SUSE-SU-2024:0855-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240855-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0855-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0855-1
Related
Published
2024-03-12T19:46:41Z
Modified
2024-03-12T19:46:41Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-6270: Fixed a use-after-free bug in aoecmdcfgpkts (bsc#1218562).
  • CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933).
  • CVE-2023-52462: Fixed a security check for attempt to corrupt spilled pointer (bsc#1220325).
  • CVE-2023-52467: Fixed a null pointer dereference in ofsysconregister (bsc#1220433).
  • CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
  • CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
  • CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
  • CVE-2024-26591: Fixed re-attachment branch in bpftracingprog_attach (bsc#1220254).
  • CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTRTOFLOW_KEYS (bsc#1220255).
  • CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
  • CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
  • CVE-2024-0607: Fixed 64-bit load issue in nftbyteordereval() (bsc#1218915).
  • CVE-2023-6817: Fixed use-after-free in nftpipapowalk (bsc#1218195).
  • CVE-2024-26622: Fixed UAF write bug in tomoyowritecontrol() (bsc#1220825).
  • CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
  • CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
  • CVE-2023-52457: Fixed skipped resource freeing if pmruntimeresumeandget() failed (bsc#1220350).
  • CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
  • CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
  • CVE-2023-52447: Fixed mapfdput_ptr() signature kABI workaround (bsc#1220251).
  • CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
  • CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
  • CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
  • CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
  • CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
  • CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
  • CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
  • CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
  • CVE-2024-26586: Fixed stack corruption (bsc#1220243).
  • CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
  • CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
  • CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2rgrpdump (bsc#1220253).
  • CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
  • CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
  • CVE-2024-23849: Fixed array-index-out-of-bounds in rdscmsgrecv (bsc#1219127).
  • CVE-2023-52429: Fixed potential DoS in dmtablecreate in drivers/md/dm-table.c (bsc#1219827).
  • CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).

The following non-security bugs were fixed:

  • ACPI: APEI: set memory failure flags as MFACTIONREQUIRED on synchronous events (git-fixes).
  • ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A (git-fixes).
  • ACPI: extlog: fix NULL pointer dereference check (git-fixes).
  • ACPI: resource: Add ASUS model S5402ZA to quirks (git-fixes).
  • ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA (git-fixes).
  • ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA (git-fixes).
  • ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3 (git-fixes).
  • ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and iMac12,2 (git-fixes).
  • ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e (3371 AMD version) (git-fixes).
  • ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop (git-fixes).
  • afs: fix the usage of readseqbeginorlock() in afsfind_server*() (git-fixes).
  • afs: fix the usage of readseqbeginorlock() in afslookupvolumercu() (git-fixes).
  • afs: Hide silly-rename files from userspace (git-fixes).
  • afs: Increase buffer size in afsupdatevolume_status() (git-fixes).
  • ahci: asm1166: correct count of reported ports (git-fixes).
  • ALSA: Drop leftover snd-rtctimer stuff from Makefile (git-fixes).
  • ALSA: firewire-lib: fix to check cycle continuity (git-fixes).
  • ALSA: hda/conexant: Add quirk for SWS JS201D (git-fixes).
  • ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
  • ALSA: hda/realtek: cs35l41: Fix device ID / model name (git-fixes).
  • ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks table (git-fixes).
  • ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL (git-fixes).
  • ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LED For HP mt645 (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power (git-fixes).
  • ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 (git-fixes).
  • ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter (git-fixes).
  • ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision (git-fixes).
  • ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes).
  • ALSA: usb-audio: Check presence of valid altsetting control (git-fixes).
  • ALSA: usb-audio: Ignore clock selector errors for single connection (git-fixes).
  • ALSA: usb-audio: More relaxed check of MIDI jack names (git-fixes).
  • ALSA: usb-audio: Sort quirk table entries (git-fixes).
  • arm64: entry: fix ARM64WORKAROUNDSPECULATIVEUNPRIVLOAD (bsc#1219443)
  • arm64: entry: Preserve/restore X29 even for compat tasks (bsc#1219443)
  • arm64: entry: Simplify trampalias macro and trampexit routine (bsc#1219443)
  • arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443) Enable workaround.
  • arm64: errata: Add Cortex-A520 speculative unprivileged load (bsc#1219443) Enable workaround without kABI break.
  • arm64: errata: Mitigate Ampere1 erratum AC03CPU38 at stage-2 (git-fixes) Enable AMPEREERRATUMAC03CPU38 workaround without kABI break
  • arm64: irq: set the correct node for shadow call stack (git-fixes)
  • arm64: irq: set the correct node for VMAP stack (git-fixes)
  • arm64: Rename ARM64WORKAROUND2966298 (bsc#1219443)
  • arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata (git-fixes)
  • ASoC: doc: Fix undefined SNDSOCDAPM_NOPM argument (git-fixes).
  • ASoC: rt5645: Fix deadlock in rt5645jackdetect_work() (git-fixes).
  • ASoC: SOF: IPC3: fix message bounds on ipc ops (git-fixes).
  • ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 (git-fixes).
  • atm: idt77252: fix a memleak in opencardubr0 (git-fixes).
  • Bluetooth: Avoid potential use-after-free in hcierrorreset (git-fixes).
  • Bluetooth: Enforce validation on max value of connection interval (git-fixes).
  • Bluetooth: hcievent: Fix handling of HCIEVIOCAPA_REQUEST (git-fixes).
  • Bluetooth: hcievent: Fix wrongly recorded wakeup BDADDR (git-fixes).
  • Bluetooth: hci_sync: Check the correct flag before starting a scan (git-fixes).
  • Bluetooth: hcisync: Fix acceptlist when attempting to suspend (git-fixes).
  • Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes).
  • Bluetooth: qca: Fix wrong event type for patch config command (git-fixes).
  • bpf: Fix verification of indirect var-off stack access (git-fixes).
  • bpf: Fix verification of indirect var-off stack access (git-fixes).
  • bpf: Guard stack limits against 32bit overflow (git-fixes).
  • bpf: Guard stack limits against 32bit overflow (git-fixes).
  • bpf: Minor logging improvement (bsc#1220257).
  • bus: moxtet: Add spi device table (git-fixes).
  • cachefiles: fix memory leak in cachefilesaddcache() (bsc#1220267).
  • can: j1939: Fix UAF in j1939skmatchfilter during setsockopt(SOJ1939_FILTER) (git-fixes).
  • crypto: api - Disallow identical driver names (git-fixes).
  • crypto: ccp - Fix null pointer dereference in _sevplatformshutdownlocked (git-fixes).
  • crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes).
  • crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
  • dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (git-fixes).
  • dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read (git-fixes).
  • dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
  • dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
  • dmaengine: ptdma: use consistent DMA masks (git-fixes).
  • dmaengine: shdma: increase size of 'dev_id' (git-fixes).
  • dmaengine: ti: edma: Add some null pointer checks to the edma_probe (git-fixes).
  • driver core: Fix devicelinkflagissyncstateonly() (git-fixes).
  • drm/amd/display: Fix memory leak in dmswfini() (git-fixes).
  • drm/amd/display: Fix possible buffer overflow in 'finddcfclkfor_voltage()' (git-fixes).
  • drm/amd/display: Fix possible NULL dereference on device remove/driver unload (git-fixes).
  • drm/amd/display: Increase frame-larger-than for all displaymodevba files (git-fixes).
  • drm/amd/display: increased mindcfclkmhz and minfclkmhz (git-fixes).
  • drm/amd/display: Preserve original aspect ratio in create stream (git-fixes).
  • drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
  • drm/amdgpu: skip to program GFXDEC registers for suspend abort (git-fixes).
  • drm/amdgpu/display: Initialize gamma correction mode variable in dcn30getgamcor_current() (git-fixes).
  • drm/buddy: fix range bias (git-fixes).
  • drm/crtc: fix uninitialized variable use even harder (git-fixes).
  • drm/i915/gvt: Fix uninitialized variable in handle_mmio() (git-fixes).
  • drm/msm/dp: return correct Colorimetry for DPTESTDYNAMICRANGECEA case (git-fixes).
  • drm/msm/dpu: check for valid hwpp in dpuencoderhelperphys_cleanup (git-fixes).
  • drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case (git-fixes).
  • drm/prime: Support page array >= 4GB (git-fixes).
  • drm/syncobj: call drmsyncobjfenceaddwait when WAIT_AVAILABLE flag is set (git-fixes).
  • drm/ttm: Fix an invalid freeing on already freed page in error path (git-fixes).
  • efi: Do not add memblocks for soft-reserved memory (git-fixes).
  • efi: runtime: Fix potential overflow of soft-reserved region size (git-fixes).
  • efi/capsule-loader: fix incorrect allocation size (git-fixes).
  • fbcon: always restore the old font data in fbcondoset_font() (git-fixes).
  • fbdev: savage: Error out if pixclock equals zero (git-fixes).
  • fbdev: sis: Error out if pixclock equals zero (git-fixes).
  • firewire: core: send bus reset promptly on gap count error (git-fixes).
  • fs: dlm: fix build with CONFIG_IPV6 disabled (git-fixes).
  • fs: JFS: UBSAN: array-index-out-of-bounds in dbAdjTree (git-fixes).
  • gpio: 74x164: Enable output pins after registers are reset (git-fixes).
  • gpio: fix resource unwinding order in error path (git-fixes).
  • gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 (git-fixes).
  • gpiolib: Fix the error path order in gpiochipadddatawithkey() (git-fixes).
  • HID: apple: Add 2021 magic keyboard FN key mapping (git-fixes).
  • HID: apple: Add support for the 2021 Magic Keyboard (git-fixes).
  • HID: wacom: Do not register input devices until after hidhwstart (git-fixes).
  • HID: wacom: generic: Avoid reporting a serial of '0' to userspace (git-fixes).
  • hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
  • hwmon: (coretemp) Enlarge per package core count limit (git-fixes).
  • hwmon: (coretemp) Fix bogus core_id to attr name mapping (git-fixes).
  • hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes).
  • i2c: i801: Fix block process call transactions (git-fixes).
  • i2c: i801: Remove i801setblockbuffermode (git-fixes).
  • i2c: imx: Add timer for handling the stop condition (git-fixes).
  • i2c: imx: when being a target, mark the last read as processed (git-fixes).
  • i3c: master: cdns: Update maximum prescaler value for i2c clock (git-fixes).
  • IB/hfi1: Fix a memleak in initcreditreturn (git-fixes)
  • IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (git-fixes)
  • iio: accel: bma400: Fix a compilation problem (git-fixes).
  • iio: adc: ad7091r: Set alert bit in config register (git-fixes).
  • iio: core: fix memleak in iiodeviceregister_sysfs (git-fixes).
  • iio: hid-sensor-als: Return 0 for HIDUSAGESENSORTIMETIMESTAMP (git-fixes).
  • iio: magnetometer: rm3100: add boundary check for the value read from RM3100REGTMRC (git-fixes).
  • Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
  • Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
  • Input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
  • Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
  • Input: iqs269a - switch to DEFINESIMPLEDEVPMOPS() and pmsleepptr() (git-fixes).
  • Input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
  • Input: pm8941-pwrkey - add software key press debouncing support (git-fixes).
  • Input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
  • Input: xpad - add Lenovo Legion Go controllers (git-fixes).
  • Input: xpad - add Lenovo Legion Go controllers (git-fixes).
  • irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (git-fixes).
  • irqchip/irq-brcmstb-l2: Add write memory barrier before exit (git-fixes).
  • jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes).
  • jfs: fix array-index-out-of-bounds in diNewExt (git-fixes).
  • jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes).
  • jfs: fix uaf in jfsevictinode (git-fixes).
  • kbuild: Fix changing ELF file type for output of gen_btf for big endian (git-fixes).
  • KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219839).
  • KVM: s390: fix setting of fpc register (git-fixes bsc#1220392).
  • KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393).
  • KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
  • KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
  • lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit).
  • lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
  • leds: trigger: panic: Do not register panic notifier if creating the trigger failed (git-fixes).
  • lib/stackdepot: add depotfetchstack helper (jsc-PED#7423).
  • lib/stackdepot: add refcount for records (jsc-PED#7423).
  • lib/stackdepot: Fix first entry having a 0-handle (jsc-PED#7423).
  • lib/stackdepot: Move stack_record struct definition into the header (jsc-PED#7423).
  • libsubcmd: Fix memory leak in uniq() (git-fixes).
  • md: Do not ignore suspended array in mdcheckrecovery() (git-fixes).
  • md: do not leave 'MDRECOVERYFROZEN' in error path of mdsetreadonly() (git-fixes).
  • md: introduce mdrostate (git-fixes).
  • md: Make sure mddosync() will set MDRECOVERYDONE (git-fixes).
  • md: Whenassemble the array, consult the superblock of the freshest device (git-fixes).
  • md/raid10: check slab-out-of-bounds in mdbitmapget_counter (git-fixes).
  • md/raid5: release batchlast before waiting for another stripehead (git-fixes).
  • md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes).
  • media: ddbridge: fix an error code problem in ddb_probe (git-fixes).
  • media: irtoy: fix a memleak in irtoytx (git-fixes).
  • media: rc: bpf attach/detach requires write permission (git-fixes).
  • media: rockchip: rga: fix swizzling for RGB formats (git-fixes).
  • media: stk1160: Fixed high volume of stk1160_dbg messages (git-fixes).
  • mfd: syscon: Fix null pointer dereference in ofsysconregister() (git-fixes).
  • mm,page_owner: Display all stacks and their count (jsc-PED#7423).
  • mm,page_owner: Filter out stacks by a threshold (jsc-PED#7423).
  • mm,page_owner: Implement the tracking of the stacks count (jsc-PED#7423).
  • mm,pageowner: Maintain own list of stackrecords structs (jsc-PED#7423).
  • mm,pageowner: Update Documentation regarding pageowner_stacks (jsc-PED#7423).
  • mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes).
  • mm/hwpoison: fix unpoison_memory() (bsc#1218663).
  • mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663).
  • mm/hwpoison: remove MFMSGBUDDY2ND and MFMSGPOISONEDHUGE (bsc#1218663).
  • mmc: core: Fix eMMC initialization with 1-bit bus connection (git-fixes).
  • mmc: core: Use mrq.sbc in close-ended ffu (git-fixes).
  • mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes).
  • mmc: sdhci-xenon: add timeout for PHY init complete (git-fixes).
  • mmc: sdhci-xenon: fix PHY init clock stability (git-fixes).
  • mmc: slot-gpio: Allow non-sleeping GPIO ro (git-fixes).
  • modpost: trim leading spaces when processing source files list (git-fixes).
  • mtd: spinand: gigadevice: Fix the get ecc status issue (git-fixes).
  • net: usb: dm9601: fix wrong return value in dm9601mdioread (git-fixes).
  • net: usb: dm9601: fix wrong return value in dm9601mdioread (git-fixes).
  • netfs, fscache: Prevent Oops in fscacheputcache() (bsc#1220003).
  • nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes).
  • nilfs2: replace WARN_ONs for invalid DAT metadata block requests (git-fixes).
  • nouveau: fix function cast warnings (git-fixes).
  • nouveau/svm: fix kvcalloc() argument order (git-fixes).
  • ntfs: check overflow when iterating ATTR_RECORDs (git-fixes).
  • ntfs: fix use-after-free in ntfsattrfind() (git-fixes).
  • nvme-fabrics: fix I/O connect error handling (git-fixes).
  • nvme-host: fix the updating of the firmware version (git-fixes).
  • PCI: Add no PM reset quirk for NVIDIA Spectrum devices (git-fixes).
  • PCI: Add PCIHEADERTYPE_MFD definition (bsc#1220021).
  • PCI: Fix 64GT/s effective data rate calculation (git-fixes).
  • PCI: Only override AMD USB controller if required (git-fixes).
  • PCI: switchtec: Fix stdev_release() crash after surprise hot remove (git-fixes).
  • PCI/AER: Decode Requester ID when no error info found (git-fixes).
  • platform/x86: thinkpad_acpi: Only update profile if successfully converted (git-fixes).
  • platform/x86: touchscreen_dmi: Add info for the TECLAST X16 Plus tablet (git-fixes).
  • platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names (git-fixes).
  • PM: core: Remove unnecessary (void *) conversions (git-fixes).
  • PM: runtime: Have devmpmruntimeenable() handle pmruntimedontuse_autosuspend() (git-fixes).
  • PNP: ACPI: fix fortify warning (git-fixes).
  • power: supply: bq27xxx-i2c: Do not free non existing IRQ (git-fixes).
  • powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869).
  • powerpc: Do not include lppaca.h in paca.h (bsc#1194869).
  • powerpc/64: Set task pt_regs->link to the LR value on scv entry (bsc#1194869).
  • powerpc/powernv: Fix fortify source warnings in opal-prd.c (bsc#1194869).
  • powerpc/pseries: Add a clear modifier to ibm,pa/pi-features parser (bsc#1220348).
  • powerpc/pseries: Rework lppacasharedproc() to avoid DEBUG_PREEMPT (bsc#1194869).
  • powerpc/pseries: Set CPUFTRDBELL according to ibm,pi-features (bsc#1220348).
  • powerpc/watchpoint: Disable pagefaults when getting user instruction (bsc#1194869).
  • powerpc/watchpoints: Annotate atomic context in more places (bsc#1194869).
  • powerpc/watchpoints: Disable preemption in threadchangepc() (bsc#1194869).
  • pstore/ram: Fix crash when setting number of cpus to an odd number (git-fixes).
  • RAS: Introduce a FRU memory poison manager (jsc#PED-7618).
  • RAS/AMD/ATL: Add MI300 row retirement support (jsc#PED-7618).
  • RAS/AMD/ATL: Fix bit overflow in denormaddrdf4_np2() (git-fixes).
  • RDMA/bnxtre: Add a missing check in bnxtqplibquerysrq (git-fixes)
  • RDMA/bnxt_re: Return error for SRQ resize (git-fixes)
  • RDMA/core: Fix uninit-value access in ibgeteth_speed() (bsc#1219934).
  • RDMA/core: Get IB width and speed from netdev (bsc#1219934).
  • RDMA/irdma: Add AE for too many RNRS (git-fixes)
  • RDMA/irdma: Fix KASAN issue with tasklet (git-fixes)
  • RDMA/irdma: Set the CQ read threshold for GEN 1 (git-fixes)
  • RDMA/irdma: Validate maxsendwr and maxrecvwr (git-fixes)
  • RDMA/qedr: Fix qedrcreateuser_qp error flow (git-fixes)
  • RDMA/srpt: fix function pointer cast warnings (git-fixes)
  • RDMA/srpt: Support specifying the srptserviceguid parameter (git-fixes)
  • regulator: core: Only increment usecount when enablecount changes (git-fixes).
  • regulator: pwm-regulator: Add validity checks in continuous .get_voltage (git-fixes).
  • Revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes).
  • Revert 'drm/amd/display: increased mindcfclkmhz and minfclkmhz' (git-fixes).
  • Revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes).
  • ring-buffer: Clean ringbufferpoll_wait() error return (git-fixes).
  • s390: use the correct count for _iowrite64copy() (git-fixes bsc#1220317).
  • s390/qeth: Fix potential loss of L3-IP@ in case of network issues (git-fixes bsc#1219840).
  • sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes).
  • scsi: core: Move scsihostbusy() out of host lock for waking up EH handler (git-fixes).
  • scsi: core: Move scsihostbusy() out of host lock if it is for per-command (git-fixes).
  • scsi: fnic: Move fnicfnicflush_tx() to a work queue (git-fixes bsc#1219141).
  • scsi: hisi_sas: Prevent parallel FLR and controller reset (git-fixes).
  • scsi: ibmvfc: Limit max hw queues by numonlinecpus() (bsc#1220106).
  • scsi: ibmvfc: Open-code reset loop for target reset (bsc#1220106).
  • scsi: isci: Fix an error code problem in isciiorequest_build() (git-fixes).
  • scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (bsc#1220021).
  • scsi: lpfc: Allow lpfcplogiconfirm_nport() logic to execute for Fabric nodes (bsc#1220021).
  • scsi: lpfc: Change lpfcvport fcflag member into a bitmask (bsc#1220021).
  • scsi: lpfc: Change lpfcvport loadflag member into a bitmask (bsc#1220021).
  • scsi: lpfc: Change nlp state statistic counters into atomic_t (bsc#1220021).
  • scsi: lpfc: Copyright updates for 14.4.0.0 patches (bsc#1220021).
  • scsi: lpfc: Fix failure to delete vports when discovery is in progress (bsc#1220021).
  • scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc() (bsc#1220021).
  • scsi: lpfc: Initialize status local variable in lpfcsli4repostsgllist() (bsc#1220021).
  • scsi: lpfc: Move handling of reset congestion statistics events (bsc#1220021).
  • scsi: lpfc: Protect vport fc_nodes list with an explicit spin lock (bsc#1220021).
  • scsi: lpfc: Remove D_ID swap log message from trace event logger (bsc#1220021).
  • scsi: lpfc: Remove NLPRCVPLOGI early return during RSCN processing for ndlps (bsc#1220021).
  • scsi: lpfc: Remove shostlock protection for fchost_port shost APIs (bsc#1220021).
  • scsi: lpfc: Replace deprecated strncpy() with strscpy() (bsc#1220021).
  • scsi: lpfc: Save FPIN frequency statistics upon receipt of peer cgn notifications (bsc#1220021).
  • scsi: lpfc: Update lpfc version to 14.4.0.0 (bsc#1220021).
  • scsi: lpfc: Use PCIHEADERTYPE_MFD instead of literal (bsc#1220021).
  • scsi: lpfc: Use sgdmalen() API to get struct scatterlist's length (bsc#1220021).
  • scsi: mpi3mr: Refresh sdev queue depth after controller reset (git-fixes).
  • scsi: Revert 'scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141).
  • serial: 8250: Remove serial_rs485 sanitization from em485 (git-fixes).
  • spi-mxs: Fix chipselect glitch (git-fixes).
  • spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected (git-fixes).
  • spi: ppc4xx: Drop write-only variable (git-fixes).
  • spi: sh-msiof: avoid integer overflow in constants (git-fixes).
  • staging: iio: ad5933: fix type mismatch regression (git-fixes).
  • tcp: fix tcpmtupprobesuccess vs wrong sndcwnd (bsc#1218450).
  • tomoyo: fix UAF write bug in tomoyowritecontrol() (git-fixes).
  • topology: Fix up build warning in topologyisvisible() (jsc#PED-7618).
  • topology/sysfs: Add format parameter to macro defining 'show' functions for proc (jsc#PED-7618).
  • topology/sysfs: Add PPIN in sysfs under cpu topology (jsc#PED-7618).
  • topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
  • tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
  • tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
  • tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes).
  • tty: allow TIOCSLCKTRMIOS with CAPCHECKPOINTRESTORE (git-fixes).
  • UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes).
  • usb: cdns: readd old API (git-fixes).
  • usb: cdns3: fix memory double free when handle zero packet (git-fixes).
  • usb: cdns3: fixed memory use after free at cdns3gadgetep_disable() (git-fixes).
  • usb: cdns3: Modify the return value of cdnssetactive () to void when CONFIGPMSLEEP is disabled (git-fixes).
  • usb: cdns3: Put the cdns set active part outside the spin lock (git-fixes).
  • usb: cdnsp: blocked some cdns3 specific code (git-fixes).
  • usb: cdnsp: fixed issue with incorrect detecting CDNSP family controllers (git-fixes).
  • usb: dwc3: gadget: Do not disconnect if not started (git-fixes).
  • usb: dwc3: gadget: Handle EP0 request dequeuing properly (git-fixes).
  • usb: dwc3: gadget: Ignore End Transfer delay on teardown (git-fixes).
  • usb: dwc3: gadget: Queue PM runtime idle on disconnect event (git-fixes).
  • usb: dwc3: gadget: Refactor EP0 forced stall/restart into a separate API (git-fixes).
  • usb: dwc3: gadget: Submit endxfer command if delayed during disconnect (git-fixes).
  • usb: dwc3: host: Set XHCISGTRBCACHESIZE_QUIRK (git-fixes).
  • usb: fmassstorage: forbid async queue when shutdown happen (git-fixes).
  • usb: fmassstorage: forbid async queue when shutdown happen (git-fixes).
  • usb: gadget: core: Add missing kerneldoc for vbus_work (git-fixes).
  • usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes).
  • usb: Gadget: core: Help prevent panic during UVC unconfigure (git-fixes).
  • usb: gadget: core: remove unbalanced mutexunlock in usbgadget_activate (git-fixes).
  • usb: gadget: f_hid: fix report descriptor allocation (git-fixes).
  • usb: gadget: Fix obscure lockdep violation for udc_mutex (git-fixes).
  • usb: gadget: Fix use-after-free Read in usbudcuevent() (git-fixes).
  • usb: gadget: fslqeudc: validate endpoint index for ch9 udc (git-fixes).
  • usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs (git-fixes).
  • usb: gadget: udc: core: Offload usbudcvbus_handler processing (git-fixes).
  • usb: gadget: udc: core: Prevent softconnectstore() race (git-fixes).
  • usb: gadget: udc: Handle gadget_connect failure during bind operation (git-fixes).
  • usb: hub: check for alternate port before enabling AALTHNP_SUPPORT (bsc#1218527).
  • usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
  • usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
  • usb: roles: do not get/setrole() when usbrole_switch is unregistered (git-fixes).
  • usb: roles: fix NULL pointer issue when put module's reference (git-fixes).
  • usb: serial: cp210x: add ID for IMST iM871A-USB (git-fixes).
  • usb: serial: option: add Fibocom FM101-GL variant (git-fixes).
  • usb: serial: qcserial: add new usb-id for Dell Wireless DW5826e (git-fixes).
  • watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 (git-fixes).
  • wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range (git-fixes).
  • wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9khtctxstatus() (git-fixes).
  • wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
  • wifi: cfg80211: fix RCU dereference in _cfg80211bss_update (git-fixes).
  • wifi: cfg80211: free beacon_ies when overridden from hidden BSS (git-fixes).
  • wifi: iwlwifi: Fix some error codes (git-fixes).
  • wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes).
  • wifi: iwlwifi: uninitialized variable in iwlacpigetppagtable() (git-fixes).
  • wifi: mac80211: adding missing drvmgdcomplete_tx() call (git-fixes).
  • wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes).
  • wifi: nl80211: reject iftype change with mesh ID change (git-fixes).
  • wifi: rt2x00: restart beacon queue when hardware reset (git-fixes).
  • wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices (git-fixes).
  • wifi: rtlwifi: rtl8723{be,ae}: using calculatebitshift() (git-fixes).
  • wifi: wext-core: Fix -Wstringop-overflow warning in ioctlstandardiw_point() (git-fixes).
  • x86/asm: Add ASMRIP() macro for x86-64 (%rip) suffix (git-fixes).
  • x86/bugs: Add asm helpers for executing VERW (git-fixes).
  • x86/bugs: Use ALTERNATIVE() instead of mdsuserclear static key (git-fixes). Also add mdsuserclear to kABI severities since it's strictly mitigation related so should be low risk.
  • x86/cpu: X86FEATUREINTEL_PPIN finally had a CPUID bit (jsc#PED-7618).
  • x86/entry_32: Add VERW just before userspace transition (git-fixes).
  • x86/entry_64: Add VERW just before userspace transition (git-fixes).
  • x86/mm: Fix memory encryption features advertisement (bsc#1206453).
  • xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes).
  • xfs: short circuit xfsgrowfsdata_private() if delta is zero (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "dlm-kmp-azure": "5.14.21-150500.33.37.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-extra": "5.14.21-150500.33.37.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-optional": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-vdso": "5.14.21-150500.33.37.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.37.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "dlm-kmp-azure": "5.14.21-150500.33.37.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-extra": "5.14.21-150500.33.37.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-optional": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-vdso": "5.14.21-150500.33.37.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.37.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.37.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-devel-azure": "5.14.21-150500.33.37.1",
            "dlm-kmp-azure": "5.14.21-150500.33.37.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-extra": "5.14.21-150500.33.37.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-optional": "5.14.21-150500.33.37.1",
            "kernel-azure-devel": "5.14.21-150500.33.37.1",
            "kernel-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-vdso": "5.14.21-150500.33.37.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-syms-azure": "5.14.21-150500.33.37.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.37.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.37.1",
            "kernel-source-azure": "5.14.21-150500.33.37.1"
        }
    ]
}