SUSE-SU-2024:1644-1

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
• CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
• CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
• CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
• CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
• CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpudiscoveryregbaseinit() (bsc#1223823).
• CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpudmfini() (bsc#1223714).
• CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
• CVE-2024-27038: Fixed clkcoreget NULL pointer dereference (bsc#1223816).
• CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
• CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
• CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
• CVE-2024-26993: Fixed fs/sysfs reference leak in sysfsbreakactive_protection() (bsc#1223693).
• CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
• CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
• CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
• CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
• CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
• CVE-2024-26960: Fixed mm/swap race between freeswapand_cache() and swapoff() (bsc#1223655).
• CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
• CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
• CVE-2024-26948: Fixed drm/amd/display by adding dcstate NULL check in dcstate_release (bsc#1223664).
• CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).
• CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
• CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
• CVE-2024-26901: Fixed dosysnametohandle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
• CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmdcfgpkts (bsc#1223016).
• CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
• CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
• CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
• CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
• CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
• CVE-2024-26882: Fixed net/iptunnel to make sure to pull inner header in iptunnel_rcv() (bsc#1223034).
• CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
• CVE-2024-26879: Fixed clk/meson by adding missing clocks to axgclkregmaps (bsc#1223066).
• CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
• CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).
• CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spicontrollerput call (bsc#1223024).
• CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
• CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
• CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
• CVE-2024-26856: Fixed use-after-free inside sparx5delmact_entry (bsc#1223052).
• CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in icebridgesetlink() (bsc#1223051).
• CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
• CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6routempath_notify() (bsc#1223057).
• CVE-2024-26840: Fixed a memory leak in cachefilesaddcache() (bsc#1222976).
• CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
• CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
• CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
• CVE-2024-26816: Fixed relocations in .notes section when building with CONFIGXENPV=y by ignoring them (bsc#1222624).
• CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).
• CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
• CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4mbtrybestfound() (bsc#1222618).
• CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4mbfindbygoal() (bsc#1222613).
• CVE-2024-26766: Fixed SDMA off-by-one error in padsdmatxdescs() (bsc#1222726).
• CVE-2024-26764: Fixed IOCBAIORW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
• CVE-2024-26733: Fixed an overflow in arpreqget() in arp (bsc#1222585).
• CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870).
• CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
• CVE-2024-26679: Fixed inet read sk->skfamily once in inetrecv_error() (bsc#1222385).
• CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
• CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
• CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
• CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
• CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
• CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
• CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
• CVE-2024-23848: Fixed media/cec for possible use-after-free in cecqueuemsg_fh (bsc#1219104).
• CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
• CVE-2024-22099: Fixed a null-pointer-dereference in rfcommchecksecurity (bsc#1219170).
• CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
• CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfsfillsuper function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
• CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctpautoasconf_init in net/sctp/socket.c (bsc#1218917).
• CVE-2023-6270: Fixed a use-after-free issue in aoecmdcfgpkts (bsc#1218562).
• CVE-2023-52652: Fixed NTB for possible name leak in ntbregisterdevice() (bsc#1223686).
• CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
• CVE-2023-52635: Fixed PM/devfreq to synchronize devfreqmonitor[start/stop] (bsc#1222294).
• CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
• CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpiecinit (bsc#1221612).
• CVE-2023-52614: Fixed PM/devfreq buffer overflow in transstatshow (bsc#1221617).
• CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfxsetmfp_ap() (bsc#1221042).
• CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
• CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
• CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
• CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpurasqueryerrorstatus_helper() (bsc#1221080).
• CVE-2022-48662: Fixed a general protection fault (GPF) in i915perfopen_ioctl (bsc#1223505).
• CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
• CVE-2022-48658: Fixed mm/slub to avoid a problem in flushcpuslab()/_freeslab() task context (bsc#1223496).
• CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
• CVE-2022-48642: Fixed netfilter/nftables percpu memory leak at nftables_addchain() (bsc#1223478).
• CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bondrrgenslaveid (bsc#1223499).
• CVE-2022-48631: Fixed a bug in ext4, when parsing extents where ehentries == 0 and ehdepth > 0 (bsc#1223475).
• CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlbmcopyatomic_pte() (bsc#1222710).
• CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
• CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
• CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
• CVE-2021-47202: Fixed NULL pointer dereferences in ofthermal functions (bsc#1222878)
• CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drmgemttmmmap() and drmgemttmmmap() (bsc#1222838).
• CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
• CVE-2021-47185: Fixed a softlockup issue in flushtoldisc in tty tty_buffer (bsc#1222669).
• CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).

The following non-security bugs were fixed:

• ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
• ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
• ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
• ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
• ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
• ALSA: hda: intel-sdw-acpi: fix usage of devicegetnamedchildnode() (git-fixes).
• ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
• ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
• ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
• ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
• ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
• ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
• ASoC: meson: axg-card: make links nonatomic (git-fixes).
• ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
• ASoC: meson: cards: select SNDDYNAMICMINORS (git-fixes).
• ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
• ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
• ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
• Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
• Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
• Bluetooth: Fix memory leak in hcireqsync_complete() (git-fixes).
• Bluetooth: Fix type of len in {l2cap,sco}sockgetsockopt_old() (stable-fixes).
• Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: add quirk for broken address properties (git-fixes).
• Bluetooth: btintel: Fix null ptr deref in btintelreadversion (stable-fixes).
• Bluetooth: btintel: Fixe build regression (git-fixes).
• Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
• Bluetooth: hcievent: Fix sending HCIOPREADENCKEYSIZE (git-fixes).
• Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
• Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
• Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
• Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
• HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
• HID: logitech-dj: allow mice to use all types of reports (git-fixes).
• HID: uhid: Use READONCE()/WRITEONCE() for ->running (stable-fixes).
• Input: allocate keycode for Display refresh rate toggle (stable-fixes).
• Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
• NFC: trf7970a: disable all regulators on removal (git-fixes).
• PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
• RDMA/cm: Print the old state when cmdestroyid gets timeout (git-fixes).
• Reapply 'drm/qxl: simplify qxlfencewait' (stable-fixes).
• Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
• Revert 'drm/qxl: simplify qxlfencewait' (git-fixes).
• Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275)
• Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
• Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
• USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
• USB: core: Add hubget() and hubput() routines (git-fixes).
• USB: core: Fix access violation during port device removal (git-fixes).
• USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes).
• USB: serial: add device ID for VeriFone adapter (stable-fixes).
• USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
• USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
• USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
• USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
• USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
• USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
• USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
• USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
• USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
• USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
• nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858).
• s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
• nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
• s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
• ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
• ahci: asm1064: correct count of reported ports (stable-fixes).
• arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
• arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
• arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
• arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
• arm64: dts: rockchip: enable internal pull-up on Q7USBID for RK3399 (git-fixes)
• arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
• arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
• arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
• ax25: fix use-after-free bugs caused by ax25dsdel_timer (git-fixes).
• batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
• clk: Get runtime PM before walking tree during disable_unused (git-fixes).
• clk: Initialize struct clk_core kref earlier (stable-fixes).
• clk: Mark 'all_lists' as const (stable-fixes).
• clk: Print an info line before disabling unused clocks (stable-fixes).
• clk: Remove preparelock hold assertion in _clk_release() (git-fixes).
• clk: remove extra empty line (stable-fixes).
• comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
• dma: xilinx_dpdma: Fix locking (git-fixes).
• dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
• dmaengine: owl: fix register access functions (git-fixes).
• dmaengine: tegra186: Fix residual calculation (git-fixes).
• docs: Document the FANFSERROR event (stable-fixes).
• drm-print: add drmdbgdriver to improve namespace symmetry (stable-fixes).
• drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
• drm/amd/display: Fix nanosec stat overflow (stable-fixes).
• drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
• drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
• drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
• drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
• drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
• drm/amdgpu: always force full reset for SOC21 (stable-fixes).
• drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
• drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
• drm/amdgpu: once more fix the call oder in amdgputtmmove() v2 (git-fixes).
• drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
• drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
• drm/ast: Fix soft lockup (git-fixes).
• drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
• drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
• drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
• drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
• drm/msm/dp: fix typo in dpdisplayhandleportstatus_changed() (git-fixes).
• drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
• drm/panel: ili9341: Respect deferred probe (git-fixes).
• drm/panel: ili9341: Use predefined error codes (git-fixes).
• drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
• drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
• drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
• drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
• drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
• drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
• drm: nv04: Fix out of bounds access (git-fixes).
• drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
• drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).
• dumpstack: Do not get cpusync for panic CPU (bsc#1223574).
• fbdev: fix incorrect address computation in deferred IO (git-fixes).
• fbdev: viafb: fix typo in hwbitblt1 and hwbitblt2 (stable-fixes).
• fbmon: prevent division by zero in fbvideomodefrom_videomode() (stable-fixes).
• fuse: do not unhash root (bsc#1223951).
• fuse: fix root lookup with nonzero generation (bsc#1223950).
• hwmon: (amc6821) add of_match table (stable-fixes).
• i2c: pxa: hide unused icr_bits[] variable (git-fixes).
• i2c: smbus: fix NULL function pointer dereference (git-fixes).
• i40e: Fix VF MAC filter removal (git-fixes).
• idma64: Do not try to serve interrupts when device is powered off (git-fixes).
• iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
• iio:imu: adis16475: Fix sync mode setting (git-fixes).
• init/main.c: Fix potential staticcommandline memory overflow (git-fixes).
• ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
• irqchip/gic-v3-its: Prevent double free on error (git-fixes).
• kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
• livepatch: Fix missing newline character in klpresolvesymbols() (bsc#1223539).
• media: cec: core: remove length check of Timer Status (stable-fixes).
• media: sta2x11: fix irq handler cast (stable-fixes).
• mei: me: add arrow lake point H DID (stable-fixes).
• mei: me: add arrow lake point S DID (stable-fixes).
• mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
• mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
• mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
• mtd: diskonchip: work around ubsan link failure (stable-fixes).
• net: bridge: vlan: fix memory leak in _allowedingress (git-fixes).
• net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
• net: fix skb leak in _skbtstamp_tx() (git-fixes).
• net: ipv6: ensure we call ipv6mcdown() at most once (git-fixes).
• net: mld: fix reference count leak in mld{query | report}work() (git-fixes).
• net: stream: purge skerrorqueue in skstreamkill_queues() (git-fixes).
• net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
• net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
• net: vlan: fix underflow for the real_dev refcnt (git-fixes).
• net: vmxnet3: Fix NULL pointer dereference in vmxnet3rqrx_complete() (bsc#1223360).
• netfilter: br_netfilter: Drop dst references before setting (git-fixes).
• netfilter: iptCLUSTERIP: fix refcount leak in clusteriptg_check() (git-fixes).
• netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
• nfsd: use _fputsync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
• nilfs2: fix OOB in nilfssetde_type (git-fixes).
• nilfs2: fix OOB in nilfssetde_type (git-fixes).
• nouveau: fix function cast warning (git-fixes).
• nouveau: fix instmem race condition around ptr stores (git-fixes).
• phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
• pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
• platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
• platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
• powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
• powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).
• powerpc/rtas: export rtaserrorrc() for reuse (bsc#1223369 ltc#205888).
• powerpc: Avoid nmienter/nmiexit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
• powerpc: Refactor verification of MSR_RI (bsc#1223191).
• printk: Add thiscpuin_panic() (bsc#1223574).
• printk: Adjust mapping for 32bit seq macros (bsc#1223574).
• printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
• printk: Disable passing console lock owner completely during panic() (bsc#1223574).
• printk: Drop console_sem during panic (bsc#1223574).
• printk: Rename abandonconsolelockinpanic() to othercpuin_panic() (bsc#1223574).
• printk: Use prbfirstseq() as base for 32bit seq macros (bsc#1223574).
• printk: Wait for all reserved records with pr_flush() (bsc#1223574).
• printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
• printk: ringbuffer: Clarify special lpos values (bsc#1223574).
• printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
• printk: ringbuffer: Do not skip non-finalized records with prbnextseq() (bsc#1223574).
• printk: ringbuffer: Improve prbnextseq() performance (bsc#1223574).
• printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
• pstore/zone: Add a null pointer check to the pszkmsgread (stable-fixes).
• ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
• ring-buffer: use READONCE() to read cpubuffer->commit_page in concurrent environment (git-fixes).
• s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
• s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).
• s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
• s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).
• s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
• s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
• s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).
• s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
• s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).
• serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
• serial: core: Provide port lock wrappers (stable-fixes).
• serial: core: fix kernel-doc for uartportunlock_irqrestore() (git-fixes).
• serial: mxs-auart: add spinlock around changing cts state (git-fixes).
• slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
• speakup: Avoid crash on very long word (git-fixes).
• speakup: Fix 8bit characters from direct synth (git-fixes).
• spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
• tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
• thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
• thunderbolt: Fix wake configurations after device unplug (stable-fixes).
• tracing/netsched: Fix tracepoints that save qdiscdev() as a string (git-fixes).
• tracing: Show size of requested perf buffer (git-fixes).
• usb: Disable USB3 LPM at shutdown (stable-fixes).
• usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).
• usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
• usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
• usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
• usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
• usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
• usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
• usb: ohci: Prevent missed ohci interrupts (git-fixes).
• usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
• usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
• usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
• usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).
• usb: typec: ucsi: Ack unsupported commands (stable-fixes).
• usb: typec: ucsi: Clear UCSICCIRESET_COMPLETE before reset (stable-fixes).
• usb: typec: ucsi: Fix connector check on init (git-fixes).
• usb: udc: remove warning when queue disabled ep (stable-fixes).
• virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
• wifi: ath9k: fix LNA selection in athanttry_scan() (stable-fixes).
• wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
• wifi: iwlwifi: mvm: return uid from iwlmvmbuildscancmd (git-fixes).
• wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
• wifi: nl80211: do not free NULL coalescing rule (git-fixes).
• x86/bugs: Cache the value of MSRIA32ARCH_CAPABILITIES (git-fixes).
• x86/bugs: Fix BHI documentation (git-fixes).
• x86/bugs: Fix BHI handling of RRSBA (git-fixes).
• x86/bugs: Fix BHI retpoline check (git-fixes).
• x86/bugs: Fix return type of spectrebhistate() (git-fixes).
• x86/bugs: Rename various 'ia32cap' variables to 'x86archcapmsr' (git-fixes).
• x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
• x86/mm: Ensure input to pfntokaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).
• x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).
• xfrm6: fix inet6_dev refcount underflow problem (git-fixes).