SUSE-SU-2023:2653-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jun 27 12:30:30 UTC 2023



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:2653-1  
Rating: important  
References:

  * #1065729
  * #1172073
  * #1191731
  * #1193629
  * #1195655
  * #1195921
  * #1203906
  * #1205650
  * #1205756
  * #1205758
  * #1205760
  * #1205762
  * #1205803
  * #1206024
  * #1206578
  * #1207553
  * #1208604
  * #1208758
  * #1209287
  * #1209288
  * #1209856
  * #1209982
  * #1210165
  * #1210294
  * #1210449
  * #1210450
  * #1210498
  * #1210533
  * #1210551
  * #1210647
  * #1210741
  * #1210775
  * #1210783
  * #1210791
  * #1210806
  * #1210940
  * #1210947
  * #1211037
  * #1211043
  * #1211044
  * #1211089
  * #1211105
  * #1211113
  * #1211131
  * #1211205
  * #1211263
  * #1211280
  * #1211281
  * #1211449
  * #1211465
  * #1211519
  * #1211564
  * #1211590
  * #1211592
  * #1211686
  * #1211687
  * #1211688
  * #1211689
  * #1211690
  * #1211691
  * #1211692
  * #1211693
  * #1211714
  * #1211796
  * #1211804
  * #1211807
  * #1211808
  * #1211847
  * #1211855
  * #1211960

  
Cross-References:

  * CVE-2022-4269
  * CVE-2022-45884
  * CVE-2022-45885
  * CVE-2022-45886
  * CVE-2022-45887
  * CVE-2022-45919
  * CVE-2023-1079
  * CVE-2023-1380
  * CVE-2023-1382
  * CVE-2023-2002
  * CVE-2023-2124
  * CVE-2023-2156
  * CVE-2023-2162
  * CVE-2023-2269
  * CVE-2023-2483
  * CVE-2023-2513
  * CVE-2023-28410
  * CVE-2023-3006
  * CVE-2023-30456
  * CVE-2023-31084
  * CVE-2023-31436
  * CVE-2023-32233
  * CVE-2023-33288

  
CVSS scores:

  * CVE-2022-4269 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-4269 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45884 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45884 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-45885 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45885 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-45886 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45886 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-45887 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45887 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-45919 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-45919 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-1079 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-1079 ( NVD ):  6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-1380 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-1380 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2023-1382 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-1382 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2002 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2002 ( NVD ):  6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2023-2124 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2124 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2156 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2156 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2162 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2162 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-2269 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2269 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-2483 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2513 ( SUSE ):  6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2513 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-28410 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-28410 ( NVD ):  8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2023-3006 ( SUSE ):  4.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-3006 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-30456 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2023-30456 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-31084 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31084 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-31436 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-31436 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-32233 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-32233 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-33288 ( SUSE ):  4.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
  * CVE-2023-33288 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP4
  * Development Tools Module 15-SP4
  * Legacy Module 15-SP4
  * openSUSE Leap 15.4
  * openSUSE Leap Micro 5.3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise High Availability Extension 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Workstation Extension 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 23 vulnerabilities, contains 14 features and has 47 fixes
can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed:

  * CVE-2023-28410: Fixed improper restriction of operations within the bounds
    of a memory buffer in some Intel(R) i915 Graphics drivers that may have
    allowed an authenticated user to potentially enable escalation of privilege
    via local access (bsc#1211263).
  * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
    of the RPL protocol (bsc#1211131).
  * CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
  * CVE-2023-3006: Fixed a known cache speculation vulnerability, known as
    Branch History Injection (BHI) or Spectre-BHB, for the new hw AmpereOne
    (bsc#1211855).
  * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive
    locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-
    ioctl.c (bsc#1210806).
  * CVE-2023-1079: Fixed a use-after-free problem that could have been triggered
    in asus_kbd_backlight_set when plugging/disconnecting a malicious USB device
    (bsc#1208604).
  * CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create
    (bsc#1210647).
  * CVE-2023-33288: Fixed a use-after-free in bq24190_remove in
    drivers/power/supply/bq24190_charger.c (bsc#1211590).
  * CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in
    dvb_net.c that lead to a use-after-free (bsc#1205760).
  * CVE-2022-45885: Fixed a race condition in dvb_frontend.c that could cause a
    use-after-free when a device is disconnected (bsc#1205758).
  * CVE-2022-45887: Fixed a memory leak in ttusb_dec.c caused by the lack of a
    dvb_frontend_detach call (bsc#1205762).
  * CVE-2022-45919: Fixed a use-after-free in dvb_ca_en50221.c that could occur
    if there is a disconnect after an open, because of the lack of a wait_event
    (bsc#1205803).
  * CVE-2022-45884: Fixed a use-after-free in dvbdev.c, related to
    dvb_register_device dynamically allocating fops (bsc#1205756).
  * CVE-2023-31084: Fixed a blocking issue in drivers/media/dvb-
    core/dvb_frontend.c (bsc#1210783).
  * CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized
    execution of management commands, compromising the confidentiality,
    integrity, and availability of Bluetooth communication (bsc#1210533).
  * CVE-2023-31436: Fixed an out-of-bounds write in qfq_change_class() because
    lmax can exceed QFQ_MIN_LMAX (bsc#1210940).
  * CVE-2023-30456: Fixed an issue in arch/x86/kvm/vmx/nested.c with nVMX on
    x86_64 lacks consistency checks for CR0 and CR4 (bsc#1210294).
  * CVE-2022-4269: Fixed a flaw was found inside the Traffic Control (TC)
    subsystem (bsc#1206024).
  * CVE-2023-32233: Fixed a use-after-free in Netfilter nf_tables when
    processing batch requests (bsc#1211043).
  * CVE-2023-1380: Fixed a slab-out-of-bound read problem in
    brcmf_get_assoc_ies() (bsc#1209287).
  * CVE-2023-2513: Fixed a use-after-free vulnerability in the ext4 filesystem
    (bsc#1211105).
  * CVE-2023-2483: Fixed a use after free bug in emac_remove caused by a race
    condition (bsc#1211037).
  * CVE-2023-2124: Fixed an out-of-bound access in the XFS subsystem that could
    have lead to denial-of-service or potentially privilege escalation
    (bsc#1210498).

The following non-security bugs were fixed:

  * 3c589_cs: Fix an error handling path in tc589_probe() (git-fixes).
  * ACPI: EC: Fix oops when removing custom query handlers (git-fixes).
  * ACPI: bus: Ensure that notify handlers are not running after removal (git-
    fixes).
  * ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 (git-
    fixes).
  * ACPI: tables: Add support for NBFT (bsc#1195921).
  * ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in
    acpi_db_display_objects (git-fixes).
  * ACPICA: Avoid undefined behavior: applying zero offset to null pointer (git-
    fixes).
  * ALSA: caiaq: input: Add error handling for unsupported input methods in
    `snd_usb_caiaq_input_init` (git-fixes).
  * ALSA: cs46xx: mark snd_cs46xx_download_image as static (git-fixes).
  * ALSA: firewire-digi00x: prevent potential use after free (git-fixes).
  * ALSA: hda/ca0132: add quirk for EVGA X299 DARK (git-fixes).
  * ALSA: hda/realtek: Add a quirk for HP EliteDesk 805 (git-fixes).
  * ALSA: hda/realtek: Add quirk for 2nd ASUS GU603 (git-fixes).
  * ALSA: hda/realtek: Add quirk for ASUS UM3402YAR using CS35L41 (git-fixes).
  * ALSA: hda/realtek: Add quirk for Clevo L140AU (git-fixes).
  * ALSA: hda/realtek: Add quirk for HP EliteBook G10 laptops (git-fixes).
  * ALSA: hda/realtek: Add quirk for ThinkPad P1 Gen 6 (git-fixes).
  * ALSA: hda/realtek: Apply HP B&O top speaker profile to Pavilion 15 (git-
    fixes).
  * ALSA: hda/realtek: Enable headset onLenovo M70/M90 (git-fixes).
  * ALSA: hda/realtek: Fix mute and micmute LEDs for an HP laptop (git-fixes).
  * ALSA: hda/realtek: Fix mute and micmute LEDs for yet another HP laptop (git-
    fixes).
  * ALSA: hda/realtek: support HP Pavilion Aero 13-be0xxx Mute LED (git-fixes).
  * ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table (git-fixes).
  * ALSA: hda: Fix Oops by 9.1 surround channel names (git-fixes).
  * ALSA: usb-audio: Add a sample rate workaround for Line6 Pod Go (git-fixes).
  * ALSA: usb-audio: Add quirk for Pioneer DDJ-800 (git-fixes).
  * ARM64: dts: Add DTS files for bcmbca SoC BCM6858 (git-fixes).
  * ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings (git-fixes).
  * ARM: dts: qcom: ipq8064: Fix the PCI I/O port range (git-fixes).
  * ARM: dts: qcom: ipq8064: reduce pci IO size to 64K (git-fixes).
  * ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15 (git-
    fixes).
  * ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg (git-fixes).
  * ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750 (git-
    fixes).
  * ASoC: fsl_micfil: Fix error handler with pm_runtime_enable (git-fixes).
  * ASoC: lpass: Fix for KASAN use_after_free out of bounds (git-fixes).
  * ASoC: rt5682: Disable jack detection interrupt during suspend (git-fixes).
  * ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm (git-
    fixes).
  * Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp (git-
    fixes).
  * Bluetooth: btintel: Add LE States quirk support (git-fixes).
  * Bluetooth: hci_bcm: Fall back to getting bdaddr from EFI if not set (git-
    fixes).
  * HID: logitech-hidpp: Do not use the USB serial for USB devices (git-fixes).
  * HID: logitech-hidpp: Reconcile USB and Unifying serials (git-fixes).
  * HID: microsoft: Add rumble support to latest xbox controllers (bsc#1211280).
  * HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs (git-fixes).
  * HID: wacom: Force pen out of prox if no events have been received in a while
    (git-fixes).
  * HID: wacom: Set a default resolution for older tablets (git-fixes).
  * HID: wacom: add three styli to wacom_intuos_get_tool_type (git-fixes).
  * HID: wacom: avoid integer overflow in wacom_intuos_inout() (git-fixes).
  * HID: wacom: generic: Set battery quirk only when we see battery data (git-
    fixes).
  * IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order (git-fixes)
  * IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests
    (git-fixes)
  * IB/hifi1: add a null check of kzalloc_node in hfi1_ipoib_txreq_init (git-
    fixes)
  * Input: xpad - add constants for GIP interface numbers (git-fixes).
  * KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() (git-
    fixes).
  * KVM: Destroy target device if coalesced MMIO unregistration fails (git-
    fixes)
  * KVM: Disallow user memslot with size that exceeds "unsigned long" (git-
    fixes)
  * KVM: Do not create VM debugfs files outside of the VM directory (git-fixes)
  * KVM: Do not set Accessed/Dirty bits for ZERO_PAGE (git-fixes)
  * KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
    (git-fixes).
  * KVM: Prevent module exit until all VMs are freed (git-fixes)
  * KVM: SVM: Do not rewrite guest ICR on AVIC IPI virtualization failure (git-
    fixes).
  * KVM: SVM: Fix benign "bool vs. int" comparison in svm_set_cr0() (git-fixes).
  * KVM: SVM: Require logical ID to be power-of-2 for AVIC entry (git-fixes).
  * KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid (git-
    fixes).
  * KVM: SVM: hyper-v: placate modpost section mismatch error (git-fixes).
  * KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper (git-fixes).
  * KVM: VMX: Resume guest immediately when injecting #GP on ECREATE (git-
    fixes).
  * KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking shadow (git-
    fixes).
  * KVM: VMX: Use is_64_bit_mode() to check 64-bit mode in SGX handler (git-
    fixes).
  * KVM: X86: Fix tlb flush for tdp in kvm_invalidate_pcid() (git-fixes).
  * KVM: arm64: Do not arm a hrtimer for an already pending timer (git-fixes)
  * KVM: arm64: Do not return from void function (git-fixes)
  * KVM: arm64: Fix PAR_TO_HPFAR() to work independently of PA_BITS. (git-fixes)
  * KVM: arm64: Fix S1PTW handling on RO memslots (git-fixes)
  * KVM: arm64: Fix bad dereference on MTE-enabled systems (git-fixes)
  * KVM: arm64: Fix buffer overflow in kvm_arm_set_fw_reg() (git-fixes)
  * KVM: arm64: Fix kvm init failure when mode!=vhe and VA_BITS=52. (git-fixes)
  * KVM: arm64: Free hypervisor allocations if vector slot init fails (git-
    fixes)
  * KVM: arm64: GICv4.1: Fix race with doorbell on VPE (git-fixes)
  * KVM: arm64: Limit length in kvm_vm_ioctl_mte_copy_tags() to INT_MAX (git-
    fixes)
  * KVM: arm64: PMU: Restore the guest's EL0 event counting after (git-fixes)
  * KVM: arm64: Reject 32bit user PSTATE on asymmetric systems (git-fixes)
  * KVM: arm64: Stop handle_exit() from handling HVC twice when an SError (git-
    fixes)
  * KVM: arm64: Treat PMCR_EL1.LC as RES1 on asymmetric systems (git-fixes)
  * KVM: arm64: nvhe: Eliminate kernel-doc warnings (git-fixes)
  * KVM: arm64: vgic: Fix exit condition in scan_its_table() (git-fixes)
  * KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS (git-
    fixes).
  * KVM: nVMX: Do not use Enlightened MSR Bitmap for L3 (git-fixes).
  * KVM: nVMX: Document that ignoring memory failures for VMCLEAR is deliberate
    (git-fixes).
  * KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted (git-
    fixes).
  * KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check fails (git-
    fixes).
  * KVM: nVMX: Prioritize TSS T-flag #DBs over Monitor Trap Flag (git-fixes).
  * KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1 (git-fixes).
  * KVM: nVMX: Treat General Detect #DB (DR7.GD=1) as fault-like (git-fixes).
  * KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER (git-fixes).
  * KVM: x86/emulator: Emulate RDPID only if it is enabled in guest (git-fixes).
  * KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs (git-
    fixes).
  * KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU does not support
    global_ctrl (git-fixes).
  * KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user() (git-
    fixes).
  * KVM: x86/vmx: Do not skip segment attributes if unusable bit is set (git-
    fixes).
  * KVM: x86/xen: Fix memory leak in kvm_xen_write_hypercall_page() (git-fixes).
  * KVM: x86: Copy filter arg outside kvm_vm_ioctl_set_msr_filter() (git-fixes).
  * KVM: x86: Do not change ICR on write to APIC_SELF_IPI (git-fixes).
  * KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception (git-fixes).
  * KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI (git-
    fixes).
  * KVM: x86: Mask off reserved bits in CPUID.8000001FH (git-fixes).
  * KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES
    (git-fixes).
  * KVM: x86: Protect the unused bits in MSR exiting flags (git-fixes).
  * KVM: x86: Remove a redundant guest cpuid check in kvm_set_cr4() (git-fixes).
  * KVM: x86: Report deprecated x87 features in supported CPUID (git-fixes).
  * KVM: x86: do not set st->preempted when going back to user space (git-
    fixes).
  * KVM: x86: fix typo in __try_cmpxchg_user causing non-atomicness (git-fixes).
  * KVM: x86: ioapic: Fix level-triggered EOI and userspace I/OAPIC reconfigure
    race (git-fixes).
  * PCI/ASPM: Remove pcie_aspm_pm_state_change() (git-fixes).
  * PM: hibernate: Do not get block device exclusively in test_resume mode (git-
    fixes).
  * PM: hibernate: Turn snapshot_test into global variable (git-fixes).
  * PM: hibernate: fix load_image_and_restore() error path (git-fixes).
  * RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
  * RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx (git-fixes)
  * RDMA/bnxt_re: Fix the page_size used during the MR creation (git-fixes)
  * RDMA/cm: Trace icm_send_rej event before the cm state is reset (git-fixes)
  * RDMA/core: Fix multiple -Warray-bounds warnings (git-fixes)
  * RDMA/efa: Fix unsupported page sizes in device (git-fixes)
  * RDMA/hns: Fix base address table allocation (git-fixes)
  * RDMA/hns: Fix timeout attr in query qp for HIP08 (git-fixes)
  * RDMA/hns: Modify the value of long message loopback slice (git-fixes)
  * RDMA/irdma: Add SW mechanism to generate completions on error
    (jsc#SLE-18383).
  * RDMA/irdma: Do not generate SW completions for NOPs (jsc#SLE-18383).
  * RDMA/irdma: Fix Local Invalidate fencing (git-fixes)
  * RDMA/irdma: Fix RQ completion opcode (jsc#SLE-18383).
  * RDMA/irdma: Fix drain SQ hang with no completion (jsc#SLE-18383).
  * RDMA/irdma: Fix inline for multiple SGE's (jsc#SLE-18383).
  * RDMA/irdma: Prevent QP use after free (git-fixes)
  * RDMA/irdma: Remove enum irdma_status_code (jsc#SLE-18383).
  * RDMA/irdma: Remove excess error variables (jsc#SLE-18383).
  * RDMA/mana: Remove redefinition of basic u64 type (bsc#1210741 jsc#PED-4022).
  * RDMA/mana: hide new rdma_driver_ids (bsc#1210741 jsc#PED-4022).
  * RDMA/mana_ib: Add a driver for Microsoft Azure Network Adapter (bsc#1210741
    jsc#PED-4022).
  * RDMA/mana_ib: Prevent array underflow in mana_ib_create_qp_raw()
    (bsc#1210741 jsc#PED-4022).
  * RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (jsc#SLE-19255).
  * RDMA/mlx5: Fix flow counter query via DEVX (git-fixes)
  * RDMA/mlx5: Use correct device num_ports when modify DC (git-fixes)
  * RDMA/rxe: Remove tasklet call from rxe_cq.c (git-fixes)
  * RDMA/siw: Fix potential page_array out of range access (git-fixes)
  * RDMA/siw: Remove namespace check from siw_netdev_event() (git-fixes)
  * RDMA/srpt: Add a check for valid 'mad_agent' pointer (git-fixes)
  * Revert "KVM: set owner of cpu and vm file operations" (git-fixes)
  * SMB3.1.1: add new tree connect ShareFlags (bsc#1193629).
  * SMB3: Add missing locks to protect deferred close file list (git-fixes).
  * SMB3: Close all deferred handles of inode in case of handle lease break
    (bsc#1193629).
  * SMB3: Close deferred file handles in case of handle lease break
    (bsc#1193629).
  * SMB3: drop reference to cfile before sending oplock break (bsc#1193629).
  * SMB3: force unmount was failing to close deferred close files (bsc#1193629).
  * SUNRPC: fix breakage caused by introduction of rq_xprt_ctxt (bsc#1210775).
  * USB / dwc3: Fix a checkpatch warning in core.c (git-fixes).
  * USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value (git-
    fixes).
  * USB: core: Add routines for endpoint checks in old drivers (git-fixes).
  * USB: sisusbvga: Add endpoint checks (git-fixes).
  * USB: usbtmc: Fix direction for 0-length ioctl control messages (git-fixes).
  * apparmor: add a kernel label to use on kernel objects (bsc#1211113).
  * arm64: dts: Add DTS files for bcmbca SoC BCM4912 (git-fixes).
  * arm64: dts: Add DTS files for bcmbca SoC BCM63158 (git-fixes).
  * arm64: dts: Add base DTS file for bcmbca device Asus GT-AX6000 (git-fixes).
  * arm64: dts: broadcom: bcm4908: add DT for Netgear RAXE500 (git-fixes).
  * arm64: dts: qcom: msm8996: Add missing DWC3 quirks (git-fixes).
  * arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly (git-
    fixes) Enable workaround and fix kABI breakage.
  * arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (git-fixes)
  * arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (git-fixes).
  * asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    (git-fixes).
  * ata: libata-scsi: Use correct device no in ata_find_dev() (git-fixes).
  * ata: pata_octeon_cf: drop kernel-doc notation (git-fixes).
  * block: add a bdev_max_zone_append_sectors helper (git-fixes).
  * bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() (git-
    fixes).
  * bnxt: Do not read past the end of test names (jsc#SLE-18978).
  * bnxt: prevent skb UAF after handing over to PTP worker (jsc#SLE-18978).
  * bnxt_en: Add missing 200G link speed reporting (jsc#SLE-18978).
  * bnxt_en: Avoid order-5 memory allocation for TPA data (jsc#SLE-18978).
  * bnxt_en: Do not initialize PTP on older P3/P4 chips (jsc#SLE-18978).
  * bnxt_en: Fix mqprio and XDP ring checking logic (jsc#SLE-18978).
  * bnxt_en: Fix reporting of test result in ethtool selftest (jsc#SLE-18978).
  * bnxt_en: Fix typo in PCI id to device description string mapping
    (jsc#SLE-18978).
  * bnxt_en: fix NQ resource accounting during vf creation on 57500 chips
    (jsc#SLE-18978).
  * bnxt_en: set missing reload flag in devlink features (jsc#SLE-18978).
  * can: isotp: recvmsg(): allow MSG_CMSG_COMPAT flag (git-fixes).
  * can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag (git-fixes).
  * can: kvaser_pciefd: Call request_irq() before enabling interrupts (git-
    fixes).
  * can: kvaser_pciefd: Clear listen-only bit if not explicitly requested (git-
    fixes).
  * can: kvaser_pciefd: Disable interrupts in probe error path (git-fixes).
  * can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt (git-fixes).
  * can: kvaser_pciefd: Empty SRB buffer in probe (git-fixes).
  * can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop() (git-
    fixes).
  * can: kvaser_usb: Add struct kvaser_usb_busparams (git-fixes).
  * can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device (git-fixes).
  * can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT (git-fixes).
  * can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to
    {leaf,usbcan}_cmd_can_error_event (git-fixes).
  * can: kvaser_usb_leaf: Fix overread with an invalid command (git-fixes).
  * cassini: Fix a memory leak in the error handling path of cas_init_one()
    (git-fixes).
  * ceph: force updating the msg pointer in non-split case (bsc#1211804).
  * cgroup.c: add helper __cset_cgroup_from_root to cleanup duplicated codes
    (bsc#1203906).
  * cgroup: Homogenize cgroup_get_from_id() return value (bsc#1205650).
  * cgroup: Honor caller's cgroup NS when resolving path (bsc#1205650).
  * cgroup: Make cgroup_get_from_id() prettier (bsc#1205650).
  * cgroup: Reorganize css_set_lock and kernfs path processing (bsc#1205650).
  * cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
    (bsc#1205650).
  * cgroup: reduce dependency on cgroup_mutex (bsc#1205650).
  * cifs: Avoid a cast in add_lease_context() (bsc#1193629).
  * cifs: Simplify SMB2_open_init() (bsc#1193629).
  * cifs: Simplify SMB2_open_init() (bsc#1193629).
  * cifs: Simplify SMB2_open_init() (bsc#1193629).
  * cifs: avoid dup prefix path in dfs_get_automount_devname() (git-fixes).
  * cifs: avoid potential races when handling multiple dfs tcons (bsc#1208758).
  * cifs: fix pcchunk length type in smb2_copychunk_range (bsc#1193629).
  * cifs: fix potential race when tree connecting ipc (bsc#1208758).
  * cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname
    (bsc#1208758).
  * cifs: fix sharing of DFS connections (bsc#1208758).
  * cifs: fix smb1 mount regression (bsc#1193629).
  * cifs: mapchars mount option ignored (bsc#1193629).
  * cifs: missing lock when updating session status (bsc#1193629).
  * cifs: print smb3_fs_context::source when mounting (bsc#1193629).
  * cifs: protect access of TCP_Server_Info::{origin,leaf}_fullpath
    (bsc#1208758).
  * cifs: protect session status check in smb2_reconnect() (bsc#1208758).
  * cifs: release leases for deferred close handles when freezing (bsc#1193629).
  * cifs: update internal module version number for cifs.ko (bsc#1193629).
  * clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling (git-fixes).
  * clk: qcom: regmap: add PHY clock source implementation (git-fixes).
  * clk: tegra20: fix gcc-7 constant overflow warning (git-fixes).
  * configfs: fix possible memory leak in configfs_create_dir() (git-fixes).
  * crypto: acomp - define max size for destination (jsc#PED-3692)
  * crypto: drivers - move from strlcpy with unused retval to (jsc#PED-3692)
  * crypto: qat - Fix unsigned function returning negative (jsc#PED-3692)
  * crypto: qat - Removes the x86 dependency on the QAT drivers (jsc#PED-3692)
  * crypto: qat - abstract PFVF messages with struct pfvf_message (jsc#PED-3692)
  * crypto: qat - abstract PFVF receive logic (jsc#PED-3692)
  * crypto: qat - abstract PFVF send function (jsc#PED-3692)
  * crypto: qat - add PFVF support to enable the reset of ring (jsc#PED-3692)
  * crypto: qat - add PFVF support to the GEN4 host driver (jsc#PED-3692)
  * crypto: qat - add VF and PF wrappers to common send function (jsc#PED-3692)
  * crypto: qat - add backlog mechanism (jsc#PED-3692)
  * crypto: qat - add check for invalid PFVF protocol version 0 (jsc#PED-3692)
  * crypto: qat - add check to validate firmware images (jsc#PED-3692)
  * crypto: qat - add limit to linked list parsing (jsc#PED-3692)
  * crypto: qat - add misc workqueue (jsc#PED-3692)
  * crypto: qat - add missing restarting event notification in (jsc#PED-3692)
  * crypto: qat - add param check for DH (jsc#PED-3692)
  * crypto: qat - add param check for RSA (jsc#PED-3692)
  * crypto: qat - add pfvf_ops (jsc#PED-3692)
  * crypto: qat - add resubmit logic for decompression (jsc#PED-3692)
  * crypto: qat - add support for 401xx devices (jsc#PED-3692)
  * crypto: qat - add support for compression for 4xxx (jsc#PED-3692)
  * crypto: qat - add the adf_get_pmisc_base() helper function (jsc#PED-3692)
  * crypto: qat - allow detection of dc capabilities for 4xxx (jsc#PED-3692)
  * crypto: qat - change PFVF ACK behaviour (jsc#PED-3692)
  * crypto: qat - change behaviour of (jsc#PED-3692)
  * crypto: qat - change bufferlist logic interface (jsc#PED-3692)
  * crypto: qat - config VFs based on ring-to-svc mapping (jsc#PED-3692)
  * crypto: qat - differentiate between pf2vf and vf2pf offset (jsc#PED-3692)
  * crypto: qat - disable AER if an error occurs in probe (jsc#PED-3692)
  * crypto: qat - do not handle PFVF sources for qat_4xxx (jsc#PED-3692)
  * crypto: qat - do not rely on min version (jsc#PED-3692)
  * crypto: qat - enable deflate for QAT GEN4 (jsc#PED-3692)
  * crypto: qat - enable power management for QAT GEN4 (jsc#PED-3692)
  * crypto: qat - exchange device capabilities over PFVF (jsc#PED-3692)
  * crypto: qat - exchange ring-to-service mappings over PFVF (jsc#PED-3692)
  * crypto: qat - expose deflate through acomp api for QAT GEN2 (jsc#PED-3692)
  * crypto: qat - expose device config through sysfs for 4xxx (jsc#PED-3692)
  * crypto: qat - expose device state through sysfs for 4xxx (jsc#PED-3692)
  * crypto: qat - extend buffer list interface (jsc#PED-3692)
  * crypto: qat - extend crypto capability detection for 4xxx (jsc#PED-3692)
  * crypto: qat - extract send and wait from (jsc#PED-3692)
  * crypto: qat - fix DMA transfer direction (jsc#PED-3692)
  * crypto: qat - fix ETR sources enabled by default on GEN2 (jsc#PED-3692)
  * crypto: qat - fix VF IDs in PFVF log messages (jsc#PED-3692)
  * crypto: qat - fix a signedness bug in get_service_enabled() (jsc#PED-3692)
  * crypto: qat - fix a typo in a comment (jsc#PED-3692)
  * crypto: qat - fix access to PFVF interrupt registers for GEN4 (jsc#PED-3692)
  * crypto: qat - fix definition of ring reset results (jsc#PED-3692)
  * crypto: qat - fix error return code in adf_probe (jsc#PED-3692)
  * crypto: qat - fix handling of VF to PF interrupts (jsc#PED-3692)
  * crypto: qat - fix initialization of pfvf cap_msg structures (jsc#PED-3692)
  * crypto: qat - fix initialization of pfvf rts_map_msg (jsc#PED-3692)
  * crypto: qat - fix off-by-one error in PFVF debug print (jsc#PED-3692)
  * crypto: qat - fix wording and formatting in code comment (jsc#PED-3692)
  * crypto: qat - flush vf workqueue at driver removal (jsc#PED-3692)
  * crypto: qat - free irq in case of failure (jsc#PED-3692)
  * crypto: qat - free irqs only if allocated (jsc#PED-3692)
  * crypto: qat - generalize crypto request buffers (jsc#PED-3692)
  * crypto: qat - get compression extended capabilities (jsc#PED-3692)
  * crypto: qat - handle retries due to collisions in (jsc#PED-3692)
  * crypto: qat - honor CRYPTO_TFM_REQ_MAY_SLEEP flag (jsc#PED-3692)
  * crypto: qat - improve logging of PFVF messages (jsc#PED-3692)
  * crypto: qat - improve the ACK timings in PFVF send (jsc#PED-3692)
  * crypto: qat - introduce support for PFVF block messages (jsc#PED-3692)
  * crypto: qat - leverage bitfield.h utils for PFVF messages (jsc#PED-3692)
  * crypto: qat - leverage read_poll_timeout in PFVF send (jsc#PED-3692)
  * crypto: qat - leverage the GEN2 VF mask definiton (jsc#PED-3692)
  * crypto: qat - make PFVF message construction direction (jsc#PED-3692)
  * crypto: qat - make PFVF send and receive direction agnostic (jsc#PED-3692)
  * crypto: qat - move VF message handler to adf_vf2pf_msg.c (jsc#PED-3692)
  * crypto: qat - move and rename GEN4 error register definitions (jsc#PED-3692)
  * crypto: qat - move interrupt code out of the PFVF handler (jsc#PED-3692)
  * crypto: qat - move pfvf collision detection values (jsc#PED-3692)
  * crypto: qat - move vf2pf interrupt helpers (jsc#PED-3692)
  * crypto: qat - pass the PF2VF responses back to the callers (jsc#PED-3692)
  * crypto: qat - prevent spurious MSI interrupt in VF (jsc#PED-3692)
  * crypto: qat - re-enable interrupts for legacy PFVF messages (jsc#PED-3692)
  * crypto: qat - re-enable registration of algorithms (jsc#PED-3692)
  * crypto: qat - refactor PF top half for PFVF (jsc#PED-3692)
  * crypto: qat - refactor pfvf version request messages (jsc#PED-3692)
  * crypto: qat - refactor submission logic (jsc#PED-3692)
  * crypto: qat - relocate PFVF PF related logic (jsc#PED-3692)
  * crypto: qat - relocate PFVF VF related logic (jsc#PED-3692)
  * crypto: qat - relocate PFVF disabled function (jsc#PED-3692)
  * crypto: qat - relocate and rename adf_sriov_prepare_restart() (jsc#PED-3692)
  * crypto: qat - relocate backlog related structures (jsc#PED-3692)
  * crypto: qat - relocate bufferlist logic (jsc#PED-3692)
  * crypto: qat - relocate qat_algs_alloc_flags() (jsc#PED-3692)
  * crypto: qat - remove duplicated logic across GEN2 drivers (jsc#PED-3692)
  * crypto: qat - remove empty sriov_configure() (jsc#PED-3692)
  * crypto: qat - remove line wrapping for pfvf_ops functions (jsc#PED-3692)
  * crypto: qat - remove the unnecessary get_vintmsk_offset() (jsc#PED-3692)
  * crypto: qat - remove unmatched CPU affinity to cluster IRQ (jsc#PED-3692)
  * crypto: qat - remove unnecessary tests to detect PFVF support (jsc#PED-3692)
  * crypto: qat - remove unneeded assignment (jsc#PED-3692)
  * crypto: qat - remove unneeded braces (jsc#PED-3692)
  * crypto: qat - remove unneeded packed attribute (jsc#PED-3692)
  * crypto: qat - remove unused PFVF stubs (jsc#PED-3692)
  * crypto: qat - rename and relocate GEN2 config function (jsc#PED-3692)
  * crypto: qat - rename bufferlist functions (jsc#PED-3692)
  * crypto: qat - rename pfvf collision constants (jsc#PED-3692)
  * crypto: qat - reorganize PFVF code (jsc#PED-3692)
  * crypto: qat - reorganize PFVF protocol definitions (jsc#PED-3692)
  * crypto: qat - replace deprecated MSI API (jsc#PED-3692)
  * crypto: qat - replace disable_vf2pf_interrupts() (jsc#PED-3692)
  * crypto: qat - replace get_current_node() with numa_node_id() (jsc#PED-3692)
  * crypto: qat - rework the VF2PF interrupt handling logic (jsc#PED-3692)
  * crypto: qat - set CIPHER capability for QAT GEN2 (jsc#PED-3692)
  * crypto: qat - set COMPRESSION capability for DH895XCC (jsc#PED-3692)
  * crypto: qat - set COMPRESSION capability for QAT GEN2 (jsc#PED-3692)
  * crypto: qat - set DMA mask to 48 bits for Gen2 (jsc#PED-3692)
  * crypto: qat - set PFVF_MSGORIGIN just before sending (jsc#PED-3692)
  * crypto: qat - share adf_enable_pf2vf_comms() from (jsc#PED-3692)
  * crypto: qat - simplify adf_enable_aer() (jsc#PED-3692)
  * crypto: qat - simplify code and axe the use of a deprecated (jsc#PED-3692)
  * crypto: qat - split PFVF message decoding from handling (jsc#PED-3692)
  * crypto: qat - stop using iommu_present() (jsc#PED-3692)
  * crypto: qat - store the PFVF protocol version of the (jsc#PED-3692)
  * crypto: qat - store the ring-to-service mapping (jsc#PED-3692)
  * crypto: qat - support fast ACKs in the PFVF protocol (jsc#PED-3692)
  * crypto: qat - support the reset of ring pairs on PF (jsc#PED-3692)
  * crypto: qat - test PFVF registers for spurious interrupts on (jsc#PED-3692)
  * crypto: qat - use enums for PFVF protocol codes (jsc#PED-3692)
  * crypto: qat - use hweight for bit counting (jsc#PED-3692)
  * crypto: qat - use pre-allocated buffers in datapath (jsc#PED-3692)
  * crypto: qat - use reference to structure in dma_map_single() (jsc#PED-3692)
  * crypto: qat - use u32 variables in all GEN4 pfvf_ops (jsc#PED-3692)
  * crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs() (git-fixes).
  * cxgb4: fix missing unlock on ETHOFLD desc collect fail path (jsc#SLE-18992).
  * debugfs: fix error when writing negative value to atomic_t debugfs file
    (git-fixes).
  * dma: gpi: remove spurious unlock in gpi_ch_init (git-fixes).
  * dmaengine: at_xdmac: do not enable all cyclic channels (git-fixes).
  * dmaengine: dw-edma: Fix to change for continuous transfer (git-fixes).
  * dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing
    (git-fixes).
  * dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual
    Addressing (git-fixes).
  * dmaengine: idxd: Only call idxd_enable_system_pasid() if succeeded in
    enabling SVA feature (git-fixes).
  * dmaengine: idxd: Separate user and kernel pasid enabling (git-fixes).
  * dmaengine: mv_xor_v2: Fix an error code (git-fixes).
  * do not reuse connection if share marked as isolated (bsc#1193629).
  * docs: networking: fix x25-iface.rst heading & index order (git-fixes).
  * drivers: base: component: fix memory leak with using debugfs_lookup() (git-
    fixes).
  * drivers: base: dd: fix memory leak with using debugfs_lookup() (git-fixes).
  * drm-hyperv: Add a bug reference to two existing changes (bsc#1211281).
  * drm/amd/display: Fix hang when skipping modeset (git-fixes).
  * drm/amd/display: Use DC_LOG_DC in the trasform pixel function (git-fixes).
  * drm/amd/display: fix flickering caused by S/G mode (git-fixes).
  * drm/amd: Fix an out of bounds error in BIOS parser (git-fixes).
  * drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx
    ras (git-fixes).
  * drm/amdgpu: Fix vram recover does not work after whole GPU reset (v2) (git-
    fixes).
  * drm/amdgpu: add a missing lock for AMDGPU_SCHED (git-fixes).
  * drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend
    (git-fixes).
  * drm/displayid: add displayid_get_header() and check bounds better (git-
    fixes).
  * drm/exynos: fix g2d_open/close helper function definitions (git-fixes).
  * drm/i915/dg2: Add HDMI pixel clock frequencies 267.30 and 319.89 MHz (git-
    fixes).
  * drm/i915/dg2: Add additional HDMI pixel clock frequencies (git-fixes).
  * drm/i915/dg2: Support 4k at 30 on HDMI (git-fixes).
  * drm/i915/dp: prevent potential div-by-zero (git-fixes).
  * drm/mipi-dsi: Set the fwnode for mipi_dsi_device (git-fixes).
  * drm/msm/dp: Clean up handling of DP AUX interrupts (git-fixes).
  * drm/msm/dp: unregister audio driver during unbind (git-fixes).
  * drm/msm/dpu: Add INTF_5 interrupts (git-fixes).
  * drm/msm/dpu: Move non-MDP_TOP INTF_INTR offsets out of hwio header (git-
    fixes).
  * drm/msm/dpu: Remove duplicate register defines from INTF (git-fixes).
  * drm/sched: Remove redundant check (git-fixes).
  * drm/tegra: Avoid potential 32-bit integer overflow (git-fixes).
  * drm/ttm/pool: Fix ttm_pool_alloc error path (git-fixes).
  * drm/ttm: optimize pool allocations a bit v2 (git-fixes).
  * dt-binding: cdns,usb3: Fix cdns,on-chip-buff-size type (git-fixes).
  * dt-bindings: ata: ahci-ceva: Cover all 4 iommus entries (git-fixes).
  * dt-bindings: ata: ahci-ceva: convert to yaml (git-fixes).
  * dt-bindings: iio: adc: renesas,rcar-gyroadc: Fix adi,ad7476 compatible value
    (git-fixes).
  * dt-bindings: usb: snps,dwc3: Fix "snps,hsphy_interface" type (git-fixes).
  * f2fs: Fix f2fs_truncate_partial_nodes ftrace event (git-fixes).
  * fbdev: arcfb: Fix error handling in arcfb_probe() (git-fixes).
  * fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe()
    (git-fixes).
  * fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards (git-fixes).
  * fbdev: udlfb: Fix endpoint check (git-fixes).
  * firmware: arm_ffa: Check if ffa_driver remove is present before executing
    (git-fixes).
  * firmware: arm_ffa: Set reserved/MBZ fields to zero in the memory descriptors
    (git-fixes).
  * fuse: always revalidate rename target dentry (bsc#1211808).
  * fuse: fix attr version comparison in fuse_read_update_size() (bsc#1211807).
  * futex: Resend potentially swallowed owner death notification (git-fixes).
  * google/gve:fix repeated words in comments (bsc#1211519).
  * gpio: mockup: Fix mode of debugfs files (git-fixes).
  * gve: Adding a new AdminQ command to verify driver (bsc#1211519).
  * gve: Cache link_speed value from device (git-fixes).
  * gve: Fix error return code in gve_prefill_rx_pages() (bsc#1211519).
  * gve: Fix spelling mistake "droping" -> "dropping" (bsc#1211519).
  * gve: Handle alternate miss completions (bsc#1211519).
  * gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
  * gve: Remove the code of clearing PBA bit (git-fixes).
  * gve: Secure enough bytes in the first TX desc for all TCP pkts (git-fixes).
  * gve: enhance no queue page list detection (bsc#1211519).
  * i2c: omap: Fix standard mode false ACK readings (git-fixes).
  * i2c: tegra: Fix PEC support for SMBUS block read (git-fixes).
  * i40e: Add checking for null for nlmsg_find_attr() (jsc#SLE-18378).
  * i40e: Fix ADQ rate limiting for PF (jsc#SLE-18378).
  * i40e: Fix DMA mappings leak (jsc#SLE-18378).
  * i40e: Fix VF hang when reset is triggered on another VF (jsc#SLE-18378).
  * i40e: Fix VF set max MTU size (jsc#SLE-18378).
  * i40e: Fix VF's MAC Address change on VM (jsc#SLE-18378).
  * i40e: Fix adding ADQ filter to TC0 (jsc#SLE-18378).
  * i40e: Fix calculating the number of queue pairs (jsc#SLE-18378).
  * i40e: Fix erroneous adapter reinitialization during recovery process
    (jsc#SLE-18378).
  * i40e: Fix ethtool rx-flow-hash setting for X722 (jsc#SLE-18378).
  * i40e: Fix flow-type by setting GL_HASH_INSET registers (jsc#SLE-18378).
  * i40e: Fix for VF MAC address 0 (jsc#SLE-18378).
  * i40e: Fix incorrect address type for IPv6 flow rules (jsc#SLE-18378).
  * i40e: Fix interface init with MSI interrupts (no MSI-X) (jsc#SLE-18378).
  * i40e: Fix kernel crash during module removal (jsc#SLE-18378).
  * i40e: Fix kernel crash during reboot when adapter is in recovery mode
    (jsc#SLE-18378).
  * i40e: Fix set max_tx_rate when it is lower than 1 Mbps (jsc#SLE-18378).
  * i40e: Fix the inability to attach XDP program on downed interface
    (jsc#SLE-18378).
  * i40e: Refactor tc mqprio checks (jsc#SLE-18378).
  * i40e: add double of VLAN header when computing the max MTU (jsc#SLE-18378).
  * i40e: fix accessing vsi->active_filters without holding lock
    (jsc#SLE-18378).
  * i40e: fix flow director packet filter programming (jsc#SLE-18378).
  * i40e: fix i40e_setup_misc_vector() error handling (jsc#SLE-18378).
  * i40e: fix registers dump after run ethtool adapter self test
    (jsc#SLE-18378).
  * iavf/iavf_main: actually log ->src mask when talking about it
    (jsc#SLE-18385).
  * iavf: Detach device during reset task (jsc#SLE-18385).
  * iavf: Disallow changing rx/tx-frames and rx/tx-frames-irq (jsc#SLE-18385).
  * iavf: Do not restart Tx queues after reset task failure (jsc#SLE-18385).
  * iavf: Fix 'tc qdisc show' listing too many queues (jsc#SLE-18385).
  * iavf: Fix a crash during reset task (jsc#SLE-18385).
  * iavf: Fix bad page state (jsc#SLE-18385).
  * iavf: Fix cached head and tail value for iavf_get_tx_pending
    (jsc#SLE-18385).
  * iavf: Fix error handling in iavf_init_module() (jsc#SLE-18385).
  * iavf: Fix max_rate limiting (jsc#SLE-18385).
  * iavf: Fix race condition between iavf_shutdown and iavf_remove
    (jsc#SLE-18385).
  * iavf: Fix set max MTU size with port VLAN and jumbo frames (jsc#SLE-18385).
  * iavf: fix hang on reboot with ice (jsc#SLE-18385).
  * iavf: fix inverted Rx hash condition leading to disabled hash
    (jsc#SLE-18385).
  * iavf: fix non-tunneled IPv6 UDP packet type and hashing (jsc#SLE-18385).
  * ice: Fix interrupt moderation settings getting cleared (jsc#SLE-18375).
  * ice: Set txq_teid to ICE_INVAL_TEID on ring creation (jsc#SLE-18375).
  * igb: Add lock to avoid data race (jsc#SLE-18379).
  * igb: Enable SR-IOV after reinit (jsc#SLE-18379).
  * igb: Initialize mailbox message for VF reset (jsc#SLE-18379).
  * igb: conditionalize I2C bit banging on external thermal sensor support
    (jsc#SLE-18379).
  * igb: revert rtnl_lock() that causes deadlock (jsc#SLE-18379).
  * igbvf: Regard vf reset nack as success (jsc#SLE-18379).
  * igc: Add checking for basetime less than zero (jsc#SLE-18377).
  * igc: Add ndo_tx_timeout support (jsc#SLE-18377).
  * igc: Enhance Qbv scheduling by using first flag bit (jsc#SLE-18377).
  * igc: Fix PPS delta between two synchronized end-points (jsc#SLE-18377).
  * igc: Lift TAPRIO schedule restriction (jsc#SLE-18377).
  * igc: Reinstate IGC_REMOVED logic and implement it properly (jsc#SLE-18377).
  * igc: Set Qbv start_time and end_time to end_time if not being configured in
    GCL (jsc#SLE-18377).
  * igc: Use strict cycles for Qbv scheduling (jsc#SLE-18377).
  * igc: allow BaseTime 0 enrollment for Qbv (jsc#SLE-18377).
  * igc: fix the validation logic for taprio's gate list (jsc#SLE-18377).
  * igc: read before write to SRRCTL register (jsc#SLE-18377).
  * igc: recalculate Qbv end_time by considering cycle time (jsc#SLE-18377).
  * igc: return an error if the mac type is unknown in
    igc_ptp_systim_to_hwtstamp() (jsc#SLE-18377).
  * iio: accel: st_accel: Fix invalid mount_matrix on devices without ACPI _ONT
    method (git-fixes).
  * iio: adc: ad7192: Change "shorted" channels to differential (git-fixes).
  * iio: adc: ad_sigma_delta: Fix IRQ issue by setting IRQ_DISABLE_UNLAZY flag
    (git-fixes).
  * iio: adc: mxs-lradc: fix the order of two cleanup operations (git-fixes).
  * iio: adc: palmas_gpadc: fix NULL dereference on rmmod (git-fixes).
  * iio: dac: mcp4725: Fix i2c_master_send() return value handling (git-fixes).
  * iio: imu: inv_icm42600: fix timestamp reset (git-fixes).
  * iio: light: vcnl4035: fixed chip ID check (git-fixes).
  * intel/igbvf: free irq on the error path in igbvf_request_msix()
    (jsc#SLE-18379).
  * ipv6: sr: fix out-of-bounds read when setting HMAC data (bsc#1211592).
  * iwlwifi: cfg: Add missing MODULE_FIRMWARE() for *.pnvm (bsc#1207553).
  * ixgbe: Allow flow hash to be set via ethtool (jsc#SLE-18384).
  * ixgbe: Enable setting RSS table to default values (jsc#SLE-18384).
  * ixgbe: Fix panic during XDP_TX with > 64 CPUs (jsc#SLE-18384).
  * ixgbe: add double of VLAN header when computing the max MTU (jsc#SLE-18384).
  * ixgbe: allow to increase MTU to 3K with XDP enabled (jsc#SLE-18384).
  * ixgbe: fix pci device refcount leak (jsc#SLE-18384).
  * ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter
    (jsc#SLE-18384).
  * kABI workaround for btbcm.c (git-fixes).
  * kABI workaround for mt76_poll_msec() (git-fixes).
  * kABI: Fix kABI after backport Emulate RDPID only if it is enabled in guest
    (git-fixes)
  * kabi/severities: added Microsoft mana symbold (bsc#1210551)
  * kernel-binary: install expoline.o (boo#1210791 bsc#1211089)
  * kernel-source: Remove unused macro variant_symbols
  * kernel-spec-macros: Fix up obsolete_rebuilds_subpackage to generate
    obsoletes correctly (boo#1172073 bsc#1191731).
  * kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always catchup mode
    (git-fixes).
  * leds: Fix reference to led_set_brightness() in doc (git-fixes).
  * leds: TI_LMU_COMMON: select REGMAP instead of depending on it (git-fixes).
  * leds: tca6507: Fix error handling of using fwnode_property_read_string (git-
    fixes).
  * libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value (git-fixes).
  * locking/rwsem: Add __always_inline annotation to __down_read_common() and
    inlined callers (git-fixes).
  * mailbox: zynqmp: Fix IPI isr handling (git-fixes).
  * mailbox: zynqmp: Fix typo in IPI documentation (git-fixes).
  * mce: fix set_mce_nospec to always unmap the whole page (git-fixes).
  * media: cx23885: Fix a null-ptr-deref bug in buffer_prepare() and
    buffer_finish() (git-fixes).
  * media: netup_unidvb: fix use-after-free at del_timer() (git-fixes).
  * media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish (git-
    fixes).
  * media: radio-shark: Add endpoint checks (git-fixes).
  * media: rcar_fdp1: Fix the correct variable assignments (git-fixes).
  * media: rcar_fdp1: Make use of the helper function
    devm_platform_ioremap_resource() (git-fixes).
  * memstick: r592: Fix UAF bug in r592_remove due to race condition
    (bsc#1211449).
  * mfd: dln2: Fix memory leak in dln2_probe() (git-fixes).
  * mfd: tqmx86: Correct board names for TQMxE39x (git-fixes).
  * mfd: tqmx86: Do not access I2C_DETECT register through io_base (git-fixes).
  * misc: fastrpc: reject new invocations during device removal (git-fixes).
  * misc: fastrpc: return -EPIPE to invocations on device removal (git-fixes).
  * mmc: sdhci-esdhc-imx: make "no-mmc-hs400" works (git-fixes).
  * mmc: vub300: fix invalid response handling (git-fixes).
  * mt76: mt7915: fix incorrect testmode ipg on band 1 caused by wmm_idx (git-
    fixes).
  * mtd: rawnand: ingenic: fix empty stub helper definitions (git-fixes).
  * mtd: rawnand: marvell: do not set the NAND frequency select (git-fixes).
  * mtd: rawnand: marvell: ensure timing values are written (git-fixes).
  * net/iucv: Fix size of interrupt data (bsc#1211465 git-fixes).
  * net: accept UFOv6 packages in virtio_net_hdr_to_skb (git-fixes).
  * net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (git-fixes).
  * net: mana: Add new MANA VF performance counters for easier troubleshooting
    (bsc#1209982).
  * net: mana: Add support for auxiliary device (bsc#1210741 jsc#PED-4022).
  * net: mana: Add support for jumbo frame (bsc#1210551).
  * net: mana: Check if netdev/napi_alloc_frag returns single page
    (bsc#1210551).
  * net: mana: Define and process GDMA response code GDMA_STATUS_MORE_ENTRIES
    (bsc#1210741 jsc#PED-4022).
  * net: mana: Define data structures for allocating doorbell page from GDMA
    (bsc#1210741 jsc#PED-4022).
  * net: mana: Define data structures for protection domain and memory
    registration (bsc#1210741 jsc#PED-4022).
  * net: mana: Define max values for SGL entries (bsc#1210741 jsc#PED-4022).
  * net: mana: Enable RX path to handle various MTU sizes (bsc#1210551).
  * net: mana: Export Work Queue functions for use by RDMA driver (bsc#1210741
    jsc#PED-4022).
  * net: mana: Fix perf regression: remove rx_cqes, tx_cqes counters (git-
    fixes).
  * net: mana: Handle vport sharing between devices (bsc#1210741 jsc#PED-4022).
  * net: mana: Move header files to a common location (bsc#1210741
    jsc#PED-4022).
  * net: mana: Record port number in netdev (bsc#1210741 jsc#PED-4022).
  * net: mana: Record the physical address for doorbell page region (bsc#1210741
    jsc#PED-4022).
  * net: mana: Refactor RX buffer allocation code to prepare for various MTU
    (bsc#1210551).
  * net: mana: Rename mana_refill_rxoob and remove some empty lines
    (bsc#1210551).
  * net: mana: Set the DMA device max segment size (bsc#1210741 jsc#PED-4022).
  * net: mana: Use napi_build_skb in RX path (bsc#1210551).
  * net: mdio: mvusb: Fix an error handling path in mvusb_mdio_probe() (git-
    fixes).
  * net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
    (bsc#1211564).
  * net: phy: dp83867: add w/a for packet errors seen with short cables (git-
    fixes).
  * net: qrtr: correct types of trace event parameters (git-fixes).
  * net: skip virtio_net_hdr_set_proto if protocol already set (git-fixes).
  * net: tun: avoid disabling NAPI twice (git-fixes).
  * net: tun: fix bugs for oversize packet when napi frags enabled (git-fixes).
  * net: tun: stop NAPI when detaching queues (git-fixes).
  * net: tun: unlink NAPI from device on destruction (git-fixes).
  * net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 (git-fixes).
  * net: virtio_net_hdr_to_skb: count transport header in UFO (git-fixes).
  * nilfs2: do not write dirty data after degenerating to read-only (git-fixes).
  * nilfs2: fix infinite loop in nilfs_mdt_get_block() (git-fixes).
  * nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() (git-
    fixes).
  * nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association (git-
    fixes).
  * nvme-multipath: fix hang when disk goes live over reconnect (git-fixes).
  * nvme-pci: add quirks for Samsung X5 SSDs (git-fixes).
  * nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs (git-
    fixes).
  * nvme-pci: avoid the deepest sleep state on ZHITAI TiPro5000 SSDs (git-
    fixes).
  * nvme-pci: avoid the deepest sleep state on ZHITAI TiPro7000 SSDs (git-
    fixes).
  * nvme-pci: clear the prp2 field when not used (git-fixes).
  * nvme-pci: disable write zeroes on various Kingston SSD (git-fixes).
  * nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (git-
    fixes).
  * nvme-pci: mark Lexar NM760 as IGNORE_DEV_SUBNQN (git-fixes).
  * nvme-pci: set min_align_mask before calculating max_hw_sectors (git-fixes).
  * nvme-tcp: fix a possible UAF when failing to allocate an io queue (git-
    fixes).
  * nvme-tcp: fix bogus request completion when failing to send AER (git-fixes).
  * nvme-tcp: lockdep: annotate in-kernel sockets (git-fixes).
  * nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH (git-fixes).
  * nvme: also return I/O command effects from nvme_command_effects (git-fixes).
  * nvme: check for duplicate identifiers earlier (git-fixes).
  * nvme: cleanup __nvme_check_ids (git-fixes).
  * nvme: fix discard support without oncs (git-fixes).
  * nvme: fix interpretation of DMRSL (git-fixes).
  * nvme: fix multipath crash caused by flush request when blktrace is enabled
    (git-fixes).
  * nvme: fix passthrough csi check (git-fixes).
  * nvme: generalize the nvme_multi_css check in nvme_scan_ns (git-fixes).
  * nvme: move the Samsung X5 quirk entry to the core quirks (git-fixes).
  * nvme: rename nvme_validate_or_alloc_ns to nvme_scan_ns (git-fixes).
  * nvme: set non-mdts limits in nvme_scan_work (git-fixes).
  * nvmet-tcp: add bounds check on Transfer Tag (git-fixes).
  * nvmet-tcp: fix lockdep complaint on nvmet_tcp_wq flush during queue teardown
    (git-fixes).
  * nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() (git-fixes).
  * nvmet: fix mar and mor off-by-one errors (git-fixes).
  * nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked (git-fixes).
  * nvmet: fix workqueue MEM_RECLAIM flushing dependency (git-fixes).
  * nvmet: move the call to nvmet_ns_changed out of nvmet_ns_revalidate (git-
    fixes).
  * nvmet: use NVME_CMD_EFFECTS_CSUPP instead of open coding it (git-fixes).
  * phy: st: miphy28lp: use _poll_timeout functions for waits (git-fixes).
  * phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and
    ulpi_port (git-fixes).
  * pinctrl: qcom: lpass-lpi: set output value before enabling output (git-
    fixes).
  * pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration
    (git-fixes).
  * platform/x86: hp-wmi: Support touchpad on/off (git-fixes).
  * platform/x86: thinkpad_acpi: Fix platform profiles on T490 (git-fixes).
  * platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i (git-
    fixes).
  * platform/x86: touchscreen_dmi: Add upside-down quirk for GDIX1002 ts on the
    Juno Tablet (git-fixes).
  * power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of
    pm_runtime_get_sync (git-fixes).
  * power: supply: bq27xxx: Add cache parameter to
    bq27xxx_battery_current_and_status() (git-fixes).
  * power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to
    stabilize (git-fixes).
  * power: supply: bq27xxx: Ensure power_supply_changed() is called on current
    sign changes (git-fixes).
  * power: supply: bq27xxx: Fix I2C IRQ race on remove (git-fixes).
  * power: supply: bq27xxx: Fix poll_interval handling and races on remove (git-
    fixes).
  * power: supply: bq27xxx: expose battery data when CI=1 (git-fixes).
  * power: supply: leds: Fix blink to LED on transition (git-fixes).
  * power: supply: sbs-charger: Fix INHIBITED bit for Status reg (git-fixes).
  * powerpc/iommu: DMA address offset is incorrectly calculated with 2MB TCEs
    (jsc#SLE-19556 git-fixes).
  * powerpc/rtas: use memmove for potentially overlapping buffer copy
    (bsc#1065729).
  * powerpc: Do not try to copy PPR for task with NULL pt_regs (bsc#1065729).
  * pstore: Revert pmsg_lock back to a normal mutex (git-fixes).
  * purgatory: fix disabling debug info (git-fixes).
  * pwm: meson: Fix axg ao mux parents (git-fixes).
  * pwm: meson: Fix g12a ao clk81 name (git-fixes).
  * qed/qed_dev: guard against a possible division by zero (jsc#SLE-19001).
  * qed/qed_mng_tlv: correctly zero out ->min instead of ->hour (jsc#SLE-19001).
  * qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
    (jsc#SLE-19001).
  * qed: allow sleep in qed_mcp_trace_dump() (jsc#SLE-19001).
  * qede: execute xdp_do_flush() before napi_complete_done() (jsc#SLE-19001).
  * r8152: fix flow control issue of RTL8156A (git-fixes).
  * r8152: fix the poor throughput for 2.5G devices (git-fixes).
  * r8152: move setting r8153b_rx_agg_chg_indicate() (git-fixes).
  * regmap: cache: Return error in cache sync operations for REGCACHE_NONE (git-
    fixes).
  * regulator: mt6359: add read check for PMIC MT6359 (git-fixes).
  * regulator: pca9450: Fix BUCK2 enable_mask (git-fixes).
  * remoteproc: stm32_rproc: Add mutex protection for workqueue (git-fixes).
  * ring-buffer: Ensure proper resetting of atomic variables in
    ring_buffer_reset_online_cpus (git-fixes).
  * ring-buffer: Fix kernel-doc (git-fixes).
  * ring-buffer: Sync IRQ works before buffer destruction (git-fixes).
  * rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB
  * rtmutex: Ensure that the top waiter is always woken up (git-fixes).
  * s390/ap: fix crash on older machines based on QCI info missing (bsc#1210947)
  * s390/ctcm: Fix return type of ctc{mp,}m_tx() (git-fixes bsc#1211686).
  * s390/dasd: fix hanging blockdevice after request requeue (git-fixes
    bsc#1211687).
  * s390/extmem: return correct segment type in __segment_load() (bsc#1210450
    git-fixes).
  * s390/kprobes: fix current_kprobe never cleared after kprobes reenter (git-
    fixes bsc#1211688).
  * s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
    (git-fixes bsc#1211689).
  * s390/lcs: Fix return type of lcs_start_xmit() (git-fixes bsc#1211690).
  * s390/mem_detect: fix detect_memory() error handling (git-fixes bsc#1211691).
  * s390/netiucv: Fix return type of netiucv_tx() (git-fixes bsc#1211692).
  * s390/qdio: fix do_sqbs() inline assembly constraint (git-fixes bsc#1211693).
  * s390/qeth: fix use-after-free in hsci (bsc#1210449 git-fixes).
  * s390/uaccess: add missing earlyclobber annotations to __clear_user()
    (bsc#1209856 git-fixes).
  * s390/vdso: remove -nostdlib compiler flag (git-fixes bsc#1211714).
  * s390x: Fixed hard lockups while running stress-ng and LPAR hangs
    (bsc#1195655 ltc#195733).
  * scsi: core: Improve scsi_vpd_inquiry() checks (git-fixes).
  * scsi: hisi_sas: Handle NCQ error when IPTT is valid (git-fixes).
  * scsi: libsas: Add sas_ata_device_link_abort() (git-fixes).
  * scsi: libsas: Grab the ATA port lock in sas_ata_device_link_abort() (git-
    fixes).
  * scsi: lpfc: Add new RCQE status for handling DMA failures (bsc#1211847).
  * scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by
    lpfc_nlp_not_used() (bsc#1211847).
  * scsi: lpfc: Fix verbose logging for SCSI commands issued to SES devices
    (bsc#1211847).
  * scsi: lpfc: Match lock ordering of lpfc_cmd->buf_lock and hbalock for abort
    paths (bsc#1211847).
  * scsi: lpfc: Replace blk_irq_poll intr handler with threaded IRQ
    (bsc#1211847).
  * scsi: lpfc: Update congestion warning notification period (bsc#1211847).
  * scsi: lpfc: Update lpfc version to 14.2.0.12 (bsc#1211847).
  * scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS (git-fixes).
  * scsi: megaraid_sas: Fix fw_crash_buffer_show() (git-fixes).
  * scsi: qedi: Fix use after free bug in qedi_remove() (git-fixes).
  * scsi: qla2xxx: Drop redundant pci_enable_pcie_error_reporting()
    (bsc#1211960).
  * scsi: qla2xxx: Fix hang in task management (bsc#1211960).
  * scsi: qla2xxx: Fix mem access after free (bsc#1211960).
  * scsi: qla2xxx: Fix task management cmd fail due to unavailable resource
    (bsc#1211960).
  * scsi: qla2xxx: Fix task management cmd failure (bsc#1211960).
  * scsi: qla2xxx: Multi-que support for TMF (bsc#1211960).
  * scsi: qla2xxx: Refer directly to the qla2xxx_driver_template (bsc#1211960).
  * scsi: qla2xxx: Remove default fabric ops callouts (bsc#1211960).
  * scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy()
    (bsc#1211960).
  * scsi: qla2xxx: Update version to 10.02.08.300-k (bsc#1211960).
  * scsi: qla2xxx: Wait for io return on terminate rport (bsc#1211960).
  * scsi: ses: Handle enclosure with just a primary component gracefully (git-
    fixes).
  * scsi: storvsc: Do not pass unused PFNs to Hyper-V host (git-fixes).
  * selftests mount: Fix mount_setattr_test builds failed (git-fixes).
  * selftests/resctrl: Allow ->setup() to return errors (git-fixes).
  * selftests/resctrl: Check for return value after write_schemata() (git-
    fixes).
  * selftests/resctrl: Extend CPU vendor detection (git-fixes).
  * selftests/resctrl: Move ->setup() call outside of test specific branches
    (git-fixes).
  * selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
    (git-fixes).
  * selftests/sgx: Add "test_encl.elf" to TEST_FILES (git-fixes).
  * selftests: mptcp: connect: skip if MPTCP is not supported (git-fixes).
  * selftests: mptcp: pm nl: skip if MPTCP is not supported (git-fixes).
  * selftests: mptcp: sockopt: skip if MPTCP is not supported (git-fixes).
  * selftests: seg6: disable DAD on IPv6 router cfg for srv6_end_dt4_l3vpn_test
    (git-fixes).
  * selftests: srv6: make srv6_end_dt46_l3vpn_test more robust (git-fixes).
  * selftests: xsk: Disable IPv6 on VETH1 (git-fixes).
  * selftets: seg6: disable rp_filter by default in srv6_end_dt4_l3vpn_test
    (git-fixes).
  * selinux: do not use make's grouped targets feature yet (git-fixes).
  * serial: 8250: Reinit port->pm on port specific driver unbind (git-fixes).
  * serial: 8250_bcm7271: balance clk_enable calls (git-fixes).
  * serial: 8250_bcm7271: fix leak in `brcmuart_probe` (git-fixes).
  * serial: 8250_exar: Add support for USR298x PCI Modems (git-fixes).
  * serial: 8250_tegra: Fix an error handling path in tegra_uart_probe() (git-
    fixes).
  * serial: Add support for Advantech PCI-1611U card (git-fixes).
  * serial: arc_uart: fix of_iomap leak in `arc_serial_probe` (git-fixes).
  * serial: qcom-geni: fix enabling deactivated interrupt (git-fixes).
  * serial: stm32: re-introduce an irq flag condition in usart_receive_chars
    (git-fixes).
  * sfc: Change VF mac via PF as first preference if available (git-fixes).
  * sfc: Fix module EEPROM reporting for QSFP modules (git-fixes).
  * sfc: Fix use-after-free due to selftest_work (git-fixes).
  * sfc: correctly advertise tunneled IPv6 segmentation (git-fixes).
  * sfc: ef10: do not overwrite offload features at NIC reset (git-fixes).
  * sfc: fix TX channel offset when using legacy interrupts (git-fixes).
  * sfc: fix considering that all channels have TX queues (git-fixes).
  * sfc: fix null pointer dereference in efx_hard_start_xmit (git-fixes).
  * sfc: fix wrong tx channel offset with efx_separate_tx_channels (git-fixes).
  * sfc: include vport_id in filter spec hash and equal() (git-fixes).
  * smb3: display debug information better for encryption (bsc#1193629).
  * smb3: fix problem remounting a share after shutdown (bsc#1193629).
  * smb3: improve parallel reads of large files (bsc#1193629).
  * smb3: make query_on_disk_id open context consistent and move to common code
    (bsc#1193629).
  * smb3: move some common open context structs to smbfs_common (bsc#1193629).
  * soundwire: qcom: correct setting ignore bit on v1.5.1 (git-fixes).
  * soundwire: qcom: gracefully handle too many ports in DT (git-fixes).
  * spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3 (git-fixes).
  * spi: spi-imx: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
    (git-fixes).
  * staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE (git-fixes).
  * struct ci_hdrc: hide new member at end (git-fixes).
  * supported.conf: mark mana_ib supported
  * swiotlb: relocate PageHighMem test away from rmem_swiotlb_setup (git-fixes).
  * thunderbolt: Clear registers properly when auto clear isn't in use
    (bsc#1210165).
  * thunderbolt: Mask ring interrupt on Intel hardware as well (bsc#1210165).
  * tools/virtio: compile with -pthread (git-fixes).
  * tools/virtio: fix the vringh test for virtio ring changes (git-fixes).
  * tools/virtio: fix virtio_test execution (git-fixes).
  * tools/virtio: initialize spinlocks in vring_test.c (git-fixes).
  * tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (git-
    fixes).
  * tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (git-fixes).
  * tpm/tpm_tis: Disable interrupts for more Lenovo devices (git-fixes).
  * tracing: Fix permissions for the buffer_percent file (git-fixes).
  * tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of
    UARTCTRL_SBK (git-fixes).
  * usb-storage: fix deadlock when a scsi command timeouts more than once (git-
    fixes).
  * usb: chipidea: core: fix possible concurrent when switch role (git-fixes).
  * usb: dwc3: Align DWC3_EP_* flag macros (git-fixes).
  * usb: dwc3: Fix a repeated word checkpatch warning (git-fixes).
  * usb: dwc3: Fix ep0 handling when getting reset while doing control transfer
    (git-fixes).
  * usb: dwc3: debugfs: Resume dwc3 before accessing registers (git-fixes).
  * usb: dwc3: drd: use helper to get role-switch-default-mode (git-fixes).
  * usb: dwc3: ep0: Do not prepare beyond Setup stage (git-fixes).
  * usb: dwc3: gadget: Delay issuing End Transfer (git-fixes).
  * usb: dwc3: gadget: Execute gadget stop after halting the controller (git-
    fixes).
  * usb: dwc3: gadget: Improve dwc3_gadget_suspend() and dwc3_gadget_resume()
    (git-fixes).
  * usb: dwc3: gadget: Only End Transfer for ep0 data phase (git-fixes).
  * usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive (git-
    fixes).
  * usb: dwc3: remove a possible unnecessary 'out of memory' message (git-
    fixes).
  * usb: gadget: f_fs: Add unbind event before functionfs_unbind (git-fixes).
  * usb: gadget: u_ether: Fix host MAC address case (git-fixes).
  * usb: mtu3: fix kernel panic at qmu transfer done irq handler (git-fixes).
  * usb: typec: altmodes/displayport: fix pin_assignment_show (git-fixes).
  * usb: typec: tcpm: fix multiple times discover svids error (git-fixes).
  * usb: usbfs: Enforce page requirements for mmap (git-fixes).
  * usb: usbfs: Use consistent mmap functions (git-fixes).
  * usrmerge: Remove usrmerge compatibility symlink in buildroot (boo#1211796).
  * vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF
    (git-fixes).
  * vdpa: fix use-after-free on vp_vdpa_remove (git-fixes).
  * vhost/net: Clear the pending messages when the backend is removed (git-
    fixes).
  * virtio-net: Keep stop() to follow mirror sequence of open() (git-fixes).
  * virtio-net: execute xdp_do_flush() before napi_complete_done() (git-fixes).
  * virtio_net: bugfix overflow inside xdp_linearize_page() (git-fixes).
  * virtio_net: split free_unused_bufs() (git-fixes).
  * virtio_net: suppress cpu stall when free_unused_bufs (git-fixes).
  * watchdog: dw_wdt: Fix the error handling path of dw_wdt_drv_probe() (git-
    fixes).
  * watchdog: sp5100_tco: Immediately trigger upon starting (git-fixes).
  * wifi: ath11k: Fix SKB corruption in REO destination ring (git-fixes).
  * wifi: ath: Silence memcpy run-time false positive warning (git-fixes).
  * wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex (git-fixes).
  * wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
    (git-fixes).
  * wifi: iwlwifi: fix OEM's name in the ppag approved list (git-fixes).
  * wifi: iwlwifi: fw: fix DBGI dump (git-fixes).
  * wifi: iwlwifi: mvm: do not trust firmware n_channels (git-fixes).
  * wifi: iwlwifi: mvm: fix OEM's name in the tas approved list (git-fixes).
  * wifi: iwlwifi: mvm: fix cancel_delayed_work_sync() deadlock (git-fixes).
  * wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf (git-
    fixes).
  * wifi: iwlwifi: pcie: fix possible NULL pointer dereference (git-fixes).
  * wifi: mac80211: fix min center freq offset tracing (git-fixes).
  * wifi: mt76: add flexible polling wait-interval support (git-fixes).
  * wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset (git-
    fixes).
  * wifi: mt76: mt7921e: fix probe timeout after reboot (git-fixes).
  * wifi: mt76: mt7921e: improve reliability of dma reset (git-fixes).
  * wifi: rtl8xxxu: RTL8192EU always needs full init (git-fixes).
  * workqueue: Fix hung time report of worker pools (bsc#1211044).
  * workqueue: Interrupted create_worker() is not a repeated event
    (bsc#1211044).
  * workqueue: Print backtraces from CPUs with hung CPU bound workqueues
    (bsc#1211044).
  * workqueue: Warn when a new worker could not be created (bsc#1211044).
  * workqueue: Warn when a rescuer could not be created (bsc#1211044).
  * x86, sched: Fix undefined reference to init_freq_invariance_cppc() build
    error (git-fixes).
  * x86/MCE/AMD: Use an u64 for bank_map (git-fixes).
  * x86/alternative: Make debug-alternative selective (bsc#1206578).
  * x86/alternative: Report missing return thunk details (git-fixes).
  * x86/alternative: Support relocations in alternatives (bsc#1206578).
  * x86/amd: Use IBPB for firmware calls (git-fixes).
  * x86/boot: Skip realmode init code when running as Xen PV guest (git-fixes).
  * x86/bugs: Add "unknown" reporting for MMIO Stale Data (git-fixes).
  * x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
    (git-fixes).
  * x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    (git-fixes).
  * x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
    (git-fixes).
  * x86/delay: Fix the wrong asm constraint in delay_loop() (git-fixes).
  * x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y (git-fixes).
  * x86/fault: Cast an argument to the proper address space in prefetch() (git-
    fixes).
  * x86/fpu/xsave: Initialize offset/size cache early (bsc#1211205).
  * x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly (git-
    fixes).
  * x86/fpu: Fix the init_fpstate size check with the actual size (git-fixes).
  * x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN (git-fixes).
  * x86/hyperv: Block root partition functionality in a Confidential VM (git-
    fixes).
  * x86/lib/memmove: Decouple ERMS from FSRM (bsc#1206578).
  * x86/mce: relocate set{clear}_mce_nospec() functions (git-fixes). This is a
    preparation for the next patch
  * x86/microcode/AMD: Add a @cpu parameter to the reloading functions (git-
    fixes).
  * x86/microcode/AMD: Fix mixed steppings support (git-fixes).
  * x86/microcode/AMD: Track patch allocation size explicitly (git-fixes).
  * x86/microcode: Add a parameter to microcode_check() to store CPU
    capabilities (git-fixes).
  * x86/microcode: Add explicit CPU vendor dependency (git-fixes).
  * x86/microcode: Adjust late loading result reporting message (git-fixes).
  * x86/microcode: Rip out the OLD_INTERFACE (git-fixes).
  * x86/mm: Cleanup the control_va_addr_alignment() __setup handler (git-fixes).
  * x86/mm: Use proper mask when setting PUD mapping (git-fixes).
  * x86/nospec: Unwreck the RSB stuffing (git-fixes).
  * x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
  * x86/pat: Fix x86_has_pat_wp() (git-fixes).
  * x86/pm: Add enumeration check before spec MSRs save/restore setup (git-
    fixes).
  * x86/reboot: Disable SVM, not just VMX, when stopping CPUs (git-fixes).
  * x86/resctrl: Fix min_cbm_bits for AMD (git-fixes).
  * x86/sev: Add SEV-SNP guest feature negotiation support (git-fixes).
  * x86/signal: Fix the value returned by strict_sas_size() (git-fixes).
  * x86/speculation/mmio: Print SMT warning (git-fixes).
  * x86/speculation: Identify processors vulnerable to SMT RSB predictions (git-
    fixes).
  * x86/static_call: Serialize __static_call_fixup() properly (git-fixes).
  * x86/syscall: Include asm/ptrace.h in syscall_wrapper header (git-fixes).
  * x86/topology: Fix duplicated core ID within a package (git-fixes).
  * x86/topology: Fix multiple packages shown on a single-package system (git-
    fixes).
  * x86/tsx: Add a feature bit for TSX control MSR support (git-fixes).
  * x86: Fix return value of __setup handlers (git-fixes).
  * x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm() (git-fixes).
  * xen/netback: do not do grant copy across page boundary (git-fixes).
  * xen/netback: use same error messages for same errors (git-fixes).
  * xhci-pci: Only run d3cold avoidance quirk for s2idle (git-fixes).
  * xhci: Fix incorrect tracking of free space on transfer rings (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap Micro 5.3  
    zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2653=1

  * openSUSE Leap 15.4  
    zypper in -t patch openSUSE-SLE-15.4-2023-2653=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-2653=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-2653=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2023-2653=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2023-2653=1

  * Basesystem Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-2653=1

  * Development Tools Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-2653=1

  * Legacy Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-2653=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-2653=1  
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

  * SUSE Linux Enterprise High Availability Extension 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-2653=1

  * SUSE Linux Enterprise Workstation Extension 15 SP4  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-2653=1

## Package List:

  * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
    * kernel-default-5.14.21-150400.24.66.1
  * openSUSE Leap Micro 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.14.21-150400.24.66.1
    * kernel-default-extra-5.14.21-150400.24.66.1
    * cluster-md-kmp-default-5.14.21-150400.24.66.1
    * kernel-syms-5.14.21-150400.24.66.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * reiserfs-kmp-default-5.14.21-150400.24.66.1
    * kselftests-kmp-default-5.14.21-150400.24.66.1
    * kernel-default-devel-5.14.21-150400.24.66.1
    * ocfs2-kmp-default-5.14.21-150400.24.66.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.66.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * kselftests-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * dlm-kmp-default-5.14.21-150400.24.66.1
    * kernel-default-optional-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-livepatch-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-obs-build-5.14.21-150400.24.66.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-optional-5.14.21-150400.24.66.1
    * kernel-obs-qa-5.14.21-150400.24.66.1
    * kernel-default-extra-debuginfo-5.14.21-150400.24.66.1
    * gfs2-kmp-default-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (nosrc ppc64le x86_64)
    * kernel-debug-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (ppc64le x86_64)
    * kernel-debug-devel-5.14.21-150400.24.66.1
    * kernel-debug-devel-debuginfo-5.14.21-150400.24.66.1
    * kernel-debug-debuginfo-5.14.21-150400.24.66.1
    * kernel-debug-livepatch-devel-5.14.21-150400.24.66.1
    * kernel-debug-debugsource-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
    * kernel-default-base-rebuild-5.14.21-150400.24.66.1.150400.24.29.1
    * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
    * kernel-kvmsmall-debugsource-5.14.21-150400.24.66.1
    * kernel-kvmsmall-devel-5.14.21-150400.24.66.1
    * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.66.1
    * kernel-kvmsmall-debuginfo-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-source-5.14.21-150400.24.66.1
    * kernel-macros-5.14.21-150400.24.66.1
    * kernel-source-vanilla-5.14.21-150400.24.66.1
    * kernel-docs-html-5.14.21-150400.24.66.2
    * kernel-devel-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.66.2
  * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.66.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (aarch64)
    * dtb-rockchip-5.14.21-150400.24.66.1
    * kernel-64kb-devel-5.14.21-150400.24.66.1
    * dtb-lg-5.14.21-150400.24.66.1
    * dtb-cavium-5.14.21-150400.24.66.1
    * dtb-nvidia-5.14.21-150400.24.66.1
    * dtb-hisilicon-5.14.21-150400.24.66.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.66.1
    * gfs2-kmp-64kb-5.14.21-150400.24.66.1
    * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * ocfs2-kmp-64kb-5.14.21-150400.24.66.1
    * dlm-kmp-64kb-5.14.21-150400.24.66.1
    * dtb-arm-5.14.21-150400.24.66.1
    * dtb-qcom-5.14.21-150400.24.66.1
    * kselftests-kmp-64kb-5.14.21-150400.24.66.1
    * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * dtb-renesas-5.14.21-150400.24.66.1
    * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * kernel-64kb-optional-debuginfo-5.14.21-150400.24.66.1
    * dtb-exynos-5.14.21-150400.24.66.1
    * kernel-64kb-optional-5.14.21-150400.24.66.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.66.1
    * dtb-broadcom-5.14.21-150400.24.66.1
    * dtb-freescale-5.14.21-150400.24.66.1
    * dtb-xilinx-5.14.21-150400.24.66.1
    * dtb-amlogic-5.14.21-150400.24.66.1
    * dtb-apm-5.14.21-150400.24.66.1
    * kernel-64kb-debugsource-5.14.21-150400.24.66.1
    * dtb-allwinner-5.14.21-150400.24.66.1
    * dtb-mediatek-5.14.21-150400.24.66.1
    * kernel-64kb-livepatch-devel-5.14.21-150400.24.66.1
    * dtb-marvell-5.14.21-150400.24.66.1
    * dtb-sprd-5.14.21-150400.24.66.1
    * reiserfs-kmp-64kb-5.14.21-150400.24.66.1
    * cluster-md-kmp-64kb-5.14.21-150400.24.66.1
    * dtb-apple-5.14.21-150400.24.66.1
    * kernel-64kb-extra-5.14.21-150400.24.66.1
    * dtb-altera-5.14.21-150400.24.66.1
    * dtb-amd-5.14.21-150400.24.66.1
    * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * dtb-amazon-5.14.21-150400.24.66.1
    * kernel-64kb-extra-debuginfo-5.14.21-150400.24.66.1
    * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.66.1
    * dtb-socionext-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (nosrc)
    * dtb-aarch64-5.14.21-150400.24.66.1
  * openSUSE Leap 15.4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (aarch64)
    * kernel-64kb-debugsource-5.14.21-150400.24.66.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.66.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.66.1
    * kernel-64kb-devel-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (aarch64 ppc64le x86_64)
    * kernel-default-base-5.14.21-150400.24.66.1.150400.24.29.1
  * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-5.14.21-150400.24.66.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (noarch)
    * kernel-macros-5.14.21-150400.24.66.1
    * kernel-devel-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.66.1
  * Basesystem Module 15-SP4 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.66.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.66.1
  * Development Tools Module 15-SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.66.2
  * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * kernel-syms-5.14.21-150400.24.66.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.66.1
    * kernel-obs-build-5.14.21-150400.24.66.1
  * Development Tools Module 15-SP4 (noarch)
    * kernel-source-5.14.21-150400.24.66.1
  * Legacy Module 15-SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-default-livepatch-5.14.21-150400.24.66.1
    * kernel-default-livepatch-devel-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-1-150400.9.3.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
    * kernel-livepatch-SLE15-SP4_Update_13-debugsource-1-150400.9.3.1
    * kernel-livepatch-5_14_21-150400_24_66-default-1-150400.9.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
    s390x x86_64)
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * ocfs2-kmp-default-5.14.21-150400.24.66.1
    * cluster-md-kmp-default-5.14.21-150400.24.66.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.66.1
    * dlm-kmp-default-5.14.21-150400.24.66.1
    * gfs2-kmp-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.66.1
  * SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)
    * kernel-default-extra-5.14.21-150400.24.66.1
    * kernel-default-extra-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debuginfo-5.14.21-150400.24.66.1
    * kernel-default-debugsource-5.14.21-150400.24.66.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-4269.html
  * https://www.suse.com/security/cve/CVE-2022-45884.html
  * https://www.suse.com/security/cve/CVE-2022-45885.html
  * https://www.suse.com/security/cve/CVE-2022-45886.html
  * https://www.suse.com/security/cve/CVE-2022-45887.html
  * https://www.suse.com/security/cve/CVE-2022-45919.html
  * https://www.suse.com/security/cve/CVE-2023-1079.html
  * https://www.suse.com/security/cve/CVE-2023-1380.html
  * https://www.suse.com/security/cve/CVE-2023-1382.html
  * https://www.suse.com/security/cve/CVE-2023-2002.html
  * https://www.suse.com/security/cve/CVE-2023-2124.html
  * https://www.suse.com/security/cve/CVE-2023-2156.html
  * https://www.suse.com/security/cve/CVE-2023-2162.html
  * https://www.suse.com/security/cve/CVE-2023-2269.html
  * https://www.suse.com/security/cve/CVE-2023-2483.html
  * https://www.suse.com/security/cve/CVE-2023-2513.html
  * https://www.suse.com/security/cve/CVE-2023-28410.html
  * https://www.suse.com/security/cve/CVE-2023-3006.html
  * https://www.suse.com/security/cve/CVE-2023-30456.html
  * https://www.suse.com/security/cve/CVE-2023-31084.html
  * https://www.suse.com/security/cve/CVE-2023-31436.html
  * https://www.suse.com/security/cve/CVE-2023-32233.html
  * https://www.suse.com/security/cve/CVE-2023-33288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1065729
  * https://bugzilla.suse.com/show_bug.cgi?id=1172073
  * https://bugzilla.suse.com/show_bug.cgi?id=1191731
  * https://bugzilla.suse.com/show_bug.cgi?id=1193629
  * https://bugzilla.suse.com/show_bug.cgi?id=1195655
  * https://bugzilla.suse.com/show_bug.cgi?id=1195921
  * https://bugzilla.suse.com/show_bug.cgi?id=1203906
  * https://bugzilla.suse.com/show_bug.cgi?id=1205650
  * https://bugzilla.suse.com/show_bug.cgi?id=1205756
  * https://bugzilla.suse.com/show_bug.cgi?id=1205758
  * https://bugzilla.suse.com/show_bug.cgi?id=1205760
  * https://bugzilla.suse.com/show_bug.cgi?id=1205762
  * https://bugzilla.suse.com/show_bug.cgi?id=1205803
  * https://bugzilla.suse.com/show_bug.cgi?id=1206024
  * https://bugzilla.suse.com/show_bug.cgi?id=1206578
  * https://bugzilla.suse.com/show_bug.cgi?id=1207553
  * https://bugzilla.suse.com/show_bug.cgi?id=1208604
  * https://bugzilla.suse.com/show_bug.cgi?id=1208758
  * https://bugzilla.suse.com/show_bug.cgi?id=1209287
  * https://bugzilla.suse.com/show_bug.cgi?id=1209288
  * https://bugzilla.suse.com/show_bug.cgi?id=1209856
  * https://bugzilla.suse.com/show_bug.cgi?id=1209982
  * https://bugzilla.suse.com/show_bug.cgi?id=1210165
  * https://bugzilla.suse.com/show_bug.cgi?id=1210294
  * https://bugzilla.suse.com/show_bug.cgi?id=1210449
  * https://bugzilla.suse.com/show_bug.cgi?id=1210450
  * https://bugzilla.suse.com/show_bug.cgi?id=1210498
  * https://bugzilla.suse.com/show_bug.cgi?id=1210533
  * https://bugzilla.suse.com/show_bug.cgi?id=1210551
  * https://bugzilla.suse.com/show_bug.cgi?id=1210647
  * https://bugzilla.suse.com/show_bug.cgi?id=1210741
  * https://bugzilla.suse.com/show_bug.cgi?id=1210775
  * https://bugzilla.suse.com/show_bug.cgi?id=1210783
  * https://bugzilla.suse.com/show_bug.cgi?id=1210791
  * https://bugzilla.suse.com/show_bug.cgi?id=1210806
  * https://bugzilla.suse.com/show_bug.cgi?id=1210940
  * https://bugzilla.suse.com/show_bug.cgi?id=1210947
  * https://bugzilla.suse.com/show_bug.cgi?id=1211037
  * https://bugzilla.suse.com/show_bug.cgi?id=1211043
  * https://bugzilla.suse.com/show_bug.cgi?id=1211044
  * https://bugzilla.suse.com/show_bug.cgi?id=1211089
  * https://bugzilla.suse.com/show_bug.cgi?id=1211105
  * https://bugzilla.suse.com/show_bug.cgi?id=1211113
  * https://bugzilla.suse.com/show_bug.cgi?id=1211131
  * https://bugzilla.suse.com/show_bug.cgi?id=1211205
  * https://bugzilla.suse.com/show_bug.cgi?id=1211263
  * https://bugzilla.suse.com/show_bug.cgi?id=1211280
  * https://bugzilla.suse.com/show_bug.cgi?id=1211281
  * https://bugzilla.suse.com/show_bug.cgi?id=1211449
  * https://bugzilla.suse.com/show_bug.cgi?id=1211465
  * https://bugzilla.suse.com/show_bug.cgi?id=1211519
  * https://bugzilla.suse.com/show_bug.cgi?id=1211564
  * https://bugzilla.suse.com/show_bug.cgi?id=1211590
  * https://bugzilla.suse.com/show_bug.cgi?id=1211592
  * https://bugzilla.suse.com/show_bug.cgi?id=1211686
  * https://bugzilla.suse.com/show_bug.cgi?id=1211687
  * https://bugzilla.suse.com/show_bug.cgi?id=1211688
  * https://bugzilla.suse.com/show_bug.cgi?id=1211689
  * https://bugzilla.suse.com/show_bug.cgi?id=1211690
  * https://bugzilla.suse.com/show_bug.cgi?id=1211691
  * https://bugzilla.suse.com/show_bug.cgi?id=1211692
  * https://bugzilla.suse.com/show_bug.cgi?id=1211693
  * https://bugzilla.suse.com/show_bug.cgi?id=1211714
  * https://bugzilla.suse.com/show_bug.cgi?id=1211796
  * https://bugzilla.suse.com/show_bug.cgi?id=1211804
  * https://bugzilla.suse.com/show_bug.cgi?id=1211807
  * https://bugzilla.suse.com/show_bug.cgi?id=1211808
  * https://bugzilla.suse.com/show_bug.cgi?id=1211847
  * https://bugzilla.suse.com/show_bug.cgi?id=1211855
  * https://bugzilla.suse.com/show_bug.cgi?id=1211960
  * https://jira.suse.com/browse/PED-3692
  * https://jira.suse.com/browse/PED-4022
  * https://jira.suse.com/browse/SLE-18375
  * https://jira.suse.com/browse/SLE-18377
  * https://jira.suse.com/browse/SLE-18378
  * https://jira.suse.com/browse/SLE-18379
  * https://jira.suse.com/browse/SLE-18383
  * https://jira.suse.com/browse/SLE-18384
  * https://jira.suse.com/browse/SLE-18385
  * https://jira.suse.com/browse/SLE-18978
  * https://jira.suse.com/browse/SLE-18992
  * https://jira.suse.com/browse/SLE-19001
  * https://jira.suse.com/browse/SLE-19255
  * https://jira.suse.com/browse/SLE-19556

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20230627/121db7ca/attachment.htm>


More information about the sle-security-updates mailing list