openSUSE Security Announce
Threads by month
- ----- 2024 -----
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
December 2023
- 3 participants
- 79 discussions
14 Dec '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4730-1
Rating: important
References:
* bsc#1084909
* bsc#1207948
* bsc#1210447
* bsc#1214286
* bsc#1214700
* bsc#1214840
* bsc#1214976
* bsc#1215123
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1215802
* bsc#1215931
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216527
* bsc#1216584
* bsc#1216687
* bsc#1216693
* bsc#1216759
* bsc#1216788
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217095
* bsc#1217124
* bsc#1217140
* bsc#1217147
* bsc#1217195
* bsc#1217196
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217511
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5633
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5633 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* Legacy Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Availability Extension 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro 6.0
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5
An update that solves 13 vulnerabilities, contains three features and has 38
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were
handled when they were being used to store a surface (bsc#1216527).
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
The following non-security bugs were fixed:
* ACPI: FPDT: properly handle invalid FPDT subtables (git-fixes).
* ACPI: resource: Do IRQ override on TongFang GMxXGxx (git-fixes).
* ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (git-fixes).
* ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* ALSA: hda/realtek - ALC287 Realtek I2S speaker platform support (git-fixes).
* ALSA: hda/realtek - Add Dell ALC295 to pin fall back table (git-fixes).
* ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (git-fixes).
* ALSA: hda/realtek: Add quirk for ASUS UX7602ZM (git-fixes).
* ALSA: hda/realtek: Add quirks for ASUS 2024 Zenbooks (git-fixes).
* ALSA: hda/realtek: Add quirks for HP Laptops (git-fixes).
* ALSA: hda/realtek: Add support dual speaker for Dell (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP 255 G10 (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP 255 G8 (git-fixes).
* ALSA: hda: ASUS UM5302LA: Added quirks for cs35L41/10431A83 on i2c bus (git-
fixes).
* ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140).
* ALSA: hda: Fix possible null-ptr-deref when assigning a stream (git-fixes).
* ALSA: hda: cs35l41: Fix unbalanced pm_runtime_get() (git-fixes).
* ALSA: hda: cs35l41: Undo runtime PM changes at driver exit time (git-fixes).
* ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection (git-fixes).
* ALSA: info: Fix potential deadlock at disconnection (git-fixes).
* ALSA: usb-audio: add quirk flag to enable native DSD for McIntosh devices
(git-fixes).
* ARM: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails (git-fixes).
* ASoC: SOF: core: Ensure sof_ops_free() is still called when probe never ran
(git-fixes).
* ASoC: ams-delta.c: use component after check (git-fixes).
* ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* ASoC: cs35l41: Undo runtime PM changes at driver exit time (git-fixes).
* ASoC: cs35l41: Verify PM runtime resume errors in IRQ handler (git-fixes).
* ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe (git-fixes).
* ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not
described (git-fixes).
* ASoC: hdmi-codec: register hpd callback on component probe (git-fixes).
* ASoC: rt5650: fix the wrong result of key button (git-fixes).
* ASoC: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (git-fixes).
* Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (git-fixes).
* Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (git-
fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (git-
fixes).
* Bluetooth: btusb: Add date->evt_skb is NULL check (git-fixes).
* Documentation: networking: correct possessive "its" (bsc#1215458).
* Drivers: hv: vmbus: Remove unused extern declaration vmbus_ontimer() (git-
fixes).
* Fix termination state for idr_for_each_entry_ul() (git-fixes).
* HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W (git-fixes).
* HID: hyperv: Replace one-element array with flexible-array member (git-
fixes).
* HID: hyperv: avoid struct memcpy overrun warning (git-fixes).
* HID: hyperv: remove unused struct synthhid_msg (git-fixes).
* HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* HID: logitech-hidpp: Do not restart IO, instead defer hid_connect() only
(git-fixes).
* HID: logitech-hidpp: Move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk (git-fixes).
* HID: logitech-hidpp: Revert "Do not restart communication if not necessary"
(git-fixes).
* Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport (git-
fixes).
* Input: xpad - add VID for Turtle Beach controllers (git-fixes).
* NFS: Fix access to page->mapping (bsc#1216788).
* PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common() (git-fixes).
* PCI/sysfs: Protect driver's D3cold preference from user space (git-fixes).
* PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1215458).
* PCI: Extract ATS disabling to a helper function (bsc#1215458).
* PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git-
fixes).
* PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk (git-fixes).
* PCI: Use FIELD_GET() to extract Link Width (git-fixes).
* PCI: exynos: Do not discard .remove() callback (git-fixes).
* PCI: keystone: Do not discard .probe() callback (git-fixes).
* PCI: keystone: Do not discard .remove() callback (git-fixes).
* PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields (git-
fixes).
* PCI: vmd: Correct PCI Header Type Register's multi-function check (git-
fixes).
* PM / devfreq: rockchip-dfi: Make pmu regmap mandatory (git-fixes).
* PM: hibernate: Use __get_safe_page() rather than touching the list (git-
fixes).
* USB: dwc2: write HCINT with INTMASK applied (bsc#1214286).
* USB: dwc3: qcom: fix ACPI platform device leak (git-fixes).
* USB: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* USB: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* USB: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* USB: serial: option: add Fibocom L7xx modules (git-fixes).
* USB: serial: option: add Luat Air72*U series products (git-fixes).
* USB: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
* USB: serial: option: fix FM101R-GL defines (git-fixes).
* USB: usbip: fix stub_dev hub disconnect (git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: Add Cortex-A520 CPU part definition (git-fixes)
* arm64: allow kprobes on EL0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass ESR_ELx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out EL1 SSBS emulation hook (git-fixes)
* arm64: report EL1 UNDEFs better (git-fixes)
* arm64: rework BTI exception handling (git-fixes)
* arm64: rework EL0 MRS emulation (git-fixes)
* arm64: rework FPAC exception handling (git-fixes)
* arm64: split EL0/EL1 UNDEF handlers (git-fixes)
* ata: pata_isapnp: Add missing error check for devm_ioport_map() (git-fixes).
* atl1c: Work around the DMA RX overflow issue (git-fixes).
* atm: iphase: Do PCI error checks on own line (git-fixes).
* blk-mq: Do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: Add device 0bda:887b to device tables (git-fixes).
* bluetooth: Add device 13d3:3571 to device tables (git-fixes).
* btrfs: always log symlinks in full mode (bsc#1214840).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is OK (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize CAN ID checks in isotp_bind() (git-fixes).
* can: isotp: set max PDU size to 64 kByte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: Fix comment (git-fixes).
* clk: Sanitize possible_parent_show to Handle Return Value of
of_clk_get_parent_name (git-fixes).
* clk: imx: Select MXC_CLK for CLK_IMX8QXP (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: Fix elcdif_pll clock (git-fixes).
* clk: keystone: pll: fix a couple NULL vs IS_ERR() checks (git-fixes).
* clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: Fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM (git-fixes).
* clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: Do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: Fix the SMMU GDSC (git-fixes).
* clk: scmi: Free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: Add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: Update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* clk: ti: change ti_clk_register_omap_hw API (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* clocksource/drivers/timer-atmel-tcb: Fix initialization on SAM9 hardware
(git-fixes).
* clocksource/drivers/timer-imx-gpt: Fix potential memory leak (git-fixes).
* crypto: caam/jr - fix Chacha20 + Poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - Fix a erroneous check after snprintf() (git-fixes).
* dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* drm/amd/display: Avoid NULL dereference of timing generator (git-fixes).
* drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
(git-fixes).
* drm/amd/display: Refactor dm_get_plane_scale helper (git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: Handle non-terminated overdrive commands (git-fixes).
* drm/amd: Disable ASPM for VI w/ all Intel systems (git-fixes).
* drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (git-
fixes).
* drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (git-fixes).
* drm/amd: Move helper for dynamic speed switch check out of smu13 (git-
fixes).
* drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments
(git-fixes).
* drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes).
* drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
(git-fixes).
* drm/amdgpu: Fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: Remove unnecessary domain argument (git-fixes).
* drm/amdgpu: Reserve fences for VM update (git-fixes).
* drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802).
* drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-
fixes).
* drm/amdgpu: do not use ATRM for external devices (git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdgpu: not to save bo in the case of RAS err_event_athub (git-fixes).
* drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802).
* drm/amdkfd: Fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: Fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: Fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: Add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: Fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: Fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: Manually disable HPD only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: Register and attach our DSI device at probe (git-
fixes).
* drm/bridge: lt8912b: Switch to devm MIPI-DSI helpers (git-fixes).
* drm/bridge: lt9611uxc: Register and attach our DSI device at probe (git-
fixes).
* drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: tc358768: Clean up clock period code (git-fixes).
* drm/bridge: tc358768: Disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: Fix bit updates (git-fixes).
* drm/bridge: tc358768: Fix tc358768_ns_to_cnt() (git-fixes).
* drm/bridge: tc358768: Fix use of uninitialized variable (git-fixes).
* drm/bridge: tc358768: Print logical values, not raw register values (git-
fixes).
* drm/bridge: tc358768: Rename dsibclk to hsbyteclk (git-fixes).
* drm/bridge: tc358768: Use dev for dbg prints, not priv->dev (git-fixes).
* drm/bridge: tc358768: Use struct videomode (git-fixes).
* drm/bridge: tc358768: remove unused variable (git-fixes).
* drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper() (git-
fixes).
* drm/gma500: Fix call trace when psb_gem_mm_init() fails (git-fixes).
* drm/gud: Use size_add() in call to struct_size() (git-fixes).
* drm/i915: Fix potential spectre vulnerability (git-fixes).
* drm/i915: Flush WC GGTT only on required platforms (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: Fix iommu fault by swapping FBs after updating plane state
(git-fixes).
* drm/mediatek: Fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: Create devm device attachment (git-fixes).
* drm/mipi-dsi: Create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for DP CTS EDID checksum (git-fixes).
* drm/msm/dsi: free TX buffer in unbind (git-fixes).
* drm/msm/dsi: use msm_gem_kernel_put to free TX buffer (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (git-fixes).
* drm/panel: simple: Fix Innolux G101ICE-L01 timings (git-fixes).
* drm/panel: st7703: Pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: fix a possible null pointer dereference (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: vop: Fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (git-
fixes).
* drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE (git-fixes).
* drm/ttm: Reorder sys manager cleanup step (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm/vmwgfx: Remove the duplicate bo_free function (bsc#1216527)
* drm/vmwgfx: Rename vmw_buffer_object to vmw_bo (bsc#1216527)
* drm: bridge: it66121: Fix invalid connector dereference (git-fixes).
* drm: mediatek: mtk_dsi: Fix NO_EOT_PACKET settings/handling (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes).
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: Fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: Release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: omapfb: Drop unused remove function (git-fixes).
* fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit() (git-
fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* gpu: host1x: Correct allocated size for contexts (git-fixes).
* hid: cp2112: Fix duplicate workqueue initialization (git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: Fix race of register_netdevice_notifier and VF register (git-
fixes).
* hv_netvsc: Mark VF as slave before exposing it to user-mode (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and VF register_netdevice (git-fixes).
* hwmon: (coretemp) Fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: core: Run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: sun6i-p2wi: Prevent potential division by zero (git-fixes).
* i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: Fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data (git-
fixes).
* i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix wrong data return when IBI happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: Fix NULL deref bugs with drm_dbg() calls (git-fixes).
* idpf: add RX splitq napi poll support (bsc#1215458).
* idpf: add SRIOV support and other ndo_ops (bsc#1215458).
* idpf: add TX splitq napi poll support (bsc#1215458).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and MAC filter support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for RX queues (bsc#1215458).
* idpf: configure resources for TX queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* irqchip/stm32-exti: add missing DT IRQ flag translation (git-fixes).
* leds: pwm: Do not disable the PWM when the LED should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: Do not use SMBUS calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: Correctly initialise try compose rectangle (git-fixes).
* media: ccs: Fix driver quirk struct documentation (git-fixes).
* media: cedrus: Fix clock/reset sequence (git-fixes).
* media: cobalt: Use FIELD_GET() to extract Link Width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: Fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: Fix VFE-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: Fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: Fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: Fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: Drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: Add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: Add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: Add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs (git-
fixes).
* mfd: core: Ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: Fix double put in dln2_probe (git-fixes).
* misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#PED-7237,
git-fixes).
* mmc: block: Be sure to wait while busy in CQE error recovery (git-fixes).
* mmc: block: Do not lose cache flush during CQE error recovery (git-fixes).
* mmc: block: Retry commands in CQE error recovery (git-fixes).
* mmc: cqhci: Fix task clearing in CQE error recovery (git-fixes).
* mmc: cqhci: Increase recovery halt timeout (git-fixes).
* mmc: cqhci: Warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: Remove setting of CMD_CFG_ERROR (git-fixes).
* mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2 (git-
fixes).
* mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER (git-
fixes).
* mmc: sdhci_am654: fix start loop index for TAP value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: Byte swap OTP info (git-fixes).
* mtd: rawnand: arasan: Include ECC syndrome along with in-band data while
checking for ECC failure (git-fixes).
* net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).
* net: Avoid address overwrite in kernel_connect (bsc#1216861).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: mana: Fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* nvme: update firmware version after commit (bsc#1215292).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86/intel-uncore-freq: Return error on write frequency
(bsc#1217147).
* platform/x86/intel-uncore-freq: Split common and enumeration part
(bsc#1217147).
* platform/x86/intel-uncore-freq: Support for cluster level controls
(bsc#1217147).
* platform/x86/intel-uncore-freq: Uncore frequency control via TPMI
(bsc#1217147).
* platform/x86/intel-uncore-freq: tpmi: Provide cluster level control
(bsc#1217147).
* platform/x86/intel/tpmi: ADD tpmi external interface for tpmi feature
drivers (bsc#1217147).
* platform/x86/intel/tpmi: Fix double free reported by Smatch (bsc#1217147).
* platform/x86/intel/tpmi: Process CPU package mapping (bsc#1217147).
* platform/x86/intel/uncore-freq: Display uncore current frequency
(bsc#1217147).
* platform/x86/intel/uncore-freq: Move to uncore-frequency folder
(bsc#1217147).
* platform/x86/intel/uncore-freq: Use sysfs API to create attributes
(bsc#1217147).
* platform/x86/intel/vsec: Add TPMI ID (bsc#1217147).
* platform/x86/intel/vsec: Enhance and Export intel_vsec_add_aux()
(bsc#1217147).
* platform/x86/intel/vsec: Support private data (bsc#1217147).
* platform/x86/intel/vsec: Use mutex for ida_alloc() and ida_free()
(bsc#1217147).
* platform/x86/intel: Intel TPMI enumeration driver (bsc#1217147).
* platform/x86/intel: tpmi: Fix double free in tpmi_create_device()
(bsc#1217147).
* platform/x86: intel-uncore-freq: Add client processors (bsc#1217147).
* platform/x86: intel-uncore-freq: Conditionally create attribute for read
frequency (bsc#1217147).
* platform/x86: intel-uncore-freq: Prevent driver loading in guests
(bsc#1217147).
* platform/x86: intel-uncore-freq: Use sysfs_emit() to instead of scnprintf()
(bsc#1217147).
* platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes
(bsc#1217147).
* platform/x86: intel-uncore-frequency: Move to intel sub-directory
(bsc#1217147).
* platform/x86: intel-uncore-frequency: use default_groups in kobj_type
(bsc#1217147).
* platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (git-
fixes).
* platform/x86: wmi: Fix opening of char device (git-fixes).
* platform/x86: wmi: Fix probe failure when failing to register WMI devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* powerpc/perf/hv-24x7: Update domain value check (bsc#1215931).
* powerpc/vas: Limit open window failure messages in log bufffer (bsc#1216687
ltc#203927).
* powerpc: Do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: Fix double shift bug (git-fixes).
* pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume (git-fixes).
* pwm: sti: Reduce number of allocations and drop usage of chip_data (git-
fixes).
* r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: Check for unplug in rtl_phy_patch_request() (git-fixes).
* regmap: Ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: debugfs: Fix a erroneous check after snprintf() (git-fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* s390/ap: fix AP bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of DAT pages (LTC#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (LTC#203997
bsc#1217086).
* s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for ERP requests (git-fixes
bsc#1217598).
* s390/ipl: add missing IPL_TYPE_ECKD_DUMP case to ipl_init() (git-fixes
bsc#1217511).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(LTC#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(LTC#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes
bsc#1217599).
* sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196).
* sbitmap: fix up kABI for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196).
* sbsa_gwdt: Calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: Copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: Correct maximum PCI function value for RAS fw logging
(bsc#1217731).
* scsi: lpfc: Eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: Enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: Fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: Introduce LOG_NODE_VERBOSE messaging flag (bsc#1217124).
* scsi: lpfc: Refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: Reject received PRLIs with only initiator fcn role for NPIV
ports (bsc#1217124).
* scsi: lpfc: Remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: Return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: Treat IOERR_SLI_DOWN I/O completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: Update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: Update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: Validate ELS LS_ACC completion payload (bsc#1217124).
* scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: Fix ksft print formats (git-fixes).
* selftests/resctrl: Ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests (git-
fixes).
* selftests/resctrl: Remove duplicate feature check from CMT test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: Revert "serial: exar: Add support for Sealevel 7xxxC serial
cards" (git-fixes).
* serial: meson: Use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: Handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: Fix missing IRQ check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks (git-fixes).
* tty: 8250: Add support for Brainboxes UP cards (git-fixes).
* tty: 8250: Add support for Intashield IS-100 (git-fixes).
* tty: 8250: Add support for Intashield IX cards (git-fixes).
* tty: 8250: Add support for additional Brainboxes PX cards (git-fixes).
* tty: 8250: Add support for additional Brainboxes UC cards (git-fixes).
* tty: 8250: Fix port count of PX-257 (git-fixes).
* tty: 8250: Fix up PX-803/PX-857 (git-fixes).
* tty: 8250: Remove UC-257 and UC-431 (git-fixes).
* tty: Fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard LOCKUP on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: Add check for kstrdup() in vcc_probe() (git-fixes).
* usb: cdnsp: Fix deadlock issue during using NCM gadget (git-fixes).
* usb: chipidea: Fix DMA overwrite for Tegra (git-fixes).
* usb: chipidea: Simplify Tegra DMA alignment code (git-fixes).
* usb: dwc2: fix possible NULL pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc3: Fix default mode initialization (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: Always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
compatibility (git-fixes).
* usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: Do not touch the CE interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple PCI devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix gtk offload status event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: Use FW rate for non-data frames (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize IRQs before NAPI (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of MSDU in A-MSDU calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix EDCA limit set by BT coexistence (git-fixes).
* wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: Add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: Clear SVM feature if disabled by BIOS (bsc#1214700).
* x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
* x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (git-
fixes).
* x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define (git-fixes).
* x86/hyperv: Improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: Make hv_get_nmi_reason public (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/sev: Do not try to parse for the CC blob on non-AMD hardware (git-
fixes).
* x86/sev: Fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: Use the GHCB protocol when available for SNP CPUID requests (git-
fixes).
* x86: Move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert AGF log flags to unsigned (git-fixes).
* xfs: convert AGI log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: make the start pointer passed to btree update_lastrec functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize AG block number formatting in ftrace output (git-fixes).
* xfs: standardize AG number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: Enable RPM on controllers that support low-power states (git-fixes).
* xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-4730=1 openSUSE-SLE-15.5-2023-4730=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2023-4730=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4730=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-4730=1
* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2023-4730=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2023-4730=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2023-4730=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2023-4730=1
## Package List:
* openSUSE Leap 15.5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (noarch)
* kernel-macros-5.14.21-150500.55.39.1
* kernel-source-vanilla-5.14.21-150500.55.39.1
* kernel-devel-5.14.21-150500.55.39.1
* kernel-source-5.14.21-150500.55.39.1
* kernel-docs-html-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (ppc64le x86_64)
* kernel-debug-debugsource-5.14.21-150500.55.39.1
* kernel-debug-debuginfo-5.14.21-150500.55.39.1
* kernel-debug-livepatch-devel-5.14.21-150500.55.39.1
* kernel-debug-devel-5.14.21-150500.55.39.1
* kernel-debug-devel-debuginfo-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (x86_64)
* kernel-default-vdso-5.14.21-150500.55.39.1
* kernel-debug-vdso-5.14.21-150500.55.39.1
* kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.39.1
* kernel-debug-vdso-debuginfo-5.14.21-150500.55.39.1
* kernel-kvmsmall-vdso-5.14.21-150500.55.39.1
* kernel-default-vdso-debuginfo-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* kernel-default-base-rebuild-5.14.21-150500.55.39.1.150500.6.17.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.39.1
* kernel-default-base-5.14.21-150500.55.39.1.150500.6.17.1
* kernel-kvmsmall-devel-5.14.21-150500.55.39.1
* kernel-kvmsmall-debuginfo-5.14.21-150500.55.39.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.39.1
* kernel-kvmsmall-debugsource-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150500.55.39.1
* kernel-obs-build-5.14.21-150500.55.39.1
* cluster-md-kmp-default-5.14.21-150500.55.39.1
* kernel-default-devel-5.14.21-150500.55.39.1
* kernel-default-extra-debuginfo-5.14.21-150500.55.39.1
* gfs2-kmp-default-5.14.21-150500.55.39.1
* ocfs2-kmp-default-5.14.21-150500.55.39.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-livepatch-devel-5.14.21-150500.55.39.1
* kernel-default-extra-5.14.21-150500.55.39.1
* kernel-default-optional-debuginfo-5.14.21-150500.55.39.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kselftests-kmp-default-debuginfo-5.14.21-150500.55.39.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-optional-5.14.21-150500.55.39.1
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-livepatch-5.14.21-150500.55.39.1
* kernel-obs-build-debugsource-5.14.21-150500.55.39.1
* kselftests-kmp-default-5.14.21-150500.55.39.1
* kernel-obs-qa-5.14.21-150500.55.39.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kernel-syms-5.14.21-150500.55.39.1
* reiserfs-kmp-default-5.14.21-150500.55.39.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.39.1
* dlm-kmp-default-5.14.21-150500.55.39.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_39-default-1-150500.11.3.1
* kernel-livepatch-SLE15-SP5_Update_8-debugsource-1-150500.11.3.1
* kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-1-150500.11.3.1
* openSUSE Leap 15.5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.39.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (nosrc)
* dtb-aarch64-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64)
* dtb-apple-5.14.21-150500.55.39.1
* dtb-nvidia-5.14.21-150500.55.39.1
* dtb-freescale-5.14.21-150500.55.39.1
* kernel-64kb-livepatch-devel-5.14.21-150500.55.39.1
* dtb-marvell-5.14.21-150500.55.39.1
* dtb-altera-5.14.21-150500.55.39.1
* dtb-hisilicon-5.14.21-150500.55.39.1
* dtb-rockchip-5.14.21-150500.55.39.1
* dlm-kmp-64kb-5.14.21-150500.55.39.1
* dtb-sprd-5.14.21-150500.55.39.1
* dtb-apm-5.14.21-150500.55.39.1
* dlm-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* kernel-64kb-debugsource-5.14.21-150500.55.39.1
* gfs2-kmp-64kb-5.14.21-150500.55.39.1
* dtb-socionext-5.14.21-150500.55.39.1
* ocfs2-kmp-64kb-5.14.21-150500.55.39.1
* dtb-renesas-5.14.21-150500.55.39.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* dtb-lg-5.14.21-150500.55.39.1
* kernel-64kb-extra-debuginfo-5.14.21-150500.55.39.1
* kernel-64kb-optional-debuginfo-5.14.21-150500.55.39.1
* kselftests-kmp-64kb-5.14.21-150500.55.39.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* dtb-amlogic-5.14.21-150500.55.39.1
* dtb-amazon-5.14.21-150500.55.39.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* cluster-md-kmp-64kb-5.14.21-150500.55.39.1
* kernel-64kb-extra-5.14.21-150500.55.39.1
* dtb-mediatek-5.14.21-150500.55.39.1
* dtb-allwinner-5.14.21-150500.55.39.1
* dtb-cavium-5.14.21-150500.55.39.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.39.1
* kernel-64kb-optional-5.14.21-150500.55.39.1
* dtb-arm-5.14.21-150500.55.39.1
* dtb-broadcom-5.14.21-150500.55.39.1
* dtb-qcom-5.14.21-150500.55.39.1
* reiserfs-kmp-64kb-5.14.21-150500.55.39.1
* dtb-exynos-5.14.21-150500.55.39.1
* kernel-64kb-devel-5.14.21-150500.55.39.1
* dtb-amd-5.14.21-150500.55.39.1
* dtb-xilinx-5.14.21-150500.55.39.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.39.1
* kernel-64kb-debuginfo-5.14.21-150500.55.39.1
* openSUSE Leap 15.5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* kernel-default-base-5.14.21-150500.55.39.1.150500.6.17.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (aarch64)
* kernel-64kb-debugsource-5.14.21-150500.55.39.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.39.1
* kernel-64kb-devel-5.14.21-150500.55.39.1
* kernel-64kb-debuginfo-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150500.55.39.1.150500.6.17.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-default-devel-debuginfo-5.14.21-150500.55.39.1
* kernel-default-devel-5.14.21-150500.55.39.1
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (noarch)
* kernel-devel-5.14.21-150500.55.39.1
* kernel-macros-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.39.1
* Basesystem Module 15-SP5 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.39.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.39.1
* Development Tools Module 15-SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.39.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-syms-5.14.21-150500.55.39.1
* kernel-obs-build-debugsource-5.14.21-150500.55.39.1
* kernel-obs-build-5.14.21-150500.55.39.1
* Development Tools Module 15-SP5 (noarch)
* kernel-source-5.14.21-150500.55.39.1
* Legacy Module 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.39.1
* Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* reiserfs-kmp-default-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* kernel-default-livepatch-5.14.21-150500.55.39.1
* kernel-livepatch-5_14_21-150500_55_39-default-1-150500.11.3.1
* kernel-livepatch-SLE15-SP5_Update_8-debugsource-1-150500.11.3.1
* kernel-default-livepatch-devel-5.14.21-150500.55.39.1
* kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-1-150500.11.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* cluster-md-kmp-default-5.14.21-150500.55.39.1
* dlm-kmp-default-5.14.21-150500.55.39.1
* ocfs2-kmp-default-5.14.21-150500.55.39.1
* gfs2-kmp-default-5.14.21-150500.55.39.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.39.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.39.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.39.1
* SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.39.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* kernel-default-extra-5.14.21-150500.55.39.1
* kernel-default-debuginfo-5.14.21-150500.55.39.1
* kernel-default-debugsource-5.14.21-150500.55.39.1
* kernel-default-extra-debuginfo-5.14.21-150500.55.39.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5633.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1084909
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214700
* https://bugzilla.suse.com/show_bug.cgi?id=1214840
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215123
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1215802
* https://bugzilla.suse.com/show_bug.cgi?id=1215931
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216527
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216687
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216788
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217095
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217147
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217196
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217511
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
1
0
14 Dec '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4734-1
Rating: important
References:
* bsc#1084909
* bsc#1207948
* bsc#1210447
* bsc#1214286
* bsc#1214700
* bsc#1214840
* bsc#1214976
* bsc#1215123
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1215802
* bsc#1215931
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216527
* bsc#1216584
* bsc#1216687
* bsc#1216693
* bsc#1216759
* bsc#1216788
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217095
* bsc#1217124
* bsc#1217140
* bsc#1217147
* bsc#1217195
* bsc#1217196
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217511
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5633
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5633 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves 13 vulnerabilities, contains three features and has 38
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were
handled when they were being used to store a surface (bsc#1216527).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
The following non-security bugs were fixed:
* acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
* acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
* acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
* acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
* alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes).
* alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
* alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes).
* alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes).
* alsa: hda/realtek: add quirks for hp laptops (git-fixes).
* alsa: hda/realtek: add support dual speaker for dell (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
* alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git-
fixes).
* alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
* alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
* alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
* alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
* alsa: info: fix potential deadlock at disconnection (git-fixes).
* alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices
(git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: add cortex-a520 cpu part definition (git-fixes)
* arm64: allow kprobes on el0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass esr_elx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out el1 ssbs emulation hook (git-fixes)
* arm64: report el1 undefs better (git-fixes)
* arm64: rework bti exception handling (git-fixes)
* arm64: rework el0 mrs emulation (git-fixes)
* arm64: rework fpac exception handling (git-fixes)
* arm64: split el0/el1 undef handlers (git-fixes)
* arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* asoc: ams-delta.c: use component after check (git-fixes).
* asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
* asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
* asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not
described (git-fixes).
* asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
* asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
* asoc: rt5650: fix the wrong result of key button (git-fixes).
* asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* asoc: sof: core: ensure sof_ops_free() is still called when probe never ran
(git-fixes).
* asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
* ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
* atl1c: work around the dma rx overflow issue (git-fixes).
* atm: iphase: do pci error checks on own line (git-fixes).
* blk-mq: do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: add device 0bda:887b to device tables (git-fixes).
* bluetooth: add device 13d3:3571 to device tables (git-fixes).
* bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
* bluetooth: btusb: add date->evt_skb is null check (git-fixes).
* bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-
fixes).
* bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-
fixes).
* btrfs: always log symlinks in full mode (bsc#1214840).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -einval on incorrect can id formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
* can: isotp: set max pdu size to 64 kbyte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: fix comment (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
* clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
* clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
* clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
* clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
* clk: sanitize possible_parent_show to handle return value of
of_clk_get_parent_name (git-fixes).
* clk: scmi: free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: change ti_clk_register_omap_hw api (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware
(git-fixes).
* clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes).
* crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
* disable loongson drivers loongson is a mips architecture, it does not make
sense to build loongson drivers on other architectures.
* dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* doc/readme.suse: adjust heading style (jsc#ped-5021) * underscore all
headings as a preparation for markdown conversion. * use title-style
capitalization for the document name and sentence-style capitalization for
section headings, as recommended in the current suse documentation style
guide.
* doc/readme.suse: bring information about compiling up to date (jsc#ped-5021)
* when building the kernel, do not mention to initially change the current
directory to /usr/src/linux because later description discourages it and
specifies to use 'make -c /usr/src/linux'. * avoid writing additional
details in parentheses, incorporate them instead properly in the text. * fix
the obsolete name of /etc/modprobe.d/unsupported-modules ->
/etc/modprobe.d/10-unsupported-modules.conf. * drop a note that a newly
built kernel should be added to the boot manager because that normally
happens automatically when running 'make install'. * update a link to the
kernel module packages manual. * when preparing a build for external
modules, mention use of the upstream recommended 'make modules_prepare'
instead of a pair of 'make prepare' \+ 'make scripts'. * fix some
typos+grammar.
* doc/readme.suse: bring the overview section up to date (jsc#ped-5021) *
update information in the overview section that was no longer accurate. *
improve wording and fix some typos+grammar.
* doc/readme.suse: convert the document to markdown (jsc#ped-5021)
* doc/readme.suse: minor content clean up (jsc#ped-5021) * mark the user's
build directory as a variable, not a command: 'make -c $(your_build_dir)' ->
'make -c $your_build_dir'. * unify how to get the current directory:
'm=$(pwd)' -> 'm=$pwd'. * 'git' / 'git' -> 'git'.
* doc/readme.suse: reflow text to 80-column width (jsc#ped-5021)
* doc/readme.suse: update information about (un)supported modules
(jsc#ped-5021) * update the list of taint flags. convert it to a table that
matches the upstream documentation format and describe specifically flags
that are related to module support status. * fix some typos and wording.
* doc/readme.suse: update information about config files (jsc#ped-5021) * use
version variables to describe a name of the /boot/config-... file instead of
using specific example versions which get outdated quickly. * replace
removed silentoldconfig with oldconfig. * mention that oldconfig can
automatically pick a base config from "/boot/config-$(uname -r)". * avoid
writing additional details in parentheses, incorporate them instead properly
in the text.
* doc/readme.suse: update information about custom patches (jsc#ped-5021) *
replace mention of various patches.* directories with only patches.suse as
the typical location for patches. * replace i386 with x86_64 in the example
how to define a config addon. * fix some typos and wording.
* doc/readme.suse: update information about dud (jsc#ped-5021) remove a dead
link to description of device update disks found previously on novell.com.
replace it with a short section summarizing what dud is and reference the
mkdud + mksusecd tools and their documentation for more information.
* doc/readme.suse: update information about module paths (jsc#ped-5021) * use
version variables to describe names of the
/lib/modules/$version-$release-$flavor/... directories instead of using
specific example versions which get outdated quickly. * note: keep the
/lib/modules/ prefix instead of using the new /usr/lib/modules/ location for
now. the updated readme is expected to be incorporated to various branches
that are not yet usrmerged.
* doc/readme.suse: update the references list (jsc#ped-5021) * remove the
reference to linux documentation project. it has been inactive for years and
mostly contains old manuals that are not relevant for contemporary systems
and hardware. * update the name and link to lwn.net. the original name
"linux weekly news" has been deemphasized over time by its authors. * update
the link to kernel newbies website. * update the reference to the linux
kernel module programming guide. the document has not been updated for over
a decade but it looks its content is still relevant for today. * point
kernel module packages manual to the current version. * add a reference to
suse soliddriver program.
* doc/readme.suse: update title information (jsc#ped-5021) * drop the mention
of kernel versions from the readme title. * remove information about the
original authors of the document. rely as in case of other readmes on git
metadata to get information about all contributions. * strip the table of
contents. the document is short and easy to navigate just by scrolling
through it.
* docs: net: move the probe and open/close sections of driver.rst up
(bsc#1215458).
* docs: net: reformat driver.rst from a list to sections (bsc#1215458).
* docs: net: use c syntax highlight in driver.rst (bsc#1215458).
* documentation: networking: correct possessive "its" (bsc#1215458).
* drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-
fixes).
* drm/amd/display: avoid null dereference of timing generator (git-fixes).
* drm/amd/display: change the dmcub mailbox memory location from fb to inbox
(git-fixes).
* drm/amd/display: refactor dm_get_plane_scale helper (git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
* drm/amd: disable aspm for vi w/ all intel systems (git-fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-
fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
* drm/amd: move helper for dynamic speed switch check out of smu13 (git-
fixes).
* drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes).
* drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802).
* drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-
fixes).
* drm/amdgpu: do not use atrm for external devices (git-fixes).
* drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null
(git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes).
* drm/amdgpu: remove unnecessary domain argument (git-fixes).
* drm/amdgpu: reserve fences for vm update (git-fixes).
* drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802).
* drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: tc358768: clean up clock period code (git-fixes).
* drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: fix bit updates (git-fixes).
* drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes).
* drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
* drm/bridge: tc358768: print logical values, not raw register values (git-
fixes).
* drm/bridge: tc358768: remove unused variable (git-fixes).
* drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes).
* drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes).
* drm/bridge: tc358768: use struct videomode (git-fixes).
* drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git-
fixes).
* drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes).
* drm/gud: use size_add() in call to struct_size() (git-fixes).
* drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
* drm/i915: fix potential spectre vulnerability (git-fixes).
* drm/i915: flush wc ggtt only on required platforms (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: fix iommu fault by swapping fbs after updating plane state
(git-fixes).
* drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: create devm device attachment (git-fixes).
* drm/mipi-dsi: create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
* drm/msm/dsi: free tx buffer in unbind (git-fixes).
* drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
* drm/panel: st7703: pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: fix a possible null pointer dereference (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-
fixes).
* drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
* drm/ttm: reorder sys manager cleanup step (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527)
* drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527)
* drm: bridge: it66121: fix invalid connector dereference (git-fixes).
* drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* ensure ia32_emulation is always enabled for kernel-obs-build if
ia32_emulation is disabled by default, ensure it is enabled back for obs
kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the
parameter, no need to grep through the config which may not be very
reliable]
* fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes).
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: omapfb: drop unused remove function (git-fixes).
* fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git-
fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-
fixes).
* fix termination state for idr_for_each_entry_ul() (git-fixes).
* fix x86/mm: print the encryption features in hyperv is disabled
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* gpu: host1x: correct allocated size for contexts (git-fixes).
* hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
* hid: cp2112: fix duplicate workqueue initialization (git-fixes).
* hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
* hid: hyperv: remove unused struct synthhid_msg (git-fixes).
* hid: hyperv: replace one-element array with flexible-array member (git-
fixes).
* hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* hid: logitech-hidpp: do not restart io, instead defer hid_connect() only
(git-fixes).
* hid: logitech-hidpp: move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
* hid: logitech-hidpp: revert "do not restart communication if not necessary"
(git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
* hv_netvsc: fix race of register_netdevice_notifier and vf register (git-
fixes).
* hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
* hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
* i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: disable tx_empty irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
* i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
* i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-
fixes).
* i3c: master: svc: fix wrong data return when ibi happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and mac filter support (bsc#1215458).
* idpf: add rx splitq napi poll support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: add sriov support and other ndo_ops (bsc#1215458).
* idpf: add tx splitq napi poll support (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for rx queues (bsc#1215458).
* idpf: configure resources for tx queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-
fixes).
* iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds
(git-fixes).
* iio: exynos-adc: request second interupt only when touchscreen mode is used
(git-fixes).
* input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-
fixes).
* input: xpad - add vid for turtle beach controllers (git-fixes).
* irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
* kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is
built since sle15-sp3 but it is not shipped as part of any sle product, only
in leap (in kernel-*-optional).
* kernel-binary: suse-module-tools is also required when installed
requires(pre) adds dependency for the specific sciptlet. however, suse-
module-tools also ships modprobe.d files which may be needed at posttrans
time or any time the kernel is on the system for generating ramdisk. add
plain requires as well.
* kernel-source: move provides after sources
* leds: pwm: do not disable the pwm when the led should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: do not use smbus calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: correctly initialise try compose rectangle (git-fixes).
* media: ccs: fix driver quirk struct documentation (git-fixes).
* media: cedrus: fix clock/reset sequence (git-fixes).
* media: cobalt: use field_get() to extract link width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-
fixes).
* mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: fix double put in dln2_probe (git-fixes).
* misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
* misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237,
git-fixes).
* mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
* mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
* mmc: block: retry commands in cqe error recovery (git-fixes).
* mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
* mmc: cqhci: increase recovery halt timeout (git-fixes).
* mmc: cqhci: warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
* mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-
fixes).
* mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-
fixes).
* mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee module_device_table built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: byte swap otp info (git-fixes).
* mtd: rawnand: arasan: include ecc syndrome along with in-band data while
checking for ecc failure (git-fixes).
* net-memcg: fix scope of sockmem pressure indicators (bsc#1216759).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: avoid address overwrite in kernel_connect (bsc#1216861).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: ieee802154: adf7242: fix some potential buffer overflow in
adf7242_stats_show() (git-fixes).
* net: mana: fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-
fixes).
* nfs: fix access to page->mapping (bsc#1216788).
* nvme: update firmware version after commit (bsc#1215292).
* pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes).
* pci/sysfs: protect driver's d3cold preference from user space (git-fixes).
* pci: disable ats for specific intel ipu e2000 devices (bsc#1215458).
* pci: extract ats disabling to a helper function (bsc#1215458).
* pci: exynos: do not discard .remove() callback (git-fixes).
* pci: keystone: do not discard .probe() callback (git-fixes).
* pci: keystone: do not discard .remove() callback (git-fixes).
* pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-
fixes).
* pci: tegra194: use field_get()/field_prep() with link width fields (git-
fixes).
* pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes).
* pci: use field_get() to extract link width (git-fixes).
* pci: vmd: correct pci header type register's multi-function check (git-
fixes).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86/intel-uncore-freq: return error on write frequency
(bsc#1217147).
* platform/x86/intel-uncore-freq: split common and enumeration part
(bsc#1217147).
* platform/x86/intel-uncore-freq: support for cluster level controls
(bsc#1217147).
* platform/x86/intel-uncore-freq: tpmi: provide cluster level control
(bsc#1217147).
* platform/x86/intel-uncore-freq: uncore frequency control via tpmi
(bsc#1217147).
* platform/x86/intel/tpmi: add tpmi external interface for tpmi feature
drivers (bsc#1217147).
* platform/x86/intel/tpmi: fix double free reported by smatch (bsc#1217147).
* platform/x86/intel/tpmi: process cpu package mapping (bsc#1217147).
* platform/x86/intel/uncore-freq: display uncore current frequency
(bsc#1217147).
* platform/x86/intel/uncore-freq: move to uncore-frequency folder
(bsc#1217147).
* platform/x86/intel/uncore-freq: use sysfs api to create attributes
(bsc#1217147).
* platform/x86/intel/vsec: add tpmi id (bsc#1217147).
* platform/x86/intel/vsec: enhance and export intel_vsec_add_aux()
(bsc#1217147).
* platform/x86/intel/vsec: support private data (bsc#1217147).
* platform/x86/intel/vsec: use mutex for ida_alloc() and ida_free()
(bsc#1217147).
* platform/x86/intel: intel tpmi enumeration driver (bsc#1217147).
* platform/x86/intel: tpmi: fix double free in tpmi_create_device()
(bsc#1217147).
* platform/x86: intel-uncore-freq: add client processors (bsc#1217147).
* platform/x86: intel-uncore-freq: conditionally create attribute for read
frequency (bsc#1217147).
* platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes
(bsc#1217147).
* platform/x86: intel-uncore-freq: prevent driver loading in guests
(bsc#1217147).
* platform/x86: intel-uncore-freq: use sysfs_emit() to instead of scnprintf()
(bsc#1217147).
* platform/x86: intel-uncore-frequency: move to intel sub-directory
(bsc#1217147).
* platform/x86: intel-uncore-frequency: use default_groups in kobj_type
(bsc#1217147).
* platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-
fixes).
* platform/x86: wmi: fix opening of char device (git-fixes).
* platform/x86: wmi: fix probe failure when failing to register wmi devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes).
* pm: hibernate: use __get_safe_page() rather than touching the list (git-
fixes).
* powerpc/perf/hv-24x7: update domain value check (bsc#1215931).
* powerpc/vas: limit open window failure messages in log bufffer (bsc#1216687
ltc#203927).
* powerpc: do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes).
* pwm: fix double shift bug (git-fixes).
* pwm: sti: reduce number of allocations and drop usage of chip_data (git-
fixes).
* r8152: cancel hw_phy_work if we have an error in probe (git-fixes).
* r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: check for unplug in rtl_phy_patch_request() (git-fixes).
* r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes).
* r8152: release firmware if we have an error in probe (git-fixes).
* r8152: run the unload routine if we have errors during probe (git-fixes).
* regmap: debugfs: fix a erroneous check after snprintf() (git-fixes).
* regmap: ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* revert "i2c: pxa: move to generic gpio recovery" (git-fixes).
* revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes).
* revert "tracing: fix warning in trace_buffered_event_disable()"
(bsc#1217036)
* rpm/check-for-config-changes: add as_wruss to ignored_configs_re add
as_wruss as an ignored_configs_re entry in check-for-config-changes to fix
build on x86_32. there was a fix submitted to upstream but it was not
accepted:
https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.loc…
so carry this in ignored_configs_re instead.
* rpm/check-for-config-changes: add have_shadow_call_stack to
ignored_configs_re not supported by our compiler.
* rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage
* run scripts/renamepatches for sle15-sp4
* s390/ap: fix ap bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (ltc#203997
bsc#1217086).
* s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for erp requests (git-fixes
bsc#1217598).
* s390/ipl: add missing ipl_type_eckd_dump case to ipl_init() (git-fixes
bsc#1217511).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(ltc#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(ltc#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix ptrace_get_last_break error handling (git-fixes
bsc#1217599).
* sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196).
* sbitmap: fix up kabi for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196).
* sbsa_gwdt: calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: correct maximum pci function value for ras fw logging
(bsc#1217731).
* scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124).
* scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: reject received prlis with only initiator fcn role for npiv
ports (bsc#1217124).
* scsi: lpfc: remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: validate els ls_acc completion payload (bsc#1217124).
* scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: use field_get() to extract pcie capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: fix ksft print formats (git-fixes).
* selftests/resctrl: ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-
fixes).
* selftests/resctrl: remove duplicate feature check from cmt test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial
cards" (git-fixes).
* serial: meson: use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* treewide: spelling fix in comment (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes).
* tty: 8250: add support for additional brainboxes px cards (git-fixes).
* tty: 8250: add support for additional brainboxes uc cards (git-fixes).
* tty: 8250: add support for brainboxes up cards (git-fixes).
* tty: 8250: add support for intashield is-100 (git-fixes).
* tty: 8250: add support for intashield ix cards (git-fixes).
* tty: 8250: fix port count of px-257 (git-fixes).
* tty: 8250: fix up px-803/px-857 (git-fixes).
* tty: 8250: remove uc-257 and uc-431 (git-fixes).
* tty: fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard lockup on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes).
* update metadata patches.suse/s390-ipl-add-missing-secure-has_secure-file-to-
ipl-type-unknown (bsc#1214976 git-fixes).
* usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes).
* usb: chipidea: fix dma overwrite for tegra (git-fixes).
* usb: chipidea: simplify tegra dma alignment code (git-fixes).
* usb: dwc2: fix possible null pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc2: write hcint with intmask applied (bsc#1214286).
* usb: dwc3: fix default mode initialization (git-fixes).
* usb: dwc3: qcom: fix acpi platform device leak (git-fixes).
* usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* usb: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: serial: option: add fibocom l7xx modules (git-fixes).
* usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes).
* usb: serial: option: fix fm101r-gl defines (git-fixes).
* usb: storage: set 1.50 as the lower bcddevice for older "super top"
compatibility (git-fixes).
* usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: skip hard reset when in error recovery (git-fixes).
* usb: usbip: fix stub_dev hub disconnect (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: do not touch the ce interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix gtk offload status event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes).
* wifi: iwlwifi: use fw rate for non-data frames (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes).
* wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: clear svm feature if disabled by bios (bsc#1214700).
* x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes).
* x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-
fixes).
* x86/hyperv: add hv_expose_invariant_tsc define (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: make hv_get_nmi_reason public (git-fixes).
* x86/sev: do not try to parse for the cc blob on non-amd hardware (git-
fixes).
* x86/sev: fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: use the ghcb protocol when available for snp cpuid requests (git-
fixes).
* x86: move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert agf log flags to unsigned (git-fixes).
* xfs: convert agi log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize ag block number formatting in ftrace output (git-fixes).
* xfs: standardize ag number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes).
* xhci: enable rpm on controllers that support low-power states (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-4734=1 openSUSE-SLE-15.5-2023-4734=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-4734=1
## Package List:
* openSUSE Leap 15.5 (aarch64 x86_64)
* kernel-azure-debuginfo-5.14.21-150500.33.26.1
* reiserfs-kmp-azure-5.14.21-150500.33.26.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.26.1
* ocfs2-kmp-azure-5.14.21-150500.33.26.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.26.1
* gfs2-kmp-azure-5.14.21-150500.33.26.1
* kselftests-kmp-azure-5.14.21-150500.33.26.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* cluster-md-kmp-azure-5.14.21-150500.33.26.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* kernel-azure-debugsource-5.14.21-150500.33.26.1
* kernel-azure-optional-5.14.21-150500.33.26.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* dlm-kmp-azure-5.14.21-150500.33.26.1
* kernel-azure-devel-5.14.21-150500.33.26.1
* kernel-syms-azure-5.14.21-150500.33.26.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.26.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.26.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.26.1
* kernel-azure-extra-5.14.21-150500.33.26.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.26.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.26.1
* kernel-azure-vdso-5.14.21-150500.33.26.1
* openSUSE Leap 15.5 (noarch)
* kernel-devel-azure-5.14.21-150500.33.26.1
* kernel-source-azure-5.14.21-150500.33.26.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.26.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-syms-azure-5.14.21-150500.33.26.1
* kernel-azure-debuginfo-5.14.21-150500.33.26.1
* kernel-azure-debugsource-5.14.21-150500.33.26.1
* kernel-azure-devel-5.14.21-150500.33.26.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.26.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-devel-azure-5.14.21-150500.33.26.1
* kernel-source-azure-5.14.21-150500.33.26.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5633.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1084909
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214700
* https://bugzilla.suse.com/show_bug.cgi?id=1214840
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215123
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1215802
* https://bugzilla.suse.com/show_bug.cgi?id=1215931
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216527
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216687
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216788
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217095
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217147
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217196
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217511
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
1
0
14 Dec '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4731-1
Rating: important
References:
* bsc#1084909
* bsc#1189998
* bsc#1210447
* bsc#1214286
* bsc#1214976
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216584
* bsc#1216693
* bsc#1216759
* bsc#1216761
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217124
* bsc#1217140
* bsc#1217195
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Real Time Module 15-SP4
An update that solves 12 vulnerabilities, contains three features and has 28
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
The following non-security bugs were fixed:
* ACPI: FPDT: properly handle invalid FPDT subtables (git-fixes).
* ACPI: resource: Do IRQ override on TongFang GMxXGxx (git-fixes).
* ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (git-fixes).
* ACPI: sysfs: Fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* ALSA: hda/realtek - Add Dell ALC295 to pin fall back table (git-fixes).
* ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (git-fixes).
* ALSA: hda/realtek: Add quirks for HP Laptops (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP 255 G10 (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP 255 G8 (git-fixes).
* ALSA: hda: Disable power-save on KONTRON SinglePC (bsc#1217140).
* ALSA: hda: Fix possible null-ptr-deref when assigning a stream (git-fixes).
* ALSA: hda: cs35l41: Fix unbalanced pm_runtime_get() (git-fixes).
* ALSA: hda: cs35l41: Undo runtime PM changes at driver exit time (git-fixes).
* ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection (git-fixes).
* ALSA: info: Fix potential deadlock at disconnection (git-fixes).
* ARM: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* ASoC: Intel: Skylake: Fix mem leak when parsing UUIDs fails (git-fixes).
* ASoC: ams-delta.c: use component after check (git-fixes).
* ASoC: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* ASoC: cs35l41: Undo runtime PM changes at driver exit time (git-fixes).
* ASoC: cs35l41: Verify PM runtime resume errors in IRQ handler (git-fixes).
* ASoC: fsl: Fix PM disable depth imbalance in fsl_easrc_probe (git-fixes).
* ASoC: fsl: mpc5200_dma.c: Fix warning of Function parameter or member not
described (git-fixes).
* ASoC: hdmi-codec: register hpd callback on component probe (git-fixes).
* ASoC: rt5650: fix the wrong result of key button (git-fixes).
* ASoC: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (git-fixes).
* Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (git-fixes).
* Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (git-
fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (git-
fixes).
* Bluetooth: btusb: Add date->evt_skb is NULL check (git-fixes).
* Disable Loongson drivers Loongson is a mips architecture, it does not make
sense to build Loongson drivers on other architectures.
* Documentation: networking: correct possessive "its" (bsc#1215458).
* Drivers: hv: vmbus: Remove unused extern declaration vmbus_ontimer() (git-
fixes).
* Ensure ia32_emulation is always enabled for kernel-obs-build If
ia32_emulation is disabled by default, ensure it is enabled back for OBS
kernel to allow building 32bit binaries (jsc#PED-3184) [ms: Always pass the
parameter, no need to grep through the config which may not be very
reliable]
* Fix termination state for idr_for_each_entry_ul() (git-fixes).
* HID: Add quirk for Dell Pro Wireless Keyboard and Mouse KM5221W (git-fixes).
* HID: hyperv: Replace one-element array with flexible-array member (git-
fixes).
* HID: hyperv: avoid struct memcpy overrun warning (git-fixes).
* HID: hyperv: remove unused struct synthhid_msg (git-fixes).
* HID: lenovo: Detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* HID: logitech-hidpp: Do not restart IO, instead defer hid_connect() only
(git-fixes).
* HID: logitech-hidpp: Move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* HID: logitech-hidpp: Remove HIDPP_QUIRK_NO_HIDINPUT quirk (git-fixes).
* HID: logitech-hidpp: Revert "Do not restart communication if not necessary"
(git-fixes).
* Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport (git-
fixes).
* Input: xpad - add VID for Turtle Beach controllers (git-fixes).
* PCI/ASPM: Fix L1 substate handling in aspm_attr_store_common() (git-fixes).
* PCI/sysfs: Protect driver's D3cold preference from user space (git-fixes).
* PCI: Disable ATS for specific Intel IPU E2000 devices (bsc#1215458).
* PCI: Extract ATS disabling to a helper function (bsc#1215458).
* PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git-
fixes).
* PCI: Use FIELD_GET() in Sapphire RX 5600 XT Pulse quirk (git-fixes).
* PCI: Use FIELD_GET() to extract Link Width (git-fixes).
* PCI: exynos: Do not discard .remove() callback (git-fixes).
* PCI: keystone: Do not discard .probe() callback (git-fixes).
* PCI: keystone: Do not discard .remove() callback (git-fixes).
* PCI: tegra194: Use FIELD_GET()/FIELD_PREP() with Link Width fields (git-
fixes).
* PM / devfreq: rockchip-dfi: Make pmu regmap mandatory (git-fixes).
* PM: hibernate: Use __get_safe_page() rather than touching the list (git-
fixes).
* USB: dwc2: write HCINT with INTMASK applied (bsc#1214286).
* USB: dwc3: qcom: fix ACPI platform device leak (git-fixes).
* USB: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* USB: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* USB: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* USB: serial: option: add Fibocom L7xx modules (git-fixes).
* USB: serial: option: add Luat Air72*U series products (git-fixes).
* USB: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
* USB: serial: option: fix FM101R-GL defines (git-fixes).
* USB: usbip: fix stub_dev hub disconnect (git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: Add Cortex-A520 CPU part definition (git-fixes)
* arm64: allow kprobes on EL0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass ESR_ELx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out EL1 SSBS emulation hook (git-fixes)
* arm64: report EL1 UNDEFs better (git-fixes)
* arm64: rework BTI exception handling (git-fixes)
* arm64: rework EL0 MRS emulation (git-fixes)
* arm64: rework FPAC exception handling (git-fixes)
* arm64: split EL0/EL1 UNDEF handlers (git-fixes)
* ata: pata_isapnp: Add missing error check for devm_ioport_map() (git-fixes).
* atl1c: Work around the DMA RX overflow issue (git-fixes).
* atm: iphase: Do PCI error checks on own line (git-fixes).
* blk-mq: Do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: Add device 0bda:887b to device tables (git-fixes).
* bluetooth: Add device 13d3:3571 to device tables (git-fixes).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is OK (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize CAN ID checks in isotp_bind() (git-fixes).
* can: isotp: set max PDU size to 64 kByte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: Fix comment (git-fixes).
* clk: Sanitize possible_parent_show to Handle Return Value of
of_clk_get_parent_name (git-fixes).
* clk: imx: Select MXC_CLK for CLK_IMX8QXP (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: Fix elcdif_pll clock (git-fixes).
* clk: keystone: pll: fix a couple NULL vs IS_ERR() checks (git-fixes).
* clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: Fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: Fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config IPQ_APSS_6018 should depend on QCOM_SMEM (git-fixes).
* clk: qcom: gcc-sm8150: Fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: Do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: Fix the SMMU GDSC (git-fixes).
* clk: scmi: Free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: Add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: Update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: Update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* clk: ti: change ti_clk_register_omap_hw API (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* crypto: caam/jr - fix Chacha20 + Poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix Chacha20 + Poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - Fix a erroneous check after snprintf() (git-fixes).
* dmaengine: pxa_dma: Remove an erroneous BUG_ON() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* docs: net: move the probe and open/close sections of driver.rst up
(bsc#1215458).
* docs: net: reformat driver.rst from a list to sections (bsc#1215458).
* docs: net: use C syntax highlight in driver.rst (bsc#1215458).
* drm/amd/display: Avoid NULL dereference of timing generator (git-fixes).
* drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
(git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: Handle non-terminated overdrive commands (git-fixes).
* drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (git-
fixes).
* drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (git-fixes).
* drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
(git-fixes).
* drm/amdgpu: Fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: do not use ATRM for external devices (git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdkfd: Fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: Fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: Fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: Add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: Fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: Fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: Manually disable HPD only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: Register and attach our DSI device at probe (git-
fixes).
* drm/bridge: lt8912b: Switch to devm MIPI-DSI helpers (git-fixes).
* drm/bridge: lt9611uxc: Register and attach our DSI device at probe (git-
fixes).
* drm/bridge: lt9611uxc: Switch to devm MIPI-DSI helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: tc358768: Disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: Fix bit updates (git-fixes).
* drm/bridge: tc358768: Fix use of uninitialized variable (git-fixes).
* drm/gud: Use size_add() in call to struct_size() (git-fixes).
* drm/i915/pmu: Check if pmu is closed before stopping event (git-fixes).
* drm/i915: Fix potential spectre vulnerability (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: Fix iommu fault by swapping FBs after updating plane state
(git-fixes).
* drm/mediatek: Fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: Create devm device attachment (git-fixes).
* drm/mipi-dsi: Create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for DP CTS EDID checksum (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (git-fixes).
* drm/panel: simple: Fix Innolux G101ICE-L01 timings (git-fixes).
* drm/panel: st7703: Pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: Fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: cdn-dp: Fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: vop: Fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (git-
fixes).
* drm/rockchip: vop: Fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_AVAILABLE (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: Fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: Release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: omapfb: Drop unused remove function (git-fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels() (git-
fixes).
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* hid: cp2112: Fix duplicate workqueue initialization (git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: Fix race of register_netdevice_notifier and VF register (git-
fixes).
* hv_netvsc: Mark VF as slave before exposing it to user-mode (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and VF register_netdevice (git-fixes).
* hwmon: (coretemp) Fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: aspeed: Fix i2c bus hang in slave read (git-fixes).
* i2c: core: Run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: Disable TX_EMPTY irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: stm32f7: Fix PEC handling in case of SMBUS transfers (git-fixes).
* i2c: sun6i-p2wi: Prevent potential division by zero (git-fixes).
* i3c: Fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: Fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data (git-
fixes).
* i3c: master: svc: fix SDA keep low when polling IBIWON timeout happen (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix wrong data return when IBI happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: Fix NULL deref bugs with drm_dbg() calls (git-fixes).
* idpf: add RX splitq napi poll support (bsc#1215458).
* idpf: add SRIOV support and other ndo_ops (bsc#1215458).
* idpf: add TX splitq napi poll support (bsc#1215458).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and MAC filter support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for RX queues (bsc#1215458).
* idpf: configure resources for TX queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale (git-
fixes).
* iio: adc: xilinx-xadc: Do not clobber preset voltage/temperature thresholds
(git-fixes).
* iio: exynos-adc: request second interupt only when touchscreen mode is used
(git-fixes).
* irqchip/stm32-exti: add missing DT IRQ flag translation (git-fixes).
* kabi/severities: ignore kabi in rxrpc (bsc#1210447) The rxrpc module is
built since SLE15-SP3 but it is not shipped as part of any SLE product, only
in Leap (in kernel-*-optional).
* kernel-binary: suse-module-tools is also required when installed
Requires(pre) adds dependency for the specific sciptlet. However, suse-
module-tools also ships modprobe.d files which may be needed at posttrans
time or any time the kernel is on the system for generating ramdisk. Add
plain Requires as well.
* kernel-source: Move provides after sources
* kernel/fork: beware of __put_task_struct() calling context (bsc#1189998
(PREEMPT_RT prerequisite backports)).
* kernel/fork: beware of __put_task_struct() calling context (bsc#1216761).
* leds: pwm: Do not disable the PWM when the LED should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: Fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: Do not use SMBUS calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: Correctly initialise try compose rectangle (git-fixes).
* media: ccs: Fix driver quirk struct documentation (git-fixes).
* media: cedrus: Fix clock/reset sequence (git-fixes).
* media: cobalt: Use FIELD_GET() to extract Link Width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: Fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: Fix VFE-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: Fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: Fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: Fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: Drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: Add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: Add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: Add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: Set pdata.hpdet_channel for ACPI enumerated devs (git-
fixes).
* mfd: core: Ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: Fix double put in dln2_probe (git-fixes).
* misc: fastrpc: Clean buffers on remote invocation failures (git-fixes).
* misc: pci_endpoint_test: Add Device ID for R-Car S4-8 PCIe controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#PED-7237,
git-fixes).
* mmc: block: Be sure to wait while busy in CQE error recovery (git-fixes).
* mmc: block: Do not lose cache flush during CQE error recovery (git-fixes).
* mmc: block: Retry commands in CQE error recovery (git-fixes).
* mmc: cqhci: Fix task clearing in CQE error recovery (git-fixes).
* mmc: cqhci: Increase recovery halt timeout (git-fixes).
* mmc: cqhci: Warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: Remove setting of CMD_CFG_ERROR (git-fixes).
* mmc: sdhci-pci-gli: A workaround to allow GL9750 to enter ASPM L1.2 (git-
fixes).
* mmc: sdhci-pci-gli: GL9750: Mask the replay timer timeout of AER (git-
fixes).
* mmc: sdhci_am654: fix start loop index for TAP value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee MODULE_DEVICE_TABLE built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: Byte swap OTP info (git-fixes).
* mtd: rawnand: arasan: Include ECC syndrome along with in-band data while
checking for ECC failure (git-fixes).
* net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759).
* net: Avoid address overwrite in kernel_connect (bsc#1216861).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: ieee802154: adf7242: Fix some potential buffer overflow in
adf7242_stats_show() (git-fixes).
* net: mana: Fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg (git-
fixes).
* nvme: update firmware version after commit (bsc#1215292).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86: thinkpad_acpi: Add battery quirk for Thinkpad X120e (git-
fixes).
* platform/x86: wmi: Fix opening of char device (git-fixes).
* platform/x86: wmi: Fix probe failure when failing to register WMI devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* powerpc: Do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: Fix double shift bug (git-fixes).
* pwm: brcmstb: Utilize appropriate clock APIs in suspend/resume (git-fixes).
* pwm: sti: Reduce number of allocations and drop usage of chip_data (git-
fixes).
* r8152: Cancel hw_phy_work if we have an error in probe (git-fixes).
* r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: Check for unplug in rtl_phy_patch_request() (git-fixes).
* r8152: Increase USB control msg timeout to 5000ms as per spec (git-fixes).
* r8152: Release firmware if we have an error in probe (git-fixes).
* r8152: Run the unload routine if we have errors during probe (git-fixes).
* regmap: Ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: debugfs: Fix a erroneous check after snprintf() (git-fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* s390/ap: fix AP bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of DAT pages (LTC#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (LTC#203997
bsc#1217086).
* s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes LTC#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for ERP requests (git-fixes
bsc#1217598).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(LTC#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(LTC#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes
bsc#1217599).
* sbsa_gwdt: Calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: Copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: Correct maximum PCI function value for RAS fw logging
(bsc#1217731).
* scsi: lpfc: Eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: Enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: Fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: Introduce LOG_NODE_VERBOSE messaging flag (bsc#1217124).
* scsi: lpfc: Refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: Reject received PRLIs with only initiator fcn role for NPIV
ports (bsc#1217124).
* scsi: lpfc: Remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: Return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: Treat IOERR_SLI_DOWN I/O completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: Update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: Update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: Validate ELS LS_ACC completion payload (bsc#1217124).
* scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: Fix ksft print formats (git-fixes).
* selftests/resctrl: Ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: Reduce failures due to outliers in MBA/MBM tests (git-
fixes).
* selftests/resctrl: Remove duplicate feature check from CMT test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: Revert "serial: exar: Add support for Sealevel 7xxxC serial
cards" (git-fixes).
* serial: meson: Use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: Handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: Fix missing IRQ check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* treewide: Spelling fix in comment (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks (git-fixes).
* tty: 8250: Add support for Brainboxes UP cards (git-fixes).
* tty: 8250: Add support for Intashield IS-100 (git-fixes).
* tty: 8250: Add support for Intashield IX cards (git-fixes).
* tty: 8250: Add support for additional Brainboxes PX cards (git-fixes).
* tty: 8250: Add support for additional Brainboxes UC cards (git-fixes).
* tty: 8250: Fix port count of PX-257 (git-fixes).
* tty: 8250: Fix up PX-803/PX-857 (git-fixes).
* tty: 8250: Remove UC-257 and UC-431 (git-fixes).
* tty: Fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard LOCKUP on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: Add check for kstrdup() in vcc_probe() (git-fixes).
* usb: cdnsp: Fix deadlock issue during using NCM gadget (git-fixes).
* usb: chipidea: Fix DMA overwrite for Tegra (git-fixes).
* usb: chipidea: Simplify Tegra DMA alignment code (git-fixes).
* usb: dwc2: fix possible NULL pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc3: Fix default mode initialization (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: Always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: storage: set 1.50 as the lower bcdDevice for older "Super Top"
compatibility (git-fixes).
* usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: Do not touch the CE interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple PCI devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: Use FW rate for non-data frames (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize IRQs before NAPI (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of MSDU in A-MSDU calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix EDCA limit set by BT coexistence (git-fixes).
* wifi: rtw88: debug: Fix the NULL vs IS_ERR() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: Add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
* x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (git-
fixes).
* x86/hyperv: Add HV_EXPOSE_INVARIANT_TSC define (git-fixes).
* x86/hyperv: Improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: Make hv_get_nmi_reason public (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/sev: Do not try to parse for the CC blob on non-AMD hardware (git-
fixes).
* x86/sev: Fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: Use the GHCB protocol when available for SNP CPUID requests (git-
fixes).
* x86: Move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert AGF log flags to unsigned (git-fixes).
* xfs: convert AGI log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: make the start pointer passed to btree update_lastrec functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize AG block number formatting in ftrace output (git-fixes).
* xfs: standardize AG number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: Enable RPM on controllers that support low-power states (git-fixes).
* xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-4731=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2023-4731=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-4731=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-4731=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-4731=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-4731=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-4731=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-4731=1
* SUSE Real Time Module 15-SP4
zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2023-4731=1
## Package List:
* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* openSUSE Leap Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* openSUSE Leap Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* openSUSE Leap 15.4 (x86_64)
* cluster-md-kmp-rt-5.14.21-150400.15.62.1
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* ocfs2-kmp-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* kernel-syms-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.62.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* gfs2-kmp-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-debugsource-5.14.21-150400.15.62.1
* kernel-rt-devel-5.14.21-150400.15.62.1
* kernel-rt_debug-devel-5.14.21-150400.15.62.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-devel-debuginfo-5.14.21-150400.15.62.1
* dlm-kmp-rt-5.14.21-150400.15.62.1
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* openSUSE Leap 15.4 (noarch)
* kernel-source-rt-5.14.21-150400.15.62.1
* kernel-devel-rt-5.14.21-150400.15.62.1
* openSUSE Leap 15.4 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150400.15.62.1
* kernel-rt-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
* kernel-livepatch-5_14_21-150400_15_62-rt-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_62-rt-debuginfo-1-150400.1.3.1
* kernel-livepatch-SLE15-SP4-RT_Update_16-debugsource-1-150400.1.3.1
* SUSE Real Time Module 15-SP4 (x86_64)
* cluster-md-kmp-rt-5.14.21-150400.15.62.1
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debuginfo-5.14.21-150400.15.62.1
* ocfs2-kmp-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-debugsource-5.14.21-150400.15.62.1
* kernel-syms-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.62.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* gfs2-kmp-rt-5.14.21-150400.15.62.1
* kernel-rt_debug-debugsource-5.14.21-150400.15.62.1
* kernel-rt-devel-5.14.21-150400.15.62.1
* kernel-rt_debug-devel-5.14.21-150400.15.62.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* kernel-rt-devel-debuginfo-5.14.21-150400.15.62.1
* dlm-kmp-rt-5.14.21-150400.15.62.1
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.62.1
* SUSE Real Time Module 15-SP4 (noarch)
* kernel-source-rt-5.14.21-150400.15.62.1
* kernel-devel-rt-5.14.21-150400.15.62.1
* SUSE Real Time Module 15-SP4 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150400.15.62.1
* kernel-rt-5.14.21-150400.15.62.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1084909
* https://bugzilla.suse.com/show_bug.cgi?id=1189998
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216761
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
1
0
14 Dec '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4732-1
Rating: important
References:
* bsc#1207948
* bsc#1210447
* bsc#1212649
* bsc#1214286
* bsc#1214700
* bsc#1214840
* bsc#1214976
* bsc#1215095
* bsc#1215123
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1215802
* bsc#1215931
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216527
* bsc#1216584
* bsc#1216621
* bsc#1216687
* bsc#1216693
* bsc#1216759
* bsc#1216761
* bsc#1216788
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217095
* bsc#1217124
* bsc#1217140
* bsc#1217147
* bsc#1217195
* bsc#1217196
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217511
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-3777
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46813
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5633
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-3777 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3777 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5633 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro 6.0
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Real Time Module 15-SP5
An update that solves 15 vulnerabilities, contains three features and has 39
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables
component can be exploited to achieve local privilege escalation.
(bsc#1215095)
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-46813: Fixed SEV-ES local priv escalation (bsc#1212649).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were
handled when they were being used to store a surface (bsc#1216527).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
The following non-security bugs were fixed:
* acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
* acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
* acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
* acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
* alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes).
* alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
* alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes).
* alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes).
* alsa: hda/realtek: add quirks for hp laptops (git-fixes).
* alsa: hda/realtek: add support dual speaker for dell (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
* alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git-
fixes).
* alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
* alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
* alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
* alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
* alsa: info: fix potential deadlock at disconnection (git-fixes).
* alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices
(git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: add cortex-a520 cpu part definition (git-fixes)
* arm64: allow kprobes on el0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass esr_elx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out el1 ssbs emulation hook (git-fixes)
* arm64: report el1 undefs better (git-fixes)
* arm64: rework bti exception handling (git-fixes)
* arm64: rework el0 mrs emulation (git-fixes)
* arm64: rework fpac exception handling (git-fixes)
* arm64: split el0/el1 undef handlers (git-fixes)
* arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* asoc: ams-delta.c: use component after check (git-fixes).
* asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
* asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
* asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not
described (git-fixes).
* asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
* asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
* asoc: rt5650: fix the wrong result of key button (git-fixes).
* asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* asoc: sof: core: ensure sof_ops_free() is still called when probe never ran
(git-fixes).
* asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
* ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
* atl1c: work around the dma rx overflow issue (git-fixes).
* atm: iphase: do pci error checks on own line (git-fixes).
* blk-mq: do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: add device 0bda:887b to device tables (git-fixes).
* bluetooth: add device 13d3:3571 to device tables (git-fixes).
* bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
* bluetooth: btusb: add date->evt_skb is null check (git-fixes).
* bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-
fixes).
* bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-
fixes).
* btrfs: always log symlinks in full mode (bsc#1214840).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -einval on incorrect can id formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
* can: isotp: set max pdu size to 64 kbyte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: fix comment (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
* clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
* clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
* clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
* clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
* clk: sanitize possible_parent_show to handle return value of
of_clk_get_parent_name (git-fixes).
* clk: scmi: free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: change ti_clk_register_omap_hw api (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware
(git-fixes).
* clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes).
* crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
* disable loongson drivers loongson is a mips architecture, it does not make
sense to build loongson drivers on other architectures.
* dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* docs: net: move the probe and open/close sections of driver.rst up
(bsc#1215458).
* docs: net: reformat driver.rst from a list to sections (bsc#1215458).
* docs: net: use c syntax highlight in driver.rst (bsc#1215458).
* documentation: networking: correct possessive "its" (bsc#1215458).
* drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-
fixes).
* drm/amd/display: avoid null dereference of timing generator (git-fixes).
* drm/amd/display: change the dmcub mailbox memory location from fb to inbox
(git-fixes).
* drm/amd/display: refactor dm_get_plane_scale helper (git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
* drm/amd: disable aspm for vi w/ all intel systems (git-fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-
fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
* drm/amd: move helper for dynamic speed switch check out of smu13 (git-
fixes).
* drm/amd: update `update_pcie_parameters` functions to use uint8_t arguments
(git-fixes).
* drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes).
* drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802).
* drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-
fixes).
* drm/amdgpu: do not use atrm for external devices (git-fixes).
* drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null
(git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes).
* drm/amdgpu: remove unnecessary domain argument (git-fixes).
* drm/amdgpu: reserve fences for vm update (git-fixes).
* drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802).
* drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: tc358768: clean up clock period code (git-fixes).
* drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: fix bit updates (git-fixes).
* drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes).
* drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
* drm/bridge: tc358768: print logical values, not raw register values (git-
fixes).
* drm/bridge: tc358768: remove unused variable (git-fixes).
* drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes).
* drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes).
* drm/bridge: tc358768: use struct videomode (git-fixes).
* drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git-
fixes).
* drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes).
* drm/gud: use size_add() in call to struct_size() (git-fixes).
* drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
* drm/i915: fix potential spectre vulnerability (git-fixes).
* drm/i915: flush wc ggtt only on required platforms (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: fix iommu fault by swapping fbs after updating plane state
(git-fixes).
* drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: create devm device attachment (git-fixes).
* drm/mipi-dsi: create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
* drm/msm/dsi: free tx buffer in unbind (git-fixes).
* drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
* drm/panel: st7703: pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: fix a possible null pointer dereference (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-
fixes).
* drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
* drm/ttm: reorder sys manager cleanup step (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527)
* drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527)
* drm: bridge: it66121: fix invalid connector dereference (git-fixes).
* drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* ensure ia32_emulation is always enabled for kernel-obs-build if
ia32_emulation is disabled by default, ensure it is enabled back for obs
kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the
parameter, no need to grep through the config which may not be very
reliable]
* fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes).
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: omapfb: drop unused remove function (git-fixes).
* fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git-
fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-
fixes).
* fix termination state for idr_for_each_entry_ul() (git-fixes).
* fix x86/mm: print the encryption features in hyperv is disabled
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* gpu: host1x: correct allocated size for contexts (git-fixes).
* hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
* hid: cp2112: fix duplicate workqueue initialization (git-fixes).
* hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
* hid: hyperv: remove unused struct synthhid_msg (git-fixes).
* hid: hyperv: replace one-element array with flexible-array member (git-
fixes).
* hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* hid: logitech-hidpp: do not restart io, instead defer hid_connect() only
(git-fixes).
* hid: logitech-hidpp: move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
* hid: logitech-hidpp: revert "do not restart communication if not necessary"
(git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
* hv_netvsc: fix race of register_netdevice_notifier and vf register (git-
fixes).
* hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
* hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
* i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: disable tx_empty irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
* i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
* i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-
fixes).
* i3c: master: svc: fix wrong data return when ibi happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and mac filter support (bsc#1215458).
* idpf: add rx splitq napi poll support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: add sriov support and other ndo_ops (bsc#1215458).
* idpf: add tx splitq napi poll support (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for rx queues (bsc#1215458).
* idpf: configure resources for tx queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-
fixes).
* iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds
(git-fixes).
* iio: exynos-adc: request second interupt only when touchscreen mode is used
(git-fixes).
* input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-
fixes).
* input: xpad - add vid for turtle beach controllers (git-fixes).
* irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
* kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is
built since sle15-sp3 but it is not shipped as part of any sle product, only
in leap (in kernel-*-optional).
* kernel-binary: suse-module-tools is also required when installed
requires(pre) adds dependency for the specific sciptlet. however, suse-
module-tools also ships modprobe.d files which may be needed at posttrans
time or any time the kernel is on the system for generating ramdisk. add
plain requires as well.
* kernel-source: move provides after sources
* kernel/fork: beware of __put_task_struct() calling context (bsc#1216761).
* leds: pwm: do not disable the pwm when the led should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: do not use smbus calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: correctly initialise try compose rectangle (git-fixes).
* media: ccs: fix driver quirk struct documentation (git-fixes).
* media: cedrus: fix clock/reset sequence (git-fixes).
* media: cobalt: use field_get() to extract link width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-
fixes).
* mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: fix double put in dln2_probe (git-fixes).
* misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
* misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237,
git-fixes).
* mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
* mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
* mmc: block: retry commands in cqe error recovery (git-fixes).
* mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
* mmc: cqhci: increase recovery halt timeout (git-fixes).
* mmc: cqhci: warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
* mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-
fixes).
* mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-
fixes).
* mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee module_device_table built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: byte swap otp info (git-fixes).
* mtd: rawnand: arasan: include ecc syndrome along with in-band data while
checking for ecc failure (git-fixes).
* net-memcg: fix scope of sockmem pressure indicators (bsc#1216759).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: avoid address overwrite in kernel_connect (bsc#1216861).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: ieee802154: adf7242: fix some potential buffer overflow in
adf7242_stats_show() (git-fixes).
* net: mana: fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-
fixes).
* nfs: fix access to page->mapping (bsc#1216788).
* nvme: update firmware version after commit (bsc#1215292).
* pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes).
* pci/sysfs: protect driver's d3cold preference from user space (git-fixes).
* pci: disable ats for specific intel ipu e2000 devices (bsc#1215458).
* pci: extract ats disabling to a helper function (bsc#1215458).
* pci: exynos: do not discard .remove() callback (git-fixes).
* pci: keystone: do not discard .probe() callback (git-fixes).
* pci: keystone: do not discard .remove() callback (git-fixes).
* pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-
fixes).
* pci: tegra194: use field_get()/field_prep() with link width fields (git-
fixes).
* pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes).
* pci: use field_get() to extract link width (git-fixes).
* pci: vmd: correct pci header type register's multi-function check (git-
fixes).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86/intel-uncore-freq: return error on write frequency
(bsc#1217147).
* platform/x86/intel-uncore-freq: split common and enumeration part
(bsc#1217147).
* platform/x86/intel-uncore-freq: support for cluster level controls
(bsc#1217147).
* platform/x86/intel-uncore-freq: tpmi: provide cluster level control
(bsc#1217147).
* platform/x86/intel-uncore-freq: uncore frequency control via tpmi
(bsc#1217147).
* platform/x86/intel/tpmi: add tpmi external interface for tpmi feature
drivers (bsc#1217147).
* platform/x86/intel/tpmi: fix double free reported by smatch (bsc#1217147).
* platform/x86/intel/tpmi: process cpu package mapping (bsc#1217147).
* platform/x86/intel/uncore-freq: display uncore current frequency
(bsc#1217147).
* platform/x86/intel/uncore-freq: move to uncore-frequency folder
(bsc#1217147).
* platform/x86/intel/uncore-freq: use sysfs api to create attributes
(bsc#1217147).
* platform/x86/intel/vsec: add tpmi id (bsc#1217147).
* platform/x86/intel/vsec: enhance and export intel_vsec_add_aux()
(bsc#1217147).
* platform/x86/intel/vsec: support private data (bsc#1217147).
* platform/x86/intel/vsec: use mutex for ida_alloc() and ida_free()
(bsc#1217147).
* platform/x86/intel: intel tpmi enumeration driver (bsc#1217147).
* platform/x86/intel: tpmi: fix double free in tpmi_create_device()
(bsc#1217147).
* platform/x86: intel-uncore-freq: add client processors (bsc#1217147).
* platform/x86: intel-uncore-freq: conditionally create attribute for read
frequency (bsc#1217147).
* platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes
(bsc#1217147).
* platform/x86: intel-uncore-freq: prevent driver loading in guests
(bsc#1217147).
* platform/x86: intel-uncore-freq: use sysfs_emit() to instead of scnprintf()
(bsc#1217147).
* platform/x86: intel-uncore-frequency: move to intel sub-directory
(bsc#1217147).
* platform/x86: intel-uncore-frequency: use default_groups in kobj_type
(bsc#1217147).
* platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-
fixes).
* platform/x86: wmi: fix opening of char device (git-fixes).
* platform/x86: wmi: fix probe failure when failing to register wmi devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes).
* pm: hibernate: use __get_safe_page() rather than touching the list (git-
fixes).
* powerpc/perf/hv-24x7: update domain value check (bsc#1215931).
* powerpc/vas: limit open window failure messages in log bufffer (bsc#1216687
ltc#203927).
* powerpc: do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes).
* pwm: fix double shift bug (git-fixes).
* pwm: sti: reduce number of allocations and drop usage of chip_data (git-
fixes).
* quota: fix slow quotaoff (bsc#1216621).
* r8152: cancel hw_phy_work if we have an error in probe (git-fixes).
* r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: check for unplug in rtl_phy_patch_request() (git-fixes).
* r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes).
* r8152: release firmware if we have an error in probe (git-fixes).
* r8152: run the unload routine if we have errors during probe (git-fixes).
* regmap: debugfs: fix a erroneous check after snprintf() (git-fixes).
* regmap: ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* revert "i2c: pxa: move to generic gpio recovery" (git-fixes).
* revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes).
* revert "tracing: fix warning in trace_buffered_event_disable()"
(bsc#1217036)
* revert amdgpu patches that caused a regression (bsc#1215802)
* rpm/check-for-config-changes: add as_wruss to ignored_configs_re add
as_wruss as an ignored_configs_re entry in check-for-config-changes to fix
build on x86_32. there was a fix submitted to upstream but it was not
accepted:
https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.loc…
so carry this in ignored_configs_re instead.
* rpm/check-for-config-changes: add have_shadow_call_stack to
ignored_configs_re not supported by our compiler.
* rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage
* run scripts/renamepatches for sle15-sp4
* s390/ap: fix ap bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (ltc#203997
bsc#1217086).
* s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for erp requests (git-fixes
bsc#1217598).
* s390/ipl: add missing ipl_type_eckd_dump case to ipl_init() (git-fixes
bsc#1217511).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(ltc#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(ltc#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix ptrace_get_last_break error handling (git-fixes
bsc#1217599).
* sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196).
* sbitmap: fix up kabi for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196).
* sbsa_gwdt: calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: correct maximum pci function value for ras fw logging
(bsc#1217731).
* scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124).
* scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: reject received prlis with only initiator fcn role for npiv
ports (bsc#1217124).
* scsi: lpfc: remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: validate els ls_acc completion payload (bsc#1217124).
* scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: use field_get() to extract pcie capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: fix ksft print formats (git-fixes).
* selftests/resctrl: ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-
fixes).
* selftests/resctrl: remove duplicate feature check from cmt test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial
cards" (git-fixes).
* serial: meson: use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* treewide: spelling fix in comment (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes).
* tty: 8250: add support for additional brainboxes px cards (git-fixes).
* tty: 8250: add support for additional brainboxes uc cards (git-fixes).
* tty: 8250: add support for brainboxes up cards (git-fixes).
* tty: 8250: add support for intashield is-100 (git-fixes).
* tty: 8250: add support for intashield ix cards (git-fixes).
* tty: 8250: fix port count of px-257 (git-fixes).
* tty: 8250: fix up px-803/px-857 (git-fixes).
* tty: 8250: remove uc-257 and uc-431 (git-fixes).
* tty: fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard lockup on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes).
* update ath11k hibernation fix patch set (bsc#1207948)
* update metadata s390-ipl-add-missing-secure-has_secure-file-to-ipl-type-
unknown (bsc#1214976 git-fixes).
* usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes).
* usb: chipidea: fix dma overwrite for tegra (git-fixes).
* usb: chipidea: simplify tegra dma alignment code (git-fixes).
* usb: dwc2: fix possible null pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc2: write hcint with intmask applied (bsc#1214286).
* usb: dwc3: fix default mode initialization (git-fixes).
* usb: dwc3: qcom: fix acpi platform device leak (git-fixes).
* usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* usb: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: serial: option: add fibocom l7xx modules (git-fixes).
* usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes).
* usb: serial: option: fix fm101r-gl defines (git-fixes).
* usb: storage: set 1.50 as the lower bcddevice for older "super top"
compatibility (git-fixes).
* usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: skip hard reset when in error recovery (git-fixes).
* usb: usbip: fix stub_dev hub disconnect (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: do not touch the ce interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix gtk offload status event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes).
* wifi: iwlwifi: use fw rate for non-data frames (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes).
* wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: clear svm feature if disabled by bios (bsc#1214700).
* x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes).
* x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-
fixes).
* x86/hyperv: add hv_expose_invariant_tsc define (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: make hv_get_nmi_reason public (git-fixes).
* x86/sev: do not try to parse for the cc blob on non-amd hardware (git-
fixes).
* x86/sev: fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: use the ghcb protocol when available for snp cpuid requests (git-
fixes).
* x86: move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert agf log flags to unsigned (git-fixes).
* xfs: convert agi log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: make the start pointer passed to btree update_lastrec functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize ag block number formatting in ftrace output (git-fixes).
* xfs: standardize ag number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes).
* xhci: enable rpm on controllers that support low-power states (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-4732=1 openSUSE-SLE-15.5-2023-4732=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2023-4732=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2023-4732=1
* SUSE Real Time Module 15-SP5
zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2023-4732=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* kernel-source-rt-5.14.21-150500.13.27.2
* kernel-devel-rt-5.14.21-150500.13.27.2
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-optional-5.14.21-150500.13.27.2
* kernel-rt_debug-vdso-5.14.21-150500.13.27.2
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt_debug-debuginfo-5.14.21-150500.13.27.2
* reiserfs-kmp-rt-5.14.21-150500.13.27.2
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-vdso-5.14.21-150500.13.27.2
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* gfs2-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt-devel-debuginfo-5.14.21-150500.13.27.2
* cluster-md-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt_debug-devel-5.14.21-150500.13.27.2
* kernel-rt-extra-5.14.21-150500.13.27.2
* dlm-kmp-rt-5.14.21-150500.13.27.2
* kernel-livepatch-5_14_21-150500_13_27-rt-1-150500.11.3.2
* kernel-rt-extra-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-livepatch-devel-5.14.21-150500.13.27.2
* kernel-rt-optional-debuginfo-5.14.21-150500.13.27.2
* kernel-rt_debug-livepatch-devel-5.14.21-150500.13.27.2
* kernel-rt_debug-debugsource-5.14.21-150500.13.27.2
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.27.2
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-devel-5.14.21-150500.13.27.2
* ocfs2-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt-debugsource-5.14.21-150500.13.27.2
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-syms-rt-5.14.21-150500.13.27.1
* kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-1-150500.11.3.2
* kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-1-150500.11.3.2
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.27.2
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-livepatch-5.14.21-150500.13.27.2
* kselftests-kmp-rt-5.14.21-150500.13.27.2
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.27.2
* kernel-rt-5.14.21-150500.13.27.2
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.27.2
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-debugsource-5.14.21-150500.13.27.2
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_27-rt-1-150500.11.3.2
* kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-1-150500.11.3.2
* kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-1-150500.11.3.2
* SUSE Real Time Module 15-SP5 (x86_64)
* kernel-rt_debug-vdso-5.14.21-150500.13.27.2
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt_debug-debuginfo-5.14.21-150500.13.27.2
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-vdso-5.14.21-150500.13.27.2
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* gfs2-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt-devel-debuginfo-5.14.21-150500.13.27.2
* cluster-md-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt_debug-devel-5.14.21-150500.13.27.2
* dlm-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.27.2
* kernel-rt_debug-debugsource-5.14.21-150500.13.27.2
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.27.2
* kernel-rt-debuginfo-5.14.21-150500.13.27.2
* ocfs2-kmp-rt-5.14.21-150500.13.27.2
* kernel-rt-devel-5.14.21-150500.13.27.2
* kernel-rt-debugsource-5.14.21-150500.13.27.2
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
* kernel-syms-rt-5.14.21-150500.13.27.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.27.2
* SUSE Real Time Module 15-SP5 (noarch)
* kernel-source-rt-5.14.21-150500.13.27.2
* kernel-devel-rt-5.14.21-150500.13.27.2
* SUSE Real Time Module 15-SP5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.27.2
* kernel-rt-5.14.21-150500.13.27.2
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-3777.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46813.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5633.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1212649
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214700
* https://bugzilla.suse.com/show_bug.cgi?id=1214840
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215095
* https://bugzilla.suse.com/show_bug.cgi?id=1215123
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1215802
* https://bugzilla.suse.com/show_bug.cgi?id=1215931
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216527
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216621
* https://bugzilla.suse.com/show_bug.cgi?id=1216687
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216761
* https://bugzilla.suse.com/show_bug.cgi?id=1216788
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217095
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217147
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217196
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217511
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
1
0
14 Dec '23
# Security update for python-cryptography
Announcement ID: SUSE-SU-2023:4842-1
Rating: moderate
References:
* bsc#1217592
Cross-References:
* CVE-2023-49083
CVSS scores:
* CVE-2023-49083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-49083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* Python 3 Module 15-SP4
* Python 3 Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python-cryptography fixes the following issues:
* CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates
from a PKCS#7 bundle (bsc#1217592).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-4842=1 openSUSE-SLE-15.4-2023-4842=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-4842=1
* Python 3 Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Python3-15-SP4-2023-4842=1
* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2023-4842=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python-cryptography-debugsource-41.0.3-150400.16.12.1
* python311-cryptography-41.0.3-150400.16.12.1
* python311-cryptography-debuginfo-41.0.3-150400.16.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-cryptography-debugsource-41.0.3-150400.16.12.1
* python311-cryptography-41.0.3-150400.16.12.1
* python311-cryptography-debuginfo-41.0.3-150400.16.12.1
* Python 3 Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python-cryptography-debugsource-41.0.3-150400.16.12.1
* python311-cryptography-41.0.3-150400.16.12.1
* python311-cryptography-debuginfo-41.0.3-150400.16.12.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-cryptography-debugsource-41.0.3-150400.16.12.1
* python311-cryptography-41.0.3-150400.16.12.1
* python311-cryptography-debuginfo-41.0.3-150400.16.12.1
## References:
* https://www.suse.com/security/cve/CVE-2023-49083.html
* https://bugzilla.suse.com/show_bug.cgi?id=1217592
1
0
14 Dec '23
# Security update for python3-cryptography
Announcement ID: SUSE-SU-2023:4843-1
Rating: moderate
References:
* bsc#1217592
Cross-References:
* CVE-2023-49083
CVSS scores:
* CVE-2023-49083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-49083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python3-cryptography fixes the following issues:
* CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates
from a PKCS#7 bundle (bsc#1217592).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-4843=1 SUSE-2023-4843=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-4843=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2023-4843=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-4843=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-4843=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-4843=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-4843=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-4843=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2023-4843=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-4843=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4843=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* openSUSE Leap Micro 5.3 (aarch64 ppc64le s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* openSUSE Leap Micro 5.4 (aarch64 ppc64le s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python3-cryptography-debugsource-3.3.2-150400.23.1
* python3-cryptography-3.3.2-150400.23.1
* python3-cryptography-debuginfo-3.3.2-150400.23.1
## References:
* https://www.suse.com/security/cve/CVE-2023-49083.html
* https://bugzilla.suse.com/show_bug.cgi?id=1217592
1
0
SUSE-SU-2023:4836-1: important: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3)
by null@suse.de 14 Dec '23
by null@suse.de 14 Dec '23
14 Dec '23
# Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3)
Announcement ID: SUSE-SU-2023:4836-1
Rating: important
References:
* bsc#1215097
* bsc#1215442
* bsc#1215519
Cross-References:
* CVE-2023-2163
* CVE-2023-3777
* CVE-2023-4622
CVSS scores:
* CVE-2023-2163 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2023-2163 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2023-3777 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3777 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4622 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
An update that solves three vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 5.3.18-150300_59_133 fixes several issues.
The following security issues were fixed:
* CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables
component can be exploited to achieve local privilege escalation.
(bsc#1215097)
* CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain
sockets component which could be exploited to achieve local privilege
escalation (bsc#1215442).
* CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to
unsafe code paths being incorrectly marked as safe, resulting in arbitrary
read/write in kernel memory, lateral privilege escalation, and container
escape. (bsc#1215519)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2023-4837=1 SUSE-2023-4838=1 SUSE-2023-4846=1
SUSE-2023-4836=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2023-4837=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2023-4838=1 SUSE-SLE-Module-Live-
Patching-15-SP3-2023-4846=1 SUSE-SLE-Module-Live-Patching-15-SP3-2023-4836=1
## Package List:
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_36-debugsource-3-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_26-debugsource-13-150300.2.2
* kernel-livepatch-5_3_18-150300_59_101-default-13-150300.2.2
* kernel-livepatch-SLE15-SP3_Update_29-debugsource-10-150300.2.2
* kernel-livepatch-SLE15-SP3_Update_30-debugsource-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_101-default-debuginfo-13-150300.2.2
* kernel-livepatch-5_3_18-150300_59_115-default-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_112-default-debuginfo-10-150300.2.2
* kernel-livepatch-5_3_18-150300_59_115-default-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_112-default-10-150300.2.2
* kernel-livepatch-5_3_18-150300_59_133-default-3-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_115-preempt-debuginfo-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_115-preempt-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_112-preempt-10-150300.2.2
* kernel-livepatch-5_3_18-150300_59_112-preempt-debuginfo-10-150300.2.2
* kernel-livepatch-5_3_18-150300_59_101-preempt-13-150300.2.2
* kernel-livepatch-5_3_18-150300_59_133-preempt-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_101-preempt-debuginfo-13-150300.2.2
* kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-3-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_112-default-10-150300.2.2
* kernel-livepatch-5_3_18-150300_59_115-default-9-150300.2.1
* kernel-livepatch-5_3_18-150300_59_133-default-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_101-default-13-150300.2.2
## References:
* https://www.suse.com/security/cve/CVE-2023-2163.html
* https://www.suse.com/security/cve/CVE-2023-3777.html
* https://www.suse.com/security/cve/CVE-2023-4622.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215097
* https://bugzilla.suse.com/show_bug.cgi?id=1215442
* https://bugzilla.suse.com/show_bug.cgi?id=1215519
1
0
SUSE-SU-2023:4839-1: important: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3)
by null@suse.de 14 Dec '23
by null@suse.de 14 Dec '23
14 Dec '23
# Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3)
Announcement ID: SUSE-SU-2023:4839-1
Rating: important
References:
* bsc#1215097
* bsc#1215519
Cross-References:
* CVE-2023-2163
* CVE-2023-3777
CVSS scores:
* CVE-2023-2163 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2023-2163 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2023-3777 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3777 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
An update that solves two vulnerabilities can now be installed.
## Description:
This update for the Linux Kernel 5.3.18-150300_59_138 fixes several issues.
The following security issues were fixed:
* CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables
component can be exploited to achieve local privilege escalation.
(bsc#1215097)
* CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to
unsafe code paths being incorrectly marked as safe, resulting in arbitrary
read/write in kernel memory, lateral privilege escalation, and container
escape. (bsc#1215519)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2023-4839=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2023-4839=1
## Package List:
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-3-150300.2.1
* kernel-livepatch-SLE15-SP3_Update_37-debugsource-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_138-default-3-150300.2.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-3-150300.2.1
* kernel-livepatch-5_3_18-150300_59_138-preempt-3-150300.2.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_138-default-3-150300.2.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2163.html
* https://www.suse.com/security/cve/CVE-2023-3777.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215097
* https://bugzilla.suse.com/show_bug.cgi?id=1215519
1
0
13 Dec '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:4782-1
Rating: important
References:
* bsc#1210447
* bsc#1214286
* bsc#1214976
* bsc#1215124
* bsc#1215292
* bsc#1215420
* bsc#1215458
* bsc#1215710
* bsc#1216058
* bsc#1216105
* bsc#1216259
* bsc#1216584
* bsc#1216693
* bsc#1216759
* bsc#1216844
* bsc#1216861
* bsc#1216909
* bsc#1216959
* bsc#1216965
* bsc#1216976
* bsc#1217036
* bsc#1217068
* bsc#1217086
* bsc#1217124
* bsc#1217140
* bsc#1217195
* bsc#1217200
* bsc#1217205
* bsc#1217332
* bsc#1217366
* bsc#1217515
* bsc#1217598
* bsc#1217599
* bsc#1217609
* bsc#1217687
* bsc#1217731
* bsc#1217780
* jsc#PED-3184
* jsc#PED-5021
* jsc#PED-7237
Cross-References:
* CVE-2023-2006
* CVE-2023-25775
* CVE-2023-39197
* CVE-2023-39198
* CVE-2023-4244
* CVE-2023-45863
* CVE-2023-45871
* CVE-2023-46862
* CVE-2023-5158
* CVE-2023-5717
* CVE-2023-6039
* CVE-2023-6176
CVSS scores:
* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 12 vulnerabilities, contains three features and has 25
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
(bsc#1210447).
* CVE-2023-25775: Fixed improper access control in the Intel Ethernet
Controller RDMA driver (bsc#1216959).
* CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
(bsc#1216976).
* CVE-2023-39198: Fixed a race condition leading to use-after-free in
qxl_mode_dumb_create() (bsc#1216965).
* CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
could be exploited to achieve local privilege escalation (bsc#1215420).
* CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
(bsc#1216058).
* CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
not be adequate for frames larger than the MTU (bsc#1216259).
* CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
(bsc#1216693).
* CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
* CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
Performance Events component (bsc#1216584).
* CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
drivers/net/usb/lan78xx.c (bsc#1217068).
* CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
scatterwalk functionality (bsc#1217332).
The following non-security bugs were fixed:
* acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
* acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
* acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
* acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
* alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
* alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
* alsa: hda/realtek: add quirks for hp laptops (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
* alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
* alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
* alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
* alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
* alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
* alsa: info: fix potential deadlock at disconnection (git-fixes).
* arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
* arm64: add cortex-a520 cpu part definition (git-fixes)
* arm64: allow kprobes on el0 handlers (git-fixes)
* arm64: armv8_deprecated move emulation functions (git-fixes)
* arm64: armv8_deprecated: fix unused-function error (git-fixes)
* arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
* arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
* arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
* arm64: consistently pass esr_elx to die() (git-fixes)
* arm64: die(): pass 'err' as long (git-fixes)
* arm64: factor insn read out of call_undef_hook() (git-fixes)
* arm64: factor out el1 ssbs emulation hook (git-fixes)
* arm64: report el1 undefs better (git-fixes)
* arm64: rework bti exception handling (git-fixes)
* arm64: rework el0 mrs emulation (git-fixes)
* arm64: rework fpac exception handling (git-fixes)
* arm64: split el0/el1 undef handlers (git-fixes)
* arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
* asoc: ams-delta.c: use component after check (git-fixes).
* asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix
(git-fixes).
* asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
* asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
* asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
* asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not
described (git-fixes).
* asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
* asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
* asoc: rt5650: fix the wrong result of key button (git-fixes).
* asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
* asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
* ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
* atl1c: work around the dma rx overflow issue (git-fixes).
* atm: iphase: do pci error checks on own line (git-fixes).
* blk-mq: do not clear driver tags own mapping (bsc#1217366).
* blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
(bsc#1217366).
* bluetooth: add device 0bda:887b to device tables (git-fixes).
* bluetooth: add device 13d3:3571 to device tables (git-fixes).
* bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
* bluetooth: btusb: add date->evt_skb is null check (git-fixes).
* bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-
fixes).
* bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-
fixes).
* can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
accessed out of bounds (git-fixes).
* can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
* can: dev: can_restart(): fix race condition between controller restart and
netif_carrier_on() (git-fixes).
* can: isotp: add local echo tx processing for consecutive frames (git-fixes).
* can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
fixes).
* can: isotp: fix tx state handling for echo tx processing (git-fixes).
* can: isotp: handle wait_event_interruptible() return values (git-fixes).
* can: isotp: isotp_bind(): return -einval on incorrect can id formatting
(git-fixes).
* can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-
fixes).
* can: isotp: remove re-binding of bound socket (git-fixes).
* can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
* can: isotp: set max pdu size to 64 kbyte (git-fixes).
* can: isotp: split tx timer into transmission and timeout (git-fixes).
* can: sja1000: fix comment (git-fixes).
* clk: imx: imx8mq: correct error handling path (git-fixes).
* clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
* clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
* clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
* clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
* clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
* clk: npcm7xx: fix incorrect kfree (git-fixes).
* clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies
(git-fixes).
* clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
* clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
* clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-
fixes).
* clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-
fixes).
* clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
* clk: sanitize possible_parent_show to handle return value of
of_clk_get_parent_name (git-fixes).
* clk: scmi: free scmi_clk allocated when the clocks with invalid info are
skipped (git-fixes).
* clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
* clk: ti: change ti_clk_register_omap_hw api (git-fixes).
* clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
* clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
* clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-
fixes).
* crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
* crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
* disable loongson drivers loongson is a mips architecture, it does not make
sense to build loongson drivers on other architectures.
* dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-
fixes).
* dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-
fixes).
* dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
* dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
* docs: net: move the probe and open/close sections of driver.rst up
(bsc#1215458).
* docs: net: reformat driver.rst from a list to sections (bsc#1215458).
* docs: net: use c syntax highlight in driver.rst (bsc#1215458).
* documentation: networking: correct possessive "its" (bsc#1215458).
* drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-
fixes).
* drm/amd/display: avoid null dereference of timing generator (git-fixes).
* drm/amd/display: change the dmcub mailbox memory location from fb to inbox
(git-fixes).
* drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
* drm/amd/display: use full update for clip size increase of large plane
source (git-fixes).
* drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-
fixes).
* drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
* drm/amdgpu: do not use atrm for external devices (git-fixes).
* drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null
(git-fixes).
* drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
* drm/amdgpu: fix potential null pointer derefernce (git-fixes).
* drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
* drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-
fixes).
* drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
* drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
(git-fixes).
* drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in
drm_bridge_state (git-fixes).
* drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
* drm/bridge: lt8912b: fix bridge_detach (git-fixes).
* drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
* drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-
fixes).
* drm/bridge: lt8912b: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
* drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-
fixes).
* drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
* drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
* drm/bridge: tc358768: fix bit updates (git-fixes).
* drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
* drm/gud: use size_add() in call to struct_size() (git-fixes).
* drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
* drm/i915: fix potential spectre vulnerability (git-fixes).
* drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
* drm/mediatek: fix iommu fault by swapping fbs after updating plane state
(git-fixes).
* drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
* drm/mipi-dsi: create devm device attachment (git-fixes).
* drm/mipi-dsi: create devm device registration (git-fixes).
* drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
* drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
fixes).
* drm/panel: fix a possible null pointer dereference (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
* drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
* drm/panel: st7703: pick different reset sequence (git-fixes).
* drm/qxl: prevent memory leak (git-fixes).
* drm/radeon: possible buffer overflow (git-fixes).
* drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-
fixes).
* drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-
fixes).
* drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
* drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-
fixes).
* drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-
fixes).
* drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
* drm/vc4: fix typo (git-fixes).
* drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
* dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
* dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
* ensure ia32_emulation is always enabled for kernel-obs-build if
ia32_emulation is disabled by default, ensure it is enabled back for obs
kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the
parameter, no need to grep through the config which may not be very
reliable]
* fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
* fbdev: imsttfb: fix a resource leak in probe (git-fixes).
* fbdev: imsttfb: fix double free in probe() (git-fixes).
* fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
* fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-
fixes).
* fbdev: omapfb: drop unused remove function (git-fixes).
* firewire: core: fix possible memory leak in create_units() (git-fixes).
* firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-
fixes).
* fix termination state for idr_for_each_entry_ul() (git-fixes).
* gpio: mockup: fix kerneldoc (git-fixes).
* gpio: mockup: remove unused field (git-fixes).
* hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
* hid: cp2112: fix duplicate workqueue initialization (git-fixes).
* hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
* hid: hyperv: remove unused struct synthhid_msg (git-fixes).
* hid: hyperv: replace one-element array with flexible-array member (git-
fixes).
* hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround
(git-fixes).
* hid: logitech-hidpp: do not restart io, instead defer hid_connect() only
(git-fixes).
* hid: logitech-hidpp: move get_wireless_feature_index() check to
hidpp_connect_event() (git-fixes).
* hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
* hid: logitech-hidpp: revert "do not restart communication if not necessary"
(git-fixes).
* hv: simplify sysctl registration (git-fixes).
* hv_netvsc: fix netvsc_send_completion to avoid multiple message length
checks (git-fixes).
* hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
* hv_netvsc: fix race of register_netdevice_notifier and vf register (git-
fixes).
* hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
* hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-
fixes).
* i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
* i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
* i2c: designware: disable tx_empty irq while waiting for block length byte
(git-fixes).
* i2c: dev: copy userspace array safely (git-fixes).
* i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
fixes).
* i2c: iproc: handle invalid slave state (git-fixes).
* i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
* i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
* i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
* i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
fixes).
* i3c: master: cdns: fix reading status register (git-fixes).
* i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-
fixes).
* i3c: master: svc: fix check wrong status register in irq handler (git-
fixes).
* i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
* i3c: master: svc: fix race condition in ibi work thread (git-fixes).
* i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-
fixes).
* i3c: master: svc: fix wrong data return when ibi happen during start frame
(git-fixes).
* i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-
fixes).
* i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
* idpf: add controlq init and reset checks (bsc#1215458).
* idpf: add core init and interrupt request (bsc#1215458).
* idpf: add create vport and netdev configuration (bsc#1215458).
* idpf: add ethtool callbacks (bsc#1215458).
* idpf: add module register and probe functionality (bsc#1215458).
* idpf: add ptypes and mac filter support (bsc#1215458).
* idpf: add rx splitq napi poll support (bsc#1215458).
* idpf: add singleq start_xmit and napi poll (bsc#1215458).
* idpf: add splitq start_xmit (bsc#1215458).
* idpf: add sriov support and other ndo_ops (bsc#1215458).
* idpf: add tx splitq napi poll support (bsc#1215458).
* idpf: cancel mailbox work in error path (bsc#1215458).
* idpf: configure resources for rx queues (bsc#1215458).
* idpf: configure resources for tx queues (bsc#1215458).
* idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
* idpf: initialize interrupts and enable vport (bsc#1215458).
* idpf: set scheduling mode for completion queue (bsc#1215458).
* iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-
fixes).
* iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds
(git-fixes).
* iio: exynos-adc: request second interupt only when touchscreen mode is used
(git-fixes).
* input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
(git-fixes).
* input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-
fixes).
* input: xpad - add vid for turtle beach controllers (git-fixes).
* irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
* kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is
built since sle15-sp3 but it is not shipped as part of any sle product, only
in leap (in kernel-*-optional).
* kernel-binary: suse-module-tools is also required when installed
requires(pre) adds dependency for the specific sciptlet. however, suse-
module-tools also ships modprobe.d files which may be needed at posttrans
time or any time the kernel is on the system for generating ramdisk. add
plain requires as well.
* kernel-source: move provides after sources
* leds: pwm: do not disable the pwm when the led should be off (git-fixes).
* leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu'
(git-fixes).
* leds: turris-omnia: do not use smbus calls (git-fixes).
* lsm: fix default return value for inode_getsecctx (git-fixes).
* lsm: fix default return value for vm_enough_memory (git-fixes).
* media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
* media: ccs: correctly initialise try compose rectangle (git-fixes).
* media: ccs: fix driver quirk struct documentation (git-fixes).
* media: cedrus: fix clock/reset sequence (git-fixes).
* media: cobalt: use field_get() to extract link width (git-fixes).
* media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
* media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
* media: imon: fix access to invalid resource for the second interface (git-
fixes).
* media: lirc: drop trailing space from scancode transmit (git-fixes).
* media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
* media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
* media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
* media: qcom: camss: fix vfe_get() error jump (git-fixes).
* media: sharp: fix sharp encoding (git-fixes).
* media: siano: drop unnecessary error check for debugfs_create_dir/file()
(git-fixes).
* media: venus: hfi: add checks to handle capabilities from firmware (git-
fixes).
* media: venus: hfi: add checks to perform sanity on queue pointers (git-
fixes).
* media: venus: hfi: fix the check to handle session buffer requirement (git-
fixes).
* media: venus: hfi_parser: add check to keep the number of codecs within
range (git-fixes).
* media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
* media: vidtv: psi: add check for kstrdup (git-fixes).
* media: vivid: avoid integer overflow (git-fixes).
* mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-
fixes).
* mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
* mfd: dln2: fix double put in dln2_probe (git-fixes).
* misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
* misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-
fixes).
* mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237,
git-fixes).
* mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
* mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
* mmc: block: retry commands in cqe error recovery (git-fixes).
* mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
* mmc: cqhci: increase recovery halt timeout (git-fixes).
* mmc: cqhci: warn of halt or task clear failure (git-fixes).
* mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
* mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-
fixes).
* mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-
fixes).
* mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
* mmc: vub300: fix an error code (git-fixes).
* modpost: fix tee module_device_table built on big-endian host (git-fixes).
* mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
* mtd: cfi_cmdset_0001: byte swap otp info (git-fixes).
* mtd: rawnand: arasan: include ecc syndrome along with in-band data while
checking for ecc failure (git-fixes).
* net-memcg: fix scope of sockmem pressure indicators (bsc#1216759).
* net: add macro netif_subqueue_completed_wake (bsc#1215458).
* net: avoid address overwrite in kernel_connect (bsc#1216861).
* net: fix use-after-free in tw_timer_handler (bsc#1217195).
* net: ieee802154: adf7242: fix some potential buffer overflow in
adf7242_stats_show() (git-fixes).
* net: mana: fix return type of mana_start_xmit() (git-fixes).
* net: piggy back on the memory barrier in bql when waking queues
(bsc#1215458).
* net: provide macros for commonly copied lockless queue stop/wake code
(bsc#1215458).
* net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
fixes).
* net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-
fixes).
* nvme: update firmware version after commit (bsc#1215292).
* pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes).
* pci/sysfs: protect driver's d3cold preference from user space (git-fixes).
* pci: disable ats for specific intel ipu e2000 devices (bsc#1215458).
* pci: extract ats disabling to a helper function (bsc#1215458).
* pci: exynos: do not discard .remove() callback (git-fixes).
* pci: keystone: do not discard .probe() callback (git-fixes).
* pci: keystone: do not discard .remove() callback (git-fixes).
* pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-
fixes).
* pci: tegra194: use field_get()/field_prep() with link width fields (git-
fixes).
* pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes).
* pci: use field_get() to extract link width (git-fixes).
* pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
* pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
(git-fixes).
* pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
* pinctrl: avoid reload of p state in list iteration (git-fixes).
* platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-
fixes).
* platform/x86: wmi: fix opening of char device (git-fixes).
* platform/x86: wmi: fix probe failure when failing to register wmi devices
(git-fixes).
* platform/x86: wmi: remove unnecessary initializations (git-fixes).
* pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes).
* pm: hibernate: use __get_safe_page() rather than touching the list (git-
fixes).
* powerpc: do not clobber f0/vs0 during fp|altivec register save
(bsc#1217780).
* pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes).
* pwm: fix double shift bug (git-fixes).
* pwm: sti: reduce number of allocations and drop usage of chip_data (git-
fixes).
* r8152: cancel hw_phy_work if we have an error in probe (git-fixes).
* r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
* r8152: check for unplug in rtl_phy_patch_request() (git-fixes).
* r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes).
* r8152: release firmware if we have an error in probe (git-fixes).
* r8152: run the unload routine if we have errors during probe (git-fixes).
* regmap: debugfs: fix a erroneous check after snprintf() (git-fixes).
* regmap: ensure range selector registers are updated after cache sync (git-
fixes).
* regmap: prevent noinc writes from clobbering cache (git-fixes).
* revert "i2c: pxa: move to generic gpio recovery" (git-fixes).
* revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes).
* rpm/check-for-config-changes: add as_wruss to ignored_configs_re add
as_wruss as an ignored_configs_re entry in check-for-config-changes to fix
build on x86_32. there was a fix submitted to upstream but it was not
accepted:
https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.loc…
so carry this in ignored_configs_re instead.
* rpm/check-for-config-changes: add have_shadow_call_stack to
ignored_configs_re not supported by our compiler.
* rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage
* s390/ap: fix ap bus crash on early config change callback invocation (git-
fixes bsc#1217687).
* s390/cio: unregister device when the only path is gone (git-fixes
bsc#1217609).
* s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086).
* s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997
bsc#1217086).
* s390/cmma: fix initial kernel address space page table walk (ltc#203997
bsc#1217086).
* s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205).
* s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629
bsc#1215124).
* s390/dasd: protect device queue against concurrent access (git-fixes
bsc#1217515).
* s390/dasd: use correct number of retries for erp requests (git-fixes
bsc#1217598).
* s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
(bsc#1214976 git-fixes).
* s390/mm: add missing arch_set_page_dat() call to gmap allocations
(ltc#203997 bsc#1217086).
* s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
(ltc#203997 bsc#1217086).
* s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
* s390/ptrace: fix ptrace_get_last_break error handling (git-fixes
bsc#1217599).
* sbsa_gwdt: calculate timeout with 64-bit math (git-fixes).
* scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731).
* scsi: lpfc: correct maximum pci function value for ras fw logging
(bsc#1217731).
* scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
(bsc#1217731).
* scsi: lpfc: enhance driver logging for selected discovery events
(bsc#1217731).
* scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi()
(bsc#1217731).
* scsi: lpfc: fix possible file string name overflow when updating firmware
(bsc#1217731).
* scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124).
* scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731).
* scsi: lpfc: reject received prlis with only initiator fcn role for npiv
ports (bsc#1217124).
* scsi: lpfc: remove unnecessary zero return code assignment in
lpfc_sli4_hba_setup (bsc#1217124).
* scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading
(bsc#1217731).
* scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci
offline (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124).
* scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731).
* scsi: lpfc: validate els ls_acc completion payload (bsc#1217124).
* scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes).
* scsi: qla2xxx: use field_get() to extract pcie capability fields (git-
fixes).
* selftests/efivarfs: create-read: fix a resource leak (git-fixes).
* selftests/pidfd: fix ksft print formats (git-fixes).
* selftests/resctrl: ensure the benchmark commands fits to its array (git-
fixes).
* selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-
fixes).
* selftests/resctrl: remove duplicate feature check from cmt test (git-fixes).
* seq_buf: fix a misleading comment (git-fixes).
* serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial
cards" (git-fixes).
* serial: meson: use platform_get_irq() to get the interrupt (git-fixes).
* soc: qcom: llcc: handle a second device without data corruption (git-fixes).
* spi: nxp-fspi: use the correct ioremap function (git-fixes).
* spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
* spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes).
* staging: media: ipu3: remove ftrace-like logging (git-fixes).
* string.h: add array-wrappers for (v)memdup_user() (git-fixes).
* supported.conf: marked idpf supported
* thermal: core: prevent potential string overflow (git-fixes).
* treewide: spelling fix in comment (git-fixes).
* tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
* tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes).
* tty: 8250: add support for additional brainboxes px cards (git-fixes).
* tty: 8250: add support for additional brainboxes uc cards (git-fixes).
* tty: 8250: add support for brainboxes up cards (git-fixes).
* tty: 8250: add support for intashield is-100 (git-fixes).
* tty: 8250: add support for intashield ix cards (git-fixes).
* tty: 8250: fix port count of px-257 (git-fixes).
* tty: 8250: fix up px-803/px-857 (git-fixes).
* tty: 8250: remove uc-257 and uc-431 (git-fixes).
* tty: fix uninit-value access in ppp_sync_receive() (git-fixes).
* tty: n_gsm: fix race condition in status line change on dead connections
(git-fixes).
* tty: serial: meson: fix hard lockup on crtscts mode (git-fixes).
* tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
* tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes).
* usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes).
* usb: chipidea: fix dma overwrite for tegra (git-fixes).
* usb: chipidea: simplify tegra dma alignment code (git-fixes).
* usb: dwc2: fix possible null pointer dereference caused by driver
concurrency (git-fixes).
* usb: dwc2: write hcint with intmask applied (bsc#1214286).
* usb: dwc3: fix default mode initialization (git-fixes).
* usb: dwc3: qcom: fix acpi platform device leak (git-fixes).
* usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
* usb: dwc3: qcom: fix software node leak on probe errors (git-fixes).
* usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
* usb: dwc3: set the dma max_seg_size (git-fixes).
* usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes).
* usb: raw-gadget: properly handle interrupted requests (git-fixes).
* usb: serial: option: add fibocom l7xx modules (git-fixes).
* usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes).
* usb: serial: option: fix fm101r-gl defines (git-fixes).
* usb: storage: set 1.50 as the lower bcddevice for older "super top"
compatibility (git-fixes).
* usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-
fixes).
* usb: typec: tcpm: skip hard reset when in error recovery (git-fixes).
* usb: usbip: fix stub_dev hub disconnect (git-fixes).
* virtchnl: add virtchnl version 2 ops (bsc#1215458).
* wifi: ath10k: do not touch the ce interrupt registers after power up (git-
fixes).
* wifi: ath10k: fix clang-specific fortify warning (git-fixes).
* wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes).
* wifi: ath11k: fix dfs radar event locking (git-fixes).
* wifi: ath11k: fix htt pktlog locking (git-fixes).
* wifi: ath11k: fix temperature event locking (git-fixes).
* wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
* wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
fixes).
* wifi: iwlwifi: empty overflow queue during flush (git-fixes).
* wifi: iwlwifi: honor the enable_ini value (git-fixes).
* wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes).
* wifi: iwlwifi: use fw rate for non-data frames (git-fixes).
* wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
fixes).
* wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes).
* wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
* wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes).
* wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file()
(git-fixes).
* x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes).
* x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes).
* x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-
fixes).
* x86/hyperv: add hv_expose_invariant_tsc define (git-fixes).
* x86/hyperv: fix a warning in mshyperv.h (git-fixes).
* x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes).
* x86/hyperv: make hv_get_nmi_reason public (git-fixes).
* x86/sev: do not try to parse for the cc blob on non-amd hardware (git-
fixes).
* x86/sev: fix calculation of end address based on number of pages (git-
fixes).
* x86/sev: use the ghcb protocol when available for snp cpuid requests (git-
fixes).
* x86: move gds_ucode_mitigated() declaration to header (git-fixes).
* xfs: add attr state machine tracepoints (git-fixes).
* xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
* xfs: constify btree function parameters that are not modified (git-fixes).
* xfs: convert agf log flags to unsigned (git-fixes).
* xfs: convert agi log flags to unsigned (git-fixes).
* xfs: convert attr type flags to unsigned (git-fixes).
* xfs: convert bmap extent type flags to unsigned (git-fixes).
* xfs: convert bmapi flags to unsigned (git-fixes).
* xfs: convert btree buffer log flags to unsigned (git-fixes).
* xfs: convert buffer flags to unsigned (git-fixes).
* xfs: convert buffer log item flags to unsigned (git-fixes).
* xfs: convert da btree operations flags to unsigned (git-fixes).
* xfs: convert dquot flags to unsigned (git-fixes).
* xfs: convert inode lock flags to unsigned (git-fixes).
* xfs: convert log item tracepoint flags to unsigned (git-fixes).
* xfs: convert log ticket and iclog flags to unsigned (git-fixes).
* xfs: convert quota options flags to unsigned (git-fixes).
* xfs: convert scrub type flags to unsigned (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
(git-fixes).
* xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
* xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
* xfs: make the key parameters to all btree key comparison functions const
(git-fixes).
* xfs: make the key parameters to all btree query range functions const (git-
fixes).
* xfs: make the keys and records passed to btree inorder functions const (git-
fixes).
* xfs: make the pointer passed to btree set_root functions const (git-fixes).
* xfs: make the start pointer passed to btree alloc_block functions const
(git-fixes).
* xfs: make the start pointer passed to btree update_lastrec functions const
(git-fixes).
* xfs: mark the record passed into btree init_key functions as const (git-
fixes).
* xfs: mark the record passed into xchk_btree functions as const (git-fixes).
* xfs: remove xfs_btree_cur_t typedef (git-fixes).
* xfs: rename i_disk_size fields in ftrace output (git-fixes).
* xfs: resolve fork names in trace output (git-fixes).
* xfs: standardize ag block number formatting in ftrace output (git-fixes).
* xfs: standardize ag number formatting in ftrace output (git-fixes).
* xfs: standardize daddr formatting in ftrace output (git-fixes).
* xfs: standardize inode generation formatting in ftrace output (git-fixes).
* xfs: standardize inode number formatting in ftrace output (git-fixes).
* xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
* xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
* xhci: enable rpm on controllers that support low-power states (git-fixes).
* xhci: loosen rpm as default policy to cover for amd xhc 1.1 (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-4782=1 openSUSE-SLE-15.4-2023-4782=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-4782=1
## Package List:
* openSUSE Leap 15.4 (aarch64 x86_64)
* kselftests-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* ocfs2-kmp-azure-5.14.21-150400.14.75.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-optional-5.14.21-150400.14.75.1
* gfs2-kmp-azure-5.14.21-150400.14.75.1
* dlm-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-optional-debuginfo-5.14.21-150400.14.75.1
* cluster-md-kmp-azure-5.14.21-150400.14.75.1
* gfs2-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-extra-debuginfo-5.14.21-150400.14.75.1
* kernel-syms-azure-5.14.21-150400.14.75.1
* kernel-azure-debugsource-5.14.21-150400.14.75.1
* kernel-azure-livepatch-devel-5.14.21-150400.14.75.1
* dlm-kmp-azure-5.14.21-150400.14.75.1
* kselftests-kmp-azure-5.14.21-150400.14.75.1
* kernel-azure-devel-5.14.21-150400.14.75.1
* kernel-azure-extra-5.14.21-150400.14.75.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* reiserfs-kmp-azure-5.14.21-150400.14.75.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.75.1
* openSUSE Leap 15.4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.75.1
* openSUSE Leap 15.4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.75.1
* kernel-source-azure-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (aarch64 x86_64)
* kernel-azure-debuginfo-5.14.21-150400.14.75.1
* kernel-azure-devel-debuginfo-5.14.21-150400.14.75.1
* kernel-syms-azure-5.14.21-150400.14.75.1
* kernel-azure-devel-5.14.21-150400.14.75.1
* kernel-azure-debugsource-5.14.21-150400.14.75.1
* Public Cloud Module 15-SP4 (noarch)
* kernel-devel-azure-5.14.21-150400.14.75.1
* kernel-source-azure-5.14.21-150400.14.75.1
## References:
* https://www.suse.com/security/cve/CVE-2023-2006.html
* https://www.suse.com/security/cve/CVE-2023-25775.html
* https://www.suse.com/security/cve/CVE-2023-39197.html
* https://www.suse.com/security/cve/CVE-2023-39198.html
* https://www.suse.com/security/cve/CVE-2023-4244.html
* https://www.suse.com/security/cve/CVE-2023-45863.html
* https://www.suse.com/security/cve/CVE-2023-45871.html
* https://www.suse.com/security/cve/CVE-2023-46862.html
* https://www.suse.com/security/cve/CVE-2023-5158.html
* https://www.suse.com/security/cve/CVE-2023-5717.html
* https://www.suse.com/security/cve/CVE-2023-6039.html
* https://www.suse.com/security/cve/CVE-2023-6176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210447
* https://bugzilla.suse.com/show_bug.cgi?id=1214286
* https://bugzilla.suse.com/show_bug.cgi?id=1214976
* https://bugzilla.suse.com/show_bug.cgi?id=1215124
* https://bugzilla.suse.com/show_bug.cgi?id=1215292
* https://bugzilla.suse.com/show_bug.cgi?id=1215420
* https://bugzilla.suse.com/show_bug.cgi?id=1215458
* https://bugzilla.suse.com/show_bug.cgi?id=1215710
* https://bugzilla.suse.com/show_bug.cgi?id=1216058
* https://bugzilla.suse.com/show_bug.cgi?id=1216105
* https://bugzilla.suse.com/show_bug.cgi?id=1216259
* https://bugzilla.suse.com/show_bug.cgi?id=1216584
* https://bugzilla.suse.com/show_bug.cgi?id=1216693
* https://bugzilla.suse.com/show_bug.cgi?id=1216759
* https://bugzilla.suse.com/show_bug.cgi?id=1216844
* https://bugzilla.suse.com/show_bug.cgi?id=1216861
* https://bugzilla.suse.com/show_bug.cgi?id=1216909
* https://bugzilla.suse.com/show_bug.cgi?id=1216959
* https://bugzilla.suse.com/show_bug.cgi?id=1216965
* https://bugzilla.suse.com/show_bug.cgi?id=1216976
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217068
* https://bugzilla.suse.com/show_bug.cgi?id=1217086
* https://bugzilla.suse.com/show_bug.cgi?id=1217124
* https://bugzilla.suse.com/show_bug.cgi?id=1217140
* https://bugzilla.suse.com/show_bug.cgi?id=1217195
* https://bugzilla.suse.com/show_bug.cgi?id=1217200
* https://bugzilla.suse.com/show_bug.cgi?id=1217205
* https://bugzilla.suse.com/show_bug.cgi?id=1217332
* https://bugzilla.suse.com/show_bug.cgi?id=1217366
* https://bugzilla.suse.com/show_bug.cgi?id=1217515
* https://bugzilla.suse.com/show_bug.cgi?id=1217598
* https://bugzilla.suse.com/show_bug.cgi?id=1217599
* https://bugzilla.suse.com/show_bug.cgi?id=1217609
* https://bugzilla.suse.com/show_bug.cgi?id=1217687
* https://bugzilla.suse.com/show_bug.cgi?id=1217731
* https://bugzilla.suse.com/show_bug.cgi?id=1217780
* https://jira.suse.com/browse/PED-3184
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7237
1
0
13 Dec '23
# Security update for xorg-x11-server
Announcement ID: SUSE-SU-2023:4787-1
Rating: important
References:
* bsc#1217765
* bsc#1217766
Cross-References:
* CVE-2023-6377
* CVE-2023-6478
CVSS scores:
* CVE-2023-6377 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6478 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves two vulnerabilities can now be installed.
## Description:
This update for xorg-x11-server fixes the following issues:
* CVE-2023-6377: Fixed Out-of-bounds memory write in XKB button
actions(bsc#1217765).
* CVE-2023-6478: Fixed Out-of-bounds memory read in RRChangeOutputProperty and
RRChangeProviderProperty (bsc#1217766).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-4787=1 openSUSE-SLE-15.5-2023-4787=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4787=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-4787=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* xorg-x11-server-Xvfb-21.1.4-150500.7.10.1
* xorg-x11-server-extra-21.1.4-150500.7.10.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-debugsource-21.1.4-150500.7.10.1
* xorg-x11-server-sdk-21.1.4-150500.7.10.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-source-21.1.4-150500.7.10.1
* xorg-x11-server-21.1.4-150500.7.10.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-Xvfb-21.1.4-150500.7.10.1
* xorg-x11-server-extra-21.1.4-150500.7.10.1
* xorg-x11-server-extra-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-debugsource-21.1.4-150500.7.10.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.10.1
* xorg-x11-server-21.1.4-150500.7.10.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* xorg-x11-server-debugsource-21.1.4-150500.7.10.1
* xorg-x11-server-sdk-21.1.4-150500.7.10.1
* xorg-x11-server-debuginfo-21.1.4-150500.7.10.1
## References:
* https://www.suse.com/security/cve/CVE-2023-6377.html
* https://www.suse.com/security/cve/CVE-2023-6478.html
* https://bugzilla.suse.com/show_bug.cgi?id=1217765
* https://bugzilla.suse.com/show_bug.cgi?id=1217766
1
0