Container summary for suse/sle-micro/rt-5.5

SUSE-IU-2024:1602-1

SUSE-IU-2024:1583-1

SUSE-IU-2024:1576-1

SUSE-IU-2024:1575-1

SUSE-IU-2024:1562-1

This update for gcc14 fixes the following issues:
This update ships the GNU Compiler Collection GCC 14.2. (jsc#PED-10474)
The compiler runtime libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 13 ones.
The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP5 and SP6, and provided in the 'Development Tools' module.
The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories.
To use gcc14 compilers use:

• install 'gcc14' or 'gcc14-c++' or one of the other 'gcc14-COMPILER' frontend packages.
• override your Makefile to use CC=gcc14, CXX=g++14 and similar overrides for the other languages.

• Add libquadmath0-devel-gcc14 sub-package to allow installing quadmath.h and SO link without installing the fortran frontend

• Avoid combine spending too much compile-time and memory doing nothing on s390x. [bsc#1188441]
• Remove timezone Recommends from the libstdc++6 package. [bsc#1221601]
• Revert libgccjit dependency change. [bsc#1220724]
• Fix libgccjit-devel dependency, a newer shared library is OK.
• Fix libgccjit dependency, the corresponding compiler isn't required.
• Add cross-X-newlib-devel requires to newlib cross compilers. [bsc#1219031]
• Re-enable AutoReqProv for cross packages but filter files processed via __requires_exclude_from and __provides_exclude_from. [bsc#1219031]
• Package m2rte.so plugin in the gcc14-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
• Require libstdc++6-devel-gcc14 from gcc14-m2 as m2 programs are linked against libstdc++6.

SUSE-IU-2024:1495-1

SUSE-IU-2024:1491-1

This update for bash fixes the following issues:

• Load completion file eveh if a brace expansion is in the command line included (bsc#1227807).

SUSE-IU-2024:1485-1

This update for elemental-toolkit contains the following fix:

• Update to version 1.1.6: * Run KVM tests on ubuntu-latest * Install qemu in github workflow * Do not return error for efi.ReadLoadOption

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607).
• CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633).
• CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
• CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
• CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
• CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
• CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
• CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
• CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339).
• CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
• CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973).
• CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
• CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
• CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
• CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
• CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
• CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
• CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
• CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082).
• CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
• CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
• CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
• CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
• CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
• CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
• CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
• CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
• CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
• CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
• CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
• CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
• CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
• CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
• CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
• CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178).
• CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
• CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
• CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
• CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
• CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
• CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
• CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
• CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
• CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
• CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
• CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
• CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
• CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
• CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
• CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
• CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
• CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
• CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
• CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
• CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507).
• CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
• CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
• CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
• CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
• CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
• CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
• CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582).
• CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700).
• CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
• CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
• CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
• CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
• CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
• CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
• CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
• CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
• CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
• CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
• CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
• CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
• CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
• CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
• CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116).

• ACPI: battery: create alarm sysfs attribute atomically (git-fixes).
• ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
• ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).
• ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).
• ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).
• ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes).
• ACPI: sysfs: validate return type of _STR method (git-fixes).
• af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846).
• af_unix: Fix data races around sk->sk_shutdown (bsc#1226846).
• af_unix: Fix data-races around sk->sk_shutdown (git-fixes).
• ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).
• ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes).
• ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes).
• ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes).
• ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
• apparmor: fix possible NULL pointer dereference (stable-fixes).
• arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
• arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).
• arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).
• arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).
• arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
• arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
• arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
• arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
• arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
• ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
• ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
• ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
• ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
• ASoC: tegra: Fix CBB error during probe() (git-fixes).
• ASoC: topology: Properly initialize soc_enum values (stable-fixes).
• ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
• ata: pata_macio: Use WARN instead of BUG (stable-fixes).
• blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
• blk-mq: add number of queue calc helper (bsc#1229034).
• blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031).
• blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
• blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034).
• blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034).
• blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034).
• Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
• Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
• Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).
• Bluetooth: L2CAP: Fix deadlock (git-fixes).
• Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
• cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181).
• cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013).
• can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
• can: bcm: Remove proc entry when dev is unregistered (git-fixes).
• can: j1939: use correct function name in comment (git-fixes).
• can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes).
• cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
• ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180).
• char: xillybus: Check USB endpoints when probing device (git-fixes).
• clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
• clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes).
• clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes).
• cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).
• crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).
• crypto: virtio - Handle dataq logic with tasklet (git-fixes).
• crypto: virtio - Wait for tasklet to complete on device remove (git-fixes).
• crypto: xor - fix template benchmarking (git-fixes).
• devres: Initialize an uninitialized struct member (stable-fixes).
• driver core: Add debug logs when fwnode links are added/deleted (git-fixes).
• driver core: Add missing parameter description to __fwnode_link_add() (git-fixes).
• driver core: Create __fwnode_link_del() helper function (git-fixes).
• driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes).
• driver core: fw_devlink: Consolidate device link flag computation (git-fixes).
• driver core: Set deferred probe reason when deferred by driver core (git-fixes).
• drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
• Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
• Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
• drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).
• drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).
• drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
• drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
• drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
• drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes).
• drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
• drm/amd/display: Check denominator pbn_div before used (stable-fixes).
• drm/amd/display: Check gpio_id before used as array index (stable-fixes).
• drm/amd/display: Check HDCP returned status (stable-fixes).
• drm/amd/display: Check msg_id before processing transcation (stable-fixes).
• drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes).
• drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes).
• drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
• drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes).
• drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes).
• drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes).
• drm/amd/display: Spinlock before reading event (stable-fixes).
• drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes).
• drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
• drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
• drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).
• drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
• drm/amdgpu: fix a possible null pointer dereference (git-fixes).
• drm/amdgpu: fix dereference after null check (stable-fixes).
• drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
• drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
• drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
• drm/amdgpu: fix overflowed array index read warning (stable-fixes).
• drm/amdgpu: Fix smatch static checker warning (stable-fixes).
• drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
• drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
• drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes).
• drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes).
• drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes).
• drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
• drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
• drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
• drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
• drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes).
• drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes).
• drm/amd/pm: check negtive return for table entries (stable-fixes).
• drm/amd/pm: check specific index for aldebaran (stable-fixes).
• drm/amd/pm: Fix negative array index read (stable-fixes).
• drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
• drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes).
• drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes).
• drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes).
• drm/amd/pm: fix uninitialized variable warning (stable-fixes).
• drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes).
• drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).
• drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes).
• drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
• drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes).
• drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
• drm/meson: plane: Add error handling (stable-fixes).
• drm/msm/a5xx: disable preemption in submits by default (git-fixes).
• drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
• drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
• drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
• drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
• drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444)
• drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
• drm/msm: fix %s null argument error (git-fixes).
• drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
• drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).
• drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).
• drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).
• drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
• drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
• exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
• fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
• filemap: remove use of wait bookmarks (bsc#1224085).
• firmware_loader: Block path traversal (git-fixes).
• fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592).
• fuse: update stats for pages in dropped aux writeback list (bsc#1230130).
• fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129).
• genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031).
• genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031).
• genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031).
• genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031).
• genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031).
• genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031).
• genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031).
• gfs2: setattr_chown: Add missing initialization (git-fixes).
• HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
• HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).
• hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).
• hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).
• hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
• hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
• hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).
• hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).
• hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).
• hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
• i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes).
• i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
• i2c: isch: Add missed 'else' (git-fixes).
• i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
• i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
• i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
• i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).
• IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
• IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd->uctxt_lock (git-fixes)
• iio: adc: ad7124: fix chip ID mismatch (git-fixes).
• iio: adc: ad7124: fix config comparison (git-fixes).
• iio: adc: ad7606: fix oversampling gpio array (git-fixes).
• iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).
• iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
• iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).
• iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes).
• iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
• Input: ilitek_ts_i2c - add report id message validation (git-fixes).
• Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
• Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
• Input: uinput - reject requests with unreasonable number of slots (stable-fixes).
• ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
• ipmi:ssif: Improve detecting during probing (bsc#1228771)
• ipmi:ssif: Improve detecting during probing (bsc#1228771)
• jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
• kabi: add __nf_queue_get_refs() for kabi compliance.
• kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes).
• kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
• lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031).
• lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034).
• lib/group_cpus: Export group_cpus_evenly() (bsc#1229031).
• lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
• mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
• mailbox: rockchip: fix a typo in module autoloading (git-fixes).
• media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269)
• media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
• media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes).
• media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes).
• media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
• media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
• media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
• media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).
• media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
• media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).
• media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
• mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
• mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
• mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
• mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
• mtd: slram: insert break after errors in parsing the map (git-fixes).
• net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
• net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
• net: missing check virtio (git-fixes).
• net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
• nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769).
• NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
• NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662).
• NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
• NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
• NFS: Reduce use of uncached readdir (bsc#1226662).
• NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).
• nilfs2: Constify struct kobj_type (git-fixes).
• nilfs2: determine empty node blocks as corrupted (git-fixes).
• nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
• nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
• nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
• nilfs2: fix state management in error path of log writing function (git-fixes).
• nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes).
• nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes).
• nilfs2: use default_groups in kobj_type (git-fixes).
• nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes).
• nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
• nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
• nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034).
• nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
• nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
• nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
• nvmet-tcp: do not continue for invalid icreq (git-fixes).
• nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
• nvmet-trace: avoid dereferencing pointer too early (git-fixes).
• ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
• ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
• ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
• ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
• PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
• PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes).
• PCI/ASPM: Move pci_function_0() upward (bsc#1226915)
• PCI/ASPM: Remove struct aspm_latency (bsc#1226915)
• PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915)
• PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915)
• PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
• PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
• PCI: dwc: Restore MSI Receiver mask during resume (git-fixes).
• pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
• PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).
• PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
• PCI: Support BAR sizes up to 8TB (bsc#1231017)
• PCI: Wait for Link before restoring Downstream Buses (git-fixes).
• PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
• PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
• PCI: xilinx-nwl: Fix register misspelling (git-fixes).
• pcmcia: Use resource_size function on resource object (stable-fixes).
• pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
• pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
• PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
• platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
• platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).
• platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).
• power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).
• power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).
• power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
• power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).
• RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
• RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
• RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
• RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
• RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
• RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
• RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)
• RDMA/hns: Optimize hem allocation performance (git-fixes)
• RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
• RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
• RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
• RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes)
• RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)
• Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
• Revert 'Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE' (git-fixes).
• Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes).
• Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (stable-fixes).
• rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
• scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
• scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429).
• scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429).
• scsi: lpfc: Fix overflow build issue (bsc#1229429).
• scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429).
• scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429).
• scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429).
• scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429).
• scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429).
• scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429).
• scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034).
• scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034).
• scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).
• scsi: use block layer helpers to calculate num of queues (bsc#1229034).
• spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
• Squashfs: sanity check symbolic link size (git-fixes).
• staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes).
• thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
• tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).
• tools/virtio: fix build (git-fixes).
• tpm: Clean up TPM space after command failure (git-fixes).
• tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
• tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
• udp: fix receiving fraglist GSO packets (git-fixes).
• uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
• usb: cdnsp: Fix incorrect usb_request status (git-fixes).
• USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
• usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
• usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
• usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes).
• usb: dwc3: core: Skip setting event buffers for host only controllers (git-fixes).
• usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes).
• usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
• usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
• usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
• usbip: Do not submit special requests twice (stable-fixes).
• usbnet: fix cyclical race on disconnect with work queue (git-fixes).
• usbnet: ipheth: race between ipheth_close and error handling (git-fixes).
• usbnet: modern method to get random MAC (git-fixes).
• USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
• USB: serial: option: add MeiG Smart SRM825L (git-fixes).
• usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
• usb: uas: set host status byte on data completion error (git-fixes).
• usb: uas: set host status byte on data completion error (stable-fixes).
• USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
• usb: xhci: fix loss of data on Cadence xHC (git-fixes).
• vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
• vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
• virito: add APIs for retrieving vq affinity (bsc#1229034).
• virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
• virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034).
• virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034).
• virtiofs: forbid newlines in tags (bsc#1230591).
• virtio_net: checksum offloading handling fix (git-fixes).
• virtio_net: Fix ''%d' directive writing between 1 and 11 bytes into a region of size 10' warnings (git-fixes).
• virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
• virtio: reenable config if freezing device failed (git-fixes).
• virtio/vsock: fix logic which reduces credit update messages (git-fixes).
• VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes).
• vsock/virtio: add support for device suspend/resume (git-fixes).
• vsock/virtio: factor our the code to initialize and delete VQs (git-fixes).
• vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes).
• vsock/virtio: remove socket from connected/bound list on shutdown (git-fixes).
• watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
• wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
• wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).
• wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
• wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).
• wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).
• wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
• wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).
• wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).
• wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
• wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
• wifi: rtw88: remove CPT execution branch never used (git-fixes).
• wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).
• x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
• x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).
• x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).
• x86/xen: Convert comma to semicolon (git-fixes).
• xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
• xen: allow mapping ACPI data using a different physical address (bsc#1226003).
• xen: introduce generic helper checking for memory map conflicts (bsc#1226003).
• xen: move checks for e820 conflicts further up (bsc#1226003).
• xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
• xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
• xen/swiotlb: fix allocated size (git-fixes).
• xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).
• xen: use correct end address of kernel for conflict checking (bsc#1226003).
• xfs: do not include bnobt blocks when reserving free block pool (git-fixes).
• xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes).
• xz: cleanup CRC32 edits from 2018 (git-fixes).

SUSE-IU-2024:1461-1

SUSE-IU-2024:1444-1

This update for dracut fixes the following issue:

• Version update, check for presence of legacy rules (bsc#1230330).
• Version update, handle all possible options in `rd.dasd` (bsc#1230110).

This update for e2fsprogs fixes the following issue:

• resize2fs: Check number of group descriptors only if meta_bg is disabled (bsc#1230145).

SUSE-IU-2024:1437-1

SUSE-IU-2024:1434-1

This update for glibc fixes the following issue:

• fix memory malloc problem: Initiate tcache shutdown even without allocations (bsc#1228661).

SUSE-IU-2024:1433-1

SUSE-IU-2024:1432-1

This update for curl fixes the following issue:

• Make special characters in URL work with aws-sigv4 (bsc#1230516).

This update for logrotate fixes the following issues:

• Backport 'ignoreduplicates' configuration flag (jsc#PED-10366)

SUSE-IU-2024:1428-1

This update for pam-config fixes the following issues:

• Improved check for existence of modules (bsc#1227216)

SUSE-IU-2024:1427-1

SUSE-IU-2024:1426-1

SUSE-IU-2024:1413-1

SUSE-IU-2024:1375-1

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following non-security bugs were fixed:

• Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413)
• Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413)
• Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413)

SUSE-IU-2024:1374-1

This update for ncurses fixes the following issues:

• Allow the terminal description based on static fallback entries to be freed (bsc#1229028)

SUSE-IU-2024:1352-1

SUSE-IU-2024:1294-1

This update for expat fixes the following issues:

• CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932)
• CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931)
• CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930)

This update for util-linux fixes the following issue:

• Skip aarch64 decode path for rest of the architectures (bsc#1229476).

SUSE-IU-2024:1195-1

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:

• CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
• CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
• CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
• CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
• CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
• CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
• CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
• CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
• CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
• CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
• CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
• CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820).
• CVE-2024-41087: Fix double free on error (bsc#1228466).
• CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
• CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
• CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
• CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
• CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
• CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
• CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
• CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
• CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
• CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
• CVE-2024-26812: struct virqfd kABI workaround (bsc#1222808).
• CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
• CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
• CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
• CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
• CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
• CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569).
• CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
• CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
• CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
• CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
• CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
• CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
• CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
• CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
• CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
• CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
• CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
• CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
• CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
• CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290).
• CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
• CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
• CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
• CVE-2024-27016: Validate pppoe header (bsc#1223807).
• CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
• CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
• CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
• CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
• CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
• CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
• CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
• CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
• CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
• CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727).
• CVE-2024-26677: Blacklist e7870cf13d20 (' Fix delayed ACKs to not set the reference serial number') (bsc#1222387)
• CVE-2024-36009: Blacklist 467324bcfe1a ('ax25: Fix netdev refcount issue') (bsc#1224542)
• CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
• CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
• CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
• CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
• CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
• CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
• CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
• CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
• CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
• CVE-2024-26669: Fix chain template offload (bsc#1222350).
• CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
• CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
• CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
• CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
• CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
• CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
• CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
• CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
• CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
• CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
• CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
• CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
• CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
• CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
• CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
• CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
• CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
• CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
• CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
• CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
• CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
• CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
• CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
• CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
• CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
• CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
• CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
• CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
• CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
• CVE-2024-42139: Fix improper extts handling (bsc#1228503).
• CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
• CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
• CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
• CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
• CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
• CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580).
• CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
• CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
• CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (bsc#1226613).
• CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
• CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
• CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
• CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).

• ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
• ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
• ACPI: bus: Rework system-level device notification handling (git-fixes).
• ACPI: thermal: Drop nocrt parameter (git-fixes).
• ACPI: x86: s2idle: Post-increment variables when getting constraints (git-fixes).
• afs: Do not cross .backup mountpoint from backup volume (git-fixes).
• ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
• ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
• ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
• ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
• ALSA: line6: Fix racy access to midibuf (stable-fixes).
• ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
• ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
• ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
• ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
• ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
• arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
• arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
• arm64: Add Neoverse-V2 part (git-fixes)
• arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
• arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
• arm64: barrier: Restore spec_bar() macro (git-fixes)
• arm64: cpufeature: Add missing .field_width for GIC system registers (git-fixes)
• arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes)
• arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git-fixes)
• arm64: cputype: Add Cortex-A720 definitions (git-fixes)
• arm64: cputype: Add Cortex-A725 definitions (git-fixes)
• arm64: cputype: Add Cortex-X1C definitions (git-fixes)
• arm64: cputype: Add Cortex-X3 definitions (git-fixes)
• arm64: cputype: Add Cortex-X4 definitions (git-fixes)
• arm64: cputype: Add Cortex-X925 definitions (git-fixes)
• arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
• arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
• arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
• arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
• arm64: errata: Expand speculative SSBS workaround (git-fixes)
• arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration.
• arm64: Fix KASAN random tag seed initialization (git-fixes)
• arm64: Fix KASAN random tag seed initialization (git-fixes)
• ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
• ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
• ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
• async: Introduce async_schedule_dev_nocall() (bsc#1221269).
• async: Split async_schedule_node_domain() (bsc#1221269).
• Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
• Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
• Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
• Bluetooth: L2CAP: Fix deadlock (git-fixes).
• bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
• bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
• btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
• btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes).
• btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes).
• btrfs: sysfs: update fs features directory asynchronously (bsc#1226168).
• cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418).
• ceph: issue a cap release immediately if no cap exists (bsc#1225162).
• ceph: periodically flush the cap releases (bsc#1225162).
• cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
• cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes).
• docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
• drm: add missing MODULE_DESCRIPTION() macros (stable-fixes).
• drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
• drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes).
• drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes).
• drm/amd/display: avoid using null object of framebuffer (git-fixes).
• drm/amd/display: Fix && vs || typos (git-fixes).
• drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
• drm/amd/display: Validate hw_points_num before using it (stable-fixes).
• drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
• drm/amdgpu: Actually check flags for all context ops (stable-fixes).
• drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
• drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
• drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
• drm/amdgpu: Validate TA binary size (stable-fixes).
• drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
• drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
• drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
• drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
• drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
• drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes).
• drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
• drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
• drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
• drm/msm/dp: reset the link phy params before link training (git-fixes).
• drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
• drm/msm/dpu: do not play tricks with debug macros (git-fixes).
• drm/tegra: Zero-initialize iosys_map (stable-fixes).
• exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes).
• exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
• exfat: redefine DIR_DELETED as the bad cluster number (git-fixes).
• exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes).
• fs/netfs/fscache_cookie: add missing 'n_accesses' check (bsc#1229453).
• fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
• genirq: Add might_sleep() to disable_irq() (git-fixes).
• genirq: Always limit the affinity to online CPUs (git-fixes).
• genirq: Do not return error on missing optional irq_request_resources() (git-fixes).
• genirq: Take the proposed affinity at face value if force==true (git-fixes).
• genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
• genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
• genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
• genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
• genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
• genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git-fixes).
• gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
• hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
• i2c: smbus: Improve handling of stuck alerts (git-fixes).
• i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
• iommu/amd: Convert comma to semicolon (git-fixes).
• ip6_tunnel: Fix broken GRO (bsc#1229444).
• ipv6: sr: fix incorrect unregister order (git-fixes).
• irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
• irqdomain: Fix association race (git-fixes).
• irqdomain: Fix disassociation race (git-fixes).
• irqdomain: Fix domain registration race (git-fixes).
• irqdomain: Fix mapping-creation race (git-fixes).
• irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
• irqdomain: Look for existing mapping only once (git-fixes).
• irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes).
• irqdomain: Report irq number for NOMAP domains (git-fixes).
• kprobes: Fix to check symbol prefixes correctly (git-fixes).
• lockd: move from strlcpy with unused retval to strscpy (git-fixes).
• memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
• mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
• mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
• mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
• mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
• net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes).
• net: ks8851: Fix deadlock with the SPI chip variant (git-fixes).
• net: ks8851: Fix potential TX stall after interface reopen (git-fixes).
• net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes).
• net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
• net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
• net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
• net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
• net: remove two BUG() from skb_checksum_help() (bsc#1229312).
• net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
• net/rds: fix possible cp null dereference (git-fixes).
• net/sched: initialize noop_qdisc owner (git-fixes).
• nfc: pn533: Add poll mod list filling check (git-fixes).
• nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
• nfs: make the rpc_stat per net namespace (git-fixes).
• NFSD: add posix ACLs to struct nfsd_attrs (git-fixes).
• NFSD: add security label to struct nfsd_attrs (git-fixes).
• NFSD: fix regression with setting ACLs (git-fixes).
• NFSD: Fix strncpy() fortify warning (git-fixes).
• NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes).
• NFSD: introduce struct nfsd_attrs (git-fixes).
• NFSD: move from strlcpy with unused retval to strscpy (git-fixes).
• NFSD: Optimize DRC bucket pruning (git-fixes).
• nfsd: return error if nfs4_setacl fails (git-fixes).
• NFSD: set attributes when creating symlinks (git-fixes).
• nfsd: use locks_inode_context helper (git-fixes).
• nilfs2: Remove check for PageError (git-fixes).
• nvme_core: scan namespaces asynchronously (bsc#1224105).
• ocfs2: use coarse time for new created files (git-fixes).
• padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
• perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
• platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
• platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
• platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
• platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
• platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
• platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
• platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
• platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
• platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
• platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
• platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
• platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
• platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
• power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
• power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
• powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869).
• powerpc: Mark .opd section read-only (bsc#1194869).
• powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869).
• powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
• powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
• powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
• powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
• powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
• powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
• powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
• powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
• powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
• powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
• powerpc/xmon: Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869).
• RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
• RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes)
• RDMA/rxe: Fix rxe_modify_srq (git-fixes)
• RDMA/rxe: Handle zero length rdma (git-fixes)
• RDMA/rxe: Move work queue code to subroutines (git-fixes)
• s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187).
• s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079).
• s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187).
• s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190).
• s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573).
• s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572).
• s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188).
• spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
• sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
• SUNRPC: Fix a race to wake a sync task (git-fixes).
• swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
• syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
• tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
• ubifs: add check for crypto_shash_tfm_digest (git-fixes).
• ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
• ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
• ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
• vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
• wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
• wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
• x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes).
• x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
• x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
• x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
• x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
• xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
• xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
• xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
• xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
• xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).

This update for curl fixes the following issues:

• CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093)

SUSE-IU-2024:1190-1

SUSE-IU-2024:1180-1

This update for glibc fixes the following issue:

• s390x: Fix segfault in wcsncmp (bsc#1228043).

SUSE-IU-2024:1171-1

SUSE-IU-2024:1161-1

This update for dracut fixes the following issues:

• Version update with: * feat(systemd*) include systemd config files from /usr/lib/systemd (bsc#1228398). * fix(convertfs) error in conditional expressions (bsc#1228847).

This update for systemd fixes the following issues:

• CVE-2023-7008: Fixed man-in-the-middle due to unsigned name response in signed zone not refused when DNSSEC=yes (bsc#1218297)

• Unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414)
• Don't mention any rpm macros inside comments, even if escaped (bsc#1228091)
• Skip redundant dependencies specified the LSB description that references the file name of the service itself for early boot scripts (bsc#1221479).

SUSE-IU-2024:1156-1

SUSE-IU-2024:1147-1

This update for mozilla-nss fixes the following issues:

• FIPS: Enforce approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).

SUSE-IU-2024:1146-1

This update for glib2 fixes the following issues:

• Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).

SUSE-IU-2024:1138-1

This update for curl fixes the following issues:
- CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535)

SUSE-IU-2024:1127-1

This update for krb5 fixes the following issues:

• CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186).
• CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187).

This update for xfsprogs fixes the following issue:

• xfs_copy: don't use cached buffer reads until after libxfs_mount (bsc#1227150)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.
• CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
• CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
• CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
• CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
• CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
• CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
• CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
• CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
• CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
• CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
• CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
• CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
• CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).
• CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
• CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
• CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
• CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
• CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
• CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
• CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
• CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
• CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
• CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
• CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
• CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
• CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
• CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
• CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
• CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
• CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
• CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).
• CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
• CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
• CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
• CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
• CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).
• CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
• CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
• CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
• CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
• CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
• CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
• CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
• CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
• CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
• CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
• CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
• CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
• CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
• CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
• CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
• CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
• CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
• CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
• CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
• CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
• CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
• CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
• CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
• CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
• CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
• CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
• CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
• CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
• CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
• CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
• CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
• CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
• CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
• CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
• CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
• CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
• CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
• CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
• CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
• CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
• CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
• CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
• CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
• CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
• CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
• CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
• CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
• CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
• CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
• CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
• CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
• CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
• CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
• CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
• CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
• CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
• CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
• CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
• CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
• CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
• CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
• CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
• CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
• CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
• CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
• CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
• CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
• CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
• CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
• CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
• CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).

• ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
• ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
• ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
• ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
• ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
• ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
• ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
• ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
• ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
• ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
• ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
• ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
• ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
• ALSA: timer: Set lower bound of start tick time (stable-fixes).
• ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
• ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
• ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes).
• ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
• ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).
• ASoC: rt715-sdca: volume step modification (stable-fixes).
• ASoC: rt715: add vendor clear control register (stable-fixes).
• Add remote for nfs maintainer
• Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
• Fix new build warnings regarding unused variables: Changed build warnings: ***** 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable]
• HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
• HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
• Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
• NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
• NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
• NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
• PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
• PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
• RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
• RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
• RDMA/hns: Fix incorrect sge nums calculation (git-fixes)
• RDMA/irdma: Drop unused kernel push code (git-fixes)
• RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
• Revert 'Add remote for nfs maintainer'
• Revert 'build initrd without systemd' (bsc#1195775)'
• USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
• USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
• X.509: Fix the parser of extended key usage for length (bsc#1218820).
• arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
• arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).
• arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).
• arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).
• arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).
• ata: ahci: Clean up sysfs file on error (git-fixes).
• ata: libata-core: Fix double free on error (git-fixes).
• ata: libata-core: Fix null pointer dereference on error (git-fixes).
• batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
• bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes).
• btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).
• cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
• ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
• ceph: always check dir caps asynchronously (bsc#1226022).
• ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
• ceph: break the check delayed cap loop every 5s (bsc#1226022).
• ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
• cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
• cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
• cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
• cgroup: Remove unnecessary list_empty() (bsc#1222254).
• cgroup: preserve KABI of cgroup_root (bsc#1222254).
• cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368).
• cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
• crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
• dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
• dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
• drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
• drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
• drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
• drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
• drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
• drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).
• drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
• drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
• drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
• drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
• drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
• drm/amdgpu: Update BO eviction priorities (stable-fixes).
• drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
• drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
• drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
• drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
• drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
• drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
• drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
• drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
• drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
• drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
• drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
• drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
• drm/komeda: check for error-valued pointer (git-fixes).
• drm/lima: add mask irq callback to gp and pp (stable-fixes).
• drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
• drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
• drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
• drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).
• drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes).
• drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes).
• drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
• drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
• drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
• drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
• gpio: davinci: Validate the obtained number of IRQs (git-fixes).
• gpio: tqmx86: fix typo in Kconfig label (git-fixes).
• gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
• gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
• hwmon: (shtc1) Fix property misspelling (git-fixes).
• i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
• i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
• i2c: ocores: set IACK bit after core is enabled (git-fixes).
• i2c: testunit: discard write requests while old command is running (git-fixes).
• i2c: testunit: do not erase registers after STOP (git-fixes).
• iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
• iio: adc: ad7266: Fix variable checking bug (git-fixes).
• iio: adc: ad9467: fix scan type sign (git-fixes).
• iio: chemical: bme680: Fix calibration data variable (git-fixes).
• iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
• iio: chemical: bme680: Fix pressure value output (git-fixes).
• iio: chemical: bme680: Fix sensor data read operation (git-fixes).
• iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
• iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
• intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
• iommu/amd: Fix sysfs leak in iommu init (git-fixes).
• iommu: Return right value in iommu_sva_bind_device() (git-fixes).
• iommu: mtk: fix module autoloading (git-fixes).
• ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
• kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
• kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).
• kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
• kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
• kernel-doc: fix struct_group_tagged() parsing (git-fixes).
• lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).
• media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).
• media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
• media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).
• media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
• media: mxl5xx: Move xpt structures off stack (stable-fixes).
• media: radio-shark2: Avoid led_names truncations (git-fixes).
• media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
• mei: me: release irq in mei_me_pci_resume error path (git-fixes).
• mkspec-dtb: add toplevel symlinks also on arm
• mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
• mmc: core: Do not force a retune before RPMB switch (stable-fixes).
• mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
• mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
• mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
• mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
• mmc: sdhci: Do not invert write-protect twice (git-fixes).
• mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
• mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
• mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
• mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).
• mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
• mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
• mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
• mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
• net/mlx5e: Fix a race in command alloc flow (git-fixes).
• net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
• net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
• net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
• net: ena: Fix redundant device NUMA node override (jsc#PED-8690).
• net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
• net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
• net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
• net: usb: ax88179_178a: improve link status logs (git-fixes).
• net: usb: ax88179_178a: improve reset check (git-fixes).
• net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).
• net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
• net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
• nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
• nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes).
• nvme: find numa distance only if controller has valid numa id (git-fixes).
• nvmet-passthru: propagate status from id override functions (git-fixes).
• ocfs2: adjust enabling place for la window (bsc#1219224).
• ocfs2: fix sparse warnings (bsc#1219224).
• ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
• ocfs2: speed up chain-list searching (bsc#1219224).
• pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
• pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
• pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
• pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
• pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
• pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
• random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
• regulator: bd71815: fix ramp values (git-fixes).
• regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes).
• regulator: irq_helpers: duplicate IRQ name (stable-fixes).
• regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
• rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
• rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
• rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
• rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
• sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
• scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570).
• smb: client: ensure to try all targets when finding nested links (bsc#1224020).
• smb: client: guarantee refcounted children from parent session (bsc#1224679).
• soundwire: cadence: fix invalid PDI offset (stable-fixes).
• spi: stm32: Do not warn about spurious interrupts (git-fixes).
• supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
• supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
• supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
• tty: mcf: MCF54418 has 10 UARTS (git-fixes).
• usb-storage: alauda: Check whether the media is initialized (git-fixes).
• usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
• usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
• usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).
• usb: gadget: printer: fix races against disable (git-fixes).
• usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
• usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
• usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
• usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
• usb: typec: ucsi: Never send a lone connector change ack (git-fixes).
• usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes).
• usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes).
• usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes).
• watchdog: bd9576: Drop 'always-running' property (git-fixes).
• watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes).
• wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
• wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
• wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
• wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
• wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
• wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
• wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
• wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
• wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
• wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
• wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
• wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
• wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
• x86/mce: Dynamically size space for machine check records (bsc#1222241).
• x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
• xfs: make sure sb_fdblocks is non-negative (bsc#1225419).
• xhci: Fix failure to detect ring expansion need (git-fixes).
• xhci: Fix transfer ring expansion size calculation (git-fixes).
• xhci: Handle TD clearing for multiple streams case (git-fixes).
• xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
• xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).
• xhci: fix matching completion events with TDs (git-fixes).
• xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes).
• xhci: restre deleted trb fields for tracing (git-fixes).
• xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
• xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
• xhci: update event ring dequeue pointer position to controller correctly (git-fixes).

This update for shadow fixes the following issues:

• CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845).

This update for mozilla-nss fixes the following issues:

• Fixed startup crash of Firefox when using FIPS-mode (bsc#1223724).
• Added 'Provides: nss' so other RPMs that require 'nss' can be installed (jira PED-6358).

• FIPS: added safe memsets (bsc#1222811)
• FIPS: restrict AES-GCM (bsc#1222830)
• FIPS: Updated FIPS approved cipher lists (bsc#1222813, bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118)
• FIPS: Updated FIPS self tests (bsc#1222807, bsc#1222828, bsc#1222834)
• FIPS: Updated FIPS approved cipher lists (bsc#1222804, bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116)

• Require `sed` for mozilla-nss-sysinit, as setup-nsssysinit.sh depends on it and will create a broken, empty config, if sed is missing (bsc#1227918)

• bmo#1905691 - ChaChaXor to return after the function

• GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.

• add diagnostic assertions for SFTKObject refcount.
• freeing the slot in DeleteCertAndKey if authentication failed
• fix formatting issues.
• Add Firmaprofesional CA Root-A Web to NSS.
• remove invalid acvp fuzz test vectors.
• pad short P-384 and P-521 signatures gtests.
• remove unused FreeBL ECC code.
• pad short P-384 and P-521 signatures.
• be less strict about ECDSA private key length.
• Integrate HACL* P-521.
• Integrate HACL* P-384.
• memory leak in create_objects_from_handles.
• ensure all input is consumed in a few places in mozilla::pkix
• SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
• clean up escape handling
• Use lib::pkix as default validator instead of the old-one
• Need to add high level support for PQ signing.
• Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation
• SMIME/CMS and PKCS #12 do not integrate with modern NSS policy
• Allow for non-full length ecdsa signature when using softoken
• Modification of .taskcluster.yml due to mozlint indent defects
• Implement support for PBMAC1 in PKCS#12
• disable VLA warnings for fuzz builds.
• remove redundant AllocItem implementation.
• add PK11_ReadDistrustAfterAttribute.
• - Clang-formatting of SEC_GetMgfTypeByOidTag update
• Set SEC_ERROR_LIBRARY_FAILURE on self-test failure
• sftk_getParameters(): Fix fallback to default variable after error with configfile.
• Switch to the mozillareleases/image_builder image

• switch from ec_field_GFp to ec_field_plain

• merge pk11_kyberSlotList into pk11_ecSlotList for faster Xyber operations.
• remove ckcapi.
• avoid a potential PK11GenericObject memory leak.
• Remove incomplete ESDH code.
• Decrypt RSA OAEP encrypted messages.
• Fix certutil CRLDP URI code.
• Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys.
• Add ability to encrypt and decrypt CMS messages using ECDH.
• Correct Templates for key agreement in smime/cmsasn.c.
• Moving the decodedCert allocation to NSS.
• Allow developers to speed up repeated local execution of NSS tests that depend on certificates.

• Removing check for message len in ed25519 (bmo#1325335)
• add ed25519 to SECU_ecName2params. (bmo#1884276)
• add EdDSA wycheproof tests. (bmo#1325335)
• nss/lib layer code for EDDSA. (bmo#1325335)
• Adding EdDSA implementation. (bmo#1325335)
• Exporting Certificate Compression types (bmo#1881027)
• Updating ACVP docker to rust 1.74 (bmo#1880857)
• Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335)
• Add NSS_CMSRecipient_IsSupported. (bmo#1877730)

• (CVE-2023-5388) Timing attack against RSA decryption in TLS
• Certificate Compression: enabling the check that the compression was advertised
• Move Windows workers to nss-1/b-win2022-alpha
• Remove Email trust bit from OISTE WISeKey Global Root GC CA
• Replace `distutils.spawn.find_executable` with `shutil.which` within `mach` in `nss`
• Certificate Compression: Updating nss_bogo_shim to support Certificate compression
• TLS Certificate Compression (RFC 8879) Implementation
• Add valgrind annotations to freebl kyber operations for constant-time execution tests
• Set nssckbi version number to 2.66
• Add Telekom Security roots
• Add D-Trust 2022 S/MIME roots
• Remove expired Security Communication RootCA1 root
• move keys to a slot that supports concatenation in PK11_ConcatSymKeys
• remove unmaintained tls-interop tests
• bogo: add support for the -ipv6 and -shim-id shim flags
• bogo: add support for the -curves shim flag and update Kyber expectations
• bogo: adjust expectation for a key usage bit test
• mozpkix: add option to ignore invalid subject alternative names
• Fix selfserv not stripping `publicname:` from -X value
• take ownership of ecckilla shims
• add valgrind annotations to freebl/ec.c
• PR_INADDR_ANY needs PR_htonl before assignment to inet.ip
• Update zlib to 1.3.1

• make Xyber768d00 opt-in by policy
• add libssl support for xyber768d00
• add PK11_ConcatSymKeys
• add Kyber and a PKCS#11 KEM interface to softoken
• add a FreeBL API for Kyber
• part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff
• part 1: add a script for vendoring kyber from pq-crystals repo
• Removing the calls to RSA Blind from loader.*
• fix worker type for level3 mac tasks
• RSA Blind implementation
• Remove DSA selftests
• read KWP testvectors from JSON
• Backed out changeset dcb174139e4f
• Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation
• Wrap CC shell commands in gyp expansions

• Use pypi dependencies for MacOS worker in ./build_gyp.sh
• p7sign: add -a hash and -u certusage (also p7verify cleanups)
• add a defensive check for large ssl_DefSend return values
• Add dependency to the taskcluster script for Darwin
• Upgrade version of the MacOS worker for the CI

• Bump builtins version number.
• Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert.
• Remove 4 DigiCert (Symantec/Verisign) Root Certificates
• Remove 3 TrustCor Root Certificates from NSS.
• Remove Camerfirma root certificates from NSS.
• Remove old Autoridad de Certificacion Firmaprofesional Certificate.
• Add four Commscope root certificates to NSS.
• Add TrustAsia Global Root CA G3 and G4 root certificates.
• Include P-384 and P-521 Scalar Validation from HACL*
• Include P-256 Scalar Validation from HACL*.
• After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level
• Add means to provide library parameters to C_Initialize
• add OSXSAVE and XCR0 tests to AVX2 detection.
• Typo in ssl3_AppendHandshakeNumber
• Introducing input check of ssl3_AppendHandshakeNumber
• Fix Invalid casts in instance.c

• Updated code and commit ID for HACL*
• update ACVP fuzzed test vector: refuzzed with current NSS
• Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants
• NSS needs a database tool that can dump the low level representation of the database
• declare string literals using char in pkixnames_tests.cpp
• avoid implicit conversion for ByteString
• update rust version for acvp docker
• Moving the init function of the mpi_ints before clean-up in ec.c
• P-256 ECDH and ECDSA from HACL*
• Add ACVP test vectors to the repository
• Stop relying on std::basic_string
• Transpose the PPC_ABI check from Makefile to gyp

• Update zlib in NSS to 1.3.
• softoken: iterate hashUpdate calls for long inputs.
• regenerate NameConstraints test certificates (bsc#1214980).

• Set nssckbi version number to 2.62
• Add 4 Atos TrustedRoot Root CA certificates to NSS
• Add 4 SSL.com Root CA certificates
• Add Sectigo E46 and R46 Root CA certificates
• Add LAWtrust Root CA2 (4096)
• Remove E-Tugra Certification Authority root
• Remove Camerfirma Chambers of Commerce Root.
• Remove Hongkong Post Root CA 1
• Remove E-Tugra Global Root CA ECC v3 and RSA v3
• Avoid redefining BYTE_ORDER on hppa Linux

• Implementation of the HW support check for ADX instruction
• Removing the support of Curve25519
• Fix comment about the addition of ticketSupportsEarlyData
• Adding args to enable-legacy-db build
• dbtests.sh failure in 'certutil dump keys with explicit default trust flags'
• Initialize flags in slot structures
• Improve the length check of RSA input to avoid heap overflow
• Followup Fixes
• avoid processing unexpected inputs by checking for m_exptmod base sign
• add a limit check on order_k to avoid infinite loop
• Update HACL* to commit 5f6051d2
• add SHA3 to cryptohi and softoken
• HACL SHA3
• Disabling ASM C25519 for A but X86_64

• GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME.
• clean up escape handling.
• remove redundant AllocItem implementation.
• Disable ASM support for Curve25519.
• Disable ASM support for Curve25519 for all but X86_64.

This update for dracut fixes the following issues:

• Version update: * feat(crypt): force the inclusion of crypttab entries with x-initrd.attach (bsc#1226529) * fix(mdraid): try to assemble the missing raid device (bsc#1226412) * fix(dracut-install): continue parsing if ldd prints 'cannot be preloaded' (bsc#1208690)

This update for shadow fixes the following issues:

• Fixed not copying of skel files (bsc#1228770)

This update for util-linux fixes the following issues:

• agetty: Prevent login cursor escape (bsc#1194818).
• Document unexpected side effects of lazy destruction (bsc#1159034).
• Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them (bsc#1222285).
• agetty: Prevent login cursor escape (bsc#1194818).
• Document unexpected side effects of lazy destruction (bsc#1159034).
• Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them (bsc#1222285).
• agetty: Prevent login cursor escape (bsc#1194818).
• Document unexpected side effects of lazy destruction (bsc#1159034).
• Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them (bsc#1222285).

This update for openssl-1_1 fixes the following issues:

• CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138)

• Build with no-afalgeng (bsc#1226463)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
• CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
• CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
• CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
• CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
• CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
• CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
• CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
• CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
• CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
• CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571)
• CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555).
• CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
• CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
• CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
• CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071)
• CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
• CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
• CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869)
• CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
• CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
• CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
• CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
• CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
• CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
• CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
• CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
• CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
• CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
• CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
• CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
• CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323)
• CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
• CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
• CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
• CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
• CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652).
• CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
• CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
• CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
• CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
• CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
• CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
• CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
• CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
• CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
• CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
• CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
• CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
• CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
• CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
• CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
• CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
• CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700)
• CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585).
• CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
• CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557).
• CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
• CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
• CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
• CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
• CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
• CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
• CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
• CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
• CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
• CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
• CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
• CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
• CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838).
• CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
• CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
• CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
• CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
• CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
• CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
• CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
• CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (bsc#1226911).
• CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
• CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
• CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
• CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
• CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
• CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
• CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
• CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620).
• CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
• CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722)
• CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
• CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
• CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
• CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (bsc#1227732).
• CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
• CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
• CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
• CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
• CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
• CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
• CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
• CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
• CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
• CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
• CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
• CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
• CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
• CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
• CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
• CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
• CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
• CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
• CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
• CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
• CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
• CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
• CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
• CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
• CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
• CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
• CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
• CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
• CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020).
• CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
• CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
• CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
• CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
• CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry() (bsc#1228410).
• CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
• CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
• CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520)
• CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
• CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565)
• CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
• CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
• CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
• CVE-2024-41063: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580)
• CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
• CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
• CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
• CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
• CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing (bsc#1228625).
• CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
• CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
• CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
• CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
• CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470)
• CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
• CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
• CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
• CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591)
• CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705)
• CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
• CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
• CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723)
• CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).

• ACPI: EC: Abort address space access upon error (stable-fixes).
• ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
• ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
• ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-fixes).
• ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
• ACPI: x86: utils: Add Picasso to the list for forcing StorageD3Enable (stable-fixes).
• ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
• ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
• ALSA: emux: improve patch ioctl data validation (stable-fixes).
• ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
• ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
• ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
• ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
• ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
• ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
• ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
• ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
• ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
• ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
• ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
• ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
• ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
• ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
• ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
• arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
• arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
• arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
• arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
• arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
• arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
• arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
• arm64/io: add constant-argument check (bsc#1226502 git-fixes)
• arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
• arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
• ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
• ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
• ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
• ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
• batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
• blk-cgroup: dropping parent refcount after pd_free_fn() is done (bsc#1224573).
• block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162).
• block, loop: support partitions without scanning (bsc#1227162).
• Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
• Bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes).
• Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
• Bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes).
• Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
• Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
• bnxt_re: Fix imm_data endianness (git-fixes)
• bpf: aggressively forget precise markings during state checkpointing (bsc#1225903).
• bpf: allow precision tracking for programs with subprogs (bsc#1225903).
• bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
• bpf: clean up visit_insn()'s instruction processing (bsc#1225903).
• bpf: correct loop detection for iterators convergence (bsc#1225903).
• bpf: encapsulate precision backtracking bookkeeping (bsc#1225903).
• bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903).
• bpf: exact states comparison for iterator convergence checks (bsc#1225903).
• bpf: extract __check_reg_arg() utility function (bsc#1225903).
• bpf: extract same_callsites() as utility function (bsc#1225903).
• bpf: extract setup_func_entry() utility function (bsc#1225903).
• bpf: fix calculation of subseq_idx during precision backtracking (bsc#1225903).
• bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903).
• bpf: Fix memory leaks in __check_func_call (bsc#1225903).
• bpf: fix propagate_precision() logic for inner frames (bsc#1225903).
• bpf: fix regs_exact() logic in regsafe() to remap IDs correctly (bsc#1225903).
• bpf: Fix to preserve reg parent/live fields when copying range info (bsc#1225903).
• bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903).
• bpf: improve precision backtrack logging (bsc#1225903).
• bpf: Improve verifier u32 scalar equality checking (bsc#1225903).
• bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
• bpf: maintain bitmasks across all active frames in __mark_chain_precision (bsc#1225903).
• bpf: mark relevant stack slots scratched for register read instructions (bsc#1225903).
• bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
• bpf: perform byte-by-byte comparison only when necessary in regsafe() (bsc#1225903).
• bpf: print full verifier states on infinite loop detection (bsc#1225903).
• bpf: regsafe() must not skip check_ids() (bsc#1225903).
• bpf: reject non-exact register type matches in regsafe() (bsc#1225903).
• bpf: Remove unused insn_cnt argument from visit_[func_call_]insn() (bsc#1225903).
• bpf: reorganize struct bpf_reg_state fields (bsc#1225903).
• bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903).
• bpf: states_equal() must build idmap for all function frames (bsc#1225903).
• bpf: stop setting precise in current state (bsc#1225903).
• bpf: support precision propagation in the presence of subprogs (bsc#1225903).
• bpf: take into account liveness when propagating precision (bsc#1225903).
• bpf: teach refsafe() to take into account ID remapping (bsc#1225903).
• bpf: unconditionally reset backtrack_state masks on global func exit (bsc#1225903).
• bpf: use check_ids() for active_lock comparison (bsc#1225903).
• bpf: Use scalar ids in mark_chain_precision() (bsc#1225903).
• bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
• bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903).
• bpf: widening for callback iterators (bsc#1225903).
• btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162).
• btrfs: harden identification of a stale device (bsc#1227162).
• btrfs: match stale devices by dev_t (bsc#1227162).
• btrfs: remove the cross file system checks from remap (bsc#1227157).
• btrfs: use dev_t to match device in device_matched (bsc#1227162).
• btrfs: validate device maj:min during open (bsc#1227162).
• bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
• cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
• can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
• can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
• ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418).
• cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
• checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
• crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
• crypto: ecdh - explicitly zeroize private_key (stable-fixes).
• crypto: ecdsa - Fix the public key format description (git-fixes).
• crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
• csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location() (git-fixes).
• decompress_bunzip2: fix rare decompression failure (git-fixes).
• devres: Fix devm_krealloc() wasting memory (git-fixes).
• devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
• dma: fix call order in dmam_free_coherent (git-fixes).
• docs: crypto: async-tx-api: fix broken code example (git-fixes).
• docs: Fix formatting of literal sections in fanotify docs (stable-fixes).
• drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-fixes).
• drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
• drm/amd/display: Check for NULL pointer (stable-fixes).
• drm/amd/display: Check index msg_id before read or write (stable-fixes).
• drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
• drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
• drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
• drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
• drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
• drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
• drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
• drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
• drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
• drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
• drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
• drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
• drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
• drm/amd/pm: remove logically dead code for renoir (git-fixes).
• drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
• drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
• drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
• drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
• drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
• drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
• drm/lima: fix shared irq handling on driver remove (stable-fixes).
• drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
• drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
• drm/meson: fix canvas release in bind function (git-fixes).
• drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
• drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
• drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-fixes).
• drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
• drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
• drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
• drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
• drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
• drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
• drm/nouveau: prime: fix refcount underflow (git-fixes).
• drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
• drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
• drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
• drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
• drm/qxl: Add check for drm_cvt_mode (git-fixes).
• drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
• drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
• drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
• drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
• drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
• eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
• exfat: check if cluster num is valid (git-fixes).
• exfat: simplify is_valid_cluster() (git-fixes).
• filelock: add a new locks_inode_context accessor function (git-fixes).
• firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
• firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
• firmware: cs_dsp: Return error if block header overflows file (git-fixes).
• firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
• firmware: cs_dsp: Validate payload length before processing block (git-fixes).
• firmware: dmi: Stop decoding on broken entry (stable-fixes).
• firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
• firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
• firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
• fix build warning
• fs: allow cross-vfsmount reflink/dedupe (bsc#1227157).
• ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
• fuse: verify {g,u}id mount options correctly (bsc#1228191).
• gpio: mc33880: Convert comma to semicolon (git-fixes).
• hfsplus: fix to avoid false alarm of circular locking (git-fixes).
• hfsplus: fix uninit-value in copy_name (git-fixes).
• HID: Add quirk for Logitech Casa touchpad (stable-fixes).
• HID: wacom: Modify pen IDs (git-fixes).
• hpet: Support 32-bit userspace (git-fixes).
• hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
• hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
• hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
• i2c: mark HostNotify target address as used (git-fixes).
• i2c: rcar: bring hardware to known state when probing (git-fixes).
• i2c: tegra: Fix failure during probe deferral cleanup (git-fixes)
• i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661)
• i2c: testunit: avoid re-issued work after read message (git-fixes).
• i2c: testunit: correct Kconfig description (git-fixes).
• Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
• Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
• Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
• Input: qt1050 - handle CHIP_ID reading error (git-fixes).
• Input: silead - Always support 10 fingers (stable-fixes).
• intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
• intel_th: pci: Add Granite Rapids support (stable-fixes).
• intel_th: pci: Add Lunar Lake support (stable-fixes).
• intel_th: pci: Add Meteor Lake-S support (stable-fixes).
• intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
• iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
• ionic: clean interrupt before enabling queue to avoid credit race (git-fixes).
• jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
• jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
• jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
• kABI: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903).
• kABI: bpf: callback fixes kABI workaround (bsc#1225903).
• kABI: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903).
• kABI: bpf: tmp_str_buf kABI workaround (bsc#1225903).
• kABI: rtas: Workaround false positive due to lost definition (bsc#1227487).
• kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
• kabi/severities: Ignore tpm_tis_core_init (bsc#1082555).
• kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users.
• kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
• kernel-binary: vdso: Own module_dir
• kernel/sched: Remove dl_boosted flag comment (git fixes (sched)).
• knfsd: LOOKUP can return an illegal error value (git-fixes).
• kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
• kprobes: Make arch_check_ftrace_location static (git-fixes).
• KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
• KVM: PPC: Book3S HV: Fix 'rm_exit' entry in debugfs timings (bsc#1194869).
• KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
• KVM: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting (bsc#1194869).
• KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action() comment (bsc#1194869).
• KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST (bsc#1194869).
• KVM: PPC: Book3S: Suppress warnings when allocating too big memory slots (bsc#1194869).
• KVM: s390: fix LPSWEY handling (bsc#1227635 git-fixes).
• KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (git-fixes).
• KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
• KVM: x86: Add IBPB_BRTYPE support (bsc#1228079).
• KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
• KVM: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds (git-fixes).
• KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-fixes).
• KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode (git-fixes).
• KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
• KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-fixes).
• KVM: x86: Explicitly track all possibilities for APIC map's logical modes (git-fixes).
• KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
• KVM: x86: Fix KVM_GET_MSRS stack info leak (git-fixes).
• KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-fixes).
• KVM: x86: Purge 'highest ISR' cache when updating APICv state (git-fixes).
• KVM: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes).
• KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-fixes).
• leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
• leds: triggers: Flush pending brightness before activating trigger (git-fixes).
• leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
• libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190).
• lib: objagg: Fix general protection fault (git-fixes).
• lib: objagg: Fix spelling (git-fixes).
• lib: test_objagg: Fix spelling (git-fixes).
• lockd: set missing fl_flags field when retrieving args (git-fixes).
• lockd: use locks_inode_context helper (git-fixes).
• Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582)
• media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
• media: dvbdev: Initialize sbuf (stable-fixes).
• media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
• media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
• media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
• media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
• media: dw2102: Do not translate i2c read into write (stable-fixes).
• media: dw2102: fix a potential buffer overflow (git-fixes).
• media: imon: Fix race getting ictx->lock (git-fixes).
• media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
• media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
• media: uvcvideo: Override default flags (git-fixes).
• media: venus: fix use after free in vdec_close (git-fixes).
• media: venus: flush all buffers in output plane streamoff (git-fixes).
• mei: demote client disconnect warning on suspend to debug (stable-fixes).
• mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
• mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
• net/dcb: check for detached device before executing callbacks (bsc#1215587).
• netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180).
• netfilter: conntrack: prepare tcp_in_window for ternary return value (bsc#1223180).
• netfilter: conntrack: remove pr_debug callsites from tcp tracker (bsc#1223180).
• netfilter: conntrack: work around exceeded receive window (bsc#1223180).
• netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
• net: mana: Fix possible double free in error handling path (git-fixes).
• net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
• net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes).
• net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
• nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
• NFSD: Add an nfsd_file_fsync tracepoint (git-fixes).
• NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-fixes).
• nfsd: Add errno mapping for EREMOTEIO (git-fixes).
• NFSD: Add nfsd_file_lru_dispose_list() helper (git-fixes).
• nfsd: add some comments to nfsd_file_do_acquire (git-fixes).
• nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes).
• nfsd: allow reaping files still under writeback (git-fixes).
• NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes).
• NFSD: Clean up nfsd3_proc_create() (git-fixes).
• nfsd: Clean up nfsd_file_put() (git-fixes).
• NFSD: Clean up nfsd_open_verified() (git-fixes).
• NFSD: Clean up unused code after rhashtable conversion (git-fixes).
• NFSD: Convert filecache to rhltable (git-fixes).
• NFSD: Convert the filecache to use rhashtable (git-fixes).
• NFSD: De-duplicate hash bucket indexing (git-fixes).
• nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-fixes).
• nfsd: do not fsync nfsd_files on last close (git-fixes).
• nfsd: do not hand out delegation on setuid files being opened for write (git-fixes).
• nfsd: do not kill nfsd_files because of lease break error (git-fixes).
• nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
• nfsd: do not take/put an extra reference when putting a file (git-fixes).
• NFSD enforce filehandle check for source file in COPY (git-fixes).
• NFSD: Ensure nf_inode is never dereferenced (git-fixes).
• nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes).
• NFSD: Fix licensing header in filecache.c (git-fixes).
• nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes).
• nfsd: fix nfsd_file_unhash_and_dispose (git-fixes).
• NFSD: Fix potential use-after-free in nfsd_file_put() (git-fixes).
• NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes).
• NFSD: Fix the filecache LRU shrinker (git-fixes).
• nfsd: fix up the filecache laundrette scheduling (git-fixes).
• nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes).
• NFSD: Flesh out a documenting comment for filecache.c (git-fixes).
• NFSD: handle errors better in write_ports_addfd() (git-fixes).
• NFSD: Instantiate a struct file when creating a regular NFSv4 file (git-fixes).
• NFSD: Leave open files out of the filecache LRU (git-fixes).
• nfsd: map EBADF (git-fixes).
• NFSD: Move nfsd_file_trace_alloc() tracepoint (git-fixes).
• NFSD: nfsd_file_hash_remove can compute hashval (git-fixes).
• nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes).
• NFSD: nfsd_file_put() can sleep (git-fixes).
• NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes).
• NFSD: No longer record nf_hashval in the trace log (git-fixes).
• NFSD: Pass the target nfsd_file to nfsd_commit() (git-fixes).
• nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes).
• NFSD: Record number of flush calls (git-fixes).
• NFSD: Refactor nfsd_create_setattr() (git-fixes).
• NFSD: Refactor __nfsd_file_close_inode() (git-fixes).
• NFSD: Refactor nfsd_file_gc() (git-fixes).
• NFSD: Refactor nfsd_file_lru_scan() (git-fixes).
• NFSD: Refactor NFSv3 CREATE (git-fixes).
• NFSD: Refactor NFSv4 OPEN(CREATE) (git-fixes).
• NFSD: Remove do_nfsd_create() (git-fixes).
• NFSD: Remove lockdep assertion from unhash_and_release_locked() (git-fixes).
• NFSD: Remove nfsd_file::nf_hashval (git-fixes).
• nfsd: remove the pages_flushed statistic from filecache (git-fixes).
• nfsd: reorganize filecache.c (git-fixes).
• NFSD: Replace the 'init once' mechanism (git-fixes).
• NFSD: Report average age of filecache items (git-fixes).
• NFSD: Report count of calls to nfsd_file_acquire() (git-fixes).
• NFSD: Report count of freed filecache items (git-fixes).
• NFSD: Report filecache LRU size (git-fixes).
• NFSD: Report the number of items evicted by the LRU walk (git-fixes).
• nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes).
• nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes).
• nfsd: rework refcounting in filecache (git-fixes).
• NFSD: Separate tracepoints for acquire and create (git-fixes).
• NFSD: Set up an rhashtable for the filecache (git-fixes).
• nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes).
• NFSD: simplify per-net file cache management (git-fixes).
• nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes).
• nfsd: simplify the delayed disposal list code (git-fixes).
• NFSD: Trace filecache LRU activity (git-fixes).
• NFSD: Trace filecache opens (git-fixes).
• NFSD: verify the opened dentry after setting a delegation (git-fixes).
• NFSD: WARN when freeing an item still linked via nf_lru (git-fixes).
• NFSD: Write verifier might go backwards (git-fixes).
• NFSD: Zero counters when the filecache is re-initialized (git-fixes).
• NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
• nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
• nfs: keep server info for remounts (git-fixes).
• nfs: Leave pages in the pagecache if readpage failed (git-fixes).
• NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
• NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362)
• nilfs2: add missing check for inode numbers on directory entries (git-fixes).
• nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
• nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
• nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
• nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
• nilfs2: fix inode number range checks (git-fixes).
• nilfs2: fix inode number range checks (stable-fixes).
• nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
• nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes).
• nvme-auth: allow mixing of secret and hash lengths (git-fixes).
• nvme-auth: use transformed key size to create resp (git-fixes).
• nvme: avoid double free special payload (git-fixes).
• nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
• nvme-multipath: find NUMA path only for online numa-node (git-fixes).
• nvme-pci: add missing condition check for existence of mapped data (git-fixes).
• nvme-pci: Fix the instructions for disabling power management (git-fixes).
• nvmet: always initialize cqe.result (git-fixes).
• nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
• nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
• nvme: use ctrl state accessor (bsc#1215492).
• ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
• ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
• ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
• orangefs: fix out-of-bounds fsid access (git-fixes).
• PCI: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes).
• PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
• PCI: Extend ACS configurability (bsc#1228090).
• PCI: Fix resource double counting on remove & rescan (git-fixes).
• PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
• PCI: Introduce cleanup helpers for device reference counts and locks (git-fixes).
• PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
• PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
• PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).
• PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
• PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes).
• PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
• PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
• PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
• pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
• pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
• platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
• platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
• platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes).
• platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
• platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
• platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
• platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6' tablet (stable-fixes).
• platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
• platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
• powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121 ltc#207129).
• powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
• powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869).
• powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
• powerpc/rtas: clean up includes (bsc#1227487).
• powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
• power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
• pwm: stm32: Always do lazy disabling (git-fixes).
• RDMA/cache: Release GID table even if leak is detected (git-fixes)
• RDMA/device: Return error earlier if port in not valid (git-fixes)
• RDMA/hns: Check atomic wr length (git-fixes)
• RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
• RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
• RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
• RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
• RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
• RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
• RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
• RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
• RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
• RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
• RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
• RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
• RDMA/restrack: Fix potential invalid address access (git-fixes)
• RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
• regmap-i2c: Subtract reg size from max_write (stable-fixes).
• Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783).
• Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783).
• Revert 'leds: led-core: Fix refcount leak in of_led_get()' (git-fixes).
• Revert 'usb: musb: da8xx: Set phy in OTG mode by default' (stable-fixes).
• rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
• rpm/guards: fix precedence issue with control flow operator With perl 5.40 it report the following error on rpm/guards script: Possible precedence issue with control flow operator (exit) at scripts/guards line 208. Fix the issue by adding parenthesis around ternary operator.
• rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
• rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
• rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
• rtlwifi: rtl8192de: Style clean-ups (stable-fixes).
• s390: Implement __iowrite32_copy() (bsc#1226502)
• s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
• saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
• sched/fair: Do not balance task to its current running CPU (git fixes (sched)).
• sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)).
• scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
• scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
• scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
• scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
• scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
• scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
• scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
• scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
• scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
• scsi: qla2xxx: Complete command early within lock (bsc#1228850).
• scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
• scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
• scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
• scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
• scsi: qla2xxx: Fix flash read failure (bsc#1228850).
• scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
• scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
• scsi: qla2xxx: Indent help text (bsc#1228850).
• scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
• scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
• scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
• scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
• scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
• scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
• scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
• selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903).
• selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader (bsc#1225903).
• selftests/bpf: add precision propagation tests in the presence of subprogs (bsc#1225903).
• selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903).
• selftests/bpf: Check if mark_chain_precision() follows scalar ids (bsc#1225903).
• selftests/bpf: check if max number of bpf_loop iterations is tracked (bsc#1225903).
• selftests/bpf: fix __retval() being always ignored (bsc#1225903).
• selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903).
• selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903).
• selftests/bpf: make test_align selftest more robust (bsc#1225903).
• selftests/bpf: populate map_array_ro map for verifier_array_access test (bsc#1225903).
• selftests/bpf: prog_tests entry point for migrated test_verifier tests (bsc#1225903).
• selftests/bpf: Report program name on parse_test_spec error (bsc#1225903).
• selftests/bpf: Support custom per-test flags and multiple expected messages (bsc#1225903).
• selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
• selftests/bpf: test case for relaxed prunning of active_lock.id (bsc#1225903).
• selftests/bpf: test cases for regsafe() bug skipping check_id() (bsc#1225903).
• selftests/bpf: Tests execution support for test_loader.c (bsc#1225903).
• selftests/bpf: tests for iterating callbacks (bsc#1225903).
• selftests/bpf: test widening for iterating callbacks (bsc#1225903).
• selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
• selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903).
• selftests/bpf: Verify copy_register_state() preserves parent/live fields (bsc#1225903).
• selftests/bpf: verify states_equal() maintains idmap across all frames (bsc#1225903).
• selftests/bpf: Verify that check_ids() is used for scalars in regsafe() (bsc#1225903).
• selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
• soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
• spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
• spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
• string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
• SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
• SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
• SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
• sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
• SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
• supported.conf:
• tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
• tpm: Prevent hwrng from activating during resume (bsc#1082555).
• tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
• tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555).
• tpm, tpm: Implement usage counter for locality (bsc#1082555).
• tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
• tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555).
• tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555).
• tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555).
• tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
• tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
• tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
• tracing: Build event generation tests only as modules (git-fixes).
• tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
• tracing/osnoise: Add osnoise/options file (bsc#1228330)
• tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330)
• tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330)
• tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330)
• tracing/osnoise: Make osnoise_instances static (bsc#1228330)
• tracing/osnoise: Split workload start from the tracer start (bsc#1228330)
• tracing/osnoise: Support a list of trace_array *tr (bsc#1228330)
• tracing/osnoise: Use built-in RCU list checking (bsc#1228330)
• tracing/timerlat: Notify new max thread latency (bsc#1228330)
• USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
• usb: cdns3: allocate TX FIFO size according to composite EP number (git-fixes).
• usb: cdns3: fix incorrect calculation of ep_buf_size when more than one config (git-fixes).
• usb: cdns3: fix iso transfer error when mult is not zero (git-fixes).
• usb: cdns3: improve handling of unaligned address case (git-fixes).
• usb: cdns3: optimize OUT transfer by copying only actual received data (git-fixes).
• usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-fixes).
• USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
• usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes).
• usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-fixes).
• usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-fixes).
• usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-fixes).
• usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
• usb: gadget: printer: SS+ support (stable-fixes).
• usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
• USB: serial: mos7840: fix crash on resume (git-fixes).
• USB: serial: option: add Fibocom FM350-GL (stable-fixes).
• USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
• USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
• USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
• USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
• USB: serial: option: add Telit generic core-dump composition (stable-fixes).
• usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
• usb: xhci-plat: Do not include xhci.h (git-fixes).
• USB: xhci-plat: fix legacy PHY double init (git-fixes).
• wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
• wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
• wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
• wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
• wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
• wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
• wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
• wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
• wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
• wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
• wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
• wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
• wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
• wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
• wifi: mwifiex: Fix interface type change (git-fixes).
• wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
• wifi: wilc1000: fix ies_len type in connect path (git-fixes).
• workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
• workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
• x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes).
• x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
• x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
• x86/bugs: Remove default case for fully switched enums (bsc#1227900).
• x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
• x86/ibt,ftrace: Search for __fentry__ location (git-fixes).
• x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes).
• x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes).
• x86/mm: Fix enc_status_change_finish_noop() (git-fixes).
• x86/purgatory: Switch to the position-independent small code model (git-fixes).
• x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (bsc#1227900).
• x86/srso: Remove 'pred_cmd' label (bsc#1227900).
• x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
• x86/tdx: Fix race between set_memory_encrypted() and load_unaligned_zeropad() (git-fixes).
• xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228226).
• xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
• xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
• xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).

This update for pam fixes the following issue:

• Prevent cursor escape from the login prompt (bsc#1194818).

SUSE-IU-2024:599-1

This update for aaa_base fixes the following issues:

• Fix the typo to set JAVA_BINDIR in the csh variant of the alljava profile script (bsc#1221361)

This update for suse-module-tools fixes the following issues:

• Include unblacklist in initramfs (bsc#1224320)
• regenerate-initrd-posttrans: run update-bootloader --refresh for XEN (bsc#1223278)
• 60-io-scheduler.rules: test for 'scheduler' sysfs attribute (bsc#1216717)

This update for glibc fixes the following issues:

• CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423)
• CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd (bsc#1223424)
• CVE-2024-33600: Do not send missing not-found response in addgetnetgrentX in nscd (bsc#1223424)
• CVE-2024-33601, CVE-2024-33602: Fixed use of two buffers in addgetnetgrentX ( bsc#1223425)
• CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)

• Avoid creating userspace live patching prologue for _start routine (bsc#1221940)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)
• CVE-2022-48689: Fixed data-race in lru_add_fn (bsc#1223959)
• CVE-2022-48691: Fixed memory leak in netfilter (bsc#1223961)
• CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
• CVE-2023-42755: Check user supplied offsets (bsc#1215702).
• CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
• CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
• CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
• CVE-2023-52660: Fiedx IRQ handling due to shared interrupts (bsc#1224443).
• CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
• CVE-2023-52671: Fixed hang/underflow when transitioning to ODM4:1 (bsc#1224729).
• CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
• CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
• CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
• CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
• CVE-2023-52746: Prevent potential spectre v1 gadget in xfrm_xlate32_attr() (bsc#1225114)
• CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
• CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085).
• CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
• CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097).
• CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
• CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
• CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
• CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
• CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
• CVE-2024-26715: Fixed NULL pointer dereference in dwc3_gadget_suspend (bsc#1222561).
• CVE-2024-26742: Fixed disable_managed_interrupts (git-fixes bsc#1222608).
• CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
• CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
• CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
• CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
• CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
• CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
• CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
• CVE-2024-26919: Fixed debugfs directory leak (bsc#1223847).
• CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
• CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
• CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
• CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).
• CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
• CVE-2024-27042: Fixed potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (bsc#1223823).
• CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
• CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
• CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
• CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
• CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721)
• CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
• CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
• CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
• CVE-2024-35799: Prevent crash when disable stream (bsc#1224740).
• CVE-2024-35804: Mark target gfn of emulated atomic instruction as dirty (bsc#1224638).
• CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
• CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
• CVE-2024-35860: struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
• CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
• CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
• CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
• CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
• CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
• CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
• CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
• CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
• CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679).
• CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
• CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
• CVE-2024-35875: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665).
• CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
• CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
• CVE-2024-35879: kABI workaround for drivers/of/dynamic.c (bsc#1224524).
• CVE-2024-35885: Stop interface during shutdown (bsc#1224519).
• CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494).
• CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
• CVE-2024-35907: Call request_irq() after NAPI initialized (bsc#1224492).
• CVE-2024-35924: Limit read size on v1.2 (bsc#1224657).
• CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
• CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
• CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
• CVE-2024-35951: Fixed the error path in panfrost_mmu_map_fault_addr() (bsc#1224701).
• CVE-2024-35959: Fixed mlx5e_priv_init() cleanup flow (bsc#1224666).
• CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
• CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
• CVE-2024-35973: Fixed header validation in geneve[6]_xmit_skb (bsc#1224586).
• CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
• CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
• CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
• CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
• CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
• CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).

• 9p: explicitly deny setlease attempts (git-fixes).
• ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
• ACPI: disable -Wstringop-truncation (git-fixes).
• ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
• ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
• admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
• af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
• af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
• af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
• ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
• ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
• ALSA: line6: Zero-initialize message buffers (stable-fixes).
• ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
• ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
• ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
• ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
• ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
• ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
• ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
• ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
• ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
• ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
• ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
• ata: pata_legacy: make legacy_exit() work again (git-fixes).
• ata: sata_gemini: Check clk_enable() result (stable-fixes).
• autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
• Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
• Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() (git-fixes).
• Bluetooth: hci_sync: Do not double print name in add/remove adv_monitor (bsc#1216358).
• Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
• Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
• Bluetooth: qca: add missing firmware sanity checks (git-fixes).
• Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
• Bluetooth: qca: fix firmware check error path (git-fixes).
• Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
• Bluetooth: qca: fix NVM configuration parsing (git-fixes).
• bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
• bpf: decouple prune and jump points (bsc#1225756).
• bpf: fix precision backtracking instruction iteration (bsc#1225756).
• bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
• bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
• bpf: mostly decouple jump history management from is_state_visited() (bsc#1225756).
• bpf: remove unnecessary prune and jump points (bsc#1225756).
• btrfs: add error messages to all unrecognized mount options (git-fixes)
• btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
• btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
• btrfs: extend locking to all space_info members accesses (git-fixes)
• btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes)
• btrfs: fix fallocate to use file_modified to update permissions consistently (git-fixes)
• btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
• btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes)
• btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
• btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes)
• btrfs: fix silent failure when deleting root reference (git-fixes)
• btrfs: fix use-after-free after failure to create a snapshot (git-fixes)
• btrfs: free exchange changeset on failures (git-fixes)
• btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
• btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes)
• btrfs: prevent copying too big compressed lzo segment (git-fixes)
• btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes)
• btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes)
• btrfs: repair super block num_devices automatically (git-fixes)
• btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes)
• btrfs: send: ensure send_fd is writable (git-fixes)
• btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
• btrfs: send: in case of IO error log it (git-fixes)
• btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
• btrfs: tree-checker: check item_size for dev_item (git-fixes)
• btrfs: tree-checker: check item_size for inode_item (git-fixes)
• cifs: account for primary channel in the interface list (bsc#1224020).
• cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1224020).
• cifs: distribute channels across interfaces based on speed (bsc#1224020).
• cifs: do not pass cifs_sb when trying to add channels (bsc#1224020).
• cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1224020).
• cifs: fix charset issue in reconnection (bsc#1224020).
• cifs: fix leak of iface for primary channel (git-fixes, bsc#1224020).
• cifs: handle cases where a channel is closed (bsc#1224020).
• cifs: handle cases where multiple sessions share connection (bsc#1224020).
• cifs: reconnect work should have reference on server struct (bsc#1224020).
• clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
• clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
• counter: stm32-lptimer-cnt: Provide defines for clock polarities (git-fixes).
• counter: stm32-timer-cnt: Provide defines for slave mode selection (git-fixes).
• cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
• cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state (git-fixes).
• cpumask: Add for_each_cpu_from() (bsc#1225053).
• crypto: bcm - Fix pointer arithmetic (git-fixes).
• crypto: ccp - drop platform ifdef checks (git-fixes).
• crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
• crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
• crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
• crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
• dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
• dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
• dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
• dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
• docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
• drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
• drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
• drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
• drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
• drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
• drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
• drm/amdgpu: Refine IB schedule error logging (stable-fixes).
• drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
• drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
• drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
• drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
• drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
• drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
• drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
• drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
• drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
• drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
• drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
• drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
• drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
• drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
• drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
• drm/meson: dw-hdmi: power up phy on device init (git-fixes).
• drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
• drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
• drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
• drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
• drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
• drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD does not assert (git-fixes).
• drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
• drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
• drm: vc4: Fix possible null pointer dereference (git-fixes).
• dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
• dyndbg: fix old BUG_ON in >control parser (stable-fixes).
• efi: libstub: only free priv.runtime_map when allocated (git-fixes).
• extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
• fail_function: fix wrong use of fei_attr_remove().
• fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
• fbdev: shmobile: fix snprintf truncation (git-fixes).
• fbdev: sisfb: hide unused variables (git-fixes).
• firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
• firmware: dmi-id: add a release callback function (git-fixes).
• firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
• fs/9p: drop inodes immediately on non-.L too (git-fixes).
• fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes).
• fs/9p: translate O_TRUNC into OTRUNC (git-fixes).
• gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
• gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
• gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
• HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
• hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
• hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
• hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
• hwmon: (lm70) fix links in doc and comments (git-fixes).
• hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
• i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
• i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
• IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
• idpf: extend tx watchdog timeout (bsc#1224137).
• iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
• iio: pressure: dps310: support negative temperature values (git-fixes).
• Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
• Input: ims-pcu - fix printf string overflow (git-fixes).
• Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
• iomap: Fix inline extent handling in iomap_readpage (git-fixes)
• iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes)
• iomap: Support partial direct I/O on user copy failures (git-fixes)
• iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
• io_uring/unix: drop usage of io_uring socket (git-fixes).
• irqchip/gic-v3-its: Prevent double free on error (git-fixes).
• jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
• kABI: bpf: struct bpf_insn_aux_data kABI workaround (bsc#1225756).
• kcm: do not sense pfmemalloc status in kcm_sendpage() (git-fixes bsc#1223959)
• KEYS: trusted: Do not use WARN when encode fails (git-fixes).
• KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
• KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224794).
• KVM: x86: Delete duplicate documentation for KVM_X86_SET_MSR_FILTER (git-fixes).
• leds: pwm: Disable PWM when going to suspend (git-fixes).
• libsubcmd: Fix parse-options memory leak (git-fixes).
• locking/atomic: Make test_and_*_bit() ordered on failure (git-fixes).
• media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
• media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
• media: mc: mark the media devnode as registered from the, start (git-fixes).
• media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
• media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
• mei: me: add lunar lake point M DID (stable-fixes).
• mfd: intel-lpss: Revert 'Add missing check for platform_get_resource' (git-fixes).
• mfd: ti_am335x_tscadc: Support the correctly spelled DT property (git-fixes).
• mfd: tqmx86: Specify IO port register range more precisely (git-fixes).
• mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes).
• mlxbf_gige: Fix intermittent no ip issue (git-fixes).
• mlxbf_gige: stop PHY during open() error paths (git-fixes).
• mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
• mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
• mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
• mtd: rawnand: hynix: fixed typo (git-fixes).
• net: do not sense pfmemalloc status in skb_append_pagefrags() (git-fixes bsc#1223959)
• netfilter: nf_tables: bail out early if hardware offload is not supported (git-fixes bsc#1223961)
• net: introduce __skb_fill_page_desc_noacc (git-fixes bsc#1223959)
• net: nfc: remove inappropriate attrs check (stable-fixes).
• net: qualcomm: rmnet: fix global oob in rmnet_policy (git-fixes).
• net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
• net:usb:qmi_wwan: support Rolling modules (stable-fixes).
• net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
• net: usb: sr9700: stop lying about skb->truesize (git-fixes).
• net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
• nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
• nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
• nilfs2: fix out-of-range warning (git-fixes).
• nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
• nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
• nilfs2: make superblock data array index computation sparse friendly (git-fixes).
• nvme: ensure disabling pairs with unquiesce (bsc#1224534).
• nvme: fix miss command type check (git-fixes).
• nvme: fix multipath batched completion accounting (git-fixes).
• nvme-multipath: fix io accounting on failover (git-fixes).
• nvmet: fix ns enable/disable possible hang (git-fixes).
• PCI: dwc: Detect iATU settings after getting 'addr_space' resource (git-fixes).
• PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
• PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes).
• PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
• PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
• PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
• PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
• pinctrl: armada-37xx: remove an unused variable (git-fixes).
• pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
• pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (stable-fixes).
• pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
• pinctrl/meson: fix typo in PDM's pin name (git-fixes).
• pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
• platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
• platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
• powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
• powerpc/eeh: Small refactor of eeh_handle_normal_event() (bsc#1223991 ltc#205740).
• powerpc/eeh: Use a goto for recovery failures (bsc#1223991 ltc#205740).
• powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
• powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
• powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
• powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
• powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
• power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
• ppdev: Add an error check in register_device (git-fixes).
• printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
• qibfs: fix dentry leak (git-fixes)
• RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
• RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
• RDMA/hns: Fix GMV table pagesize (git-fixes)
• RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
• RDMA/hns: Fix UAF for cq async event (git-fixes)
• RDMA/hns: Modify the print level of CQE error (git-fixes)
• RDMA/hns: Use complete parentheses in macros (git-fixes)
• RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
• RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
• RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
• RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes)
• RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
• RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
• RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
• RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes)
• RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes)
• regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
• regulator: core: fix debugfs creation regression (git-fixes).
• regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
• remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
• Rename colliding patches before origin/cve/linux-5.14-LTSS -> SLE15-SP5 merge
• Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1224020).
• Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
• ring-buffer: Fix a race between readers and resize checks (git-fixes).
• s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224795).
• s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224796).
• s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224346).
• s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225139).
• s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225138).
• sched/topology: Optimize topology_span_sane() (bsc#1225053).
• scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (git-fixes).
• scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
• scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
• scsi: core: Fix unremoved procfs host directory regression (git-fixes).
• scsi: csiostor: Avoid function pointer casts (git-fixes).
• scsi: libfc: Do not schedule abort twice (git-fixes).
• scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (git-fixes).
• scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
• scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
• scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
• scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
• scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
• scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
• scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
• scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
• scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
• scsi: mylex: Fix sysfs buffer lengths (git-fixes).
• scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
• scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
• selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
• serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
• serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
• serial: max3100: Fix bitwise types (git-fixes).
• serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
• serial: max3100: Update uart_driver_registered on driver removal (git-fixes).
• serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
• serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
• serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
• smb3: show beginning time for per share stats (bsc#1224020).
• smb: client: ensure to try all targets when finding nested links (bsc#1224020).
• smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1224020).
• smb: client: get rid of dfs code dep in namespace.c (bsc#1224020).
• smb: client: get rid of dfs naming in automount code (bsc#1224020).
• smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020).
• smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1224020).
• smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1224020).
• smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020).
• soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
• soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
• Sort recent BHI patches
• speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
• spmi: Add a check for remove callback when removing a SPMI driver (git-fixes).
• spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
• swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331).
• swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
• swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
• swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
• sysv: do not call sb_bread() with pointers_lock held (git-fixes).
• thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
• tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
• tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535)
• tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
• tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
• tracing: hide unused ftrace_event_id_fops (git-fixes).
• tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
• tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
• Update patches.suse/ring-buffer-Fix-a-race-between-readers-and-resize-checks.patch (bsc#1222893).
• Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852)
• Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852)
• usb: aqc111: stop lying about skb->truesize (git-fixes).
• USB: core: Add hub_get() and hub_put() routines (git-fixes).
• USB: core: Fix access violation during port device removal (git-fixes).
• USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes).
• usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
• usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
• usb: typec: tipd: fix event checking for tps6598x (git-fixes).
• usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
• VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
• VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
• vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
• watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
• watchdog: ixp4xx: Make sure restart always works (git-fixes).
• watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
• wifi: ar5523: enable proper endpoint verification (git-fixes).
• wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
• wifi: ath10k: poll service ready message before failing (git-fixes).
• wifi: ath10k: populate board data for WCN3990 (git-fixes).
• wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
• wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
• wifi: carl9170: re-fix fortified-memset warning (git-fixes).
• wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
• wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
• wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
• x86/boot: Ignore NMIs during very early boot (git-fixes).
• x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
• x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes).
• x86/bugs: Fix BHI documentation (git-fixes).
• x86/bugs: Fix BHI handling of RRSBA (git-fixes).
• x86/bugs: Fix BHI retpoline check (git-fixes).
• x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
• x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
• x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes).
• x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
• x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes).
• x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
• x86/lib: Fix overflow when counting digits (git-fixes).
• x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
• x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
• x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
• x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
• x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes).
• x86/tdx: Preserve shared bit on mprotect() (git-fixes).
• xfs: add missing cmap->br_state = XFS_EXT_NORM update (git-fixes).
• xfs: fix exception caused by unexpected illegal bestcount in leaf dir (git-fixes).
• xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (git-fixes).
• xfs: fix imprecise logic in xchk_btree_check_block_owner (git-fixes).
• xfs: fix inode reservation space for removing transaction (git-fixes).
• xfs: shrink failure needs to hold AGI buffer (git-fixes).

This update for jitterentropy fixes the following issues:

• Fixed a stack corruption on s390x: [bsc#1209627] * Output size of the STCKE command on s390x is 16 bytes, compared to 8 bytes of the STCK command. Fix a stack corruption in the s390x version of jent_get_nstime(). Add some more detailed information on the STCKE command.

• add FIPS 140 hints to man page
• simplify the test tool to search for optimal configurations
• fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0
• enhancement: add ARM64 assembler code to read high-res timer

This update for openssl-1_1 fixes the following issues:

• CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)

This update for gcc13 fixes the following issues:
Update to GCC 13.3 release

• Removed Fiji support from the GCN offload compiler as that is requiring Code Object version 3 which is no longer supported by llvm18.
• Avoid combine spending too much compile-time and memory doing nothing on s390x. [bsc#1188441]
• Make requirement to lld version specific to avoid requiring the meta-package.

This update for sysconfig fixes the following issues:

• Update to version 0.85.9
• Revert to recommend wicked-service on <= 15.4
• netconfig: remove sed dependency
• netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
• netconfig: cleanup /var/run leftovers (bsc#1194557)
• netconfig: update ntp man page documentation, fix typos
• spec: drop legacy migration (from sle11) and rpm-utils
• netconfig: revert NM default policy change change (bsc#1185882) With the change to the default policy, netconfig with NetworkManager as network.service accepted settings from all services/programs directly instead only from NetworkManager, where plugins/services have to deliver their settings to apply them

This update for libndp fixes the following issues:

• CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771)

This update for libxml2 fixes the following issues:

• CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282).

This update for elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5 contains the following fixes:
Changes in elemental-operator1.5:

• Update to version 1.5.4: * [BACKPORT] Ensure re-sync is triggered * [BACKPORT] operator: fix ManagedOSVersionChannel sync

• Update to version 1.5.4.

SUSE-IU-2024:463-1

This update for e2fsprogs fixes the following issues:
EA Inode handling fixes:

• ext2fs: avoid re-reading inode multiple times (bsc#1223596)
• e2fsck: fix potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
• e2fsck: add more checks for ea inode consistency (bsc#1223596)
• e2fsck: fix golden output of several tests (bsc#1223596)

This update for openssl-1_1 fixes the following issues:

• CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548).

This update for util-linux fixes the following issues:

• Processes not cleaned up after failed SSH session are using up 100% CPU (bsc#1220117)
• lscpu: Add more ARM cores (bsc#1223605)
• Document that chcpu -g is not supported on IBM z/VM (bsc#1218609)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858).

This update for glib2 fixes the following issues:

• CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044).

This update for elemental-operator, elemental-operator-crds-helm, elemental-operator-helm, elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image, operator-image1.5, seedimage-builder contains the following fixes:
Changes in elemental-operator:

• Update to version 1.4.4: * Added the ability to create a node reset marker for unmanaged hosts

• Update to version 1.4.4

• Update to version 1.5.3: * register: don't send new Disks and Controllers data
• Update to version 1.5.2: * Added the ability to create a node reset marker for unmanaged hosts * seedimage: use ClusterIP Services

• Update to version 1.5.3
• Update to version 1.5.2

SUSE-IU-2024:446-1

The SUSE Linux Enterprise 15 SP5 Real Time kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
• CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
• CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
• CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
• CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
• CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
• CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
• CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
• CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
• CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
• CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
• CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
• CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
• CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
• CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
• CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
• CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
• CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
• CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
• CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
• CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
• CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
• CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
• CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
• CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
• CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
• CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
• CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
• CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
• CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
• CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
• CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
• CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
• CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
• CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
• CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
• CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
• CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
• CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
• CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
• CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030).
• CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
• CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
• CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
• CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
• CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
• CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
• CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
• CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
• CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
• CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
• CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
• CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
• CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
• CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
• CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
• CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596).
• CVE-2024-267600: Fixed scsi/target/pscsi error case in bio_put() (bsc#1222596).
• CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
• CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724).
• CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
• CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449).
• CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677).
• CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
• CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
• CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536).
• CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416).
• CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
• CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549).
• CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
• CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
• CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437).
• CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
• CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431).
• CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427).
• CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
• CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
• CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
• CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266).
• CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
• CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
• CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
• CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
• CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
• CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
• CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
• CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
• CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
• CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
• CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
• CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
• CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247).
• CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
• CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051).
• CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
• CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
• CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
• CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
• CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
• CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
• CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
• CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080).
• CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935).
• CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
• CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).
• CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
• CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
• CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
• CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496).
• CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
• CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
• CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499).
• CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
• CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710).
• CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
• CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
• CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
• CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
• CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
• CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
• CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
• CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
• CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
• CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
• CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
• CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).

• ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
• ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
• ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
• ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
• ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
• ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
• ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
• ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
• ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
• ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
• ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
• ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
• ASoC: meson: axg-card: make links nonatomic (git-fixes).
• ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
• ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
• ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
• ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
• ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
• Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
• Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
• Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
• Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
• Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: add quirk for broken address properties (git-fixes).
• Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
• Bluetooth: btintel: Fixe build regression (git-fixes).
• Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
• Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
• Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
• Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
• Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
• HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
• HID: logitech-dj: allow mice to use all types of reports (git-fixes).
• HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
• Input: allocate keycode for Display refresh rate toggle (stable-fixes).
• Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
• NFC: trf7970a: disable all regulators on removal (git-fixes).
• NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
• PCI/AER: Block runtime suspend when handling errors (git-fixes).
• PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes).
• PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes).
• PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes).
• PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes).
• PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes).
• PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
• RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
• RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
• RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
• README.BRANCH: Correct email address for Petr Tesarik
• README.BRANCH: Remove copy of branch name
• Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
• Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
• Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
• Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275)
• Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
• Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
• USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
• USB: serial: add device ID for VeriFone adapter (stable-fixes).
• USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
• USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
• USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
• USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
• USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
• USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
• USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
• USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
• USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
• USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
• ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
• ahci: asm1064: correct count of reported ports (stable-fixes).
• arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
• arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
• arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
• arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
• arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
• arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
• arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
• arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
• ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
• batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
• bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes).
• bcache: Remove dead references to cache_readaheads (git-fixes).
• bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
• bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes).
• bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes).
• bcache: avoid oversize memory allocation by small stripe_size (git-fixes).
• bcache: bset: Fix comment typos (git-fixes).
• bcache: check return value from btree_node_alloc_replacement() (git-fixes).
• bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes).
• bcache: fix error info in register_bcache() (git-fixes).
• bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes).
• bcache: fixup btree_cache_wait list damage (git-fixes).
• bcache: fixup init dirty data errors (git-fixes).
• bcache: fixup lock c->root error (git-fixes).
• bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-fixes).
• bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes).
• bcache: move uapi header bcache.h to bcache code directory (git-fixes).
• bcache: prevent potential division by zero error (git-fixes).
• bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes).
• bcache: remove redundant assignment to variable cur_idx (git-fixes).
• bcache: remove the backing_dev_name field from struct cached_dev (git-fixes).
• bcache: remove the cache_dev_name field from struct cache (git-fixes).
• bcache: remove unnecessary flush_workqueue (git-fixes).
• bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-fixes).
• bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes).
• bcache: replace snprintf in show functions with sysfs_emit (git-fixes).
• bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
• bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
• bcache: use bvec_kmap_local in bio_csum (git-fixes).
• bcache: use default_groups in kobj_type (git-fixes).
• bcache:: fix repeated words in comments (git-fixes).
• ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
• ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067).
• clk: Get runtime PM before walking tree during disable_unused (git-fixes).
• clk: Initialize struct clk_core kref earlier (stable-fixes).
• clk: Mark 'all_lists' as const (stable-fixes).
• clk: Print an info line before disabling unused clocks (stable-fixes).
• clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
• clk: remove extra empty line (stable-fixes).
• comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
• dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes).
• dm cache: add cond_resched() to various workqueue loops (git-fixes).
• dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-fixes).
• dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
• dm crypt: avoid accessing uninitialized tasklet (git-fixes).
• dm flakey: do not corrupt the zero page (git-fixes).
• dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
• dm flakey: fix a crash with invalid table line (git-fixes).
• dm flakey: fix logic when corrupting a bio (git-fixes).
• dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes).
• dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes).
• dm integrity: fix out-of-range warning (git-fixes).
• dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-fixes).
• dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes).
• dm raid: fix false positive for requeue needed during reshape (git-fixes).
• dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes).
• dm stats: check for and propagate alloc_percpu failure (git-fixes).
• dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-fixes).
• dm thin metadata: check fail_io before using data_sm (git-fixes).
• dm thin: add cond_resched() to various workqueue loops (git-fixes).
• dm thin: fix deadlock when swapping to thin device (bsc#1177529).
• dm verity: do not perform FEC for failed readahead IO (git-fixes).
• dm verity: fix error handling for check_at_most_once on FEC (git-fixes).
• dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes).
• dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes).
• dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes).
• dm-raid: fix lockdep waring in 'pers->hot_add_disk' (git-fixes).
• dm-verity, dm-crypt: align 'struct bvec_iter' correctly (git-fixes).
• dm-verity: align struct dm_verity_fec_io properly (git-fixes).
• dm: add cond_resched() to dm_wq_work() (git-fixes).
• dm: call the resume method on internal suspend (git-fixes).
• dm: do not lock fs when the map is NULL during suspend or resume (git-fixes).
• dm: do not lock fs when the map is NULL in process of resume (git-fixes).
• dm: remove flush_scheduled_work() during local_exit() (git-fixes).
• dm: send just one event on resize, not two (git-fixes).
• dma: xilinx_dpdma: Fix locking (git-fixes).
• dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
• dmaengine: owl: fix register access functions (git-fixes).
• dmaengine: tegra186: Fix residual calculation (git-fixes).
• docs: Document the FAN_FS_ERROR event (stable-fixes).
• drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
• drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
• drm/amd/display: Fix nanosec stat overflow (stable-fixes).
• drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
• drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
• drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
• drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
• drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
• drm/amdgpu: always force full reset for SOC21 (stable-fixes).
• drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
• drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
• drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
• drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
• drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
• drm/ast: Fix soft lockup (git-fixes).
• drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
• drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
• drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
• drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
• drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
• drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
• drm/panel: ili9341: Respect deferred probe (git-fixes).
• drm/panel: ili9341: Use predefined error codes (git-fixes).
• drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
• drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
• drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
• drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
• drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
• drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
• drm: nv04: Fix out of bounds access (git-fixes).
• drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).
• dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
• fbdev: fix incorrect address computation in deferred IO (git-fixes).
• fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
• fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
• fix build warning
• fuse: do not unhash root (bsc#1223951).
• fuse: fix root lookup with nonzero generation (bsc#1223950).
• hwmon: (amc6821) add of_match table (stable-fixes).
• i2c: pxa: hide unused icr_bits[] variable (git-fixes).
• i2c: smbus: fix NULL function pointer dereference (git-fixes).
• i40e: Fix VF MAC filter removal (git-fixes).
• idma64: Do not try to serve interrupts when device is powered off (git-fixes).
• iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
• iio:imu: adis16475: Fix sync mode setting (git-fixes).
• init/main.c: Fix potential static_command_line memory overflow (git-fixes).
• iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes).
• iommu/amd: Do not block updates to GATag if guest mode is on (git-fixes).
• iommu/amd: Fix 'Guest Virtual APIC Table Root Pointer' configuration in IRTE (git-fixes).
• iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
• iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes).
• iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
• iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes).
• iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 (git-fixes).
• iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes).
• iommu/iova: Fix alloc iova overflows issue (git-fixes).
• iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes).
• iommu/rockchip: Fix unwind goto issue (git-fixes).
• iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
• iommu/vt-d: Allocate local memory for page request queue (git-fixes).
• iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes).
• iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes).
• iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
• ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
• kABI: Adjust trace_iterator.wait_index (git-fixes).
• kprobes: Fix double free of kretprobe_holder (bsc#1220901).
• kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
• libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes).
• libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes).
• livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
• md/raid1: fix choose next idle in read_balance() (git-fixes).
• md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes).
• md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-fixes).
• media: cec: core: remove length check of Timer Status (stable-fixes).
• media: sta2x11: fix irq handler cast (stable-fixes).
• mei: me: add arrow lake point H DID (stable-fixes).
• mei: me: add arrow lake point S DID (stable-fixes).
• mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
• mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
• mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
• mtd: diskonchip: work around ubsan link failure (stable-fixes).
• nd_btt: Make BTT lanes preemptible (git-fixes).
• net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
• net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
• net: fix skb leak in __skb_tstamp_tx() (git-fixes).
• net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
• net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes).
• net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
• net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
• net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
• net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
• net: vlan: fix underflow for the real_dev refcnt (git-fixes).
• netfilter: br_netfilter: Drop dst references before setting (git-fixes).
• netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes).
• netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
• nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
• nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
• nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
• nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
• nouveau: fix function cast warning (git-fixes).
• nouveau: fix instmem race condition around ptr stores (git-fixes).
• nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-fixes).
• nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
• nvdimm: Fix badblocks clear off-by-one error (git-fixes).
• nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes).
• nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
• nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-fixes).
• pci_iounmap(): Fix MMIO mapping leak (git-fixes).
• phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
• pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
• platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
• platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
• powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
• powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900).
• powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).
• powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
• powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
• powerpc: Refactor verification of MSR_RI (bsc#1223191).
• printk: Add this_cpu_in_panic() (bsc#1223574).
• printk: Adjust mapping for 32bit seq macros (bsc#1223574).
• printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
• printk: Disable passing console lock owner completely during panic() (bsc#1223574).
• printk: Drop console_sem during panic (bsc#1223574).
• printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574).
• printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
• printk: Wait for all reserved records with pr_flush() (bsc#1223574).
• printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
• printk: ringbuffer: Clarify special lpos values (bsc#1223574).
• printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
• printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574).
• printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
• printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
• pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
• ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
• ring-buffer: Fix full_waiters_pending in poll (git-fixes).
• ring-buffer: Fix resetting of shortest_full (git-fixes).
• ring-buffer: Fix waking up ring buffer readers (git-fixes).
• ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
• ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
• ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
• s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
• s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).
• s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
• s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).
• s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
• s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
• s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).
• s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
• s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).
• s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
• s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
• serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
• serial: core: Provide port lock wrappers (stable-fixes).
• serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
• serial: mxs-auart: add spinlock around changing cts state (git-fixes).
• slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
• speakup: Avoid crash on very long word (git-fixes).
• speakup: Fix 8bit characters from direct synth (git-fixes).
• tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
• thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
• thunderbolt: Fix wake configurations after device unplug (stable-fixes).
• tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
• tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
• tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
• tracing: Remove precision vsnprintf() check from print event (git-fixes).
• tracing: Show size of requested perf buffer (git-fixes).
• tracing: Use .flush() call to wake up readers (git-fixes).
• usb: Disable USB3 LPM at shutdown (stable-fixes).
• usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).
• usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
• usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
• usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
• usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
• usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
• usb: ohci: Prevent missed ohci interrupts (git-fixes).
• usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
• usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
• usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
• usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).
• usb: typec: ucsi: Ack unsupported commands (stable-fixes).
• usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
• usb: typec: ucsi: Fix connector check on init (git-fixes).
• usb: udc: remove warning when queue disabled ep (stable-fixes).
• vdpa/mlx5: Allow CVQ size changes (git-fixes).
• virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
• wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
• wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
• wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
• wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
• wifi: nl80211: do not free NULL coalescing rule (git-fixes).
• x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
• x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).
• x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).
• x86/xen: Add some null pointer checking to smp.c (git-fixes).
• x86/xen: add CPU dependencies for 32-bit build (git-fixes).
• x86/xen: fix percpu vcpu_info allocation (git-fixes).
• xen-netback: properly sync TX responses (git-fixes).
• xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
• xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-fixes).
• xen/xenbus: document will_handle argument for xenbus_watch_path() (git-fixes).
• xfrm6: fix inet6_dev refcount underflow problem (git-fixes).

This update for coreutils fixes the following issues:

• ls: avoid triggering automounts (bsc#1221632)

This update for perl fixes the following issues:
Security issues fixed:

• CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216)
• CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233)

• make Net::FTP work with TLS 1.3 (bsc#1213638)

This update for SLE-Micro, SLE-Micro-base, SLE-Micro-kvm, SLE-Micro-rt, build-iso, build-iso-base, elemental, elemental-channel-image, elemental-channel1.5-image, elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, elemental-rt-channel-image, elemental-rt-channel1.5-image, elemental-toolkit, operator-image1.5, seedimage-builder, seedimage-builder1.5, systemd-presets-branding-SLE-Micro-for-Rancher fixes the following issues:
Changes in SLE-Micro:

• Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258)

• Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258)

• Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258)

• Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258)

• Update to version 2.0.4: * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3

• Update to version 2.0.4: * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3

• Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated

• Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258)

• Adapt Dockerfile to pull explicitly elemental-register instead of the newer 1.5 version of it

• Add v2.0.2 image to channel

• Add v2.0.2 image to channel

• Remove `for Rancher` suffix

• Channel adapted to 'suse/sle-micro' images

• Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5 * Micro rename (#684) * elemental-operator registration cleanups (#689) * Sanitize elemental-operator dependencies (#690) * github actions: add airgap script test * [Airgap] minor: fix debug message * [Airgap] add script tests * Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 * Bump docker/login-action from 3.0.0 to 3.1.0 * Bump docker/build-push-action from 5.2.0 to 5.3.0 * Add extension to seedimage url (#682) * registration: allow dots in machineInventory names * registration: decouple replacing data-labels from sanitizing strings * registration: move sanitize code in sanitizeString() * Fix ManagedOSImage cloudConfig (#671) * New name is elemental-rootfs * Use /run/elemental and elemental- services (#675) * Update github.com/golang/protobuf * Run make vendor * Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 * Bump docker/build-push-action from 5.1.0 to 5.2.0 * [Airgap] fix channel.json extraction (#669) * [Airgap] fix 'channel.image'/'channel.repository' value in 'next steps' (#665) * Align DrainSpec to system-upgrade-controller defaults (#668) * operator/Dockerfile: tag IMAGE_REPO with :latest * seedimage: add tag to IMG_REPO * Dockerfile: SLE_VERSION -> SLEMICRO_VERSION * operator: switch to toolbox for ALP * seedimage: switch labelprefix to com.suse.elemental * seedimage: Switch to toolbox for ALP * Drain nodes by default on upgrade (#660) * [Airgap] fix missing return code value * [Airgap] Use bash test syntax * [Airgap] make the script work with both legacy and newer charts * [Airgap] fix the airgap script

• Update to version 1.5.0: * Enable ManagedOSImage updates (#658) * Review omitempty flag on API json converter * charts: backport changes from Rancher Marketplace chart (#652) * Make snapshotter configurable (#651) * [Airgap] fix the airgap script (#654) * Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 * [Airgap] add support to Hauler in the airgap script (#647) * Fix channel synchronization * Bump docker/metadata-action from 4.1.1 to 5.5.1 * Requeue reconcile loop for ongoing synchronizations * elemental-register: collect OS data for MachineInventories annotations (#642) * Bump go to 1.22 (#643) * Make channel sync more robust (#638) * Makefile/setup-full-cluster: build seedimage-builder image too (#639) * Makefile: fix commit date for local builds (#631) * Requeue after 1 second in case of failures * Recover on syncer pod creation failures * Bump docker/build-push-action from 3.2.0 to 5.1.0 * Bump docker/setup-buildx-action from 2.2.1 to 3.0.0 * Bump golangci/golangci-lint-action from 3 to 4 * Bump github/codeql-action from 2 to 3 * Update system-upgrade-controller test version (#630) * Add dev baseimage build (#619) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Use go 1.20 * Use rancher/yip v1.4.10 * Use go.mod ginkgo version * SeedImage builder arguments in wrong order * Use newer xorriso (#624) * Bump codecov/codecov-action from 3 to 4 * Bump docker/login-action from 2.1.0 to 3.0.0 * Bump actions/dependency-review-action from 2 to 4 * Update actions/labeler config * Make linter happy * Bump actions/labeler from 4 to 5 * README: drop legacy docs (#616) * Add dependabot config for actions * Bump github actions * Do not adopt machineinventories undergoing deletion/reset (#605) * Update seedimage build-disk command * Fix inversed reset options (#604) * Print system architecture (#603) * hostname: set the hostname on the newer location too * Charts/Makefile: fix default OS channel repo name (#594) * Add hostname to system-data * Add elemental-seedimage-hooks package (#592) * Restrict package arch to x86_64 and aarch64 * Update copyright year (2024) * Update copyright year (2024) * Change raw SeedImage deploy-command * Add target platform validation test * Add kubebuilder example and validation * Add TargetPlatform to SeedImageSpec * Fix default values in questions.yaml file * Bump golang.org/x/crypto to 0.17.0 * Add disable-boot-entry flag to reset command * Always pull channel image on channel sync * Fix channel sync bug * Avoid repeating package name in summary * Make summary start with a capital letter * Unify all chart files under .obs/charfile * Add warning if both device and device-selector set * Add grub package to seedimage built in OBS (#568) * Fix device-selector logic (#571) * Add missing questions.yaml file * Implement picking dynamic installation device (#561) * Build raw disk images in SeedImage (#557) * charts: fix annotations (#566) * ci: fix SeedImage builder used image * Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible (#560) * Update google.golang.org/grpc to v1.56.3 * Keep old output-name * Add slem4r images in channel (#544) * Bring your own SeedImage builder (#542)

• Update to version 1.4.3: * registration: allow dots in machineInventory names * registration: decouple replacing data-labels from sanitizing strings * registration: move sanitize code in sanitizeString() * V1.4.x fix channel synchronization (#683) * linter: fix copyright dates * Make linter happy

• Update to version 1.4.2: * Fix inversed reset options (#604) * Add hostname to system-data

• Fix default values in questions.yaml file

• ExclusiveArch x86_64 and aarch64 (bsc#1218560)

• Update to version 1.4.1

• Always pull channel image on channel sync
• Fix channel sync bug

• Avoid repeating package name in summary

• Make summary start with a capital letter

• Update to version 1.4.0+git20231129.c7f1dc1: * Add slem4r images in channel (#544) * Unify all chart files under .obs/charfile

• Update to version 1.4.0+git20231127.55a37d4: * Add warning if both device and device-selector set * Fix device-selector logic (#571) * Implement picking dynamic installation device (#561) * Add missing questions.yaml file * charts: fix annotations (#566) * Make sure to not overlap with the already existing channel and use RT for tests * Remove use of images from quay.io * Prevent installing if previous CRDs are pending to be removed * elemental-airgap: allow to just create the channel (#548) * bump go to 1.20 or later * Bump dependencies (#540) * ci: bump k8s and Rancher Manager versions * Use helm/kind-action to install kind * ci: fix action versions used * Disable local plan for elemental-system-agent * Improve error management * Patch already existing versions on channel sync * Improve update events filtering to actually ignore status updates * Add some improvements * Run all syncers in a pod * Fix e2e workflow * elemental-airgap: fix skipping http/https URLs * Use the proper format for command arguments * Prevent recalling bootstrap.sh on 'systemctl restart elemental-system-agent' * elemental-airgap: fix automatic image channel name (#521) * register: add no-toolkit unit tests * register: add os.unmanaged inventory annotation * register: add no-toolkit option * make verify: stay on mockgen v0.2.0 (#523) * elemental-airgap: add support to OS images (#518) * Small refactor to centralize registration config checks * Ensure Elemental registration data includes the registration URL * Remove --debug flag from helm pull * Attempt to use charts from PR project in e2e tests * Publish OBS charts to gh-pages * elemental-airgap: allow to pass dev | staging | stable as argument * elemental-airgap: pick the operator chart as an argument * elemental-airgap: add script to help airgap deployment * Apply a regex on tags to match the same criteria as in OBS * Charts: fix OBS build * Publish all OBS repositories on PRs * Fix repository url * Charts: always use camelCase for values (#507) * Revert not-needed marker fix * Set default spec.config.elemental.reset block for MachineRegistration * Use elemental-register-reset service (#502) * Use OBS PR builds for the e2e tests * Build and publish charts for OBS/IBS artifacts in gh-pages

• Update to version 1.3.2+git20230824.c90c1c8: * Disable service triggers on staging (#498) * Add CAPI cluster role to helm chart (#500) * Charts: sync OBS charts * tests: fix e2e workflow * tests: fix chart workflow * Makefile: add the REGISTRY_URL var * Charts: add registry templating for custom airgap * Charts: add README * Charts: enforce templating on the channel resource * Charts: update rancher annotations * Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible (#442) * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495) * Implement remote machines reset (#489) * Remove custom default config-dir on installation media * Remove SLE Micro reference from elemental-operator images * Include crds chart in OBS workflow * Update OBS workflow to the new project setup * Make SLE Micro version from image references dynamic (#480) * Recreate service account token secret if missing * Adds ca-certificates and ca-certificates-mozilla in operator image * Adapt .spec file to non-SUSE distributions (#482) * Improve re-registration (#479) * Do not make use of ServiceAccount.Secrets list * Fix elemental managed label value to match backup operator expectations * Make explicit elemental-operator image is under l3 support * Add CONTRIBUTING.md (#472) * Handle mkdir error * Create registration config directory if not exist * Persist registration state * Omit confusing debug message * Fix error formatting * Handle MsgUpdate response on client side * Remove unnecessary MsgUpdate payload. Rely on authentication data instead * Handle sendUpdate error * Do not terminate serveLoop on MsgUpdate * - Check protocol version before sending MsgUpdate - Use MsgUpdate to notify registration update only * Charts: add a new chart to host the pre-hook migration template * Charts: add template checking crds installation * Prevent registration update if MachineInventory is not found * Do not retry registration when on installed system and using randomized TPM seed * Do not retry registration when not on live system * Check for live registration config when no arguments passed * operator: copy cloud-config file not its link (#468) * Update README installation section (#465) * SeedImage: manage updates of builder Pod under deletion * SeedImage: add ResourcesNotCreatedYet Ready condition * SeedImage: reset download URL on Pod deletion * SeedImage: allow the controller full control on configmaps * SeedImage: isolate all the config map logic in a separate function * SeedImage: on retriggerBuild delete owned SeedImage resources * SeedImage: drop redundant set of retriggerBuild * The job was missing a templated name for the serviceaccount to be fully consistent * Update charts/crds/Chart.yaml * Update .obs/chartfile/crds/Chart.yaml * Add upgrade hook * Include channel as part of the installation * Adapt tests and Makefile * Split chart into crds chart and operator chart * websocket/trivial: messages: annotate version of introduction * register client: make linter happy * register client: annotate auth method used for registration * register client: rework getHostMacAddr() * register client: add 'mac' and 'sys-uuid' Plain Auth * register client: set TPM as default authentication method * operator: enable plain auth * operator: add plain auth * elemental api: add fields to support plain authentication * Bump rancher and k8s for e2e tests (#449) * OBS PR workflow: set the right project to disable images repo * Fix OBS PR workflow * goreleaser: fix releases CI (#444) * Chart: add logo and Rancher display-name annotation (#440) * Add channel hook-failed delete policy * Include display name field on ManagedOSVersions * Add ISO type in ManagedOSVersions * SeedImage: add to the github release workflow * Fix template * Include elemental-teal-channel by default on chart install * Merge default command and image in containersSpec * Add tests for containerized base ISO and utilities * Pull iso as a container * SeedImage extended API: drop debug log * SeedImage: extended api doesn't expect the iso name anymore * SeedImage: inject MachineRegistration and date in the built iso name * httpfy: allow to serve single file * SeedImage: pass whole SeedImage reference to fillBuildImagePod * SeedImage: add more seedimage_controller tests * Utils: generalize IsPodOwned func to IsObecjtOwned() and add tests * SeedImage: make the linter happy... * SeedImage: controller logic for the pod cleanup/retrigger * SeedImage: add image timeout and retrigger fields * httpfy: add timeout parameter * Use config map in seedimage pod (#423) * SeedImage: check OwnerReference in controller tests * SeedImage: retrieve MachineRegistration just once * SeedImage: set OwnerReferences * Add seedimage-builder into the OBS workflow * Feat: add CODEOWNERS * OBS: build ssl default certificates in SeedImage build image * Update default values file in OBS * SeedImage: set build image PullPolicy from the operator chart * unit-tests: cover MAC and Used Memory in labels test * unit-tests/trivial: move server.go test to the new server_test.go file * OBS: use SeedImage build image from OBS for the chart * Bump github.com/docker/docker from 20.10.22+incompatible to 20.10.24+incompatible (#410) * Update to go 1.19 (#408) * SeedImage: add Dockerfile for OBS build * httpfy: support automated building * Build elemental-operator image from scratch * Prevent a nil pointer dereference panic error * Fix event filters * Prevent retriggering a reconcile on ownership setup * Do not start error messages with capital letters * Extend unit tests for inventory and selector resources * Adapt unit tests to new condition states * Selector and inventory cleanup * Ensure optimistic locking is set on machine selectors * Adapt info and debug logging for the inventory and selector controllers * Read machine inventory only once on selector reconcile * Sets a validation process for Machine Inventory adoption * Enble cache for MachineInventorySelector resources * SeedImage: update OBS build recipes * SeedImage: busybox base64 decodes with -d only * SeedImage: pass the build image from the operator chart * SeedImage: build image for the builder pod * Add cloud-config support to seedImage (#399) * SeedImage: fix registration yaml name (#394) * operator: ensure elemental finalizers are removed if present (#393) * SeedImage: move sync status with running pod to new func * operator: allow seedimage download from the extended API * SeedImage: add DownloadToken in the Status * operator: return http 401 error on registration auth failure * operator: report error on unrecognized auth websocket connections * operator: drop build-image api (#389) * unit-tests: ensure resources cleanup (#390) * SeedImage: drop finalizer tests * SeedImage: check conditions and return early when needed * SeedImage: add more tests * Adapt tests to drop finalizers * Stop using finalizers if not extrictly needed * operator: add SeedImage CRD (#377) * Prevent MachineInventorySelector from being cached * Set object not found as a debug message * Update logs to not use info with custom depth * operator: use opensuse nginx to serve build-img ISO (#369) * Use variadic arguments in klog instead of slices * operator: register the host IP in MachineInventory annotations (#350) * Unify logging * operator: labels minor improvements (#363) * build-image API: add build job with single pod lifecycle (#362) * Turn MachineInventoryRef into LocalObjectReference (#359) * Remove branch filter on tag events (#361) * Update actions/download-artifact to v3.0.2 * Filter inventory list with a labelSelector and not with a labels map (#358) * Move system-data labels to templating * operator: let build-image API GET to return the image URL (#351) * register client: isolate TPM auth code (#346) * operator: fix label name (#348) * operator: fix MachineInventory search during registration (#342) * operator: always use software UUID as default machine name (#340) * Set default elemental-operator USER * operator: add support to old register clients (#338) * Lints * Update wharfie to 0.5.3 * register client: allow to register against lower version operators (#332) * Replace action engineerd/setup-kind (#328) * Copyright date-range 2022 - 2023 (#327) * Use go 1.18 * operator: expose build-image API (#315) * Fix node-labels regression * Do not store cpu info if not available (#321) * docs: add ref to the official docs in the chart readme (#316) * linter: fix go-header check (#319) * unit-tests: disable parallelization (#312) * Change tar-file layout in elemental-support * Add default config-dir value (#313) * Re-add config-dir install flag (#309) * Return registration errors to client (#301) * Properly sanitize extra system data (#307) * Improve unit tests (#308) * Derive TPM seed from system UUID (#297) * Add disable-boot-entry flag in install structure (#302) * Fetch commit and date from obsinfo file (#300) * operator: add back debug logs for logrus (registration) (#299) * [tpm] Set a random seed if emulated tpm seed is set to -1 (#282) * Include _helmignore file (#295) * Add OBS build repcipes into the repository (#294) * Drop legacy catalog for tests (#291) * Kubebuilder: fix MachineRegistration search during registration (#280) (#293) * Send full system data on registration (#276) * Bump rancher version in e2e tests (#290) * Set default syncTime when not provided (#289) * Remove invalid conditions from objects (#284) * operator: don't try to patch an empty MachineInventory (#274) * Backport minor fixes (#271) * Merge all main logic in one file (#270) * [controller_runtime] add registration protocol version (#266) * Kubebuilder: Remove unused code (#267) * [controller_runtime] operator/registration: switch to Kubebuilder client (#256) * Refactor ManagedOsImage e2e tests (#263) * Add a rate limiter to managedosversionchannel reconciler (#260) * Refactor MachineRegistration e2e tests (#253) * Drop requeuer, not needed anymore (#255) * Improve syncer (#252) * New syncer logic (#245) * Fix make verify (#248) * controller: add Secret name reference to the ServiceAccount (#247) * Kubebuilder: Add 'verify' workflow (#244) * Add remaining controllers (#232) * Kubebuilder: Add machine inventory selector controller (#224) * Kubebuilder: Add remaining API types (#225) * Kubebuilder: Add machine inventory controller (#221) * Kubebuilder: Add machine registration controller (#206) * Kubebuilder: Run new code and generate RBAC (#203) * Kubebuilder: Add make tasks for different tools (#194) * Add kubebuilder API definitions (#184) * Change yaml-marshalling of node-labels file (#287) * Remove yaml typo (#286) * Add helm labels and annotations to all crds (#281) * Set helm labels on CRDs (#277) * Change the helm chart oci reference to be aligned with other elemental images (#268) * Add version commands/flags for all binaries (#262) * Use custom names in upgrade objects (#254) * Several improvements to the support command (#258) * Also trigger Dev rebuild on tag push (#249) * Propagate inventory labels to node on bootstrap plan (#243) * Add codeql + escape user input before processing (#237) * Create dependency-review.yml (#236) * Bump golangci action (#234) * Stop elemental-system-agent when the node is ready (#231) * Fix docker and gorelease jobs (#230) * operator: improve logging of the MachineRegistration controller * operator: move ServiceAccount creation to a separate func * operator: drop duplicated import * operator: enforce ServiceAccount's Secret link * operator: create ServiceAccounts before their Secrets * operator: unit-tests: add coverage for unauthenticatedResponse() (#217) * coverity: make patch status informational (#219) * tests: Add k8s 1.24 and default to rancher 2.6.9 (#220) * tests: use latest url for rancher charts (#218) * Elemental Operator: manage empty config in MachineRegistrations (#213) * Label other objects created by elemental-operator (#216) * Only read yaml files included in the given directories (#215) * Label secrets managed by elemental-operator (#212) * Allow custom config files for elemental-cli (#210) * Collect operator logs after running tests (#204) * Audit and update elemental-operator RBAC ClusterRole (#196) * Add config for e2e tests (#201) * Add OBS workflow to update elemental-operator package (#200) * Add vendor for obs integration (#198) * release: enhance release pipeline (#195) * operator: drop duplicated import of elemental APIs (#199) * Disable CGO under arm for register binaries + restore SBOM (#193) * Revert 'Add sbom to releases and attach to containers' (#191) * Add elemental GlobalRole for Rancher UI (#187) * Add reasons for conditions (#185) * lint: dont overshadow var (#172)

• elemental-register needs lvm2 for running blkdeactivate.

• Update to version 0.6.0+git20220923.ffdff84: * Add v0.6.0 changelog (#182)

• Update to version 0.6.0+git20220923.f022acb: * unit-tests: add support to Secrets in registraion's OnChange() * operator: log the creation of a new registration token * operator: explicitly add Secrets to registration ServiceAccounts * operator: return error when the ServiceAccount has no secrets

• Update to version 0.5.0+git20220922.17d9d21: * support command improvements (#173)

• make elemental-support a sub-package
• disable chart building, was not packaged

• Update to version 0.5.0+git20220912.846c610: * Add sbom to releases and attach to containers (#160) * Use BCI Golang image to build image * register: fix CGO build in Dockerfile * register: build it with CGO (#169) * tests(registration): More unit tests (#167) * Rework client to accept a ClientInterface (#166) * tests(inventory): Add unit tests for inventory methods (#164) * register/operator: drop MachineInventory labels passed from the client * unit-tests: check default machine name * go mod tidy * operator: change default MachineInventory name * Add simple changelog (#158)

• Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157)

• Update to version 0.4.4+git20220902.64f4703: * operator: ensure inventory.Labels is not nil before adding labels

• Update to version 0.4.4+git20220901.75792d6: * Add extra labels with smbios data (#155) * Fix secretname for the apiService (#153) * unit-tests: add websocket coverage * operator: add unit-test for mergeInventoryLabels() * operator/register: drop unused code * operator/register: rework the registration protocol * websocket: add helper functions * register: set a timeout for retrieving the installation config * drop unused labels on bootstrap (#154) * Fix missing cosign and run command (#151) * Enable deploying operator replicas (#150) * register: take control of the registration process * bump github.com/rancher-sandbox/go-tpm * fix linter: cyclomatic complexity of ServeHTTP is 16 * operator: move websocket management logic out of the tpm package * minor: drop duplicated logging * operator/http: check websocket upgrade header in HTTP connections

• Update to version 0.4.3+git20220831.7e58679: * Add image signing to push jobs (#148) * Add local plan to rancher-system-agent to stop elemental-system-agent (#146)

• Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138)

• Update to version 0.4.3+git20220812.72971ff: * Backwards compatibility for smbios headers (#137) * Only decode some smbios data (#134) * Drop uneeded files and add extra label (#135) * Split header into 7Kb of data (#133) * Add auto labeler (#125) * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Store binary artifacts on PR/master (#127) * [tests] fix nginx deploy url (#129) * Bundle support bin with register (#124)

• build elemental-operator without CGO_ENABLED (doesn't need tpm)

• Update to version 0.4.2+git20220805.5b64a77: * Set the proper namespace (#117)

• Update to version 0.4.2+git20220805.485ff21: * Add CAs to docker artifact (#120)

• Update to version 0.4.2+git20220804.76f61f5: * Store all registration data on installation (#116)

• Update to version 0.4.2+git20220803.6d730d3: * Set fixed hostname and make it persistent (#106)

• Update to version 0.4.2+git20220803.f4ba471: * Add 'support' to 'make build' (#111)

• Update to version 0.4.2+git20220803.10d3621: * Add a elemental-support binary (#109)

• Update to version 0.4.2+git20220802.f243498: * Add missing register command to bootstrap (#104) * Couple of tests for config mapstructure (#102)

• Update to version 0.4.2+git20220801.ea7884e: * Produce 2 binaries instead of one (#99) * Push master merges to elemental-operator-ci (#100) * operator: pass all the registration fields on unauthenticated query

• Update to version 0.4.2+git20220801.846d313: * Add missing mapstructure annotations to config (#101) * operator: drop duplicated MachineInventory init code

• Update to version 0.4.2+git20220729.6b52b44

• Bump to v0.4.2

• Update to version 0.4.1+git20220729.6b52b44: * Set a fixed name config for rke/k3s deployments (#97)

• Update to version 0.4.1+git20220728.896efee: * mend * Drop unneeded code

• Update to version 0.4.1+git20220728.38929d2: * Update elemental api resources for upgrades (#95)

• Update to version 0.4.1+git20220728.b5c35b9: * operator: fix adding machineInventoryLabels after initial registration

• Update to version 0.4.1+git20220727.68b87dd: * Drop setting a custom providerID (#91)

• Update to version 0.4.0+git20220727.3241cfd: * Bump rancher version (#89)

• Update to version 0.4.0+git20220722.ea618ea: * elemental-operator register: keep system CAs when passing a custom CA * elemental-operator register: add some more logging * add github.com/sanity-io/litter module * ensure all the structs include proper yaml labels * Add a target to setup a clean cluster (#79) * [register] Check for path error before doing anything (#80) * Make /oem/registration the default configuration dir (#81) * Add README to elemetal-operator helm chart (#56) * Store registration yaml in installed system (#71) * Fix 'make unit-tests'

• Update to version 0.3.0+git20220722.f2ab68c: * [register] Check for path error before doing anything (#80)

• Update to version 0.3.0+git20220722.cf20bc6: * Make /oem/registration the default configuration dir (#81)

• Update to version 0.3.0+git20220722.9b9844b: * Add README to elemetal-operator helm chart (#56)

• Update to version 0.3.0+git20220721.52c3cbb: * Store registration yaml in installed system (#71)

• Remove elemental-operator.service, as this is now executed as part of the cloud-config shipped with elemental. See https://github.com/rancher/elemental/pull/178

• Update to version 0.3.0+git20220721.e15e76e: * Fix 'make unit-tests' * Do note fetch cloud-config on unauthenticated registartion calls (#67) * Change the default machine name to include the UUID

• read config from /run/initramfs/live

• Update to version 0.3.0+git20220720.90791e4: * Update MachineRegistration example

• Update to version 0.3.0+git20220720.79d957e: * Adds support for cloud-config data in machine registration (#61)

• Update to version 0.2.1+git20220719.489d40f: * review elemental installer env vars (#59)

• Run elemental-operator.service after cos-setup-network.service is completely done. Add back a dependency with multi-user.target to ensure it is pulled by some target at boot.

• Run elemental-operator.service after mutli-user.target to ensure it is executed after all boot services are ready

• only run in live mode

• Update to version 0.2.1+git20220718.3530dc5: * ensure install struct includes proper yaml labels (#57)

• Update to version 0.2.1+git20220718.6e2f20f: * Pass debug flag to elemental client if requested (#58)

• Update to version 0.2.1+git20220715.2381ebc: * Do not attempt to install in already installed systems (#55) * Some fixes for the release pipelines (#53)

• Update to 0.2.0

• Update to version 0.1.1+git20220715.618d3c4: * Log the version, commit and commit date on start (#43)

• Update to version 0.1.1+git20220715.bd811be: * Remove obsolete logic from former ros-installer (#45)

• pass COMMITDATE to build

• Update to version 0.1.1+git20220714.a05a2db: * elemental-operator register: enable local plans

• Update to version 0.1.1+git20220714.602178c: * elemental-operator register: allow cacert passed as file or data (#44) * Makefile: fix make build-docker (#41)

• On behalf of commit 62bac1d (#38) `elemental install` is called within the `elemental-operator register` command, so the unit file only needs to call `elemental-operator register`

• drop elemental-installer and -chart subpackages
• add elemental-operator.service file

• build with TPM emulation

• Update to version 0.1.1+git20220713.adfff7c: * Some register fixes (#40) * elemental-operator register: add elemental cli call (#38) * Fix building the operator/installer with emulatedTPM (#39) * Return a Config.Config in MachineInventory (#35) * Use cacert from rancher and use serverl-url from rancher (#36)

• Update to version 0.1.1+git20220713.bcfe4d0: * Add test for chart values (#31)

• Update to version 0.1.1+git20220712.14d4d95: * Share installation configuration structures (#24) * bump github.com/docker/distribution to 2.8.1 (#29) * Bump image-spec to 1.0.2 (#28) * Bump system-agent to 0.2.8 (#17) * update testhelpers * Update go.sum * [ci] Up the go version and restore the proper cache * Fix go.sum * [test] Remove focus * [lint] ignore generated files

• Update to version 0.1.1+git20220707.39177e8: * Rename RancherOS to Elemental in installer logic * Merge elemental installer (#20) * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename rancheros->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle

• Update to version 0.1.1+git20220707.1d97f14: * Merge elemental installer (#20) * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename rancheros->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times

• Update to version 0.0.0+git20220707.0c6dcff: * Adapat Dockerfile and golreleaser to keep releasing and building elemental-operator as they used to * Update .github/workflows/unit-tests.yaml * Update Makefile

• Update to version 0.0.0+git20220707.4b69306: * Adding installer unit tests * Add elemental-installer * Move main into a cmd/operator package

• Update to version 0.0.0+git20220704.211ad46: * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename elemental->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go

• adapt machine-registration.yaml and create-cluster.yaml to system-agent

• Update to version 0.1.0+git20220622.84e703a: * added registration command and support for using elemental as a cluster api infrastructure provider * wip * renamed to elemental-operator and switched to system agent

• Update to version 0.1.0+git20220603.19a5e9e: * Fix wrong key in example full reference * Rename elemental->elemental in README

• rename binary to elemental-operator

• Update to version 0.1.0+git20220420.6e6aa51:

• Update to version 0.1.0+git20220525.9e1d451: * rename pathes to 'elemental' * rename files to 'elemental' * rename directories to 'elemental' * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go

• renamed the api spec in the sample .yaml files

• Update to version 0.1.0+git20220525.9e1d451: * rename pathes to 'elemental' * rename files to 'elemental' * rename directories to 'elemental' * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go

• Update to version 0.1.0+git20220420.6e6aa51: * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go * Rework * Add events on errors * e2e-ci: add some missing check on errors

• Update to version 0.1.0+git20220518.f916493: * rename to elemental-operator

• update default kubernetesVersion to 1.22.7

• Update machine-registration.yaml * add hostname * put 'install' section below 'elemental'

• Update to version 0.1.0+git20220420.6e6aa51: * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go * Rework * Add events on errors

• Update to version 0.1.0-alpha23+git20220408.cd4553f: * e2e-ci: add some missing check on errors * Bump ele-testhelpers version * e2e-ci: move some functions to ele-testhelpers * Update README * Do not make kube calls blocking * Test env metadata injection * Correctly annotate env vars from metadata * Adapt tests, add test cases * Respect upgradeContainerSpec from ManagedOSVersion * Do allocate the event recorder once in the syncer * Refactor out recorder boilerplate * Collect errors when syncing * Refactor out requeuer to not be blocking * Add test for event broadcasting * Set appropriate rules for broadcasting events * go gen * Record invalid specs back to the VersionChannel * Build general event interface from raw k8s into client * Add reconciler * Wrong obs workflow name :facepalm: * Add OBS workflow to trigger rpm build * Use operator image for wait and display hook * CLI fixups * Allow to specify a mountpath * Add requeue mechanism * Disable mounting SA token by default on sync pod * Implement Custom syncer * Lower the ticker for testing * Set the default update to 60m * Add sync-interval flag * Add owner reference on ManagedOSVersion * Bump rancher version used in tests * Don't watch over specific namespaces * Add make target to test local changes in kind * Enhance tests * Allow to set a bridge ip * Allow to selectively sync user-defined namespaces * Add MachineOSVersionChannel JSON tests * Implement JSON syncer logic * Very basic sync service logic * ManagedOSVersionChannel sync service * Add ManagedOSVersionChannel and skeleton for sync service

• Initial version 0.1.0~alpha23

• Update to version 1.5.1: * Sanitize elemental-operator dependencies (#690) * Fix ManagedOSImage cloudConfig (#671) * Align DrainSpec to system-upgrade-controller defaults (#668) * Drain nodes by default on upgrade (#660)

• Update to version 1.5.0: * Make snapshotter configurable (#651) * Make channel sync more robust (#638) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Add kubebuilder example and validation * Add TargetPlatform to SeedImageSpec * Add disable-boot-entry flag to reset command

• Update to version 1.4.3

• Update to version 1.4.2

• Update to version 1.4.1

• Update to version 1.4.0+git20231128.a867d93: * Unify all chart files under .obs/charfile

• Update to version 1.3.2+git20230824.c90c1c8: * Charts: sync OBS charts * Update .obs/chartfile/crds/Chart.yaml * Adapt tests and Makefile * Split chart into crds chart and operator chart

• Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157)

• Update to version v0.4.4: * Fix secretname for the apiService (#153) * Enable deploying operator replicas (#150)

• Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138)

• Update to version v0.4.3: * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Set the proper namespace (#117)

• Bump to v0.4.2

• Bump to v0.4.1

• Update to version v0.4.0: * Add README to elemetal-operator helm chart (#56)

• Update Chart.yaml to the right elemental-operator version

• Update to elemental-operator v0.3.0

• Improve Makefile to get image tag from github

• Update Makefile and build elemental-operator.tar

• Bump version to 0.2.1
• Bump elemental-operator tag image to 0.2.1-10.1

• Bump elemental-operator tag image to 0.2.0-9.1

• Update _helmignore file

• Update Makefile and fix build issues

• Add _helmignore file

• Update to version 0.1.1+git2022-07-13.adfff7c: * Use cacert from rancher and use serverl-url from rancher (#36)

• Update image repository in values-overwrite.yaml

• Initial commit for elemental-operator helm chart

• Update to version 1.5.1

• Update to version 1.5.0: * Enable ManagedOSImage updates (#658) * charts: backport changes from Rancher Marketplace chart (#652) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Fix default values in questions.yaml file * Unify all chart files under .obs/charfile * charts: fix annotations (#566) * Add slem4r images in channel (#544) * Charts: fix OBS build * Charts: sync OBS charts * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495)

• Update to version 1.4.3

• Update to version 1.4.2

• Fix default values in questions.yaml file

• Update to version 1.4.1

• Update to version 1.4.0+git20231129.c7f1dc1: * Add slem4r images in channel (#544)

• Update to version 1.4.0+git20231128.a867d93: * Unify all chart files under .obs/charfile * charts: fix annotations (#566) * Charts: fix OBS build

• Update to version 1.3.2+git20230824.c90c1c8: * Charts: sync OBS charts * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495) * Remove SLE Micro reference from elemental-operator images * Make SLE Micro version from image references dynamic (#480) * Adapt tests and Makefile * Split chart into crds chart and operator chart

• Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157)

• Update to version v0.4.4: * Fix secretname for the apiService (#153) * Enable deploying operator replicas (#150)

• Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138)

• Update to version v0.4.3: * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Set the proper namespace (#117)

• Bump to v0.4.2

• Bump to v0.4.1

• Update to version v0.4.0: * Add README to elemetal-operator helm chart (#56)

• Update Chart.yaml to the right elemental-operator version

• Update to elemental-operator v0.3.0

• Improve Makefile to get image tag from github

• Update Makefile and build elemental-operator.tar

• Bump version to 0.2.1
• Bump elemental-operator tag image to 0.2.1-10.1

• Bump elemental-operator tag image to 0.2.0-9.1

• Update _helmignore file

• Update Makefile and fix build issues

• Add _helmignore file

• Update to version 0.1.1+git2022-07-13.adfff7c: * Use cacert from rancher and use serverl-url from rancher (#36)

• Update image repository in values-overwrite.yaml

• Initial commit for elemental-operator helm chart

• Adapt the Dockerfile to explicitly pull elemental-register (v1.4) instead of the newer 1.5 variant of it.

• Fix RT URLs and use import channel.json file from previous build stage

• Only build for x86_64

• Add SLE Micro RT v2.0.2 to channel

• Fix RT URLs and use import channel.json file from previous build stage

• Only build for x86_64

• Add SLE Micro RT v2.0.2 to channel

• Adapt channel to the new 'suse/sle-micro' images

• Update to version 1.1.5: * [v1.1.x] Move recovery hostname to cloud-config-defaults (#2047)

• Update to version 1.1.4: * Add default rootfs settings * Install podman in example Dockerfiles (#1959)

• Update to version 1.1.2: * Remove unused method * Update copyright year (2024) * Update workflow to trigger for go.mod * Bump moby@v25.0.1 * Bump docker@v23.0.8 * Bump go-git@v5.11.0 * Bump containerd@v1.7.12

• Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5

• Update to version 1.5.0: * Micro rename (#684) * operator/Dockerfile: tag IMAGE_REPO with :latest

• Update to version 1.4.3

• Update to version 1.4.2

• Update to version 1.4.1

• Adding a changes file

• Update to version 1.4.3

• Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5

• Update to version 1.5.0: * Micro rename (#684) * seedimage: add tag to IMG_REPO * seedimage: switch labelprefix to com.suse.elemental * seedimage: Switch to toolbox for ALP * Add elemental-seedimage-hooks package (#592) * Add grub package to seedimage built in OBS (#568) * Build raw disk images in SeedImage (#557)

• Update to version 1.4.3

• Update to version 1.4.2

• Update to version 1.4.1

• Adding changes file

SUSE-IU-2024:424-1

This update for glibc fixes the following issues:

• iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992)

This update for systemd-default-settings fixes the following issues:

• Disable pids controller limit under user instances (jsc#SLE-10123)
• Disable controllers by default (jsc#PED-2276)
• The usage of drop-ins is now the official way for configuring systemd and its various daemons on Factory/ALP, hence the early drop-ins SUSE specific 'feature' has been abandoned.
• User priority '26' for SLE-Micro
• Convert more drop-ins into early ones

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.
NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel mitigation, which led to incorrect selection of other CPU mitigations.
The following security bugs were fixed:

• CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
• CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478).
• CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443).
• CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482).
• CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
• CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486).
• CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
• CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469).
• CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
• CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
• CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917).
• CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
• CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959).
• CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978).
• CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
• CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
• CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981).
• CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982).
• CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983).
• CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955).
• CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
• CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
• CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009).
• CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
• CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
• CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
• CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986).
• CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
• CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
• CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845).
• CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848).
• CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
• CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990).
• CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
• CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
• CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
• CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
• CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
• CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237).
• CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
• CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
• CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325).
• CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
• CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433).
• CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
• CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
• CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
• CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
• CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
• CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887).
• CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735).
• CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797).
• CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
• CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276).
• CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
• CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273).
• CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
• CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
• CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885).
• CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831).
• CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553).
• CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
• CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015).
• CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
• CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
• CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
• CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
• CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
• CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055).
• CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
• CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920).
• CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921).
• CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926).
• CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
• CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840).
• CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
• CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
• CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
• CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
• CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
• CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933).
• CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937).
• CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938).
• CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940).
• CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839).
• CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918).
• CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
• CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
• CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872).
• CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
• CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
• CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
• CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
• CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045).
• CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
• CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
• CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
• CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062).
• CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
• CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068).
• CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070).
• CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066).
• CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067).
• CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
• CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069).
• CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
• CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375).
• CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616).
• CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
• CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613).
• CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618).
• CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
• CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
• CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
• CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274).
• CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291).
• CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
• CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
• CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
• CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
• CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
• CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
• CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
• CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
• CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
• CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
• CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
• CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
• CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
• CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365).
• CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
• CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
• CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
• CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291).
• CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
• CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298).
• CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
• CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379).
• CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
• CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056).
• CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070).
• CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337).
• CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
• CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317).
• CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355).
• CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
• CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356).
• CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
• CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360).

• acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-fixes).
• acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-fixes).
• acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
• acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-fixes).
• acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
• acpi: scan: Fix device check notification handling (git-fixes).
• acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
• alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
• alsa: aoa: avoid false-positive format truncation warning (git-fixes).
• alsa: aw2: avoid casting function pointers (git-fixes).
• alsa: ctxfi: avoid casting function pointers (git-fixes).
• alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-fixes).
• alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-fixes).
• alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes).
• alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
• alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
• alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
• alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
• alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
• alsa: seq: fix function cast warnings (git-fixes).
• alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
• alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes).
• arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
• arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
• arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
• arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
• arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
• arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
• arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
• arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
• arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
• arm64: mm: fix VA-range sanity check (git-fixes)
• arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
• asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes).
• asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
• asoc: amd: acp: fix for acp_init function error handling (git-fixes).
• asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
• asoc: meson: Use dev_err_probe() helper (stable-fixes).
• asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
• asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
• asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
• asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
• asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
• asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
• asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
• asoc: rt5682-sdw: fix locking sequence (git-fixes).
• asoc: rt711-sdca: fix locking sequence (git-fixes).
• asoc: rt711-sdw: fix locking sequence (git-fixes).
• asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-fixes).
• asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
• asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-fixes).
• ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
• ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
• backlight: da9052: Fully initialize backlight_properties during probe (git-fixes).
• backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-fixes).
• backlight: lm3630a: Initialize backlight_properties on init (git-fixes).
• backlight: lm3639: Fully initialize backlight_properties during probe (git-fixes).
• backlight: lp8788: Fully initialize backlight_properties during probe (git-fixes).
• blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes).
• bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
• bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes).
• bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
• bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
• bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-fixes).
• bpf, scripts: Correct GPL license name (git-fixes).
• bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
• can: softing: remove redundant NULL check (git-fixes).
• clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-fixes).
• comedi: comedi_test: Prevent timers rescheduling during deletion (git-fixes).
• coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
• coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
• coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
• cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes).
• cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes).
• crypto: arm/sha - fix function cast warnings (git-fixes).
• crypto: qat - avoid division by zero (git-fixes).
• crypto: qat - fix deadlock in backlog processing (git-fixes).
• crypto: qat - fix double free during reset (git-fixes).
• crypto: qat - fix state machines cleanup paths (bsc#1218321).
• crypto: qat - fix unregistration of compression algorithms (git-fixes).
• crypto: qat - fix unregistration of crypto algorithms (git-fixes).
• crypto: qat - ignore subsequent state up commands (git-fixes).
• crypto: qat - increase size of buffers (git-fixes).
• crypto: qat - resolve race condition during AER recovery (git-fixes).
• crypto: xilinx - call finalize with bh disabled (git-fixes).
• doc-guide: kernel-doc: tell about object-like macros (git-fixes).
• doc/README.SUSE: Update information about module support status (jsc#PED-5759)
• drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes).
• drm/amd/display: Add FAMS validation before trying to use it (git-fixes).
• drm/amd/display: Add function for validate and update new stream (git-fixes).
• drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes).
• drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-fixes).
• drm/amd/display: Check if link state is valid (git-fixes).
• drm/amd/display: Copy DC context in the commit streams (git-fixes).
• drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes).
• drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes).
• drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes).
• drm/amd/display: Exit idle optimizations before attempt to access PHY (git-fixes).
• drm/amd/display: Expand kernel doc for DC (git-fixes).
• drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes).
• drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes).
• drm/amd/display: Fix possible underflow for displays with large vblank (git-fixes).
• drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes).
• drm/amd/display: Fix underflow issue on 175hz timing (git-fixes).
• drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-fixes).
• drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-fixes).
• drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes).
• drm/amd/display: Handle seamless boot stream (git-fixes).
• drm/amd/display: Handle virtual hardware detect (git-fixes).
• drm/amd/display: Include surface of unaffected streams (git-fixes).
• drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes).
• drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes).
• drm/amd/display: Keep PHY active for dp config (git-fixes).
• drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
• drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes).
• drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes).
• drm/amd/display: Return the correct HDCP error code (stable-fixes).
• drm/amd/display: Revert vblank change that causes null pointer crash (git-fixes).
• drm/amd/display: Rework comments on dc file (git-fixes).
• drm/amd/display: Rework context change check (git-fixes).
• drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-fixes).
• drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-fixes).
• drm/amd/display: Update OTG instance in the commit stream (git-fixes).
• drm/amd/display: Update correct DCN314 register header (git-fixes).
• drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-fixes).
• drm/amd/display: Use DRAM speed from validation for dummy p-state (git-fixes).
• drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes).
• drm/amd/display: Use min transition for all SubVP plane add/remove (git-fixes).
• drm/amd/display: Write to correct dirty_rect (git-fixes).
• drm/amd/display: Wrong colorimetry workaround (git-fixes).
• drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
• drm/amd/display: add ODM case when looking for first split pipe (git-fixes).
• drm/amd/display: always switch off ODM before committing more streams (git-fixes).
• drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-fixes).
• drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
• drm/amd/display: ensure async flips are only accepted for fast updates (git-fixes).
• drm/amd/display: fix ABM disablement (git-fixes).
• drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes).
• drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
• drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes).
• drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
• drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes).
• drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
• drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes).
• drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
• drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
• drm/amd/display: use low clocks for no plane configs (git-fixes).
• drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
• drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
• drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes).
• drm/amd: Enable PCIe PME from D3 (git-fixes).
• drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
• drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
• drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
• drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
• drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).
• drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes).
• drm/amdgpu: Force order between a read and write to the same address (git-fixes).
• drm/amdgpu: Match against exact bootloader status (git-fixes).
• drm/amdgpu: Unset context priority is now invalid (git-fixes).
• drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
• drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
• drm/amdgpu: lower CS errors to debug severity (git-fixes).
• drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
• drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes).
• drm/display: fix typo (git-fixes).
• drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
• drm/etnaviv: Restore some id values (git-fixes).
• drm/exynos: do not return negative values from .get_modes() (stable-fixes).
• drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes).
• drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
• drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
• drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
• drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes).
• drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes).
• drm/i915: Add missing CCS documentation (git-fixes).
• drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes).
• drm/i915: Check before removing mm notifier (git-fixes).
• drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
• drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes).
• drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes).
• drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-fixes).
• drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
• drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes).
• drm/msm/dpu: improve DSC allocation (git-fixes).
• drm/panel-edp: use put_sync in unprepare (git-fixes).
• drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-fixes).
• drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes).
• drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes).
• drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
• drm/panfrost: fix power transition timeout warnings (git-fixes).
• drm/probe-helper: warn about negative .get_modes() (stable-fixes).
• drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
• drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
• drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-fixes).
• drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
• drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
• drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes).
• drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
• drm/rockchip: lvds: do not overwrite error code (git-fixes).
• drm/rockchip: lvds: do not print scary message when probing defer (git-fixes).
• drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-fixes).
• drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes).
• drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes).
• drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-fixes).
• drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-fixes).
• drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes).
• drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-fixes).
• drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes).
• drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
• drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes).
• drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-fixes).
• drm/tidss: Fix initial plane zpos values (git-fixes).
• drm/tidss: Fix sync-lost issue with two displays (git-fixes).
• drm/ttm: Do not leak a resource on eviction error (git-fixes).
• drm/ttm: Do not print error message if eviction was interrupted (git-fixes).
• drm/vc4: Add module dependency on hdmi-codec (git-fixes).
• drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
• drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-fixes).
• drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
• drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
• drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
• drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes).
• firewire: core: use long bus reset on gap count error (stable-fixes).
• fix 'coresight: etm4x: Change etm4_platform_driver driver for MMIO devices' (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
• hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
• hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
• hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
• hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-fixes).
• hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-fixes).
• hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-fixes).
• i2c: aspeed: Fix the dummy irq expected print (git-fixes).
• i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-fixes).
• i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes).
• ib/ipoib: Fix mcast list locking (git-fixes)
• iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
• iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
• input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
• input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
• input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
• input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
• input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
• input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
• input: pm8941-pwrkey - add software key press debouncing support (git-fixes).
• input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
• input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
• input: xpad - add Lenovo Legion Go controllers (git-fixes).
• iommu/amd: Mark interrupt as managed (git-fixes).
• iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
• iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-fixes).
• iommu/mediatek: Fix forever loop in error handling (git-fixes).
• iommu/vt-d: Allow to use flush-queue when first level is default (git-fixes).
• iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes).
• iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
• iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes).
• kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).
• kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
• kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
• lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit).
• leds: aw2013: Unlock mutex before destroying it (git-fixes).
• lib/cmdline: Fix an invalid format specifier in an assertion msg (git-fixes).
• make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
• md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
• md/raid5: release batch_last before waiting for another stripe_head (git-fixes).
• md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes).
• md: Do not ignore suspended array in md_check_recovery() (git-fixes).
• md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes).
• md: Whenassemble the array, consult the superblock of the freshest device (git-fixes).
• md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes).
• md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).
• md: introduce md_ro_state (git-fixes).
• media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
• media: edia: dvbdev: fix a use-after-free (git-fixes).
• media: em28xx: annotate unchecked call to media_device_register() (git-fixes).
• media: go7007: add check of return value of go7007_read_addr() (git-fixes).
• media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
• media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
• media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
• media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
• media: pvrusb2: remove redundant NULL check (git-fixes).
• media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-fixes).
• media: sun8i-di: Fix chroma difference threshold (git-fixes).
• media: sun8i-di: Fix coefficient writes (git-fixes).
• media: sun8i-di: Fix power on/off sequences (git-fixes).
• media: tc358743: register v4l2 async device only after successful setup (git-fixes).
• media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
• media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes).
• media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
• media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
• media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes).
• mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes).
• mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes).
• mm,page_owner: Defer enablement of static branch (bsc#1222366).
• mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
• mm,page_owner: Fix printing of stack records (bsc#1222366).
• mm,page_owner: Fix refcount imbalance (bsc#1222366).
• mm,page_owner: Update metadata for tail pages (bsc#1222366).
• mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
• mm,page_owner: drop unnecessary check (bsc#1222366).
• mm,page_owner: fix recursion (bsc#1222366).
• mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829).
• mmc: core: Avoid negative index with array access (git-fixes).
• mmc: core: Fix switch on gp3 partition (git-fixes).
• mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
• mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes).
• mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes).
• mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
• mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes).
• mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
• mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
• mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
• net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322).
• net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
• net: Fix features skip in for_each_netdev_feature() (git-fixes).
• net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
• net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
• net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
• net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
• net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
• net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
• nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
• nfs: fix an off by one in root_nfs_cat() (git-fixes).
• nfs: rename nfs_client_kset to nfs_kset (git-fixes).
• nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
• nfsd: convert the callback workqueue to use delayed_work (git-fixes).
• nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
• nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
• nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
• nfsd: fix file memleak on client_opens_release (git-fixes).
• nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
• nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
• nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
• nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
• nfsd: retransmit callbacks after client reconnects (git-fixes).
• nfsd: use vfs setgid helper (git-fixes).
• nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
• nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
• nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
• nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
• nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
• nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
• nfsv4.2: fix wrong shrinker_id (git-fixes).
• nfsv4: fix a nfs4_state_manager() race (git-fixes).
• nfsv4: fix a state manager thread deadlock regression (git-fixes).
• nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes).
• nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
• nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
• nouveau: reset the bo resource bus info after an eviction (git-fixes).
• ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
• nvme-fc: do not wait in vain when unloading module (git-fixes).
• nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
• nvmet-fc: abort command when there is no binding (git-fixes).
• nvmet-fc: avoid deadlock on delete association path (git-fixes).
• nvmet-fc: defer cleanup using RCU properly (git-fixes).
• nvmet-fc: hold reference on hostport match (git-fixes).
• nvmet-fc: release reference on target port (git-fixes).
• nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
• nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
• nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
• pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
• pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
• pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
• pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
• pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
• pci: add locking to RMW PCI Express Capability Register accessors (git-fixes).
• pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
• pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
• pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-fixes).
• pci: fu740: Set the number of MSI vectors (git-fixes).
• pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-fixes).
• pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
• pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
• pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
• pci: mediatek: Clear interrupt status before dispatching handler (git-fixes).
• pci: qcom: Enable BDF to SID translation properly (git-fixes).
• pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
• pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
• pci: rockchip: Fix window mapping and address translation for endpoint (git-fixes).
• pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
• pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-fixes).
• pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-fixes).
• platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
• pm: suspend: Set mem_sleep_current during kernel command line setup (git-fixes).
• pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
• pnfs: Fix a hang in nfs4_evict_inode() (git-fixes).
• pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
• powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
• powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869).
• powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869).
• powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869).
• powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__ (bsc#1194869).
• powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869).
• powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
• powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270).
• powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
• powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869).
• powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
• pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-fixes).
• qedf: Do not process stag work during unload (bsc#1214852).
• qedf: Wait for stag work during unload (bsc#1214852).
• raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097).
• ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
• ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
• ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
• ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
• ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
• ras/amd/fmpm: Save SPA values (jsc#PED-7619).
• ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
• ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
• rdma/device: Fix a race between mad_client and cm_client init (git-fixes)
• rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
• rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes)
• rdma/irdma: Remove duplicate assignment (git-fixes)
• rdma/mana_ib: Fix bug in creation of dma regions (git-fixes).
• rdma/mlx5: fix fortify source warning while accessing Eth segment (git-fixes)
• rdma/mlx5: relax DEVX access upon modify commands (git-fixes)
• rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
• rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes)
• revert 'PCI: tegra194: Enable support for 256 Byte payload' (git-fixes).
• revert 'Revert 'drm/amdgpu/display: change pipe policy for DCN 2.0'' (git-fixes).
• revert 'SUNRPC dont update timeout value on connection reset' (git-fixes).
• revert 'drm/amd: Disable PSR-SU on Parade 0803 TCON' (git-fixes).
• revert 'drm/amd: Disable S/G for APUs when 64GB or more host memory' (git-fixes).
• revert 'drm/amdgpu/display: change pipe policy for DCN 2.0' (git-fixes).
• revert 'drm/amdgpu/display: change pipe policy for DCN 2.1' (git-fixes).
• revert 'drm/vc4: hdmi: Enforce the minimum rate at runtime_resume' (git-fixes).
• revert 'fbdev: flush deferred IO before closing (git-fixes).' (bsc#1221814)
• ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
• rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
• s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633).
• s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
• s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
• s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
• s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
• sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176).
• sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176).
• scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
• scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
• scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
• scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
• scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
• scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
• scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
• scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
• scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
• scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
• scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
• scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
• scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
• scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
• scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
• scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
• scsi: qedf: Remove unused declaration (bsc#1214852).
• scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
• scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
• scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
• scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
• scsi: qla2xxx: Fix double free of fcport (bsc1221816).
• scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
• scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
• scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
• scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
• scsi: qla2xxx: Update manufacturer detail (bsc1221816).
• scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
• scsi: storvsc: Fix ring buffer size calculation (git-fixes).
• scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252).
• selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
• serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
• serial: max310x: fix syntax error in IRQ error message (git-fixes).
• slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
• soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
• spi: lm70llp: fix links in doc and comments (git-fixes).
• spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
• sr9800: Add check for usbnet_get_endpoints (git-fixes).
• stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
• staging: vc04_services: fix information leak in create_component() (git-fixes).
• sunrpc: Add an IS_ERR() check back to where it was (git-fixes).
• sunrpc: ECONNRESET might require a rebind (git-fixes).
• sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
• sunrpc: Fix a suspicious RCU usage warning (git-fixes).
• sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
• sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
• svcrdma: Drop connection after an RDMA Read error (git-fixes).
• topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
• topology: Fix up build warning in topology_is_visible() (jsc#PED-7618).
• tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes).
• tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
• tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
• tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
• tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-fixes).
• tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
• tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
• ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
• ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
• ubifs: Set page uptodate in the correct place (git-fixes).
• ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
• ubifs: fix sort function prototype (git-fixes).
• usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
• usb: cdc-wdm: close race between read and workqueue (git-fixes).
• usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
• usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
• usb: dwc2: gadget: LPM flow fix (git-fixes).
• usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
• usb: dwc2: host: Fix hibernation flow (git-fixes).
• usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
• usb: dwc3: Properly set system wakeup (git-fixes).
• usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
• usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
• usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
• usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
• usb: port: Do not try to peer unused USB ports based on location (git-fixes).
• usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
• usb: typec: ucsi: Check for notifications after init (git-fixes).
• usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
• usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
• usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
• usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
• vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
• vt: fix unicode buffer corruption when deleting characters (git-fixes).
• watchdog: stm32_iwdg: initialize default timeout (git-fixes).
• wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
• wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
• wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
• wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes).
• wifi: b43: Disable QoS for bcm4331 (git-fixes).
• wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-fixes).
• wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-fixes).
• wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-fixes).
• wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-fixes).
• wifi: brcmsmac: avoid function pointer casts (git-fixes).
• wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
• wifi: iwlwifi: fix EWRD table validity check (git-fixes).
• wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
• wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
• wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
• wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
• wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-fixes).
• wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
• wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes).
• wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
• wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
• wifi: wilc1000: fix RCU usage in connect path (git-fixes).
• wifi: wilc1000: fix declarations ordering (stable-fixes).
• wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
• wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes).
• x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
• x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
• x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
• xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
• xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes).

This update for aaa_base fixes the following issues:

• home and end button not working from ssh client (bsc#1221407)
• use autosetup in prep stage of specfile
• drop the stderr redirection for csh (bsc#1221361)
• drop sysctl.d/50-default-s390.conf (bsc#1211721)
• make sure the script does not exit with 1 if a file with content is found (bsc#1222547)

This update for rpm fixes the following issues:
Security fixes:

• CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175)

• accept more signature subpackets marked as critical (bsc#1218686)
• backport limit support for the autopatch macro (bsc#1189495)

SUSE-IU-2024:324-1

This update for aaa_base fixes the following issues:

• Set JAVA_HOME correctly (bsc#1107342, bsc#1215434)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219429).
• CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
• CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).
• CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
• CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
• CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
• CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
• CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
• CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
• CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
• CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275).
• CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
• CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
• CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).
• CVE-2024-0641: Fixed a denial of service vulnerability in tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916).
• CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).
• CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).
• CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
• CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).

• Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
• ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
• ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
• ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
• ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (git-fixes).
• ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377)
• ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes).
• ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes).
• ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
• ACPI: video: check for error while searching for backlight device parent (git-fixes).
• ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-fixes).
• ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes).
• ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes).
• ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes).
• ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook (git-fixes).
• ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (git-fixes).
• ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes).
• ALSA: hda: Refer to correct stream index at loops (git-fixes).
• ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-fixes).
• ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes).
• ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
• ASoC: Intel: Skylake: mem leak in skl register function (git-fixes).
• ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-fixes).
• ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes).
• ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
• ASoC: amd: Add check for acp config flags (bsc#1219136).
• ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
• ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
• ASoC: amd: Drop empty platform remove function (bsc#1219136).
• ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136).
• ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes).
• ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136).
• ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
• ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out (bsc#1219136).
• ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136).
• ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller (bsc#1219136).
• ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136).
• ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136).
• ASoC: amd: acp: Add kcontrols and widgets per-codec in common code (bsc#1219136).
• ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes).
• ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136).
• ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver (bsc#1219136).
• ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136).
• ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
• ASoC: amd: acp: Initialize list to store acp_stream during pcm_open (bsc#1219136).
• ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
• ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136).
• ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
• ASoC: amd: acp: Refactor dai format implementation (bsc#1219136).
• ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136).
• ASoC: amd: acp: add a label to make error path more clean (bsc#1219136).
• ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform (bsc#1219136).
• ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136).
• ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136).
• ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136).
• ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
• ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
• ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols (bsc#1219136).
• ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136).
• ASoC: amd: acp: move pdm macros to common header file (bsc#1219136).
• ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136).
• ASoC: amd: acp: rembrandt: Drop if blocks with always false condition (bsc#1219136).
• ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
• ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions (bsc#1219136).
• ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
• ASoC: amd: acp: store platform device reference created in pci probe call (bsc#1219136).
• ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
• ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136).
• ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
• ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
• ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
• ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
• ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136).
• ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136).
• ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
• ASoC: amd: add acp6.2 irq handler (bsc#1219136).
• ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
• ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
• ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
• ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
• ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver (bsc#1219136).
• ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136).
• ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136).
• ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136).
• ASoC: amd: fix ACP version typo mistake (bsc#1219136).
• ASoC: amd: fix spelling mistake: 'i.e' -> 'i.e.' (bsc#1219136).
• ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136).
• ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
• ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs() (bsc#1219136).
• ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136).
• ASoC: amd: ps: Update copyright notice (bsc#1219136).
• ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136).
• ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136).
• ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136).
• ASoC: amd: ps: move irq handler registration (bsc#1219136).
• ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136).
• ASoC: amd: ps: refactor platform device creation logic (bsc#1219136).
• ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136).
• ASoC: amd: ps: remove unused variable (bsc#1219136).
• ASoC: amd: ps: update dev index value in irq handler (bsc#1219136).
• ASoC: amd: ps: update macros with ps platform naming convention (bsc#1219136).
• ASoC: amd: ps: update the acp clock source (bsc#1219136).
• ASoC: amd: ps: use acp_lock to protect common registers in pdm driver (bsc#1219136).
• ASoC: amd: ps: use static function (bsc#1219136).
• ASoC: amd: renoir: Add a module parameter to influence pdm_gain (bsc#1219136).
• ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
• ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
• ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1219136).
• ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
• ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136).
• ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136).
• ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
• ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
• ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136).
• ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for acp6x (bsc#1219136).
• ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42) (bsc#1219136).
• ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43) (bsc#1219136).
• ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop 15-fb0xxx (8A3E) (bsc#1219136).
• ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22) (bsc#1219136).
• ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136).
• ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136).
• ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136).
• ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
• ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table (bsc#1219136).
• ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table (bsc#1219136).
• ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136).
• ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x (bsc#1219136).
• ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136).
• ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136).
• ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table (bsc#1219136).
• ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table (bsc#1219136).
• ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136).
• ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136).
• ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
• ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136).
• ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136).
• ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks (bsc#1219136).
• ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes).
• ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes).
• ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
• ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes).
• ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes).
• ASoC: cs43130: Fix the position of const qualifier (git-fixes).
• ASoC: da7219: Support low DC impedance headset (git-fixes).
• ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (git-fixes).
• ASoC: ops: add correct range check for limiting volume (git-fixes).
• ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes).
• ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes).
• ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
• ASoC: wm8974: Correct boost mixer inputs (git-fixes).
• Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
• Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes).
• Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
• Documentation: Begin a RAS section (jsc#PED-7622).
• EDAC/amd64: Add context struct (jsc#PED-7615).
• EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
• EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616).
• EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
• EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622).
• EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
• EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
• EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615).
• EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
• EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
• EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
• EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
• EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615).
• EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
• EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
• EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
• EDAC/amd64: Remove module version string (jsc#PED-7615).
• EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615).
• EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
• EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
• EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
• EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615).
• EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
• EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615).
• EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
• EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
• EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
• EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes).
• Fix crash in vmw_context_cotables_unref when 3d support is enabled (bsc#1218738)
• HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
• HID: wacom: Correct behavior when processing some confidence == false touches (git-fixes).
• IB/iser: Prevent invalidating wrong MR (git-fixes)
• Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID (git-fixes).
• Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes).
• Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-fixes).
• Input: atkbd - use ab83 as id when skipping the getid command (git-fixes).
• Input: bcm5974 - check endpoint type before starting traffic (git-fixes).
• Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
• Input: xpad - add Razer Wolverine V2 support (git-fixes).
• KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes).
• KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1218997).
• KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
• Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
• PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
• PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
• PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
• PCI: keystone: Fix race condition when initializing PHYs (git-fixes).
• PM: hibernate: Enforce ordering during image compression/decompression (git-fixes).
• RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
• RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes)
• RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
• RDMA/irdma: Add wait for suspend on SQD (git-fixes)
• RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
• RDMA/irdma: Do not modify to SQD on error (git-fixes)
• RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
• RDMA/irdma: Refactor error handling in create CQP (git-fixes)
• RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
• RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
• RDMA/rtrs-clt: Start hb after path_up (git-fixes)
• RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
• RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes)
• RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
• RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes)
• RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
• USB: xhci: workaround for grace period (git-fixes).
• Update config files: enable ASoC AMD PS drivers (bsc#1219136)
• Update patch reference for ax88179 fix (bsc#1218948)
• acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-fixes).
• aio: fix mremap after fork null-deref (git-fixes).
• apparmor: avoid crash when parsed profile name is empty (git-fixes).
• arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729)
• arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps PLACEHOLDER_4 for HAS_ECV.
• arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729)
• arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
• arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes)
• arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
• arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
• arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
• arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
• arm64: module: move find_section to header (jsc#PED-4729)
• arm64: vdso: Fix 'no previous prototype' warning (jsc#PED-4729)
• arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
• arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729)
• asix: Add check for usbnet_get_endpoints (git-fixes).
• attr: block mode changes of symlinks (git-fixes).
• badblocks: add helper routines for badblock ranges handling (bsc#1174649).
• badblocks: add more helper structure and routines in badblocks.h (bsc#1174649).
• badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649).
• badblocks: improve badblocks_check() for multiple ranges handling (bsc#1174649).
• badblocks: improve badblocks_clear() for multiple ranges handling (bsc#1174649).
• badblocks: improve badblocks_set() for multiple ranges handling (bsc#1174649).
• badblocks: switch to the improved badblock handling code (bsc#1174649).
• bpf: Limit the number of kprobes when attaching program to multiple kprobes (git-fixes).
• bus: mhi: host: Add alignment check for event ring read pointer (git-fixes).
• bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-fixes).
• bus: mhi: host: Drop chan lock before queuing buffers (git-fixes).
• ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
• clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes).
• clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes).
• clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
• clk: samsung: Fix kernel-doc comments (git-fixes).
• clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-fixes).
• clk: zynqmp: Add a check for NULL pointer (git-fixes).
• clk: zynqmp: make bestdiv unsigned (git-fixes).
• clocksource: Skip watchdog check for large watchdog intervals (git-fixes).
• clocksource: disable watchdog checks on TSC when TSC is watchdog (bsc#1215885).
• coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
• coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779)
• coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779)
• coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
• coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
• coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779)
• coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
• crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
• crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
• crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes).
• crypto: sahara - do not resize req->src when doing hash operations (git-fixes).
• crypto: sahara - fix ahash reqsize (git-fixes).
• crypto: sahara - fix ahash selftest failure (git-fixes).
• crypto: sahara - fix cbc selftest failure (git-fixes).
• crypto: sahara - fix processing hash requests with req->nbytes < sg->length (git-fixes).
• crypto: sahara - fix processing requests with cryptlen < sg->length (git-fixes).
• crypto: sahara - fix wait_for_completion_timeout() error handling (git-fixes).
• crypto: sahara - handle zero-length aes requests (git-fixes).
• crypto: sahara - improve error handling in sahara_sha_process() (git-fixes).
• crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
• crypto: scomp - fix req->dst buffer overflow (git-fixes).
• dma-debug: fix kernel-doc warnings (git-fixes).
• dmaengine: fix NULL pointer in channel unregistration function (git-fixes).
• dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-fixes).
• dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes).
• dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes).
• dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
• doc/README.KSYMS: Add to repo.
• drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes).
• drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
• drivers: clk: zynqmp: update divider round rate logic (git-fixes).
• drm/amd/display: Fix tiled display misalignment (git-fixes).
• drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-fixes).
• drm/amd/display: add nv12 bounding box (git-fixes).
• drm/amd/display: get dprefclk ss info from integration info table (git-fixes).
• drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes).
• drm/amd/display: pbn_div need be updated for hotplug event (git-fixes).
• drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
• drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes).
• drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-fixes).
• drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
• drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (git-fixes).
• drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
• drm/amdgpu/pm: Fix the power source flag error (git-fixes).
• drm/amdgpu: Add NULL checks for function pointers (git-fixes).
• drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes).
• drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' (git-fixes).
• drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (git-fixes).
• drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
• drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-fixes).
• drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' (git-fixes).
• drm/amdgpu: Let KFD sync with VM fences (git-fixes).
• drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (git-fixes).
• drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-fixes).
• drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
• drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c (git-fixes).
• drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (git-fixes).
• drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-fixes).
• drm/amdkfd: Fix lock dependency warning (git-fixes).
• drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
• drm/amdkfd: Use resource_size() helper function (git-fixes).
• drm/amdkfd: fixes for HMM mem allocation (git-fixes).
• drm/bridge: Fix typo in post_disable() description (git-fixes).
• drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes).
• drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes).
• drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes).
• drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes).
• drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() (git-fixes).
• drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case (git-fixes).
• drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-fixes).
• drm/bridge: tc358767: Fix return value on error case (git-fixes).
• drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (git-fixes).
• drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
• drm/crtc: fix uninitialized variable use (git-fixes).
• drm/drv: propagate errors from drm_modeset_register_all() (git-fixes).
• drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-fixes).
• drm/exynos: fix a potential error pointer dereference (git-fixes).
• drm/exynos: fix a wrong error checking (git-fixes).
• drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes).
• drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-fixes).
• drm/framebuffer: Fix use of uninitialized variable (git-fixes).
• drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-fixes).
• drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() (git-fixes).
• drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
• drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
• drm/msm/dpu: fix writeback programming for YUV cases (git-fixes).
• drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality (git-fixes).
• drm/msm/dsi: Enable runtime PM (git-fixes).
• drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-fixes).
• drm/msm/mdp4: flush vblank event on disable (git-fixes).
• drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-fixes).
• drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes).
• drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes).
• drm/panel: nt35510: fix typo (git-fixes).
• drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-fixes).
• drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-fixes).
• drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes).
• drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-fixes).
• drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-fixes).
• drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-fixes).
• drm/radeon: check return value of radeon_ring_lock() (git-fixes).
• drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (git-fixes).
• drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
• drm/tidss: Fix atomic_flush check (git-fixes).
• drm/tidss: Fix dss reset (git-fixes).
• drm/tidss: Move reset to the end of dispc_init() (git-fixes).
• drm/tidss: Return error value from from softreset (git-fixes).
• drm/tilcdc: Fix irq free on unload (git-fixes).
• drm: Do not unref the same fb many times by mistake due to deadlock handling (git-fixes).
• drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-fixes).
• drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
• dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
• efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes).
• eventfd: prevent underflow for eventfd semaphores (git-fixes).
• exfat: fix reporting fs error when reading dir beyond EOF (git-fixes).
• exfat: support handle zero-size directory (git-fixes).
• exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes).
• fbdev: Only disable sysfb on the primary device (bsc#1216441)
• fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an existing patch to fix bsc#1216441.
• fbdev: flush deferred IO before closing (git-fixes).
• fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes).
• fbdev: imxfb: fix left margin setting (git-fixes).
• fbdev: mmp: Fix typo and wording in code comment (git-fixes).
• firewire: core: correct documentation of fw_csr_string() kernel API (git-fixes).
• firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (git-fixes).
• firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes).
• fjes: fix memleaks in fjes_hw_setup (git-fixes).
• fs/mount_setattr: always cleanup mount_kattr (git-fixes).
• fs: Fix error checking for d_hash_and_lookup() (git-fixes).
• fs: Move notify_change permission checks into may_setattr (git-fixes).
• fs: do not audit the capability check in simple_xattr_list() (git-fixes).
• fs: drop peer group ids under namespace lock (git-fixes).
• fs: indicate request originates from old mount API (git-fixes).
• fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
• fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
• gfs2: Always check inode size of inline inodes (git-fixes).
• gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
• gfs2: Disable page faults during lockless buffered reads (git-fixes).
• gfs2: Eliminate ip->i_gh (git-fixes).
• gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
• gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes).
• gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
• gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes).
• gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
• gfs2: Switch to wait_event in gfs2_logd (git-fixes).
• gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
• gfs2: low-memory forced flush fixes (git-fixes).
• gfs2: release iopen glock early in evict (git-fixes).
• gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes).
• gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
• hv_netvsc: rndis_filter needs to select NLS (git-fixes).
• hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
• hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes).
• i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
• i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
• i2c: s3c24xx: fix transferring more than one message in polling mode (git-fixes).
• iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
• iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
• iio: adc: ad9467: do not ignore error codes (git-fixes).
• iio: adc: ad9467: fix reset gpio handling (git-fixes).
• ipmi: Use regspacings passed as a module parameter (git-fixes).
• kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
• kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
• kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol It's an internal function that shouldn't have been exported
• kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
• kernel-doc: handle a void function without producing a warning (git-fixes).
• kernel-source: Fix description typo
• kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-fixes).
• leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
• leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes).
• libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-fixes).
• md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
• media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
• media: dt-bindings: ov8856: decouple lanes and link frequency from driver (git-fixes).
• media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (git-fixes).
• media: imx355: Enable runtime PM before registering async sub-device (git-fixes).
• media: ov9734: Enable runtime PM before registering async sub-device (git-fixes).
• media: pvrusb2: fix use after free on context disconnection (git-fixes).
• media: rkisp1: Disable runtime PM in probe error path (git-fixes).
• media: rkisp1: Fix media device memory leak (git-fixes).
• media: rkisp1: Read the ID register at probe time instead of streamon (git-fixes).
• media: videobuf2-dma-sg: fix vmap callback (git-fixes).
• mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes).
• misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes).
• mkspec: Include constraints for both multibuild and plain package always There is no need to check for multibuild flag, the constraints can be always generated for both cases.
• mkspec: Use variant in constraints template Constraints are not applied consistently with kernel package variants. Add variant to the constraints template as appropriate, and expand it in mkspec.
• mm: fs: initialize fsdata passed to write_begin/write_end interface (git-fixes).
• mmc: core: Cancel delayed work before releasing host (git-fixes).
• modpost: move __attribute__((format(printf, 2, 3))) to modpost.h (git-fixes).
• mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes).
• mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-fixes).
• mtd: rawnand: pl353: Fix kernel doc (git-fixes).
• mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-fixes).
• mtd: rawnand: rockchip: Rename a structure (git-fixes).
• net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
• net: usb: ax88179_178a: Bind only to vendor-specific interface (bsc#1218948).
• net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948).
• net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
• net: usb: ax88179_178a: remove redundant init code (git-fixes).
• net: usb: ax88179_178a: restore state on resume (bsc#1218948).
• nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes).
• nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349).
• nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
• nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
• nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes).
• nsfs: add compat ioctl handler (git-fixes).
• nvme-loop: always quiesce and cancel commands before destroying admin q (bsc#1211515).
• nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
• nvme-pci: fix sleeping function called from interrupt context (git-fixes).
• nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-fixes).
• nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515).
• nvme: fix max_discard_sectors calculation (git-fixes).
• nvme: introduce helper function to get ctrl state (git-fixes).
• nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515).
• nvme: start keep-alive after admin queue setup (bsc#1211515).
• nvme: trace: avoid memcpy overflow warning (git-fixes).
• nvmet: re-fix tracing strncpy() warning (git-fixes).
• of: Fix double free in of_parse_phandle_with_args_map (git-fixes).
• of: unittest: Fix of_count_phandle_with_args() expected value message (git-fixes).
• parport: parport_serial: Add Brainboxes BAR details (git-fixes).
• parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes).
• perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958).
• perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (bsc#1218958).
• perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (bsc#1219512).
• phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes).
• phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes).
• pinctrl: intel: Revert 'Unexport intel_pinctrl_probe()' (git-fixes).
• platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
• platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
• platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
• platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
• platform/x86: ISST: Reduce noise for missing numa information in logs (bsc#1219285).
• platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620).
• power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes).
• power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes).
• powerpc/fadump: reset dump area size if fadump memory reserve fails (bsc#1194869).
• powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
• powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
• powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869).
• powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
• powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
• powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1194869).
• powerpc/pseries: fix potential memory leak in init_cpu_associativity() (bsc#1194869).
• powerpc/xive: Fix endian conversion size (bsc#1194869).
• pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).
• pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes).
• pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes).
• pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
• pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes).
• pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-fixes).
• r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
• r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
• reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-fixes).
• ring-buffer/Documentation: Add documentation on buffer_percent file (git-fixes).
• ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (git-fixes).
• s390/dasd: fix double module refcount decrement (bsc#1141539).
• s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1219006).
• s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012).
• s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (git-fixes bsc#1219014).
• s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (git-fixes bsc#1219013).
• s390/vfio-ap: unpin pages on gisc registration failure (git-fixes bsc#1218723).
• s390: vfio-ap: tighten the NIB validity check (git-fixes).
• sched/isolation: add cpu_is_isolated() API (bsc#1217895).
• scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
• scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
• scsi: core: Always send batch on reset or error handling command (git-fixes).
• scsi: fnic: Return error if vmalloc() failed (git-fixes).
• scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes).
• scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes).
• scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
• scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes).
• scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes).
• scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes).
• scsi: hisi_sas: Replace with standard error code return value (git-fixes).
• scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes).
• scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-fixes).
• scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (git-fixes).
• scsi: ibmvfc: Implement channel queue depth and event buffer accounting (bsc#1209834 ltc#202097).
• scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834 ltc#202097).
• scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes).
• scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).
• scsi: lpfc: Change VMID driver load time parameters to read only (bsc#1219582).
• scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes (bsc#1219582).
• scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC (bsc#1219582).
• scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
• scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes).
• scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
• scsi: mpt3sas: Fix an outdated comment (git-fixes).
• scsi: mpt3sas: Fix in error path (git-fixes).
• scsi: mpt3sas: Fix loop logic (bsc#1219067).
• scsi: mpt3sas: Fix loop logic (git-fixes).
• scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
• scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command (git-fixes).
• scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes).
• selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes).
• serial: 8250: omap: Do not skip resource freeing if pm_runtime_resume_and_get() failed (git-fixes).
• serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
• serial: imx: Correct clock error message in function probe() (git-fixes).
• serial: imx: fix tx statemachine deadlock (git-fixes).
• serial: max310x: fail probe if clock crystal is unstable (git-fixes).
• serial: max310x: improve crystal stable clock detection (git-fixes).
• serial: max310x: set default value when reading clock ready bit (git-fixes).
• serial: sc16is7xx: add check for unsupported SPI modes during probe (git-fixes).
• serial: sc16is7xx: set safe default SPI clock frequency (git-fixes).
• serial: sccnxp: Improve error message if regulator_disable() fails (git-fixes).
• shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-fixes).
• software node: Let args be NULL in software_node_get_reference_args (git-fixes).
• spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes).
• swiotlb-xen: provide the 'max_mapping_size' method (git-fixes).
• swiotlb: fix a braino in the alignment check fix (bsc#1216559).
• swiotlb: fix slot alignment checks (bsc#1216559).
• trace,smp: Add tracepoints around remotelly called functions (bsc#1217895).
• tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
• tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).
• tracing: Add size check when printing trace_marker output (git-fixes).
• tracing: Ensure visibility when inserting an element into tracing_map (git-fixes).
• tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes).
• tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (git-fixes).
• ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex (git-fixes).
• ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted (git-fixes).
• ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-fixes).
• uio: Fix use-after-free in uio_open (git-fixes).
• usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-fixes).
• usb: cdns3: fix uvc failure work since sg support enabled (git-fixes).
• usb: chipidea: wait controller resume finished for wakeup irq (git-fixes).
• usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes).
• usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes).
• usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
• usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
• usb: otg numberpad exception (bsc#1218527).
• usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (git-fixes).
• usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
• usb: ucsi: Add missing ppm_lock (git-fixes).
• usb: ucsi_acpi: Fix command completion handling (git-fixes).
• usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-fixes).
• usr/Kconfig: fix typos of 'its' (git-fixes).
• vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
• vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes).
• virtio-mmio: fix memory leak of vm_dev (git-fixes).
• virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes).
• vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
• vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (git-fixes).
• watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
• watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes).
• watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (git-fixes).
• watchdog: set cdev owner before adding (git-fixes).
• wifi: ath11k: Defer on rproc_get failure (git-fixes).
• wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
• wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
• wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-fixes).
• wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes).
• wifi: libertas: stop selecting wext (git-fixes).
• wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes).
• wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-fixes).
• wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes).
• wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes).
• wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-fixes).
• wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes).
• wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-fixes).
• wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
• x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
• x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
• x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
• x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
• x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
• x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
• x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
• x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
• x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes).
• x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown() (git-fixes).
• x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
• x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
• xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes).
• xen/events: fix delayed eoi list handling (git-fixes).
• xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes).
• xhci: cleanup xhci_hub_control port references (git-fixes).
• xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes).
• xhci: track port suspend state correctly in unsuccessful resume cases (git-fixes).

This update for openssl-1_1 fixes the following issues:

• CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).

This update for libxml2 fixes the following issues:

• CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).

This update for mozilla-nss fixes the following issues:
Update to NSS 3.90.2:

• CVE-2023-5388: Fixed timing attack against RSA decryption in TLS (bsc#1216198)

This update for rpm fixes the following issues:

• backport lua support for rpm.execute to ease migrating from SLE Micro 5.5 to 6.0 (bsc#1216752)

This update for netcfg fixes the following issues:

• Add krb-prop entry (bsc#1211886)

This update for wpa_supplicant fixes the following issues:

• CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975).

This update for libssh fixes the following issues:

• Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)

This update for cpio fixes the following issues:

• Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238)

This update for aaa_base fixes the following issues:

• Silence the output in the case of broken symlinks (bsc#1218232)

This update for glibc fixes the following issues:
Security issues fixed:

• qsort: harden handling of degenerated / non transient compare function (bsc#1218866)

• getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)
• aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)

This update for systemd-presets-common-SUSE fixes the following issues:

• Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked (bsc#1200731)
• Support both the old and new service to avoid complex version interdependency

This update for audit fixes the following issue:

• Fix plugin termination when using systemd service units (bsc#1215377)

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
• CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
• CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
• CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
• CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
• CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
• CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
• CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
• CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
• CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
• CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
• CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
• CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
• CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
• CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
• CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
• CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
• CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
• CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
• CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
• CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
• CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
• CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
• CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
• CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
• CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
• CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
• CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
• CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
• CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
• CVE-2024-26586: Fixed stack corruption (bsc#1220243).
• CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
• CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
• CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
• CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
• CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
• CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
• CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
• CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).

• acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes).
• acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes).
• acpi: extlog: fix null pointer dereference check (git-fixes).
• acpi: resource: add asus model s5402za to quirks (git-fixes).
• acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes).
• acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes).
• acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes).
• acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes).
• acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes).
• acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes).
• add reference to recently released cve
• afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes).
• afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes).
• afs: hide silly-rename files from userspace (git-fixes).
• afs: increase buffer size in afs_update_volume_status() (git-fixes).
• ahci: asm1166: correct count of reported ports (git-fixes).
• alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes).
• alsa: firewire-lib: fix to check cycle continuity (git-fixes).
• alsa: hda/conexant: add quirk for sws js201d (git-fixes).
• alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
• alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes).
• alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes).
• alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes).
• alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes).
• alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes).
• alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes).
• alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes).
• alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes).
• alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes).
• alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes).
• alsa: usb-audio: check presence of valid altsetting control (git-fixes).
• alsa: usb-audio: ignore clock selector errors for single connection (git-fixes).
• alsa: usb-audio: more relaxed check of midi jack names (git-fixes).
• alsa: usb-audio: sort quirk table entries (git-fixes).
• arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443)
• arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443)
• arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
• arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround.
• arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break.
• arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break
• arm64: irq: set the correct node for shadow call stack (git-fixes)
• arm64: irq: set the correct node for vmap stack (git-fixes)
• arm64: rename arm64_workaround_2966298 (bsc#1219443)
• arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes)
• asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes).
• asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes).
• asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes).
• asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes).
• atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
• bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes).
• bluetooth: enforce validation on max value of connection interval (git-fixes).
• bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes).
• bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes).
• bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes).
• bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes).
• bluetooth: l2cap: fix possible multiple reject send (git-fixes).
• bluetooth: qca: fix wrong event type for patch config command (git-fixes).
• bpf: fix verification of indirect var-off stack access (git-fixes).
• bpf: guard stack limits against 32bit overflow (git-fixes).
• bpf: minor logging improvement (bsc#1220257).
• bus: moxtet: add spi device table (git-fixes).
• cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267).
• can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes).
• crypto: api - disallow identical driver names (git-fixes).
• crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes).
• crypto: octeontx2 - fix cptvf driver cleanup (git-fixes).
• crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
• dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes).
• dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes).
• dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
• dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
• dmaengine: ptdma: use consistent dma masks (git-fixes).
• dmaengine: shdma: increase size of 'dev_id' (git-fixes).
• dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes).
• driver core: fix device_link_flag_is_sync_state_only() (git-fixes).
• drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes).
• drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes).
• drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes).
• drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes).
• drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes).
• drm/amd/display: preserve original aspect ratio in create stream (git-fixes).
• drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes).
• drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
• drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes).
• drm/buddy: fix range bias (git-fixes).
• drm/crtc: fix uninitialized variable use even harder (git-fixes).
• drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes).
• drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes).
• drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes).
• drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes).
• drm/prime: support page array >= 4gb (git-fixes).
• drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes).
• drm/ttm: fix an invalid freeing on already freed page in error path (git-fixes).
• drop bcm5974 input patch causing a regression (bsc#1220030)
• efi/capsule-loader: fix incorrect allocation size (git-fixes).
• efi: do not add memblocks for soft-reserved memory (git-fixes).
• efi: runtime: fix potential overflow of soft-reserved region size (git-fixes).
• fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes).
• fbdev: savage: error out if pixclock equals zero (git-fixes).
• fbdev: sis: error out if pixclock equals zero (git-fixes).
• firewire: core: send bus reset promptly on gap count error (git-fixes).
• fs: dlm: fix build with config_ipv6 disabled (git-fixes).
• fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes).
• gpio: 74x164: enable output pins after registers are reset (git-fixes).
• gpio: fix resource unwinding order in error path (git-fixes).
• gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes).
• gpiolib: fix the error path order in gpiochip_add_data_with_key() (git-fixes).
• hid: apple: add 2021 magic keyboard fn key mapping (git-fixes).
• hid: apple: add support for the 2021 magic keyboard (git-fixes).
• hid: wacom: do not register input devices until after hid_hw_start (git-fixes).
• hid: wacom: generic: avoid reporting a serial of '0' to userspace (git-fixes).
• hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
• hwmon: (coretemp) enlarge per package core count limit (git-fixes).
• hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes).
• hwmon: (coretemp) fix out-of-bounds memory access (git-fixes).
• i2c: i801: fix block process call transactions (git-fixes).
• i2c: i801: remove i801_set_block_buffer_mode (git-fixes).
• i2c: imx: add timer for handling the stop condition (git-fixes).
• i2c: imx: when being a target, mark the last read as processed (git-fixes).
• i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes).
• ib/hfi1: fix a memleak in init_credit_return (git-fixes)
• ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes)
• iio: accel: bma400: fix a compilation problem (git-fixes).
• iio: adc: ad7091r: set alert bit in config register (git-fixes).
• iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
• iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git-fixes).
• iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes).
• input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes).
• input: xpad - add lenovo legion go controllers (git-fixes).
• irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes).
• jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes).
• jfs: fix array-index-out-of-bounds in dinewext (git-fixes).
• jfs: fix slab-out-of-bounds read in dtsearch (git-fixes).
• jfs: fix uaf in jfs_evict_inode (git-fixes).
• kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes).
• kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839).
• kvm: s390: fix setting of fpc register (git-fixes bsc#1220392).
• kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393).
• kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes).
• kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git-fixes).
• lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes).
• leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes).
• lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423).
• lib/stackdepot: add refcount for records (jsc-ped#7423).
• lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423).
• lib/stackdepot: move stack_record struct definition into the header (jsc-ped#7423).
• libsubcmd: fix memory leak in uniq() (git-fixes).
• media: ddbridge: fix an error code problem in ddb_probe (git-fixes).
• media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
• media: rc: bpf attach/detach requires write permission (git-fixes).
• media: rockchip: rga: fix swizzling for rgb formats (git-fixes).
• media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes).
• mfd: syscon: fix null pointer dereference in of_syscon_register() (git-fixes).
• mm,page_owner: display all stacks and their count (jsc-ped#7423).
• mm,page_owner: filter out stacks by a threshold (jsc-ped#7423).
• mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423).
• mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423).
• mm,page_owner: update documentation regarding page_owner_stacks (jsc-ped#7423).
• mm/hwpoison: fix unpoison_memory() (bsc#1218663).
• mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663).
• mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663).
• mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes).
• mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes).
• mmc: core: use mrq.sbc in close-ended ffu (git-fixes).
• mmc: mmc_spi: remove custom dma mapped buffers (git-fixes).
• mmc: sdhci-xenon: add timeout for phy init complete (git-fixes).
• mmc: sdhci-xenon: fix phy init clock stability (git-fixes).
• mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes).
• modpost: trim leading spaces when processing source files list (git-fixes).
• mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes).
• net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
• netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003).
• nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes).
• nilfs2: replace warn_ons for invalid dat metadata block requests (git-fixes).
• nouveau/svm: fix kvcalloc() argument order (git-fixes).
• nouveau: fix function cast warnings (git-fixes).
• ntfs: check overflow when iterating attr_records (git-fixes).
• ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
• nvme-fabrics: fix i/o connect error handling (git-fixes).
• nvme-host: fix the updating of the firmware version (git-fixes).
• pci/aer: decode requester id when no error info found (git-fixes).
• pci: add no pm reset quirk for nvidia spectrum devices (git-fixes).
• pci: add pci_header_type_mfd definition (bsc#1220021).
• pci: fix 64gt/s effective data rate calculation (git-fixes).
• pci: only override amd usb controller if required (git-fixes).
• pci: switchtec: fix stdev_release() crash after surprise hot remove (git-fixes).
• platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes).
• platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes).
• platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes).
• pm: core: remove unnecessary (void *) conversions (git-fixes).
• pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes).
• pnp: acpi: fix fortify warning (git-fixes).
• power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes).
• powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869).
• powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869).
• powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348).
• powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869).
• powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348).
• powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869).
• powerpc/watchpoints: annotate atomic context in more places (bsc#1194869).
• powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869).
• powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869).
• powerpc: do not include lppaca.h in paca.h (bsc#1194869).
• pstore/ram: fix crash when setting number of cpus to an odd number (git-fixes).
• ras/amd/atl: add mi300 row retirement support (jsc#ped-7618).
• ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes).
• ras: introduce a fru memory poison manager (jsc#ped-7618).
• rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes)
• rdma/bnxt_re: return error for srq resize (git-fixes)
• rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934).
• rdma/core: get ib width and speed from netdev (bsc#1219934).
• rdma/irdma: add ae for too many rnrs (git-fixes)
• rdma/irdma: fix kasan issue with tasklet (git-fixes)
• rdma/irdma: set the cq read threshold for gen 1 (git-fixes)
• rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes)
• rdma/qedr: fix qedr_create_user_qp error flow (git-fixes)
• rdma/srpt: fix function pointer cast warnings (git-fixes)
• rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes)
• refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277)
• regulator: core: only increment use_count when enable_count changes (git-fixes).
• regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes).
• revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes).
• revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes).
• revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes).
• rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created.
• s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840).
• s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317).
• sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes).
• scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes).
• scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes).
• scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141).
• scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes).
• scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106).
• scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106).
• scsi: isci: fix an error code problem in isci_io_request_build() (git-fixes).
• scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021).
• scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021).
• scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021).
• scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021).
• scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021).
• scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021).
• scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021).
• scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021).
• scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021).
• scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021).
• scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021).
• scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021).
• scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021).
• scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021).
• scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021).
• scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021).
• scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021).
• scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021).
• scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021).
• scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes).
• scsi: revert 'scsi: fcoe: fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141).
• serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes).
• spi-mxs: fix chipselect glitch (git-fixes).
• spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git-fixes).
• spi: ppc4xx: drop write-only variable (git-fixes).
• spi: sh-msiof: avoid integer overflow in constants (git-fixes).
• staging: iio: ad5933: fix type mismatch regression (git-fixes).
• supported.conf: remove external flag from ibm supported modules. (bsc#1209412)
• tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
• tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes).
• topology/sysfs: add format parameter to macro defining 'show' functions for proc (jsc#ped-7618).
• topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618).
• tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes).
• ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes).
• usb: cdns3: fix memory double free when handle zero packet (git-fixes).
• usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes).
• usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes).
• usb: cdns3: put the cdns set active part outside the spin lock (git-fixes).
• usb: cdns: readd old api (git-fixes).
• usb: cdnsp: blocked some cdns3 specific code (git-fixes).
• usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes).
• usb: dwc3: gadget: do not disconnect if not started (git-fixes).
• usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes).
• usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes).
• usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes).
• usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes).
• usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git-fixes).
• usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes).
• usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
• usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes).
• usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes).
• usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes).
• usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes).
• usb: gadget: f_hid: fix report descriptor allocation (git-fixes).
• usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes).
• usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes).
• usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes).
• usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git-fixes).
• usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes).
• usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes).
• usb: gadget: udc: handle gadget_connect failure during bind operation (git-fixes).
• usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527).
• usb: hub: replace hardcoded quirk value with bit() macro (git-fixes).
• usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes).
• usb: roles: fix null pointer issue when put module's reference (git-fixes).
• usb: serial: cp210x: add id for imst im871a-usb (git-fixes).
• usb: serial: option: add fibocom fm101-gl variant (git-fixes).
• usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes).
• watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git-fixes).
• wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes).
• wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes).
• wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
• wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes).
• wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes).
• wifi: iwlwifi: fix some error codes (git-fixes).
• wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes).
• wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes).
• wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes).
• wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes).
• wifi: nl80211: reject iftype change with mesh id change (git-fixes).
• wifi: rt2x00: restart beacon queue when hardware reset (git-fixes).
• wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes).
• wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes).
• wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes).
• x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes).
• x86/bugs: add asm helpers for executing verw (git-fixes).
• x86/bugs: use alternative() instead of mds_user_clear static key (git-fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk.
• x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618).
• x86/entry_32: add verw just before userspace transition (git-fixes).
• x86/entry_64: add verw just before userspace transition (git-fixes).
• x86/mm: fix memory encryption features advertisement (bsc#1206453).
• xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes).
• xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes).