SUSE-SU-2022:0169-1

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2022-0185: Incorrect param length parsing in legacyparseparam which could have led to a local privilege escalation (bsc#1194517).
• CVE-2022-0322: Fixed a denial of service in SCTP sctpaddtochunk (bsc#1194985).
• CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302).
• CVE-2021-46283: nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression in their own namespace (bnc#1194518).
• CVE-2021-4135: Fixed an information leak in the nsimbpfmap_alloc function (bsc#1193927).
• CVE-2021-4202: Fixed a race condition during NFC device remove which could lead to a use-after-free memory corruption (bsc#1194529)
• CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allowed a local user to crash the system or escalate their privileges on the system. (bnc#1193727).
• CVE-2021-4149: Fixed a locking condition in btrfs which could lead to system deadlocks (bsc#1194001).
• CVE-2021-45485: In the IPv6 implementation net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses (bnc#1194094).
• CVE-2021-45486: In the IPv4 implementation net/ipv4/route.c has an information leak because the hash table is very small (bnc#1194087).

The following non-security bugs were fixed:

• ACPI: APD: Check for NULL pointer after calling devm_ioremap() (git-fixes).
• ACPI: Add stubs for wakeup handler functions (git-fixes).
• ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes (git-fixes).
• ALSA: PCM: Add missing rwsem around sndctlremove() calls (git-fixes).
• ALSA: ctl: Fix copy of updated id with element read/write (git-fixes).
• ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes).
• ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes).
• ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform (git-fixes).
• ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows (git-fixes).
• ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes).
• ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes).
• ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes).
• ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes).
• ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes).
• ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers (git-fixes).
• ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ (git-fixes).
• ALSA: hda: Add missing rwsem around sndctlremove() calls (git-fixes).
• ALSA: hda: Make proper use of timecounter (git-fixes).
• ALSA: jack: Add missing rwsem around sndctlremove() calls (git-fixes).
• ALSA: jack: Check the return value of kstrdup() (git-fixes).
• ALSA: oss: fix compile error when OSS_DEBUG is enabled (git-fixes).
• ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes).
• ALSA: pcm: oss: Handle missing errors in sndpcmosschangeparams*() (git-fixes).
• ALSA: pcm: oss: Limit the period size to 16MB (git-fixes).
• ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID (git-fixes).
• ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk (git-fixes).
• ASoC: codecs: wcd934x: handle channel mappping list correctly (git-fixes).
• ASoC: codecs: wcd934x: return correct value from mixer put (git-fixes).
• ASoC: codecs: wcd934x: return error code correctly from hw_params (git-fixes).
• ASoC: codecs: wsa881x: fix return values from kcontrol put (git-fixes).
• ASoC: cs42l42: Correct configuring of switch inversion from ts-inv (git-fixes).
• ASoC: cs42l42: Disable regulators if probe fails (git-fixes).
• ASoC: cs42l42: Use deviceproperty API instead of ofproperty (git-fixes).
• ASoC: fsl_asrc: refine the check of available clock divider (git-fixes).
• ASoC: fslmqs: fix MODULEALIAS (git-fixes).
• ASoC: mediatek: Check for error clk pointer (git-fixes).
• ASoC: meson: aiu: Move AIUI2SMISC hold setting to aiu-fifo-i2s (git-fixes).
• ASoC: meson: aiu: fifo: Add missing dmacoercemaskandcoherent() (git-fixes).
• ASoC: qdsp6: q6routing: Fix return value from msmroutingputaudiomixer (git-fixes).
• ASoC: rt5663: Handle devicepropertyreadu32array error codes (git-fixes).
• ASoC: samsung: idma: Check of ioremap return value (git-fixes).
• ASoC: soc-core: fix null-ptr-deref in sndsocdelcomponentunlocked() (git-fixes).
• ASoC: sunxi: fix a sound binding broken reference (git-fixes).
• ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes).
• ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes).
• ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes).
• ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes).
• ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes).
• ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes).
• ASoC: tegra: Fix wrong value type in DMIC (git-fixes).
• ASoC: tegra: Fix wrong value type in DSPK (git-fixes).
• ASoC: tegra: Fix wrong value type in I2S (git-fixes).
• ASoC: uniphier: drop selecting non-existing SNDSOCUNIPHIERAIODMA (git-fixes).
• Add cherry-picked IDs for qemu fw_cfg patches
• Bluetooth: L2CAP: Fix using wrong mode (git-fixes).
• Bluetooth: bfusb: fix division by zero in send path (git-fixes).
• Bluetooth: btmtksdio: fix resume failure (git-fixes).
• Bluetooth: btusb: fix memory leak in btusbmtksubmitwmtrecv_urb() (git-fixes).
• Bluetooth: cmtp: fix possible panic when cmtpinitsockets() fails (git-fixes).
• Bluetooth: hci_bcm: Check for error irq (git-fixes).
• Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes).
• Bluetooth: stop proccessing malicious adv data (git-fixes).
• Documentation: ACPI: Fix data node reference documentation (git-fixes).
• Documentation: dmaengine: Correctly describe dmatest with channel unset (git-fixes).
• Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (git-fixes).
• HID: add USB_HID dependancy to hid-chicony (git-fixes).
• HID: add USB_HID dependancy to hid-prodikeys (git-fixes).
• HID: asus: Add depends on USBHID to HIDASUS Kconfig option (git-fixes).
• HID: bigbenff: prevent null pointer dereference (git-fixes).
• HID: google: add eel USB id (git-fixes).
• HID: hid-uclogic-params: Invalid parameter check in uclogicparamsframeinitv1_buttonpad (git-fixes).
• HID: hid-uclogic-params: Invalid parameter check in uclogicparamsgetstrdesc (git-fixes).
• HID: hid-uclogic-params: Invalid parameter check in uclogicparamshuion_init (git-fixes).
• HID: hid-uclogic-params: Invalid parameter check in uclogicparamsinit (git-fixes).
• HID: quirks: Add quirk for the Microsoft Surface 3 type-cover (git-fixes).
• Input: appletouch - initialize work before device registration (git-fixes).
• Input: atmelmxtts - fix double free in mxtreadinfo_block (git-fixes).
• Input: elantech - fix stack out of bound access in elantechchangereport_id() (git-fixes).
• Input: i8042 - add deferred probe support (bsc#1190256).
• Input: i8042 - enable deferred probe quirk for ASUS UM325UA (bsc#1190256).
• Input: max8925_onkey - do not mark comment as kernel-doc (git-fixes).
• Input: spaceball - fix parsing of movement data packets (git-fixes).
• Input: tiam335xtsc - fix STEPCONFIG setup for Z2 (git-fixes).
• Input: tiam335xtsc - set ADCREFM for X configuration (git-fixes).
• Move upstreamed patches into sorted section
• NFC: st21nfca: Fix memory leak in device probe and remove (git-fixes).
• NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).
• NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes).
• NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).
• PCI/ACPI: Fix acpipciosccontrolset() kernel-doc comment (git-fixes).
• PCI/MSI: Clear PCIMSIXFLAGS_MASKALL on error (git-fixes).
• PCI/MSI: Fix pciirqvector()/pciirqget_affinity() (git-fixes).
• PCI/MSI: Mask MSI-X vectors only on success (git-fixes).
• PCI: cadence: Add cdnsplatpcie_probe() missing return (git-fixes).
• PCI: dwc: Do not remap invalid res (git-fixes).
• PCI: mvebu: Check for errors from pcibridgeemul_init() call (git-fixes).
• PCI: mvebu: Do not modify PCI IO type bits in conf_write (git-fixes).
• PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2 registers on emulated bridge (git-fixes).
• PCI: mvebu: Fix support for PCIEXPDEVCTL on emulated bridge (git-fixes).
• PCI: mvebu: Fix support for PCIEXPRTSTA on emulated bridge (git-fixes).
• PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space (git-fixes).
• PCI: pci-bridge-emul: Set PCISTATUSCAP_LIST for PCIe device (git-fixes).
• PCI: pciehp: Fix infinite loop in IRQ handler upon power fault (git-fixes).
• PCI: xgene: Fix IB window setup (git-fixes).
• PM: runtime: Defer suspending suppliers (git-fixes).
• PM: sleep: Do not assume that 'mem' is always present (git-fixes).
• RDMA/hns: Replace kfree() with kvfree() (jsc#SLE-14777).
• Rename colliding patches before the next SLE15-SP2 -> SLE15-SP3 merge
• Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
• Revert 'PM: sleep: Do not assume that 'mem' is always present' (git-fixes).
• Revert 'USB: xhci: fix U1/U2 handling for hardware with XHCIINTELHOST quirk set' (git-fixes).
• Revert 'net/mlx5: Add retry mechanism to the command entry index allocation' (jsc#SLE-15172).
• USB: Fix 'slab-out-of-bounds Write' bug in usbhcdpollrhstatus (git-fixes).
• USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes).
• USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) (git-fixes).
• USB: cdc-acm: fix break reporting (git-fixes).
• USB: cdc-acm: fix racy tty buffer accesses (git-fixes).
• USB: chipidea: fix interrupt deadlock (git-fixes).
• USB: core: Fix bug in resuming hub's handling of wakeup requests (git-fixes).
• USB: gadget: bRequestType is a bitfield, not a enum (git-fixes).
• USB: gadget: detect too-big endpoint 0 requests (git-fixes).
• USB: gadget: zero allocate endpoint 0 buffers (git-fixes).
• USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes).
• USB: serial: option: add Telit FN990 compositions (git-fixes).
• Update patches.suse/tpm-fix-potential-NULL-pointer-access-in-tpmdelcha.patch (git-fixes bsc#1193660 ltc#195634).
• Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18120) Moving this driver into the 'supported' package.
• amd/display: downgrade validation failure log level (git-fixes).
• ata: ahci: Add Green Sardine vendor ID as boardahcimobile (git-fixes).
• atlantic: Fix buffring OOB in aqringrxclean (git-fixes).
• ax25: NPD bug when detaching AX25 device (git-fixes).
• backlight: qcom-wled: Fix off-by-one maximum with default num_strings (git-fixes).
• backlight: qcom-wled: Override default length with qcom,enabled-strings (git-fixes).
• backlight: qcom-wled: Pass number of elements to read to readu32array (git-fixes).
• backlight: qcom-wled: Validate enabled string indices in DT (git-fixes).
• batman-adv: mcast: do not send link-local multicast to mcast routers (git-fixes).
• blk-cgroup: synchronize blkg creation against policy deactivation (bsc#1194584).
• block/scsi-ioctl: Fix kernel-infoleak in scsiputcdromgenericarg() (git-fixes).
• block: fix ioprioget(IOPRIOWHO_PGRP) vs setuid(2) (bsc#1194586).
• can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (git-fixes).
• can: gsusb: gscanstartxmit(): zero-initialize hf->{flags,reserved} (git-fixes).
• can: kvaser_usb: get CAN clock frequency from device (git-fixes).
• can: sja1000: fix use after free in emspcmciaadd_card() (git-fixes).
• can: softing: softing_startstop(): fix set but not used variable warning (git-fixes).
• can: softingcs: softingcsprobe(): fix memleak on registration failure (git-fixes).
• can: usb8dev: remove unused member echoskb from struct usb8devpriv (git-fixes).
• can: xilinxcan: xcanprobe(): check for error irq (git-fixes).
• char/mwave: Adjust io port register size (git-fixes).
• clk: Do not parent clks until the parent is fully registered (git-fixes).
• clk: Gemini: fix struct name in kernel-doc (git-fixes).
• clk: bcm-2835: Pick the closest clock rate (git-fixes).
• clk: bcm-2835: Remove rounding up the dividers (git-fixes).
• clk: imx8mn: Fix imx8mnclko1sels (git-fixes).
• clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1 (git-fixes).
• clk: qcom: gcc-msm8996: Drop (again) gccaggre1pnocahbclk (git-fixes).
• clk: qcom: regmap-mux: fix parent clock lookup (git-fixes).
• clk: stm32: Fix ltdc's clock turn off by clkdisableunused() after system enter shell (git-fixes).
• crypto: caam - replace thiscpuptr with rawcpuptr (git-fixes).
• crypto: mxs-dcp - Use sgmappingiter to copy data (git-fixes).
• crypto: omap-sham - clear dma flags only after omapshamupdatedmastop() (git-fixes).
• crypto: qat - do not ignore errors from enablevf2pfcomms() (git-fixes).
• crypto: qat - fix reuse of completion variable (git-fixes).
• crypto: qat - handle both source of interrupt in VF ISR (git-fixes).
• crypto: qce - fix uaf on qceahashregister_one (git-fixes).
• crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (git-fixes).
• crypto: stm32/cryp - fix double pm exit (git-fixes).
• crypto: stm32/cryp - fix lrw chaining mode (git-fixes).
• crypto: stm32/cryp - fix xts and race condition in crypto_engine requests (git-fixes).
• debugfs: lockdown: Allow reading debugfs files that are not world readable (bsc#1193328 ltc#195566).
• device property: Fix documentation for FWNODEGRAPHDEVICE_DISABLED (git-fixes).
• dm crypt: document encrypted keyring key option (git-fixes).
• dm writecache: add 'cleaner' and 'max_age' to Documentation (git-fixes).
• dm writecache: advance the number of arguments when reporting max_age (git-fixes).
• dm writecache: fix performance degradation in ssd mode (git-fixes).
• dm writecache: flush origin device when writing and cache is full (git-fixes).
• dmafencearray: Fix PENDINGERROR leak in dmafencearraysignaled() (git-fixes).
• dmaengine: atxdmac: Do not start transactions at txsubmit level (git-fixes).
• dmaengine: atxdmac: Fix atxdmac_lld struct definition (git-fixes).
• dmaengine: atxdmac: Fix concurrency over xferslist (git-fixes).
• dmaengine: at_xdmac: Fix lld view setting (git-fixes).
• dmaengine: at_xdmac: Print debug message after realeasing the lock (git-fixes).
• dmaengine: bestcomm: fix system boot lockups (git-fixes).
• dmaengine: idxd: add module parameter to force disable of SVA (bsc#1192931).
• dmaengine: idxd: enable SVA feature for IOMMU (bsc#1192931).
• dmaengine: pxa/mmp: stop referencing config->slave_id (git-fixes).
• dmaengine: stfdma: fix MODULEALIAS (git-fixes).
• drm/amd/amdgpu: Increase HWIPMAXINSTANCE to 10 (git-fixes).
• drm/amd/display: Fix for the no Audio bug with Tiled Displays (git-fixes).
• drm/amd/display: Update bounding box states (v2) (git-fixes).
• drm/amd/display: Update number of DCN3 clock states (git-fixes).
• drm/amd/display: add connector type check for CRC source set (git-fixes).
• drm/amd/display: dcn20resourceconstruct reduce scope of FPU enabled (git-fixes).
• drm/amd/display: fix incorrect CM/TF programming sequence in dwb (git-fixes).
• drm/amd/display: fix missing writeback disablement if plane is removed (git-fixes).
• drm/amdgpu: Fix a NULL pointer dereference in amdgpuconnectorlcdnativemode() (git-fixes).
• drm/amdgpu: Fix a printing message (git-fixes).
• drm/amdgpu: Fix amdgpuraseeprom_init() (git-fixes).
• drm/amdgpu: correct register access for RLCJUMPTABLE_RESTORE (git-fixes).
• drm/amdgpu: revert 'Add autodump debugfs node for gpu reset v8' (git-fixes).
• drm/amdkfd: Account for SH/SE count when setting up cu masks (git-fixes).
• drm/amdkfd: Check for null pointer after calling kmemdup (git-fixes).
• drm/ast: potential dereference of null pointer (git-fixes).
• drm/atomic: Check newcrtcstate->active to determine if CRTC needs disable in self refresh mode (git-fixes).
• drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes).
• drm/bridge: display-connector: fix an uninitialized pointer in probe() (git-fixes).
• drm/bridge: nwl-dsi: Avoid potential multiplication overflow on 32-bit (git-fixes).
• drm/bridge: ti-sn65dsi86: Set max register for regmap (git-fixes).
• drm/display: fix possible null-pointer dereference in dcn10setclock() (git-fixes).
• drm/exynos: Always initialize mapping in exynosdrmregister_dma() (git-fixes).
• drm/i915/fb: Fix rounding error in subsampled plane size calculation (git-fixes).
• drm/i915: Avoid bitwise vs logical OR warning in snbwmlatency_quirk() (git-fixes).
• drm/mediatek: Check plane visibility in atomic_update (git-fixes).
• drm/msm/dpu: fix safe status debugfs file (git-fixes).
• drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660 (git-fixes).
• drm/msm/dsi: set default numdatalanes (git-fixes).
• drm/msm/mdp5: fix cursor-related warnings (git-fixes).
• drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (git-fixes).
• drm/msm: prevent NULL dereference in msmgpucrashstate_capture() (git-fixes).
• drm/panel: innolux-p079zca: Delete panel on attach() failure (git-fixes).
• drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure (git-fixes).
• drm/radeon/radeonkms: Fix a NULL pointer dereference in radeondriveropenkms() (git-fixes).
• drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes).
• drm/rockchip: dsi: Fix unbalanced clock on probe error (git-fixes).
• drm/rockchip: dsi: Hold pm-runtime across bind/unbind (git-fixes).
• drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes).
• drm/sun4i: dw-hdmi: Fix missing putdevice() call in sun8ihdmiphyget (git-fixes).
• drm/sun4i: fix unmet dependency on RESETCONTROLLER for PHYSUN6IMIPIDPHY (git-fixes).
• drm/syncobj: Deal with signalled fences in drmsyncobjfind_fence (git-fixes).
• drm/tegra: vic: Fix DMA API misuse (git-fixes).
• drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes).
• drm/vc4: hdmi: Make sure the controller is powered up during bind (git-fixes).
• drm/vc4: hdmi: Set HDCTLWHOLSMP and HDCTLCHALIGN_SET (git-fixes).
• drm/vc4: hdmi: Set a default HSM rate (git-fixes).
• drm: fix null-ptr-deref in drmdevinit_release() (git-fixes).
• drm: xlnx: zynqmp: release reset to DP controller before accessing DP registers (git-fixes).
• drm: xlnx: zynqmpdpsub: Call pmruntimegetsync before setting pixel clock (git-fixes).
• eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (git-fixes).
• eeprom: idt_89hpesx: Restore printing the unsupported fwnode name (git-fixes).
• ext4: Avoid trim error on fs with small groups (bsc#1191271).
• ext4: fix lazy initialization next schedule time computation in more granular unit (bsc#1194580).
• fget: clarify and improve _fgetfiles() implementation (bsc#1193727).
• firmware: Update Kconfig help text for Google firmware (git-fixes).
• firmware: arm_scmi: pm: Propagate return value to caller (git-fixes).
• firmware: arm_scpi: Fix string overflow in SCPI genpd driver (git-fixes).
• firmware: qcomscm: Fix error retval in _qcomscmiscallavailable() (git-fixes).
• firmware: qemufwcfg: fix NULL-pointer deref on duplicate entries (git-fixes).
• firmware: qemufwcfg: fix kobject leak in probe error path (git-fixes).
• firmware: qemufwcfg: fix sysfs information leak (git-fixes).
• firmware: raspberrypi: Fix a leak in 'rpifirmwareget()' (git-fixes).
• firmware: smccc: Fix check for ARCHSOCID not implemented (git-fixes).
• firmware: tegra: Fix error application of sizeof() to pointer (git-fixes).
• firmware: tegra: Reduce stack usage (git-fixes).
• firmware_loader: fix pre-allocated buf built-in firmware use (git-fixes).
• floppy: Fix hang in watchdog when disk is ejected (git-fixes).
• flow_offload: return EOPNOTSUPP for the unsupported mpls action type (bsc#1154353).
• fuse: Pass correct lend value to filemapwriteandwaitrange() (bsc#1194953).
• gpiolib: acpi: Make set-debounce-timeout failures non fatal (git-fixes).
• gpu: host1x: Add back armiommudetach_device() (git-fixes).
• hwmon: (lm90) Add basic support for TI TMP461 (git-fixes).
• hwmon: (lm90) Add max6654 support to lm90 driver (git-fixes).
• hwmon: (lm90) Do not report 'busy' status bit as alarm (git-fixes).
• hwmon: (lm90) Drop critical attribute support for MAX6654 (git-fixes).
• hwmon: (lm90) Fix usage of CONFIG2 register in detect function (git-fixes).
• hwmon: (lm90) Introduce flag indicating extended temperature support (git-fixes).
• i2c: rk3x: Handle a spurious start completion interrupt flag (git-fixes).
• i2c: validate user data in compat ioctl (git-fixes).
• i3c: fix incorrect address slot lookup on 64-bit (git-fixes).
• i3c: master: dw: check return of dwi3cmastergetfree_pos() (git-fixes).
• i40e: Fix NULL pointer dereference in i40edbgdump_desc (git-fixes).
• i40e: Fix for displaying message regarding NVM version (git-fixes).
• i40e: Fix incorrect netdev's real number of RX/TX queues (git-fixes).
• i40e: Fix to not show opcode msg on unsuccessful VF MAC change (git-fixes).
• i40e: fix use-after-free in i40esyncfilters_subtask() (git-fixes).
• iavf: Fix limit of total number of queues to active queues of VF (git-fixes).
• iavf: restore MSI state on reset (git-fixes).
• ieee802154: atusb: fix uninit value in atusbsetextended_addr (git-fixes).
• ieee802154: fix error return code in ieee802154llsecgetparams() (git-fixes).
• ieee802154: fix error return code in ieee802154addiface() (git-fixes).
• ieee802154: hwsim: Fix memory leak in hwsimaddone (git-fixes).
• ieee802154: hwsim: Fix possible memory leak in hwsimsubscribeall_others (git-fixes).
• ieee802154: hwsim: avoid possible crash in hwsimdeledge_nl() (git-fixes).
• ieee802154: hwsim: fix GPF in hwsimsetedge_lqi (git-fixes).
• igb: Fix removal of unicast MAC filters of VFs (git-fixes).
• igbvf: fix double free in igbvf_probe (git-fixes).
• igc: Fix typo in i225 LTR functions (jsc#SLE-13533).
• iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (git-fixes).
• iio: ad7768-1: Call iiotriggernotify_done() on error (git-fixes).
• iio: adc: axp20x_adc: fix charging current reporting on AXP22x (git-fixes).
• iio: at91-sama5d2: Fix incorrect sign extension (git-fixes).
• iio: dln2-adc: Fix lockdep complaint (git-fixes).
• iio: dln2: Check return value of devmiiotrigger_register() (git-fixes).
• iio: itg3200: Call iiotriggernotify_done() on error (git-fixes).
• iio: kxsd9: Do not return error code in trigger handler (git-fixes).
• iio: ltr501: Do not return error code in trigger handler (git-fixes).
• iio: mma8452: Fix trigger reference couting (git-fixes).
• iio: stk3310: Do not return error code in interrupt handler (git-fixes).
• iio: trigger: Fix reference counting (git-fixes).
• iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes).
• ionic: Initialize the 'lif->dbid_inuse' bitmap (bsc#1167773).
• isofs: Fix out of bound access for corrupted isofs image (bsc#1194591).
• iwlwifi: fw: correctly limit to monitor dump (git-fixes).
• iwlwifi: mvm: Fix scan channel flags settings (git-fixes).
• iwlwifi: mvm: Use divs64 instead of dodiv in iwlmvmftmrttsmoothing() (git-fixes).
• iwlwifi: mvm: avoid static queue number aliasing (git-fixes).
• iwlwifi: mvm: disable RX-diversity in powersave (git-fixes).
• iwlwifi: mvm: fix 32-bit build in FTM (git-fixes).
• iwlwifi: mvm: fix access to BSS elements (git-fixes).
• iwlwifi: mvm: test roc running status bits before removing the sta (git-fixes).
• iwlwifi: pcie: free RBs during configure (git-fixes).
• ixgbe: set X550 MDIO speed before talking to PHY (git-fixes).
• kmod: make request_module() return an error when autoloading is disabled (git-fixes).
• kobject: Restore old behaviour of kobject_del(NULL) (git-fixes).
• kobjectuevent: remove warning in inituevent_argv() (git-fixes).
• kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
• libata: add horkage for ASMedia 1092 (git-fixes).
• libata: if TLENGTH is zero, dma direction should be DMANONE (git-fixes).
• livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).
• lockdown: Allow unprivileged users to see lockdown status (git-fixes).
• mISDN: change function names to avoid conflicts (git-fixes).
• mac80211: Fix monitor MTU limit so that A-MSDUs get through (git-fixes).
• mac80211: agg-tx: do not scheduleandwake_txq() under sta->lock (git-fixes).
• mac80211: do not access the IV when it was stripped (git-fixes).
• mac80211: fix lookup when adding AddBA extension element (git-fixes).
• mac80211: fix regression in SSN handling of addba tx (git-fixes).
• mac80211: initialize variable havehigherthan_11mbit (git-fixes).
• mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes).
• mac80211: send ADDBA requests using the tid/queue of the aggregation session (git-fixes).
• mac80211: track only QoS data frames for admission control (git-fixes).
• mac80211: validate extended element ID is present (git-fixes).
• mailbox: hi3660: convert struct comments to kernel-doc notation (git-fixes).
• media: Revert 'media: uvcvideo: Set unique vdev name based in type' (bsc#1193255).
• media: aspeed: Update signal status immediately to ensure sane hw state (git-fixes).
• media: aspeed: fix mode-detect always time out at 2nd run (git-fixes).
• media: cpia2: fix control-message timeouts (git-fixes).
• media: dib0700: fix undefined behavior in tuner shutdown (git-fixes).
• media: dib8000: Fix a memleak in dib8000_init() (git-fixes).
• media: dmxdev: fix UAF when dvbregisterdevice() fails (git-fixes).
• media: dw2102: Fix use after free (git-fixes).
• media: em28xx: fix control-message timeouts (git-fixes).
• media: em28xx: fix memory leak in em28xxinitdev (git-fixes).
• media: flexcop-usb: fix control-message timeouts (git-fixes).
• media: hantro: Fix probe func error path (git-fixes).
• media: i2c: imx274: fix trivial typo expsoure/exposure (git-fixes).
• media: i2c: imx274: fix trivial typo obainted/obtained (git-fixes).
• media: imx-pxp: Initialize the spinlock prior to using it (git-fixes).
• media: mceusb: fix control-message timeouts (git-fixes).
• media: msi001: fix possible null-ptr-deref in msi001_probe() (git-fixes).
• media: mtk-vcodec: call v4l2m2mctx_release first when file is released (git-fixes).
• media: pvrusb2: fix control-message timeouts (git-fixes).
• media: rcar-csi2: Correct the selection of hsfreqrange (git-fixes).
• media: rcar-csi2: Optimize the selection PHTW register (git-fixes).
• media: redrat3: fix control-message timeouts (git-fixes).
• media: s2255: fix control-message timeouts (git-fixes).
• media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (git-fixes).
• media: si2157: Fix 'warm' tuner state detection (git-fixes).
• media: si470x-i2c: fix possible memory leak in si470xi2cprobe() (git-fixes).
• media: stk1160: fix control-message timeouts (git-fixes).
• media: streamzap: remove unnecessary irrawevent_reset and handle (git-fixes).
• media: uvcvideo: fix division by zero at stream start (git-fixes).
• media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()' (git-fixes).
• memblock: ensure there is no overflow in memblockoverlapsregion() (git-fixes).
• memory: emif: Remove bogus debugfs error handling (git-fixes).
• mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (git-fixes).
• misc: fastrpc: Add missing lock before accessing find_vma() (git-fixes).
• misc: fastrpc: fix improper packet size calculation (git-fixes).
• misc: lattice-ecp3-config: Fix task hung when firmware load failed (git-fixes).
• mmc: meson-mx-sdio: add IRQ check (git-fixes).
• mmc: sdhci-esdhc-imx: clear the bufferreadready to reset standard tuning circuit (git-fixes).
• mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes).
• mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes).
• mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes).
• moxart: fix potential use-after-free on remove path (bsc#1194516).
• mt76: mt7915: fix NULL pointer dereference in mt7915getphy_mode (git-fixes).
• mt76: mt7915: fix an off-by-one bound check (git-fixes).
• mtd: rawnand: fsmc: Fix timing computation (git-fixes).
• mtd: rawnand: fsmc: Take instruction delay into account (git-fixes).
• mtd: rawnand: mpc5121: Remove unused variable in ads5121selectchip() (git-fixes).
• mtd: spi-nor: hisi-sfc: Remove excessive clkdisableunprepare() (git-fixes).
• mwifiex: Fix possible ABBA deadlock (git-fixes).
• mwifiex: Try waking the firmware until we get an interrupt (git-fixes).
• net/mlx5: DR, Fix NULL vs ISERR checking in drdomaininitresources (jsc#SLE-8464).
• net/mlx5: Set command entry semaphore up once got index free (jsc#SLE-15172).
• net/mlx5e: Fix wrong features assignment in case of error (git-fixes).
• net/mlx5e: Wrap the tx reporter dump callback to extract the sq (jsc#SLE-15172).
• net/sched: fq_pie: prevent dismantle issue (jsc#SLE-15172).
• net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1176774).
• net: create netdev->dev_addr assignment helpers (git-fixes).
• net: ena: Fix error handling when calculating max IO queues number (bsc#1154492).
• net: ena: Fix undefined state when tx request id is out of bounds (bsc#1154492).
• net: ena: Fix wrong rx request id by resetting device (git-fixes).
• net: hns3: fix use-after-free bug in hclgevfsendmbx_msg (jsc#SLE-14777).
• net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes).
• net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).
• netfilter: nftsetpipapo: allocate pcpu scratch maps on clone (bsc#1176447).
• nfc: fix potential NULL pointer deref in nfcgenldumpsesdone (git-fixes).
• nfc: fix segfault in nfcgenldumpdevicesdone (git-fixes).
• nfsd: Fix nsfd startup race (again) (git-fixes).
• nftsetpipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groups (bsc#1176447).
• nvme-tcp: block BH in sk state_change sk callback (git-fixes).
• nvme-tcp: can't set skuserdata without write_lock (git-fixes).
• nvme-tcp: check sgl supported by target (git-fixes).
• nvme-tcp: do not update queue count when failing to set io queues (git-fixes).
• nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (git-fixes).
• nvme-tcp: fix crash triggered with a dataless request submission (git-fixes).
• nvme-tcp: fix error codes in nvmetcpsetup_ctrl() (git-fixes).
• nvme-tcp: fix io_work priority inversion (git-fixes).
• nvme-tcp: fix possible data corruption with bio merges (git-fixes).
• nvme-tcp: fix possible req->offset corruption (git-fixes).
• nvme-tcp: fix wrong setting of request iov_iter (git-fixes).
• nvme-tcp: get rid of unused helper function (git-fixes).
• nvme-tcp: pair send_mutex init with destroy (git-fixes).
• nvme-tcp: pass multipage bvec to request iov_iter (git-fixes).
• nvme-tcp: remove incorrect Kconfig dep in BLKDEVNVME (git-fixes).
• pcmcia: fix setting of kthread task states (git-fixes).
• pcmcia: rsrcnonstatic: Fix a NULL pointer dereference in _nonstaticfindio_region() (git-fixes).
• pcmcia: rsrcnonstatic: Fix a NULL pointer dereference in nonstaticfindmemregion() (git-fixes).
• pcnet32: Use pciresourcelen to validate PCI resource (git-fixes).
• pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes).
• pinctrl: qcom: spmi-gpio: correct parent irqspec translation (git-fixes).
• pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (git-fixes).
• pinctrl: stm32: use valid pin identifier in stm32pinctrlresume() (git-fixes).
• pipe: increase minimum default pipe size to 2 pages (bsc#1194587).
• platform/x86: apple-gmux: use resource_size() with res (git-fixes).
• platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (git-fixes).
• power: reset: ltc2952: Fix use of floating point literals (git-fixes).
• power: supply: core: Break capacity loop (git-fixes).
• power: supply: max17042_battery: Clear status bits in interrupt handler (git-fixes).
• powerpc/64s: fix program check interrupt emergency stack path (bsc#1156395).
• powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (bsc#1193901 ltc#194976).
• powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC (bsc#1156395).
• powerpc/perf: Fix data source encodings for L2.1 and L3.1 accesses (bsc#1065729).
• powerpc/prominit: Fix improper check of promgetprop() (bsc#1065729).
• powerpc/pseries/cpuhp: cache node corrections (bsc#1065729).
• powerpc/pseries/cpuhp: delete add/removebycount code (bsc#1065729).
• powerpc/pseries/mobility: ignore ibm, platform-facilities updates (bsc#1065729).
• powerpc/traps: do not enable irqs in _exception (bsc#1065729).
• powerpc/xive: Add missing null check after calling kmalloc (bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes).
• powerpc: add interruptcondlocalirqenable helper (bsc#1065729).
• powerpc: handle kdump appropriately with crashkexecpost_notifiers option (bsc#1193901 ltc#194976).
• pwm: mxs: Do not modify HW state in .probe() after the PWM chip was registered (git-fixes).
• pwm: tiecap: Drop .free() callback (git-fixes).
• qlcnic: potential dereference null pointer of rxqueue->pagering (git-fixes).
• quota: check block number when reading the block in quota file (bsc#1194589).
• quota: correct error number in free_dqentry() (bsc#1194590).
• random: fix data race on crng init time (git-fixes).
• random: fix data race on crngnodepool (git-fixes).
• regmap: Call regmapdebugfsexit() prior to _init() (git-fixes).
• rndis_host: support Hytera digital radios (git-fixes).
• rpmsg: core: Clean up resources on announce_create failure (git-fixes).
• rtl8xxxu: Fix the handling of TX A-MPDU aggregation (git-fixes).
• rtlwifi: rtl8192cu: Fix WARNING when calling localirqrestore() with interrupts enabled (git-fixes).
• rtw88: use readpolltimeout instead of fixed sleep (git-fixes).
• rtw88: wow: build wow function only if CONFIG_PM is on (git-fixes).
• rtw88: wow: fix size access error of probe request (git-fixes).
• sata: nv: fix debug format string mismatch (git-fixes).
• select: Fix indefinitely sleeping task in pollscheduletimeout() (bsc#1194027).
• selftests: KVM: Explicitly use movq to read xmm registers (git-fixes).
• selinux: fix potential memleak in selinuxaddopt() (git-fixes).
• seqbuf: Fix overflow in seqbufputmemhex() (git-fixes).
• seqbuf: Make traceseqputmemhex() support data longer than 8 (git-fixes).
• serial: pl011: Add ACPI SBSA UART match id (git-fixes).
• serial: tty: uartlite: fix console setup (git-fixes).
• sfc: Check null pointer of rxqueue->pagering (git-fixes).
• sfc: The RX page_ring is optional (git-fixes).
• sfc: falcon: Check null pointer of rxqueue->pagering (git-fixes).
• sfc_ef100: potential dereference of null pointer (jsc#SLE-16683).
• shmem: shmem_writepage() split unlikely i915 THP (git-fixes).
• slimbus: qcom: fix potential NULL dereference in qcomslimprg_slew() (git-fixes).
• soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes).
• soc: fsl: dpaa2-console: free buffer before returning from dpaa2consoleread (git-fixes).
• soc: fsl: dpio: rename the enqueue descriptor variable (git-fixes).
• soc: fsl: dpio: replace smpprocessorid with rawsmpprocessor_id (git-fixes).
• soc: fsl: dpio: use an explicit NULL instead of 0 (git-fixes).
• soc: fsl: dpio: use the combined functions to protect critical zone (git-fixes).
• spi: change clkdisableunprepare to clk_unprepare (git-fixes).
• spi: spi-meson-spifc: Add missing pmruntimedisable() in mesonspifcprobe (git-fixes).
• spi: spi-rspi: Drop redeclaring ret variable in qspitransferin() (git-fixes).
• staging: emxxudc: Fix passing of NULL to dmaalloc_coherent() (git-fixes).
• staging: fbtft: Do not spam logs when probe is deferred (git-fixes).
• staging: fbtft: Rectify GPIO handling (git-fixes).
• staging: fieldbus: anybuss: jump to correct label in an error path (git-fixes).
• staging: ks7010: select CRYPTOHASH/CRYPTOMICHAEL_MIC (git-fixes).
• staging: rtl8192e: return error code from rtllibsoftmacinit() (git-fixes).
• staging: rtl8192e: rtllibmodule: fix error handle case in allocrtllib() (git-fixes).
• staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384xusbthrottlefn() (git-fixes).
• string.h: fix incompatibility between FORTIFY_SOURCE and KASAN (git-fixes).
• thermal/drivers/imx8mm: Enable ADC when enabling monitor (git-fixes).
• thermal/drivers/int340x: Do not set a wrong tcc offset on resume (git-fixes).
• thermal: core: Reset previous low and high trip during thermal zone init (git-fixes).
• tpm: add requestlocality before write TPMINT_ENABLE (git-fixes).
• tpm: fix potential NULL pointer access in tpmdelchar_device (git-fixes).
• tracing/kprobes: 'nmissed' not showed correctly for kretprobe (git-fixes).
• tracing/uprobes: Check the return value of kstrdup() for tu->filename (git-fixes).
• tracing: Add test for user space strings when filtering on string pointers (git-fixes).
• tracing: Fix check for tracepercpubuffer validity in gettracebuf() (git-fixes).
• tty: max310x: fix flexible_array.cocci warnings (git-fixes).
• tty: serial: atmel: Call dmaasyncissue_pending() (git-fixes).
• tty: serial: atmel: Check return code of dmaengine_submit() (git-fixes).
• tty: serial: earlycon dependency (git-fixes).
• tty: serial: qcomgeniserial: Drop _init from qcomgeniconsolesetup (git-fixes).
• tty: serial: uartlite: allow 64 bit address (git-fixes).
• tty: synclink_gt: rename a conflicting function name (git-fixes).
• udf: Fix crash after seekdir (bsc#1194592).
• uio: uiodmemgenirq: Catch the Exception (git-fixes).
• usb: core: config: fix validation of wMaxPacketValue entries (git-fixes).
• usb: core: config: using bit mask instead of individual bits (git-fixes).
• usb: dwc2: check return value after calling platformgetresource() (git-fixes).
• usb: dwc3: gadget: Continue to process pending requests (git-fixes).
• usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
• usb: dwc3: gadget: Reclaim extra TRBs after request completion (git-fixes).
• usb: dwc3: pci: Enable disuXsusphy_quirk for Intel Merrifield (git-fixes).
• usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (git-fixes).
• usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (git-fixes).
• usb: dwc3: ulpi: fix checkpatch warning (git-fixes).
• usb: ftdi-elan: fix memory leak on device disconnect (git-fixes).
• usb: gadget: composite: Allow bMaxPower=0 if self-powered (git-fixes).
• usb: gadget: ffs: Clear ffseventfd in ffsdataclear (git-fixes).
• usb: gadget: u_ether: fix race in setting MAC address in setup phase (git-fixes).
• usb: mtu3: add memory barrier before set GPD's HWO (git-fixes).
• usb: mtu3: fix interval value for intr and isoc (git-fixes).
• usb: mtu3: fix list_head check warning (git-fixes).
• usb: mtu3: set interval of FS intr and isoc endpoint (git-fixes).
• usb: typec: tcpm: handle SRC_STARTUP state if cc changes (git-fixes).
• usb: xhci: Extend support for runtime power management for AMD's Yellow carp (git-fixes).
• usermodehelper: reset umask to default before executing user process (git-fixes).
• vfs: check fd has read access in kernelreadfilefromfd() (bsc#1194888).
• video: backlight: Drop maximum brightness override for brightness zero (git-fixes).
• watchdog: Fix OMAP watchdog early handling (git-fixes).
• watchdog: f71808ewdt: fix inaccurate report in WDIOCGETTIMEOUT (git-fixes).
• wcn36xx: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
• wcn36xx: Indicate beacon not connection loss on MISSEDBEACONIND (git-fixes).
• wcn36xx: Release DMA channel descriptor allocations (git-fixes).
• wcn36xx: handle connection loss indication (git-fixes).
• wireless: iwlwifi: Fix a double free in iwltxqdynallocdma (git-fixes).
• x86/platform/uv: Add more to secondary CPU kdump info (bsc#1194493).
• xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set (git-fixes).
• xhci: Remove CONFIGUSBDEFAULT_PERSIST to prevent xHCI from runtime suspending (git-fixes).
• xhci: avoid race between disable slot command and host runtime suspend (git-fixes).
• xhci: fix unsafe memory usage in xhci tracing (git-fixes).