi?id=1205762
* https://bugzilla.suse.com/show_bug.cgi?id=1205803
* https://bugzilla.suse.com/show_bug.cgi?id=1206024
* https://bugzilla.suse.com/show_bug.cgi?id=1206578
* https://bugzilla.suse.com/show_bug.cgi?id=1207553
* https://bugzilla.suse.com/show_bug.cgi?id=1208604
* https://bugzilla.suse.com/show_bug.cgi?id=1208758
* https://bugzilla.suse.com/show_bug.cgi?id=1209287
* https://bugzilla.suse.com/show_bug.cgi?id=1209288
* https://bugzilla.suse.com/show_bug.cgi?id=1209856
* https://bugzilla.suse.com/show_bug.cgi?id=1209982
* https://bugzilla.suse.com/show_bug.cgi?id=1210165
* https://bugzilla.suse.com/show_bug.cgi?id=1210294
* https://bugzilla.suse.com/show_bug.cgi?id=1210449
* https://bugzilla.suse.com/show_bug.cgi?id=1210450
* https://bugzilla.suse.com/show_bug.cgi?id=1210498
* https://bugzilla.suse.com/show_bug.cgi?id=1210533
* https://bugzilla.suse.com/show_bug.cgi?id=1210551
* https://bugzilla.suse.com/show_bug.cgi?id=1210647
* https://bugzilla.suse.com/show_bug.cgi?id=1210741
* https://bugzilla.suse.com/show_bug.cgi?id=1210775
* https://bugzilla.suse.com/show_bug.cgi?id=1210783
* https://bugzilla.suse.com/show_bug.cgi?id=1210791
* https://bugzilla.suse.com/show_bug.cgi?id=1210806
* https://bugzilla.suse.com/show_bug.cgi?id=1210940
* https://bugzilla.suse.com/show_bug.cgi?id=1210947
* https://bugzilla.suse.com/show_bug.cgi?id=1211037
* https://bugzilla.suse.com/show_bug.cgi?id=1211043
* https://bugzilla.suse.com/show_bug.cgi?id=1211044
* https://bugzilla.suse.com/show_bug.cgi?id=1211089
* https://bugzilla.suse.com/show_bug.cgi?id=1211105
* https://bugzilla.suse.com/show_bug.cgi?id=1211113
* https://bugzilla.suse.com/show_bug.cgi?id=1211131
* https://bugzilla.suse.com/show_bug.cgi?id=1211205
* https://bugzilla.suse.com/show_bug.cgi?id=1211263
* https://bugzilla.suse.com/show_bug.cgi?id=1211280
* https://bugzilla.suse.com/show_bug.cgi?id=1211281
* https://bugzilla.suse.com/show_bug.cgi?id=1211449
* https://bugzilla.suse.com/show_bug.cgi?id=1211465
* https://bugzilla.suse.com/show_bug.cgi?id=1211519
* https://bugzilla.suse.com/show_bug.cgi?id=1211564
* https://bugzilla.suse.com/show_bug.cgi?id=1211590
* https://bugzilla.suse.com/show_bug.cgi?id=1211592
* https://bugzilla.suse.com/show_bug.cgi?id=1211686
* https://bugzilla.suse.com/show_bug.cgi?id=1211687
* https://bugzilla.suse.com/show_bug.cgi?id=1211688
* https://bugzilla.suse.com/show_bug.cgi?id=1211689
* https://bugzilla.suse.com/show_bug.cgi?id=1211690
* https://bugzilla.suse.com/show_bug.cgi?id=1211691
* https://bugzilla.suse.com/show_bug.cgi?id=1211692
* https://bugzilla.suse.com/show_bug.cgi?id=1211693
* https://bugzilla.suse.com/show_bug.cgi?id=1211714
* https://bugzilla.suse.com/show_bug.cgi?id=1211796
* https://bugzilla.suse.com/show_bug.cgi?id=1211804
* https://bugzilla.suse.com/show_bug.cgi?id=1211807
* https://bugzilla.suse.com/show_bug.cgi?id=1211808
* https://bugzilla.suse.com/show_bug.cgi?id=1211847
* https://bugzilla.suse.com/show_bug.cgi?id=1211855
* https://bugzilla.suse.com/show_bug.cgi?id=1211960
* https://jira.suse.com/browse/PED-3692
* https://jira.suse.com/browse/PED-4022
* https://jira.suse.com/browse/SLE-18375
* https://jira.suse.com/browse/SLE-18377
* https://jira.suse.com/browse/SLE-18378
* https://jira.suse.com/browse/SLE-18379
* https://jira.suse.com/browse/SLE-18383
* https://jira.suse.com/browse/SLE-18384
* https://jira.suse.com/browse/SLE-18385
* https://jira.suse.com/browse/SLE-18978
* https://jira.suse.com/browse/SLE-18992
* https://jira.suse.com/browse/SLE-19001
* https://jira.suse.com/browse/SLE-19255
* https://jira.suse.com/browse/SLE-19556
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230627/121db7ca/attachment.htm>
More information about the sle-security-updates
mailing list