SUSE-SU-2024:2372-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20242372-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:2372-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:2372-1
Related
Published
2024-07-09T15:03:45Z
Modified
2024-07-09T15:03:45Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.
  • CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
  • CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
  • CVE-2021-47538: rxrpc: Fix rxrpclocal leak in rxrpclookup_peer() (bsc#1225448).
  • CVE-2021-47539: rxrpc: Fix rxrpcpeer leak in rxrpclookupbundle() (bsc#1225452).
  • CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
  • CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
  • CVE-2021-47571: staging: rtl8192e: Fix use after free in rtl92epci_disconnect() (bsc#1225518).
  • CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
  • CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
  • CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
  • CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
  • CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
  • CVE-2023-52667: net/mlx5e: fix a potential double-free in fsanycreate_groups (bsc#1224603).
  • CVE-2023-52670: rpmsg: virtio: Free driveroverride when rpmsgremove() (bsc#1224696).
  • CVE-2023-52672: pipe: wakeup wrwait after setting maxusage (bsc#1224614).
  • CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in updateeventsin_group() (bsc#1224504).
  • CVE-2023-52735: bpf, sockmap: Don't let sockmap{close,destroy,unhash} call itself (bsc#1225475).
  • CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
  • CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow() (bsc#1225487).
  • CVE-2023-52784: bonding: stop the device in bondsetupby_slave() (bsc#1224946).
  • CVE-2023-52787: blk-mq: make sure active queue usage is held for biointegrityprep() (bsc#1225105).
  • CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
  • CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
  • CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
  • CVE-2023-52845: tipc: Change nlapolicy for bearer-related names to NLANUL_STRING (bsc#1225585).
  • CVE-2023-52846: hsr: Prevent use after free in prpcreatetagged_frame() (bsc#1225098).
  • CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
  • CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
  • CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
  • CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
  • CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282bsc#1222072).
  • CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spinlock() in _unix_gc() (bsc#1223384).
  • CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git-fixesbsc#1223641).
  • CVE-2024-27432: net: ethernet: mtkethsoc: fix PPE hanging issue (bsc#1224716).
  • CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
  • CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
  • CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
  • CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
  • CVE-2024-35835: net/mlx5e: fix a double-free in arfscreategroups (bsc#1224605).
  • CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
  • CVE-2024-35857: icmp: prevent possible NULL dereferences from icmpbuildprobe() (bsc#1224619).
  • CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect() (bsc#1224766).
  • CVE-2024-35862: Fixed potential UAF in smb2isnetworknamedeleted() (bsc#1224764).
  • CVE-2024-35864: Fixed potential UAF in smb2isvalidleasebreak() (bsc#1224765).
  • CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
  • CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
  • CVE-2024-35886: ipv6: Fix infinite recursion in fib6dumpdone() (bsc#1224670).
  • CVE-2024-35898: netfilter: nftables: Fix potential data-race in _nftflowtabletype_get() (bsc#1224498).
  • CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
  • CVE-2024-35925: block: prevent division by zero in blkrqstat_sum() (bsc#1224661).
  • CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
  • CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
  • CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
  • CVE-2024-35997: Remove I2CHIDREAD_PENDING flag to prevent lock-up (bsc#1224552).
  • CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
  • CVE-2024-36008: ipv4: check for NULL idev in iprouteuse_hint() (bsc#1224540).
  • CVE-2024-36017: rtnetlink: Correct nested IFLAVFVLAN_LIST attribute validation (bsc#1225681).
  • CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
  • CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
  • CVE-2024-36478: nullblk: fix null-ptr-dereference while configuring 'power' and 'submitqueues' (bsc#1226841).
  • CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
  • CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
  • CVE-2024-36894: usb: gadget: ffs: Fix race between aiocancel() and AIO request complete (bsc#1225749).
  • CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify (bsc#1225737).
  • CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
  • CVE-2024-36904: tcp: Use refcountincnotzero() in tcptwsk_unique() (bsc#1225732).
  • CVE-2024-36915: nfc: llcp: fix nfcllcpsetsockopt() unsafe copies (bsc#1225758).
  • CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
  • CVE-2024-36917: block: fix overflow in blkioctldiscard() (bsc#1225770).
  • CVE-2024-36919: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload (bsc#1225767).
  • CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
  • CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
  • CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
  • CVE-2024-36945: net/smc: fix neighbour and rtable leak in smcibfind_route() (bsc#1225823).
  • CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
  • CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
  • CVE-2024-36971: net: fix _dstnegative_advice() race (bsc#1226145).
  • CVE-2024-36978: net: sched: schmultiq: fix possible OOB write in multiqtune() (bsc#1226514).
  • CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
  • CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
  • CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
  • CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
  • CVE-2024-38553: net: fec: remove .ndopollcontroller to avoid deadlock (bsc#1226744).
  • CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
  • CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
  • CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
  • CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
  • CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
  • CVE-2024-38564: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE (bsc#1226789).
  • CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
  • CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,).
  • CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
  • CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
  • CVE-2024-38597: eth: sungem: remove .ndopollcontroller to avoid deadlocks (bsc#1226749).
  • CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devmaddactionorreset() (bsc#1226842).
  • CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
  • CVE-2024-38627: stm class: Fix a double free in stmregisterdevice() (bsc#1226857).
  • CVE-2024-38659: enic: Validate length of nl attributes in enicsetvf_port (bsc#1226883).
  • CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
  • CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from syncprintobj() (bsc#1226886).
  • CVE-2024-39301: net/9p: fix uninit-value in p9clientrpc() (bsc#1226994).
  • CVE-2024-39468: smb: client: fix deadlock in smb2findsmb_tcon() (bsc#1227103.
  • CVE-2024-39469: nilfs2: fix nilfsemptydir() misjudgment and long loop on I/O errors (bsc#1226992).

The following non-security bugs were fixed:

  • ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
  • ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
  • ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
  • ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
  • ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
  • ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
  • ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
  • ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
  • ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
  • ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
  • ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
  • ALSA: timer: Set lower bound of start tick time (stable-fixes).
  • ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
  • ASoC: amd: acp: remove i2s configuration check in acpi2sprobe() (git-fixes).
  • ASoC: da7219-aad: fix usage of devicegetnamedchildnode() (stable-fixes).
  • ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
  • ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).
  • ASoC: rt715-sdca: volume step modification (stable-fixes).
  • ASoC: rt715: add vendor clear control register (stable-fixes).
  • Add remote for nfs maintainer
  • Bluetooth: L2CAP: Fix rejecting L2CAPCONNPARAMUPDATEREQ (git-fixes).
  • Fix new build warnings regarding unused variables: Changed build warnings: 2 warnings * unused-variable (cl) in ../fs/ceph/mdsclient.c in cephqueuecapunlinkwork ../fs/ceph/mdsclient.c: In function 'cephqueuecapunlinkwork': ../fs/ceph/mdsclient.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mdsclient.c in cephcapunlinkwork ../fs/ceph/mdsclient.c: In function 'cephcapunlinkwork': ../fs/ceph/mdsclient.c:2436:22: warning: unused variable 'cl' [-Wunused-variable]
  • HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
  • HID: logitech-dj: Fix memory leak in logidjrecvswitchtodjmode() (git-fixes).
  • Input: ili210x - fix ili251xreadtouch_data() return value (git-fixes).
  • NFS: abort nfsatomicopen_v23 if name is too long (bsc#1219847).
  • NFS: add atomicopen for NFSv3 to handle OTRUNC correctly (bsc#1219847).
  • NFS: avoid infinite loop in pnfsupdatelayout (bsc#1219633 bsc#1226226).
  • PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
  • PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
  • RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
  • RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
  • RDMA/hns: Fix incorrect sge nums calculation (git-fixes)
  • RDMA/irdma: Drop unused kernel push code (git-fixes)
  • RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
  • USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
  • USB: xen-hcd: Traverse host/ when CONFIGUSBXEN_HCD is selected (git-fixes).
  • X.509: Fix the parser of extended key usage for length (bsc#1218820).
  • arm64: asm-bug: Add .align 2 to the end of _BUGENTRY (git-fixes).
  • arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).
  • arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).
  • arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).
  • arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).
  • ata: ahci: Clean up sysfs file on error (git-fixes).
  • ata: libata-core: Fix double free on error (git-fixes).
  • ata: libata-core: Fix null pointer dereference on error (git-fixes).
  • batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
  • bpf, sockmap: Check for any of tcpbpfprots when cloning a listener (git-fixes).
  • btrfs: avoid copying BTRFSROOTSUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).
  • cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
  • ceph: add cephcapunlinkwork to fire checkcaps() immediately (bsc#1226022).
  • ceph: always check dir caps asynchronously (bsc#1226022).
  • ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
  • ceph: break the check delayed cap loop every 5s (bsc#1226022).
  • ceph: switch to use capdelaylock for the unlink delay list (bsc#1226022).
  • cgroup: Add annotation for holding namespacesem in currentcgnscgroupfrom_root() (bsc#1222254).
  • cgroup: Eliminate the need for cgroupmutex in proccgroup_show() (bsc#1222254).
  • cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
  • cgroup: Remove unnecessary list_empty() (bsc#1222254).
  • cgroup: preserve KABI of cgroup_root (bsc#1222254).
  • cifs: fix hang in waitforresponse() (bsc#1220812, bsc#1220368).
  • cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
  • crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
  • dmaengine: idxd: Fix possible Use-After-Free in irqprocesswork_list (git-fixes).
  • dmaengine: ioatdma: Fix missing kmemcachedestroy() (git-fixes).
  • drivers: core: synchronize reallyprobe() and devuevent() (git-fixes).
  • drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
  • drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
  • drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
  • drm/amd/display: Set colormgmtchanged to true on unsuspend (stable-fixes).
  • drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).
  • drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
  • drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
  • drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
  • drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
  • drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
  • drm/amdgpu: Update BO eviction priorities (stable-fixes).
  • drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
  • drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
  • drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
  • drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
  • drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
  • drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
  • drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
  • drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
  • drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
  • drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
  • drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
  • drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
  • drm/komeda: check for error-valued pointer (git-fixes).
  • drm/lima: add mask irq callback to gp and pp (stable-fixes).
  • drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
  • drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
  • drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
  • drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).
  • drm/msm: Enable clamptoidle for 7c3 (stable-fixes).
  • drm/panel-samsung-atna33xc20: Use ktimegetboottime for delays (stable-fixes).
  • drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
  • drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
  • drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
  • drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
  • gpio: davinci: Validate the obtained number of IRQs (git-fixes).
  • gpio: tqmx86: fix typo in Kconfig label (git-fixes).
  • gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
  • gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
  • hwmon: (shtc1) Fix property misspelling (git-fixes).
  • i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
  • i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
  • i2c: ocores: set IACK bit after core is enabled (git-fixes).
  • i2c: testunit: discard write requests while old command is running (git-fixes).
  • i2c: testunit: do not erase registers after STOP (git-fixes).
  • iio: accel: fxls8962af: select IIOBUFFER & IIOKFIFO_BUF (git-fixes).
  • iio: adc: ad7266: Fix variable checking bug (git-fixes).
  • iio: adc: ad9467: fix scan type sign (git-fixes).
  • iio: chemical: bme680: Fix calibration data variable (git-fixes).
  • iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
  • iio: chemical: bme680: Fix pressure value output (git-fixes).
  • iio: chemical: bme680: Fix sensor data read operation (git-fixes).
  • iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
  • iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
  • intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
  • iommu/amd: Fix sysfs leak in iommu init (git-fixes).
  • iommu: Return right value in iommusvabind_device() (git-fixes).
  • iommu: mtk: fix module autoloading (git-fixes).
  • ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
  • kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
  • kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).
  • kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
  • kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
  • kernel-doc: fix structgrouptagged() parsing (git-fixes).
  • lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).
  • media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).
  • media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
  • media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).
  • media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
  • media: mxl5xx: Move xpt structures off stack (stable-fixes).
  • media: radio-shark2: Avoid led_names truncations (git-fixes).
  • media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
  • mei: me: release irq in meimepci_resume error path (git-fixes).
  • mkspec-dtb: add toplevel symlinks also on arm
  • mmc: core: Add mmcgpiodsetcdconfig() function (stable-fixes).
  • mmc: core: Do not force a retune before RPMB switch (stable-fixes).
  • mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
  • mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
  • mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
  • mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
  • mmc: sdhci: Do not invert write-protect twice (git-fixes).
  • mmc: sdhci: Do not lock spinlock around mmcgpioget_ro() (git-fixes).
  • mmc: sdhciam654: Add ITAPDLYSEL in sdhcij721e4bitset_clock (git-fixes).
  • mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
  • mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).
  • mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
  • mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
  • mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
  • mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
  • net/mlx5e: Fix a race in command alloc flow (git-fixes).
  • net: can: j1939: Initialize unused data in j1939sendone() (git-fixes).
  • net: can: j1939: enhanced error handling for tightly received RTS messages in xtprxrtssessionnew (git-fixes).
  • net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
  • net: ena: Fix redundant device NUMA node override (jsc#PED-8690).
  • net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
  • net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
  • net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
  • net: usb: ax88179_178a: improve link status logs (git-fixes).
  • net: usb: ax88179_178a: improve reset check (git-fixes).
  • net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).
  • net: usb: rtl8150 fix unintiatilzed variables in rtl8150getlink_ksettings (git-fixes).
  • net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
  • nfsd: optimise recalculatedenymode() for a common case (bsc#1217912).
  • nilfs2: fix potential hang in nilfsdetachlog_writer() (stable-fixes).
  • nvme: find numa distance only if controller has valid numa id (git-fixes).
  • nvmet-passthru: propagate status from id override functions (git-fixes).
  • ocfs2: adjust enabling place for la window (bsc#1219224).
  • ocfs2: fix sparse warnings (bsc#1219224).
  • ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
  • ocfs2: speed up chain-list searching (bsc#1219224).
  • pinctrl: fix deadlock in createpinctrl() when handling -EPROBEDEFER (git-fixes).
  • pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
  • pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
  • pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
  • pinctrl: rockchip: fix pinmux reset in rockchippmxset (git-fixes).
  • pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
  • random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
  • regulator: bd71815: fix ramp values (git-fixes).
  • regulator: core: Fix modpost error 'regulatorgetregmap' undefined (git-fixes).
  • regulator: irq_helpers: duplicate IRQ name (stable-fixes).
  • regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
  • rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
  • rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
  • rpm/kernel-obs-build.spec.in: Include algifhash, aegis128 and xts modules afgifhash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
  • rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
  • sched/core: Fix incorrect initialization of the 'burst' parameter in cpumaxwrite() (bsc#1226791).
  • scsi: sd: Update DIX config every time sdrevalidatedisk() is called (bsc#1218570).
  • smb: client: ensure to try all targets when finding nested links (bsc#1224020).
  • smb: client: guarantee refcounted children from parent session (bsc#1224679, CVE-35869).
  • soundwire: cadence: fix invalid PDI offset (stable-fixes).
  • spi: stm32: Do not warn about spurious interrupts (git-fixes).
  • supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
  • supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
  • supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
  • tty: mcf: MCF54418 has 10 UARTS (git-fixes).
  • usb-storage: alauda: Check whether the media is initialized (git-fixes).
  • usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
  • usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
  • usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).
  • usb: gadget: printer: fix races against disable (git-fixes).
  • usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
  • usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
  • usb: typec: tcpm: fix use-after-free case in tcpmregistersource_caps (git-fixes).
  • usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
  • usb: typec: ucsi: Never send a lone connector change ack (git-fixes).
  • usb: xhci: Implement xhcihandshakecheck_state() helper (git-fixes).
  • usb: xhci: address off-by-one in xhcinumtrbs_free() (git-fixes).
  • usb: xhci: improve debug message in xhciringexpansion_needed() (git-fixes).
  • watchdog: bd9576: Drop 'always-running' property (git-fixes).
  • watchdog: bd9576wdt: switch to using devmfwnodegpiodget() (stable-fixes).
  • wifi: cfg80211: Lock wiphy in cfg80211getstation (git-fixes).
  • wifi: cfg80211: fix the order of arguments for trace events of the txrxevt class (stable-fixes).
  • wifi: cfg80211: pmsr: use correct nlagetuX functions (git-fixes).
  • wifi: iwlwifi: dbgini: move iwldbgtlvfree outside of debugfs ifdef (git-fixes).
  • wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
  • wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
  • wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
  • wifi: mac80211: Fix deadlock in ieee80211stapsdeliverwakeup() (git-fixes).
  • wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
  • wifi: mac80211: mesh: Fix leak of meshpreqqueue objects (git-fixes).
  • wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
  • wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
  • wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
  • x86/mce: Dynamically size space for machine check records (bsc#1222241).
  • x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
  • xfs: make sure sb_fdblocks is non-negative (bsc#1225419).
  • xhci: Fix failure to detect ring expansion need (git-fixes).
  • xhci: Fix transfer ring expansion size calculation (git-fixes).
  • xhci: Handle TD clearing for multiple streams case (git-fixes).
  • xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
  • xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).
  • xhci: fix matching completion events with TDs (git-fixes).
  • xhci: remove unused streamid parameter from xhcihandlehaltedendpoint() (git-fixes).
  • xhci: restre deleted trb fields for tracing (git-fixes).
  • xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
  • xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
  • xhci: update event ring dequeue pointer position to controller correctly (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "dlm-kmp-azure": "5.14.21-150500.33.60.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-extra": "5.14.21-150500.33.60.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-optional": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-vdso": "5.14.21-150500.33.60.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.60.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "dlm-kmp-azure": "5.14.21-150500.33.60.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-extra": "5.14.21-150500.33.60.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-optional": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-vdso": "5.14.21-150500.33.60.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.60.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}

openSUSE:Leap 15.5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150500.33.60.1

Ecosystem specific

{
    "binaries": [
        {
            "ocfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-devel-azure": "5.14.21-150500.33.60.1",
            "dlm-kmp-azure": "5.14.21-150500.33.60.1",
            "cluster-md-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-extra": "5.14.21-150500.33.60.1",
            "gfs2-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-optional": "5.14.21-150500.33.60.1",
            "kernel-azure-devel": "5.14.21-150500.33.60.1",
            "kernel-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-vdso": "5.14.21-150500.33.60.1",
            "kselftests-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-syms-azure": "5.14.21-150500.33.60.1",
            "kernel-azure-livepatch-devel": "5.14.21-150500.33.60.1",
            "reiserfs-kmp-azure": "5.14.21-150500.33.60.1",
            "kernel-source-azure": "5.14.21-150500.33.60.1"
        }
    ]
}