SUSE-SU-2023:0488-1: important: Security update for the Linux-RT Kernel

Tue Feb 27 12:53:14 UTC 2024

# Security update for the Linux-RT Kernel

Announcement ID: SUSE-SU-2023:0488-1  
Rating: important  

  * bsc#1166486
  * bsc#1185861
  * bsc#1185863
  * bsc#1186449
  * bsc#1191256
  * bsc#1192868
  * bsc#1193629
  * bsc#1194869
  * bsc#1195175
  * bsc#1195655
  * bsc#1196058
  * bsc#1199701
  * bsc#1203332
  * bsc#1204063
  * bsc#1204356
  * bsc#1204662
  * bsc#1205495
  * bsc#1206006
  * bsc#1206036
  * bsc#1206056
  * bsc#1206057
  * bsc#1206224
  * bsc#1206258
  * bsc#1206363
  * bsc#1206459
  * bsc#1206616
  * bsc#1206640
  * bsc#1206677
  * bsc#1206784
  * bsc#1206876
  * bsc#1206877
  * bsc#1206878
  * bsc#1206880
  * bsc#1206881
  * bsc#1206882
  * bsc#1206883
  * bsc#1206884
  * bsc#1206885
  * bsc#1206886
  * bsc#1206887
  * bsc#1206888
  * bsc#1206889
  * bsc#1206890
  * bsc#1206893
  * bsc#1206894
  * bsc#1207010
  * bsc#1207034
  * bsc#1207036
  * bsc#1207050
  * bsc#1207125
  * bsc#1207134
  * bsc#1207149
  * bsc#1207158
  * bsc#1207184
  * bsc#1207186
  * bsc#1207188
  * bsc#1207189
  * bsc#1207190
  * bsc#1207237
  * bsc#1207263
  * bsc#1207269
  * bsc#1207328
  * bsc#1207497
  * bsc#1207500
  * bsc#1207501
  * bsc#1207506
  * bsc#1207507
  * bsc#1207588
  * bsc#1207589
  * bsc#1207590
  * bsc#1207591
  * bsc#1207592
  * bsc#1207593
  * bsc#1207594
  * bsc#1207602
  * bsc#1207603
  * bsc#1207605
  * bsc#1207606
  * bsc#1207607
  * bsc#1207608
  * bsc#1207609
  * bsc#1207610
  * bsc#1207611
  * bsc#1207612
  * bsc#1207613
  * bsc#1207614
  * bsc#1207615
  * bsc#1207616
  * bsc#1207617
  * bsc#1207618
  * bsc#1207619
  * bsc#1207620
  * bsc#1207621
  * bsc#1207622
  * bsc#1207623
  * bsc#1207624
  * bsc#1207625
  * bsc#1207626
  * bsc#1207627
  * bsc#1207628
  * bsc#1207629
  * bsc#1207630
  * bsc#1207631
  * bsc#1207632
  * bsc#1207633
  * bsc#1207634
  * bsc#1207635
  * bsc#1207636
  * bsc#1207637
  * bsc#1207638
  * bsc#1207639
  * bsc#1207640
  * bsc#1207641
  * bsc#1207642
  * bsc#1207643
  * bsc#1207644
  * bsc#1207645
  * bsc#1207646
  * bsc#1207647
  * bsc#1207648
  * bsc#1207649
  * bsc#1207650
  * bsc#1207651
  * bsc#1207652
  * bsc#1207653
  * bsc#1207734
  * bsc#1207768
  * bsc#1207769
  * bsc#1207770
  * bsc#1207771
  * bsc#1207773
  * bsc#1207795
  * bsc#1207842
  * bsc#1207875
  * bsc#1207878
  * bsc#1207933
  * bsc#1208030
  * bsc#1208044
  * bsc#1208085
  * bsc#1208149
  * bsc#1208153
  * bsc#1208183
  * bsc#1208428
  * bsc#1208429
  * jsc#PED-3210
  * jsc#SLE-21132


  * CVE-2020-24588
  * CVE-2022-36280
  * CVE-2022-4382
  * CVE-2022-47929
  * CVE-2023-0045
  * CVE-2023-0122
  * CVE-2023-0179
  * CVE-2023-0266
  * CVE-2023-0590
  * CVE-2023-23454
  * CVE-2023-23455

CVSS scores:

  * CVE-2020-24588 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2020-24588 ( NVD ):  3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
  * CVE-2022-36280 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-36280 ( NVD ):  6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H
  * CVE-2022-4382 ( SUSE ):  7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-4382 ( NVD ):  6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-47929 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
  * CVE-2022-47929 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-0045 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0045 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-0122 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-0122 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-0179 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0179 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0266 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0266 ( NVD ):  7.9 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H
  * CVE-2023-0590 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-0590 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-23454 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-23454 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-23455 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-23455 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap Micro 5.3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Real Time Module 15-SP4

An update that solves 11 vulnerabilities, contains two features and has 133
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  * CVE-2022-36280: Fixed an out-of-bounds memory access vulnerability that was
    found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c (bnc#1203332).
  * CVE-2023-0045: Fixed flush IBP in ib_prctl_set() (bsc#1207773).
  * CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  * CVE-2023-0122: Fixed a NULL pointer dereference vulnerability in
    nvmet_setup_auth(), that allowed an attacker to perform a Pre-Auth Denial of
    Service (DoS) attack on a remote machine (bnc#1207050).
  * CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in
    net/sched/sch_atm.c because of type confusion (non-negative numbers can
    sometimes indicate a TC_ACT_SHOT condition rather than valid classification
    results) (bsc#1207125).
  * CVE-2023-23454: Fixed denial or service in cbq_classify in
    net/sched/sch_cbq.c (bnc#1207036).
  * CVE-2020-24588: Fixed injection of arbitrary network packets against devices
    that support receiving non-SSP A-MSDU frames (which is mandatory as part of
    802.11n) (bsc#1199701).
  * CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header bits
  * CVE-2022-4382: Fixed a use-after-free flaw that was caused by a race
    condition among the superblock operations inside the gadgetfs code
  * CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
    package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could
    have been used in a use-after-free that could have resulted in a priviledge
    escalation to gain ring0 access from the system user (bsc#1207134).
  * CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control
    subsystem (bnc#1207237).

The following non-security bugs were fixed:

  * ACPI: EC: Fix EC address space handler unregistration (bsc#1207149).
  * ACPI: EC: Fix ECDT probe ordering issues (bsc#1207149).
  * ACPI: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008
  * ACPI: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is unset
  * ACPI: PRM: Check whether EFI runtime is available (git-fixes).
  * ACPI: x86: s2idle: Add a quirk for ASUS ROG Zephyrus G14 (bsc#1206224).
  * ACPI: x86: s2idle: Add a quirk for ASUS TUF Gaming A17 FA707RE
  * ACPI: x86: s2idle: Add a quirk for ASUSTeK COMPUTER INC. ROG Flow X13
  * ACPI: x86: s2idle: Add a quirk for Lenovo Slim 7 Pro 14ARH7 (bsc#1206224).
  * ACPI: x86: s2idle: Add another ID to s2idle_dmi_table (bsc#1206224).
  * ACPI: x86: s2idle: Add module parameter to prefer Microsoft GUID
  * ACPI: x86: s2idle: Fix a NULL pointer dereference (bsc#1206224).
  * ACPI: x86: s2idle: Force AMD GUID/_REV 2 on HP Elitebook 865 (bsc#1206224).
  * ACPI: x86: s2idle: If a new AMD _HID is missing assume Rembrandt
  * ACPI: x86: s2idle: Move _HID handling for AMD systems into structures
  * ACPI: x86: s2idle: Stop using AMD specific codepath for Rembrandt+
  * ACPICA: Allow address_space_handler Install and _REG execution as 2 separate
    steps (bsc#1207149).
  * ACPICA: include/acpi/acpixf.h: Fix indentation (bsc#1207149).
  * ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
  * ALSA: hda/realtek: Add Acer Predator PH315-54 (git-fixes).
  * ALSA: hda/realtek: Add Positivo N14KP6-TG (git-fixes).
  * ALSA: hda/realtek: Add quirk for ASUS UM3402 using CS35L41 (git-fixes).
  * ALSA: hda/realtek: Enable mute/micmute LEDs on HP Elitebook, 645 G9 (git-
  * ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
  * ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-
  * ALSA: hda/realtek: fix mute/micmute LEDs, speaker do not work for a HP
    platform (git-fixes).
  * ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
  * ALSA: pci: lx6464es: fix a debug loop (git-fixes).
  * ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 (git-fixes).
  * ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' (git-fixes).
  * ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' (git-fixes).
  * ARM: dts: imx7d-pico: Use 'clock-frequency' (git-fixes).
  * ARM: dts: imx: Fix pca9547 i2c-mux node name (git-fixes).
  * ARM: dts: vf610: Fix pca9548 i2c-mux node names (git-fixes).
  * ARM: imx: add missing of_node_put() (git-fixes).
  * ASoC: Intel: boards: fix spelling in comments (git-fixes).
  * ASoC: Intel: bytcht_es8316: Drop reference count of ACPI device after use
  * ASoC: Intel: bytcht_es8316: move comment to the right place (git-fixes).
  * ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
  * ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
  * ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets (git-fixes).
  * ASoC: fsl_micfil: Correct the number of steps on SX controls (git-fixes).
  * ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
  * ASoC: topology: Return -ENOMEM on memory allocation failure (git-fixes).
  * Bluetooth: Fix possible deadlock in rfcomm_sk_state_change (git-fixes).
  * Bluetooth: hci_qca: Fix driver shutdown on closed serdev (git-fixes).
  * Fix page corruption caused by racy check in __free_pages (bsc#1208149).
  * HID: betop: check shape of output reports (git-fixes).
  * HID: betop: check shape of output reports (git-fixes, bsc#1207186).
  * HID: check empty report_list in bigben_probe() (git-fixes).
  * HID: check empty report_list in hid_validate_values() (git-fixes).
  * HID: check empty report_list in hid_validate_values() (git-fixes,
  * HID: intel_ish-hid: Add check for ishtp_dma_tx_map (git-fixes).
  * HID: playstation: sanity check DualSense calibration data (git-fixes).
  * HID: revert CHERRY_MOUSE_000C quirk (git-fixes).
  * IB/IPoIB: Fix legacy IPoIB due to wrong number of queues (git-fixes)
  * IB/hfi1: Fix expected receive setup error exit issues (git-fixes)
  * IB/hfi1: Immediately remove invalid memory from hardware (git-fixes)
  * IB/hfi1: Reject a zero-length user expected buffer (git-fixes)
  * IB/hfi1: Remove user expected buffer invalidate race (git-fixes)
  * IB/hfi1: Reserve user expected TIDs (git-fixes)
  * IB/hfi1: Restore allocated resources on failed copyout (git-fixes)
  * IB/mad: Do not call to function that might sleep while in atomic context
  * KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init()
  * Move upstreamed net patch into sorted section
  * PCI/PM: Define pci_restore_standard_config() only for CONFIG_PM_SLEEP
  * PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() (git-fixes).
  * RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
  * RDMA/core: Fix ib block iterator counter overflow (git-fixes)
  * RDMA/irdma: Fix potential NULL-ptr-dereference (git-fixes)
  * RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (git-fixes)
  * RDMA/mlx5: Fix validation of max_rd_atomic caps for DC (git-fixes)
  * RDMA/rxe: Prevent faulty rkey generation (git-fixes)
  * RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
  * RDMA/usnic: use iommu_map_atomic() under spin_lock() (git-fixes)
  * Remove duplicate Git-commit tag in patch file
  * Revert "ARM: dts: armada-38x: Fix compatible string for gpios" (git-fixes).
  * Revert "ARM: dts: armada-39x: Fix compatible string for gpios" (git-fixes).
  * Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI
    mode" (git-fixes).
  * Revert "Revert "block, bfq: honor already-setup queue merges"" (git-fixes).
  * Revert "arm64: dts: meson-sm1-odroid-hc4: disable unused USB PHY0" (git-
  * Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" (git-fixes).
  * SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
  * SUNRPC: Use BIT() macro in rpc_show_xprt_state() (git-fixes).
  * USB: gadget: Fix use-after-free during usb config switch (git-fixes).
  * USB: misc: iowarrior: fix up header size for USB_DEVICE_ID_CODEMERCS_IOW100
  * USB: serial: cp210x: add SCALANCE LPE-9000 device id (git-fixes).
  * USB: serial: option: add Quectel EC200U modem (git-fixes).
  * USB: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
  * USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
  * USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
  * USB: serial: option: add Quectel EM05CN (SG) modem (git-fixes).
  * USB: serial: option: add Quectel EM05CN modem (git-fixes).
  * arm64: Fix Freescale LPUART dependency (boo#1204063).
  * arm64: atomics: format whitespace consistently (git-fixes).
  * arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux (git-fixes).
  * arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity (git-
  * arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX (git-fixes).
  * arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI (git-fixes).
  * arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
  * arm64: dts: meson-g12-common: Make mmc host controller interrupts level-
    sensitive (git-fixes).
  * arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
  * arm64: dts: qcom: msm8992-libra: Add CPU regulators (git-fixes).
  * arm64: dts: qcom: msm8992-libra: Fix the memory map (git-fixes).
  * arm64: dts: qcom: msm8992: Do not use sfpb mutex (git-fixes).
  * arm64: efi: Execute runtime services from a dedicated stack (git-fixes).
  * ata: libata: Fix sata_down_spd_limit() when no link speed is reported (git-
  * ath11k: Fix unexpected return buffer manager error for QCA6390 (git-fixes).
  * bcache: fix set_at_max_writeback_rate() for multiple attached devices (git-
  * bfq: fix use-after-free in bfq_dispatch_request (git-fixes).
  * bfq: fix waker_bfqq inconsistency crash (git-fixes).
  * blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes).
  * blk-mq: fix possible memleak when register 'hctx' failed (git-fixes).
  * blk-throttle: prevent overflow while calculating wait time (git-fixes).
  * blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() (git-fixes).
  * blktrace: Fix output non-blktrace event when blk_classic option enabled
  * block, bfq: do not move oom_bfqq (git-fixes).
  * block, bfq: fix null pointer dereference in bfq_bio_bfqg() (git-fixes).
  * block, bfq: fix possible uaf for 'bfqq->bic' (git-fixes).
  * block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq (git-fixes).
  * block, bfq: fix uaf for bfqq in bic_set_bfqq() (git-fixes).
  * block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
  * block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC" (git-fixes).
  * block/bfq_wf2q: correct weight to ioprio (git-fixes).
  * block/bio: remove duplicate append pages code (git-fixes).
  * block: check minor range in device_add_disk() (git-fixes).
  * block: clear ->slave_dir when dropping the main slave_dir reference (git-
  * block: do not allow splitting of a REQ_NOWAIT bio (git-fixes).
  * block: ensure iov_iter advances for added pages (git-fixes).
  * block: fix and cleanup bio_check_ro (git-fixes).
  * block: fix infinite loop for invalid zone append (git-fixes).
  * block: mq-deadline: Do not break sequential write streams to zoned HDDs
  * block: mq-deadline: Fix dd_finish_request() for zoned devices (git-fixes).
  * block: mq-deadline: Rename deadline_is_seq_writes() (git-fixes).
  * block: use bdev_get_queue() in bio.c (git-fixes).
  * bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (git-
  * bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (git-fixes).
  * bnxt_en: Remove debugfs when pci_register_driver failed (git-fixes).
  * bnxt_en: add dynamic debug support for HWRM messages (git-fixes).
  * bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer (git-
  * bnxt_en: fix the handling of PCIE-AER (git-fixes).
  * bnxt_en: refactor bnxt_cancel_reservations() (git-fixes).
  * bpf: Fix a possible task gone issue with bpf_send_signal_thread helpers
  * bpf: Skip task with pid=1 in send_signal_common() (git-fixes).
  * btrfs: add helper to delete a dir entry from a log tree (bsc#1207263).
  * btrfs: avoid inode logging during rename and link when possible
  * btrfs: avoid logging all directory changes during renames (bsc#1207263).
  * btrfs: backport recent fixes for send/receive into SLE15 SP4/SP5
    (bsc#1206036 bsc#1207500 ltc#201363).
  * btrfs: do not log unnecessary boundary keys when logging directory
  * btrfs: fix assertion failure when logging directory key range item
  * btrfs: fix processing of delayed data refs during backref walking
    (bsc#1206056 bsc#1207507 ltc#201367).
  * btrfs: fix processing of delayed tree block refs during backref walking
    (bsc#1206057 bsc#1207506 ltc#201368).
  * btrfs: fix race between quota enable and quota rescan ioctl (bsc#1207158).
  * btrfs: fix race between quota rescan and disable leading to NULL pointer
    deref (bsc#1207158).
  * btrfs: fix trace event name typo for FLUSH_DELAYED_REFS (git-fixes).
  * btrfs: join running log transaction when logging new name (bsc#1207263).
  * btrfs: move QUOTA_ENABLED check to rescan_should_stop from
    btrfs_qgroup_rescan_worker (bsc#1207158).
  * btrfs: pass the dentry to btrfs_log_new_name() instead of the inode
  * btrfs: prepare extents to be logged before locking a log tree path
  * btrfs: put initial index value of a directory in a constant (bsc#1207263).
  * btrfs: qgroup: remove duplicated check in adding qgroup relations
  * btrfs: qgroup: remove outdated TODO comments (bsc#1207158).
  * btrfs: remove unnecessary NULL check for the new inode during rename
    exchange (bsc#1207263).
  * btrfs: remove useless path release in the fast fsync path (bsc#1207263).
  * btrfs: remove write and wait of struct walk_control (bsc#1207263).
  * btrfs: stop copying old dir items when logging a directory (bsc#1207263).
  * btrfs: stop doing unnecessary log updates during a rename (bsc#1207263).
  * btrfs: stop trying to log subdirectories created in past transactions
  * btrfs: use single variable to track return value at btrfs_log_inode()
  * bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() (git-fixes).
  * can: j1939: do not wait 250 ms if the same addr was already claimed (git-
  * can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate (git-fixes).
  * ceph: flush cap releases when the session is flushed (bsc#1208428).
  * cifs: Fix uninitialized memory read for smb311 posix symlink create (git-
  * cifs: avoid re-lookups in dfs_cache_find() (bsc#1193629).
  * cifs: do not include page data when checking signature (git-fixes).
  * cifs: do not query ifaces on smb1 mounts (git-fixes).
  * cifs: do not take exclusive lock for updating target hints (bsc#1193629).
  * cifs: fix double free on failed kerberos auth (git-fixes).
  * cifs: fix file info setting in cifs_open_file() (git-fixes).
  * cifs: fix file info setting in cifs_query_path_info() (git-fixes).
  * cifs: fix potential memory leaks in session setup (bsc#1193629).
  * cifs: fix race in assemble_neg_contexts() (bsc#1193629).
  * cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
  * cifs: handle cache lookup errors different than -ENOENT (bsc#1193629).
  * cifs: ignore ipc reconnect failures during dfs failover (bsc#1193629).
  * cifs: protect access of TCP_Server_Info::{dstaddr,hostname} (bsc#1193629).
  * cifs: remove duplicate code in __refresh_tcon() (bsc#1193629).
  * cifs: remove redundant assignment to the variable match (bsc#1193629).
  * cifs: remove unused function (bsc#1193629).
  * comedi: adv_pci1760: Fix PWM instruction handling (git-fixes).
  * cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist (git-fixes).
  * cpufreq: armada-37xx: stop using 0 as NULL pointer (git-fixes).
  * crypto: fixed DH and ECDH implemention for FIPS PCT
  * dm btree: add a defensive bounds check to insert_at() (git-fixes).
  * dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort
  * dm cache: Fix UAF in destroy() (git-fixes).
  * dm cache: set needs_check flag after aborting metadata (git-fixes).
  * dm clone: Fix UAF in clone_dtr() (git-fixes).
  * dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
  * dm integrity: clear the journal on suspend (git-fixes).
  * dm integrity: flush the journal on suspend (git-fixes).
  * dm ioctl: fix misbehavior if list_versions races with module loading (git-
  * dm ioctl: prevent potential spectre v1 gadget (git-fixes).
  * dm raid: fix address sanitizer warning in raid_resume (git-fixes).
  * dm raid: fix address sanitizer warning in raid_status (git-fixes).
  * dm space map common: add bounds check to sm_ll_lookup_bitmap() (git-fixes).
  * dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
  * dm thin: Fix UAF in run_timer_softirq() (git-fixes).
  * dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
  * dm thin: resume even if in FAIL mode (git-fixes).
  * dm writecache: set a default MAX_WRITEBACK_JOBS (git-fixes).
  * dm: fix alloc_dax error handling in alloc_dev (git-fixes).
  * dm: requeue IO if mapping table not yet available (git-fixes).
  * dmaengine: Fix double increment of client_count in dma_chan_get() (git-
  * dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable (git-
  * dmaengine: idxd: Let probe fail when workqueue cannot be enabled (git-
  * dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init (git-
  * dmaengine: lgm: Move DT parsing after initialization (git-fixes).
  * dmaengine: tegra210-adma: fix global intr clear (git-fixes).
  * dmaengine: ti: k3-udma: Do conditional decrement of
    UDMA_CHAN_RT_PEER_BCNT_REG (git-fixes).
  * dmaengine: xilinx_dma: call of_node_put() when breaking out of
    for_each_child_of_node() (git-fixes).
  * docs: Fix the docs build with Sphinx 6.0 (git-fixes).
  * driver core: Fix test_async_probe_init saves device in wrong array (git-
  * drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
  * drivers: net: xgene: disable napi when register irq failed in
    xgene_enet_open() (git-fixes).
  * drivers:md:fix a potential use-after-free bug (git-fixes).
  * drm/amd/display: Calculate output_color_space after pixel encoding
    adjustment (git-fixes).
  * drm/amd/display: Fail atomic_check early on normalize_zpos error (git-
  * drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix (git-fixes).
  * drm/amd/display: Fix set scaling doesn's work (git-fixes).
  * drm/amd/display: Fix timing not changning when freesync video is enabled
  * drm/amd/display: Take emulated dc_sink into account for HDCP (bsc#1207734).
  * drm/amd/display: fix issues with driver unload (git-fixes).
  * drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini (git-
  * drm/amdgpu: complete gfxoff allow signal during suspend without delay (git-
  * drm/amdgpu: disable runtime pm on several sienna cichlid cards(v2) (git-
  * drm/amdgpu: drop experimental flag on aldebaran (git-fixes).
  * drm/hyperv: Add error message for fb size greater than allocated (git-
  * drm/i915/adlp: Fix typo for reference clock (git-fixes).
  * drm/i915/display: Check source height is > 0 (git-fixes).
  * drm/i915/gt: Reset twice (git-fixes).
  * drm/i915/selftest: fix intel_selftest_modify_policy argument types (git-
  * drm/i915: Fix VBT DSI DVO port handling (git-fixes).
  * drm/i915: Fix potential bit_17 double-free (git-fixes).
  * drm/i915: Initialize the obj flags for shmem objects (git-fixes).
  * drm/i915: re-disable RC6p on Sandy Bridge (git-fixes).
  * drm/panfrost: fix GENERIC_ATOMIC64 dependency (git-fixes).
  * drm/vc4: hdmi: make CEC adapter name unique (git-fixes).
  * drm/virtio: exbuf->fence_fd unmodified on interrupted wait (git-fixes).
  * drm: Add orientation quirk for Lenovo ideapad D330-10IGL (git-fixes).
  * efi: Accept version 2 of memory attributes table (git-fixes).
  * efi: fix potential NULL deref in efi_mem_reserve_persistent (git-fixes).
  * efi: rt-wrapper: Add missing include (git-fixes).
  * efi: tpm: Avoid READ_ONCE() for accessing the event log (git-fixes).
  * exit: Add and use make_task_dead (bsc#1207328).
  * exit: Allow oops_limit to be disabled (bsc#1207328).
  * exit: Guarantee make_task_dead leaks the tsk when calling do_task_exit
  * exit: Move force_uaccess back into do_exit (bsc#1207328).
  * exit: Move oops specific logic from do_exit into make_task_dead
  * exit: Put an upper limit on how often we can oops (bsc#1207328).
  * exit: Stop poorly open coding do_task_dead in make_task_dead (bsc#1207328).
  * exit: Use READ_ONCE() for all oops/warn limit reads (bsc#1207328).
  * ext4,f2fs: fix readahead of verity data (bsc#1207648).
  * ext4: Fixup pages without buffers (bsc#1205495).
  * ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode (bsc#1207619).
  * ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
  * ext4: add helper to check quota inums (bsc#1207618).
  * ext4: add inode table check in __ext4_get_inode_loc to aovid possible
    infinite loop (bsc#1207617).
  * ext4: add missing validation of fast-commit record lengths (bsc#1207626).
  * ext4: allocate extended attribute value in vmalloc area (bsc#1207635).
  * ext4: avoid crash when inline data creation follows DIO write (bsc#1206883).
  * ext4: avoid resizing to a partial cluster size (bsc#1206880).
  * ext4: avoid unaccounted block allocation when expanding inode (bsc#1207634).
  * ext4: continue to expand file system when the target size does not reach
  * ext4: correct cluster len and clusters changed accounting in ext4_mb_mark_bb
  * ext4: correct max_inline_xattr_value_size computing (bsc#1206878).
  * ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).
  * ext4: disable fast-commit of encrypted dir operations (bsc#1207623).
  * ext4: do not allow journal inode to have encrypt flag (bsc#1207621).
  * ext4: do not increase iversion counter for ea_inodes (bsc#1207605).
  * ext4: do not run ext4lazyinit for read-only filesystems (bsc#1207603).
  * ext4: do not set up encryption key during jbd2 transaction (bsc#1207624).
  * ext4: drop ineligible txn start stop APIs (bsc#1207588).
  * ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
  * ext4: factor out ext4_fc_get_tl() (bsc#1207615).
  * ext4: fast commit may miss file actions (bsc#1207591).
  * ext4: fast commit may not fallback for ineligible commit (bsc#1207590).
  * ext4: fix BUG_ON() when directory entry has invalid rec_len (bsc#1206886).
  * ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
  * ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
  * ext4: fix bug_on in start_this_handle during umount filesystem
  * ext4: fix deadlock due to mbcache entry corruption (bsc#1207653).
  * ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
  * ext4: fix dir corruption when ext4_dx_add_entry() fails (bsc#1207608).
  * ext4: fix error code return to user-space in ext4_get_branch()
  * ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit (bsc#1207593).
  * ext4: fix extent status tree race in writeback error recovery path
  * ext4: fix inode leak in ext4_xattr_inode_create() on an error path
  * ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (bsc#1206894).
  * ext4: fix leaking uninitialized memory in fast-commit journal (bsc#1207625).
  * ext4: fix miss release buffer head in ext4_fc_write_inode (bsc#1207609).
  * ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).
  * ext4: fix off-by-one errors in fast-commit block filling (bsc#1207628).
  * ext4: fix potential memory leak in ext4_fc_record_modified_inode()
  * ext4: fix potential memory leak in ext4_fc_record_regions() (bsc#1207612).
  * ext4: fix potential out of bound read in ext4_fc_replay_scan()
  * ext4: fix reserved cluster accounting in __es_remove_extent() (bsc#1207637).
  * ext4: fix unaligned memory access in ext4_fc_reserve_space() (bsc#1207627).
  * ext4: fix undefined behavior in bit shift for ext4_check_flag_values
  * ext4: fix uninititialized value in 'ext4_evict_inode' (bsc#1206893).
  * ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).
  * ext4: fix use-after-free in ext4_orphan_cleanup (bsc#1207622).
  * ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).
  * ext4: fix warning in 'ext4_da_release_space' (bsc#1206887).
  * ext4: goto right label 'failed_mount3a' (bsc#1207610).
  * ext4: init quota for 'old.inode' in 'ext4_rename' (bsc#1207629).
  * ext4: initialize quota before expanding inode in setproject ioctl
  * ext4: introduce EXT4_FC_TAG_BASE_LEN helper (bsc#1207614).
  * ext4: limit the number of retries after discarding preallocations blocks
  * ext4: make ext4_lazyinit_thread freezable (bsc#1206885).
  * ext4: place buffer head allocation before handle start (bsc#1207607).
  * ext4: silence the warning when evicting inode with dioread_nolock
  * ext4: simplify updating of fast commit stats (bsc#1207589).
  * ext4: update 'state->fc_regions_size' after successful memory allocation
  * ext4: update s_overhead_clusters in the superblock during an on-line resize
  * extcon: usbc-tusb320: fix kernel-doc warning (git-fixes).
  * fbcon: Check font dimension limits (git-fixes).
  * fbdev: omapfb: avoid stack overflow warning (git-fixes).
  * fbdev: smscufx: fix error handling code in ufx_usb_probe (git-fixes).
  * firewire: fix memory leak for payload of request subaction to IEC 61883-1
    FCP region (git-fixes).
  * firmware: arm_scmi: Harden shared memory access in fetch_notification (git-
  * firmware: arm_scmi: Harden shared memory access in fetch_response (git-
  * fpga: stratix10-soc: Fix return value check in s10_ops_write_init() (git-
  * fs: ext4: initialize fsdata in pagecache_write() (bsc#1207632).
  * fs: remove __sync_filesystem (git-fixes).
  * fscache_cookie_enabled: check cookie is valid before accessing it
  * ftrace/x86: Add back ftrace_expected for ftrace bug reports (git-fixes).
  * ftrace: Clean comments related to FTRACE_OPS_FL_PER_CPU (git-fixes).
  * genirq: Provide new interfaces for affinity hints (bsc#1208153).
  * git_sort: add usb-linus branch for gregkh/usb
  * gsmi: fix null-deref in gsmi_get_variable (git-fixes).
  * hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap() (git-fixes).
  * i2c: designware-pci: Add new PCI IDs for AMD NAVI GPU (git-fixes).
  * i2c: mv64xxx: Add atomic_xfer method to driver (git-fixes).
  * i2c: mv64xxx: Remove shutdown method from driver (git-fixes).
  * i2c: mxs: suppress probe-deferral error message (git-fixes).
  * i2c: rk3x: fix a bunch of kernel-doc warnings (git-fixes).
  * i40e: Disallow ip4 and ip6 l4_4_bytes (git-fixes).
  * i40e: Fix error handling in i40e_init_module() (git-fixes).
  * i40e: Fix not setting default xps_cpus after reset (git-fixes).
  * igb: Allocate MSI-X vector when testing (git-fixes).
  * iio: adc: berlin2-adc: Add missing of_node_put() in error path (git-fixes).
  * iio: adc: stm32-dfsdm: fill module aliases (git-fixes).
  * iio: hid: fix the retval in accel_3d_capture_sample (git-fixes).
  * iio: hid: fix the retval in gyro_3d_capture_sample (git-fixes).
  * iio: imu: fxos8700: fix ACCEL measurement range selection (git-fixes).
  * iio: imu: fxos8700: fix IMU data bits returned to user space (git-fixes).
  * iio: imu: fxos8700: fix MAGN sensor scale and unit (git-fixes).
  * iio: imu: fxos8700: fix failed initialization ODR mode assignment (git-
  * iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback (git-
  * iio: imu: fxos8700: fix incorrect ODR mode readback (git-fixes).
  * iio: imu: fxos8700: fix map label of channel type to MAGN sensor (git-
  * iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback (git-
  * iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN (git-fixes).
  * iio:adc:twl6030: Enable measurement of VAC (git-fixes).
  * iio:adc:twl6030: Enable measurements of VUSB, VBAT and others (git-fixes).
  * ipmi:ssif: Add 60ms time internal between write retries (bsc#1206459).
  * ipmi:ssif: Add a timer between request retries (bsc#1206459).
  * ipmi:ssif: Increase the message retry time (bsc#1206459).
  * ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
  * ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
  * ipmi_ssif: Rename idle state and check (bsc#1206459).
  * ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
  * ixgbevf: Fix resource leak in ixgbevf_init_module() (git-fixes).
  * jbd2: Fix up kABI of ext4 fast commit interface (bsc#1207590).
  * jbd2: add miss release buffer head in fc_do_one_pass() (bsc#1207646).
  * jbd2: fix a potential race while discarding reserved buffers after an abort
  * jbd2: fix potential buffer head reference count leak (bsc#1207644).
  * jbd2: fix potential use-after-free in jbd2_fc_wait_bufs (bsc#1207645).
  * jbd2: use the correct print format (git-fixes).
  * jbd2: wake up journal waiters in FIFO order, not LIFO (bsc#1207643).
  * kABI workaround for struct acpi_ec (bsc#1207149).
  * kABI: Preserve TRACE_EVENT_FL values (git-fixes).
  * kabi/severities: add mlx5 internal symbols
  * kasan: no need to unset panic_on_warn in end_report() (bsc#1207328).
  * l2tp: Do not sleep and disable BH under writer-side sk_callback_lock (git-
  * loop: Fix the max_loop commandline argument treatment when it is set to 0
  * mbcache: Avoid nesting of cache->c_list_lock under bit locks (bsc#1207647).
  * mbcache: Fixup kABI of mb_cache_entry (bsc#1207653).
  * md/bitmap: Fix bitmap chunk size overflow issues (git-fixes).
  * md/raid1: stop mdx_raid1 thread when raid1 array run failed (git-fixes).
  * md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
  * md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
  * md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
  * md: fix a crash in mempool_free (git-fixes).
  * md: protect md_unregister_thread from reentrancy (git-fixes).
  * mei: me: add meteor lake point M DID (git-fixes).
  * memory: atmel-sdramc: Fix missing clk_disable_unprepare in
    atmel_ramc_probe() (git-fixes).
  * memory: mvebu-devbus: Fix missing clk_disable_unprepare in
    mvebu_devbus_probe() (git-fixes).
  * memory: tegra: Remove clients SID override programming (git-fixes).
  * misc: fastrpc: Do not remove map on creater_process and device_release (git-
  * misc: fastrpc: Fix use-after-free race condition for maps (git-fixes).
  * mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
  * mm: compaction: kABI: avoid pglist_data kABI breakage (bsc#1207010).
  * mm: compaction: support triggering of proactive compaction by user
  * mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting (git-
  * mmc: sunxi-mmc: Fix clock refcount imbalance during unbind (git-fixes).
  * module: Do not wait for GOING modules (bsc#1196058, bsc#1186449,
    bsc#1204356, bsc#1204662).
  * mt76: fix use-after-free by removing a non-RCU wcid pointer (git-fixes).
  * mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in
    mt7921_mcu_tx_done_event (git-fixes).
  * nbd: Fix hung on disconnect request if socket is closed before (git-fixes).
  * nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (git-fixes).
  * nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
  * nbd: fix io hung while disconnecting device (git-fixes).
  * nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
  * net/mlx4: Check retval of mlx4_bitmap_init (git-fixes).
  * net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
  * net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1207842).
  * net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).
  * net/x25: Fix to not accept on connected socket (git-fixes).
  * net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).
  * net: cxgb3_main: disable napi when bind qsets failed in cxgb_up() (git-
  * net: ena: Fix error handling in ena_init() (git-fixes).
  * net: liquidio: release resources when liquidio driver open failed (git-
  * net: liquidio: simplify if expression (git-fixes).
  * net: macvlan: Use built-in RCU list checking (git-fixes).
  * net: macvlan: fix memory leaks of macvlan_common_newlink (git-fixes).
  * net: mana: Assign interrupts to CPUs based on NUMA nodes (bsc#1208153).
  * net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
  * net: mana: Fix accessing freed irq affinity_hint (bsc#1208153).
  * net: mdio: validate parameter addr in mdiobus_get_phy() (git-fixes).
  * net: nfc: Fix use-after-free in local_cleanup() (git-fixes).
  * net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() (git-
  * net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices (git-
  * net: phy: meson-gxl: Add generic dummy stubs for MMD register access (git-
  * net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY (git-
  * net: tun: Fix memory leaks of napi_get_frags (git-fixes).
  * net: tun: Fix use-after-free in tun_detach() (git-fixes).
  * net: tun: call napi_schedule_prep() to ensure we own a napi (git-fixes).
  * net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem (git-
  * net: usb: sr9700: Handle negative len (git-fixes).
  * net: wan: Add checks for NULL for utdm in undo_uhdlc_init and unmap_si_regs
  * netrom: Fix use-after-free caused by accept on already connected socket
  * netrom: Fix use-after-free of a listening socket (git-fixes).
  * nilfs2: fix general protection fault in nilfs_btree_insert() (git-fixes).
  * null_blk: fix ida error handling in null_add_dev() (git-fixes).
  * nvdimm: disable namespace on error (bsc#1166486).
  * objtool: Add a missing comma to avoid string concatenation (bsc#1207328).
  * ocfs2: clear dinode links count in case of error (bsc#1207650).
  * ocfs2: fix BUG when iput after ocfs2_mknod fails (bsc#1207649).
  * ocfs2: fix crash when mount with quota enabled (bsc#1207640).
  * ocfs2: fix memory leak in ocfs2_mount_volume() (bsc#1207652).
  * ocfs2: fix memory leak in ocfs2_stack_glue_init() (bsc#1207651).
  * ocfs2: ocfs2_mount_volume does cleanup job before return error
  * ocfs2: quota_local: fix possible uninitialized-variable access in
    ocfs2_local_read_info() (bsc#1207768).
  * ocfs2: rewrite error handling of ocfs2_fill_super (bsc#1207771).
  * octeontx2-af: Fix reference count issue in rvu_sdp_init() (jsc#SLE-24682).
  * octeontx2-af: debugsfs: fix pci device refcount leak (git-fixes).
  * octeontx2-pf: Add check for devm_kcalloc (git-fixes).
  * octeontx2-pf: Fix potential memory leak in otx2_init_tc() (jsc#SLE-24682).
  * of/address: Return an error when no valid dma-ranges are found (git-fixes).
  * panic: Consolidate open-coded panic_on_warn checks (bsc#1207328).
  * panic: Introduce warn_limit (bsc#1207328).
  * panic: unset panic_on_warn inside panic() (bsc#1207328).
  * phy: Revert "phy: qualcomm: usb28nm: Add MDM9607 init sequence" (git-fixes).
  * phy: phy-can-transceiver: Skip warning if no "max-bitrate" (git-fixes).
  * phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
    rockchip_usb2phy_power_on() (git-fixes).
  * phy: ti: fix Kconfig warning and operator precedence (git-fixes).
  * pinctrl: amd: Add dynamic debugging for active GPIOs (git-fixes).
  * pinctrl: aspeed: Fix confusing types in return value (git-fixes).
  * pinctrl: intel: Restore the pins that used to be in Direct IRQ mode (git-
  * pinctrl: mediatek: Fix the drive register definition of some Pins (git-
  * pinctrl: rockchip: fix mux route data for rk3568 (git-fixes).
  * pinctrl: single: fix potential NULL dereference (git-fixes).
  * platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK (git-
  * platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010 table (git-
  * platform/x86: gigabyte-wmi: add support for B450M DS3H WIFI-CF (git-fixes).
  * platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD (git-
  * powerpc/64s/radix: Fix RWX mapping with relocated kernel (bsc#1194869).
  * powerpc/64s/radix: Fix crash with unaligned relocated kernel (bsc#1194869).
  * powerpc/64s: Fix local irq disable when PMIs are disabled (bsc#1195655
    ltc#1195655 git-fixes).
  * powerpc/kexec_file: Count hot-pluggable memory in FDT estimate
  * powerpc/kexec_file: Fix division by zero in extra size estimation
  * powerpc/ Add an explicit symbol for the SRWX boundary
  * powerpc/ Ensure STRICT_ALIGN_SIZE is at least page aligned
  * powerpc: move __end_rodata to cover arch read-only sections (bsc#1194869).
  * qlcnic: fix sleep-in-atomic-context bugs caused by msleep (git-fixes).
  * quota: Check next/prev free block number after reading from quota file
  * quota: Prevent memory allocation recursion while holding dq_lock
  * r8152: add vendor/device ID pair for Microsoft Devkit (git-fixes).
  * r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (git-fixes).
  * regulator: da9211: Use irq handler when ready (git-fixes).
  * rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage
  * s390/qeth: fix various format strings (git-fixes).
  * sched, cpuset: Fix dl_cpu_busy() panic due to empty (git-fixes)
  * sched/core: Fix arch_scale_freq_tick() on tickless systems (git-fixes)
  * sched/core: Introduce sched_asym_cpucap_active() (git-fixes)
  * sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() (git-fixes)
  * sched/tracing: Report TASK_RTLOCK_WAIT tasks as (git-fixes)
  * sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() (git-fixes)
  * sched: Avoid double preemption in __cond_resched_ _lock_ () (git-fixes)
  * scsi: Revert "scsi: core: map PQ=1, PDT=other values to
    SCSI_SCAN_TARGET_PRESENT" (git-fixes).
  * scsi: core: Fix a race between scsi_done() and scsi_timeout() (git-fixes).
  * scsi: efct: Fix possible memleak in efct_device_init() (git-fixes).
  * scsi: elx: libefc: Fix second parameter type in state callbacks (git-fixes).
  * scsi: fcoe: Fix possible name leak when device_register() fails (git-fixes).
  * scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (git-
  * scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
  * scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
  * scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (git-fixes).
  * scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
  * scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
  * scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
  * scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
  * scsi: mpt3sas: Remove scsi_dma_map() error messages (git-fixes).
  * scsi: scsi_debug: Fix a warning in resp_report_zones() (git-fixes).
  * scsi: scsi_debug: Fix a warning in resp_verify() (git-fixes).
  * scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
  * scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (git-
  * scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
  * scsi: storvsc: Correct reporting of Hyper-V I/O size limits (git-fixes).
  * scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
  * scsi: tracing: Fix compile error in trace_array calls when TRACING is
    disabled (git-fixes).
  * scsi: ufs: Stop using the clock scaling lock in the error handler (git-
  * scsi: ufs: core: Enable link lost interrupt (git-fixes).
  * sctp: fail if no bound addresses can be used for a given scope
  * selftests/vm: remove ARRAY_SIZE define from individual tests (git-fixes).
  * selftests: Provide local define of __cpuid_count() (git-fixes).
  * selftests: forwarding: lib: quote the sysctl values (git-fixes).
  * selftests: net: udpgso_bench: Fix racing bug between the rx/tx programs
  * selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
  * selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
  * selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
    benchmarking (git-fixes).
  * serial: 8250_dma: Fix DMA Rx rearm race (git-fixes).
  * serial: atmel: fix incorrect baudrate setup (git-fixes).
  * serial: pch_uart: Pass correct sg to dma_unmap_sg() (git-fixes).
  * sfc: fix potential memleak in __ef100_hard_start_xmit() (git-fixes).
  * signal/vm86_32: Properly send SIGSEGV when the vm86 state cannot be saved
  * soc: imx8m: Fix incorrect check for of_clk_get_by_name() (git-fixes).
  * spi: dw: Fix wrong FIFO level setting for long xfers (git-fixes).
  * spi: spidev: remove debug messages that access spidev->spi without locking
  * staging: mt7621-dts: change some node hex addresses to lower case (git-
  * staging: vchiq_arm: fix enum vchiq_status return types (git-fixes).
  * swim3: add missing major.h include (git-fixes).
  * sysctl: add a new register_sysctl_init() interface (bsc#1207328).
  * tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent (git-fixes).
  * thermal/core: Remove duplicate information when an error occurs (git-fixes).
  * thunderbolt: Do not call PM runtime functions in tb_retimer_scan() (git-
  * thunderbolt: Do not report errors if on-board retimers are found (git-
  * thunderbolt: Use correct function to calculate maximum USB3 link rate (git-
  * tick/nohz: Use WARN_ON_ONCE() to prevent console saturation.
  * tick/sched: Fix non-kernel-doc comment (git-fixes).
  * tomoyo: fix broken dependency on *.conf.default (git-fixes).
  * tools: fix ARRAY_SIZE defines in tools and selftests hdrs (git-fixes).
  * trace_events_hist: add check for return value of 'create_hist_field' (git-
  * tracing/hist: Fix issue of losting command info in error_log (git-fixes).
  * tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx' (git-
  * tracing/hist: Fix wrong return value in parse_action_params() (git-fixes).
  * tracing/osnoise: Make osnoise_main to sleep for microseconds (git-fixes).
  * tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro (git-fixes).
  * tracing/probes: Handle system names with hyphens (git-fixes).
  * tracing: Add '__rel_loc' using trace event macros (git-fixes).
  * tracing: Add DYNAMIC flag for dynamic events (git-fixes).
  * tracing: Add trace_event helper macros __string_len() and __assign_str_len()
  * tracing: Avoid -Warray-bounds warning for __rel_loc macro (git-fixes).
  * tracing: Do not use out-of-sync va_list in event printing (git-fixes).
  * tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
  * tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
  * tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE (git-fixes).
  * tracing: Fix infinite loop in tracing_read_pipe on overflowed
    print_trace_line (git-fixes).
  * tracing: Fix issue of missing one synthetic field (git-fixes).
  * tracing: Fix mismatched comment in __string_len (git-fixes).
  * tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
    trace_pipe_raw (git-fixes).
  * tracing: Fix possible memory leak in __create_synth_event() error path (git-
  * tracing: Fix race where histograms can be called before the event (git-
  * tracing: Fix sleeping function called from invalid context on RT kernel
  * tracing: Fix tp_printk option related with tp_printk_stop_on_boot (git-
  * tracing: Fix warning on variable 'struct trace_array' (git-fixes).
  * tracing: Have TRACE_DEFINE_ENUM affect trace event types as well (git-
  * tracing: Have syscall trace events use trace_event_buffer_lock_reserve()
  * tracing: Have type enum modifications copy the strings (git-fixes).
  * tracing: Make sure trace_printk() can output as soon as it can be used (git-
  * tracing: Make tp_printk work on syscall tracepoints (git-fixes).
  * tracing: Use alignof__(struct {type b;}) instead of offsetof() (git-fixes).
  * tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (git-fixes).
  * tty: fix possible null-ptr-defer in spk_ttyio_release (git-fixes).
  * tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
  * ubsan: no need to unset panic_on_warn in ubsan_epilogue() (bsc#1207328).
  * usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210 (git-fixes).
  * usb: acpi: add helper to check port lpm capability using acpi _DSM (git-
  * usb: cdns3: remove fetched trb from cache before dequeuing (git-fixes).
  * usb: core: add quirk for Alcor Link AK9563 smartcard reader (git-fixes).
  * usb: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
  * usb: dwc3: qcom: enable vbus override when in OTG dr-mode (git-fixes).
  * usb: fotg210-udc: Fix ages old endianness issues (git-fixes).
  * usb: gadget: f_fs: Ensure ep0req is dequeued before free_request (git-
  * usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait (git-
  * usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait (git-fixes).
  * usb: gadget: f_hid: fix f_hidg lifetime vs cdev (git-fixes).
  * usb: gadget: f_hid: fix refcount leak on error path (git-fixes).
  * usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() (git-
  * usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints (git-fixes).
  * usb: gadget: g_webcam: Send color matching descriptor per frame (git-fixes).
  * usb: gadget: udc: core: Print error code in usb_gadget_probe_driver() (git-
  * usb: gadget: udc: core: Revise comments for USB ep enable/disable (git-
  * usb: gadget: udc: core: Use pr_fmt() to prefix messages (git-fixes).
  * usb: gadget: udc: core: remove usage of list iterator past the loop body
  * usb: host: ehci-fsl: Fix module alias (git-fixes).
  * usb: typec: altmodes/displayport: Add pin assignment helper (git-fixes).
  * usb: typec: altmodes/displayport: Fix pin assignment calculation (git-
  * usb: typec: altmodes/displayport: Fix probe pin assign check (git-fixes).
  * usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git-
  * usb: xhci: Check endpoint is valid before dereferencing it (git-fixes).
  * vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
  * vfs: Check the truncate maximum size in inode_newsize_ok() (bsc#1207642).
  * vfs: make sync_filesystem return errors from ->sync_fs (git-fixes).
  * virtio-blk: modify the value type of num in virtio_queue_rq() (git-fixes).
  * virtio-net: correctly enable callback during start_xmit (git-fixes).
  * virtio_pci: modify ENOENT to EINVAL (git-fixes).
  * w1: fix WARNING after calling w1_process() (git-fixes).
  * w1: fix deadloop in __w1_remove_master_device() (git-fixes).
  * wait: Fix __wait_event_hrtimeout for RT/DL tasks (git-fixes)
  * watchdog-diag288_wdt-fix-__diag288-inline-assembly.patch
  * watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-3210)
  * watchdog: diag288_wdt: do not use stack buffers for hardware data
  * watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
  * wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices (git-fixes).
  * wifi: mac80211: sdata can be NULL during AMPDU start (git-fixes).
  * wifi: mt76: mt7921: add mt7921_mutex_acquire at mt7921_sta_set_decap_offload
  * wifi: mt76: mt7921e: fix race issue between reset and suspend/resume (git-
  * wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (git-fixes).
  * wifi: mt76: sdio: poll sta stat when device transmits data (git-fixes).
  * wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (git-fixes).
  * writeback: avoid use-after-free after removing device (bsc#1207638).
  * x86/MCE/AMD: Clear DFR errors found in THR handler (git-fixes).
  * x86/asm: Fix an assembler warning with current binutils (git-fixes).
  * x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
  * x86/hyperv: Remove unregister syscore call from Hyper-V cleanup (git-fixes).
  * x86/hyperv: Restore VP assist page after cpu offlining/onlining (git-fixes).
  * x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-
  * x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-
  * x86/kvm: Remove unused virt to phys translation in kvm_guest_cpu_init()
  * x86/microcode/intel: Do not retry microcode reloading on the APs (git-
  * x86: ACPI: cstate: Optimize C3 entry on AMD CPUs (git-fixes).
  * xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-
  * xfs: estimate post-merge refcounts correctly (bsc#1208183).
  * xfs: fix incorrect error-out in xfs_remove (git-fixes).
  * xfs: fix incorrect i_nlink caused by inode racing (git-fixes).
  * xfs: fix maxlevels comparisons in the btree staging code (git-fixes).
  * xfs: fix memory leak in xfs_errortag_init (git-fixes).
  * xfs: get rid of assert from xfs_btree_islastblock (git-fixes).
  * xfs: get root inode correctly at bulkstat (git-fixes).
  * xfs: hoist refcount record merge predicates (bsc#1208183).
  * xfs: initialize the check_owner object fully (git-fixes).
  * xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (git-fixes).
  * xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (git-fixes).
  * xfs: return errors in xfs_fs_sync_fs (git-fixes).
  * xfs: xfstest fails with error missing kernel patch (git-fixes bsc#1207501
  * xhci-pci: set the dma max_seg_size (git-fixes).
  * xhci: Fix null pointer dereference when host dies (git-fixes).
  * zram: Delete patch for regression addressed (bsc#1207933).
  * zram: do not lookup algorithm in backends table (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap Micro 5.3  
    zypper in -t patch openSUSE-Leap-Micro-5.3-2023-488=1

  * openSUSE Leap 15.4  
    zypper in -t patch openSUSE-SLE-15.4-2023-488=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-488=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-488=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-488=1

  * SUSE Real Time Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2023-488=1

## Package List:

  * openSUSE Leap Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.11.1
  * openSUSE Leap Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt-debugsource-5.14.21-150400.15.11.1
  * openSUSE Leap 15.4 (x86_64)
    * kernel-rt_debug-debugsource-5.14.21-150400.15.11.1
    * kernel-rt-debugsource-5.14.21-150400.15.11.1
    * kernel-rt-devel-debuginfo-5.14.21-150400.15.11.1
    * ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-devel-5.14.21-150400.15.11.1
    * kernel-rt-devel-5.14.21-150400.15.11.1
    * dlm-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.11.1
    * dlm-kmp-rt-5.14.21-150400.15.11.1
    * kernel-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-syms-rt-5.14.21-150400.15.11.1
    * ocfs2-kmp-rt-5.14.21-150400.15.11.1
    * gfs2-kmp-rt-5.14.21-150400.15.11.1
    * cluster-md-kmp-rt-5.14.21-150400.15.11.1
    * gfs2-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.11.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-devel-rt-5.14.21-150400.15.11.1
    * kernel-source-rt-5.14.21-150400.15.11.1
  * openSUSE Leap 15.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.11.1
    * kernel-rt_debug-5.14.21-150400.15.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt-debugsource-5.14.21-150400.15.11.1
  * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.11.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt-debugsource-5.14.21-150400.15.11.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
    * kernel-livepatch-5_14_21-150400_15_11-rt-1-150400.1.3.1
    * kernel-livepatch-SLE15-SP4-RT_Update_3-debugsource-1-150400.1.3.1
    * kernel-livepatch-5_14_21-150400_15_11-rt-debuginfo-1-150400.1.3.1
  * SUSE Real Time Module 15-SP4 (x86_64)
    * kernel-rt_debug-debugsource-5.14.21-150400.15.11.1
    * kernel-rt-debugsource-5.14.21-150400.15.11.1
    * kernel-rt-devel-debuginfo-5.14.21-150400.15.11.1
    * ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-devel-5.14.21-150400.15.11.1
    * kernel-rt-devel-5.14.21-150400.15.11.1
    * dlm-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-debuginfo-5.14.21-150400.15.11.1
    * kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.11.1
    * dlm-kmp-rt-5.14.21-150400.15.11.1
    * kernel-rt-debuginfo-5.14.21-150400.15.11.1
    * kernel-syms-rt-5.14.21-150400.15.11.1
    * ocfs2-kmp-rt-5.14.21-150400.15.11.1
    * gfs2-kmp-rt-5.14.21-150400.15.11.1
    * cluster-md-kmp-rt-5.14.21-150400.15.11.1
    * gfs2-kmp-rt-debuginfo-5.14.21-150400.15.11.1
    * cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.11.1
  * SUSE Real Time Module 15-SP4 (noarch)
    * kernel-devel-rt-5.14.21-150400.15.11.1
    * kernel-source-rt-5.14.21-150400.15.11.1
  * SUSE Real Time Module 15-SP4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.11.1
    * kernel-rt_debug-5.14.21-150400.15.11.1

## References:


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the sle-security-updates mailing list