SUSE-SU-2024:2561-1

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2020-10135: Legacy pairing and secure-connections pairing authentication Bluetooth might have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access (bsc#1171988).
• CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
• CVE-2021-47145: btrfs: do not BUGON in linktofixupdir (bsc#1222005).
• CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).
• CVE-2021-47201: iavf: free qvectors before queues in iavfdisable_vf (bsc#1222792).
• CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).
• CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).
• CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
• CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).
• CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).
• CVE-2021-47297: net: fix uninit-value in caifseqpktsendmsg (bsc#1224976).
• CVE-2021-47309: net: validate lwtstate->data before returning from skbtunnelinfo() (bsc#1224967).
• CVE-2021-47328: blacklist.conf: bsc#1225047 CVE-2021-47328: breaks kABI Also, does not apply.
• CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)
• CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
• CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
• CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).
• CVE-2021-47418: netsched: fix NULL deref in fifoset_limit() (bsc#1225337).
• CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).
• CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5debugcq_remove() (bsc#1225229)
• CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)
• CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
• CVE-2021-47518: nfc: fix potential NULL pointer deref in nfcgenldumpsesdone (bsc#1225372).
• CVE-2021-47520: can: pchcan: pchcanrxnormal: fix use after free (bsc#1225431).
• CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).
• CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
• CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
• CVE-2021-47571: staging: rtl8192e: Fix use after free in rtl92epci_disconnect() (bsc#1225518).
• CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).
• CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).
• CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)
• CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)
• CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).
• CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).
• CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).
• CVE-2022-48756: drm/msm/dsi: invalid parameter check in msmdsiphy_enable (bsc#1226698)
• CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).
• CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).
• CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).
• CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
• CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
• CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
• CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
• CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in updateeventsin_group() (bsc#1224504).
• CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
• CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
• CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
• CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow() (bsc#1225487).
• CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
• CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).
• CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
• CVE-2023-52762: virtio-blk: fix implicit overflow on virtiomaxdma_size (bsc#1225573).
• CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).
• CVE-2023-52784: bonding: stop the device in bondsetupby_slave() (bsc#1224946).
• CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
• CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
• CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
• CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211gettx_power() (bsc#1225577).
• CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).
• CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
• CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
• CVE-2023-52845: tipc: Change nlapolicy for bearer-related names to NLANUL_STRING (bsc#1225585).
• CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).
• CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
• CVE-2024-26633: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenc_lim() (bsc#1221647).
• CVE-2024-26635: llc: Drop support for ETHPTR8022 (bsc#1221656).
• CVE-2024-26636: llc: make llcuisendmsg() more robust against bonding changes (bsc#1221659).
• CVE-2024-26641: ip6tunnel: make sure to pull inner header in _ip6tnlrcv() (bsc#1221654).
• CVE-2024-26679: Fixed read sk->skfamily once in inetrecv_error() (bsc#1222385).
• CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
• CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
• CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
• CVE-2024-26863: hsr: Fix uninit-value access in hsrgetnode() (bsc#1223021).
• CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
• CVE-2024-26894: ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit() (bsc#1223043).
• CVE-2024-26923: Fixed false-positive lockdep splat for spinlock() in _unix_gc() (bsc#1223384).
• CVE-2024-26928: Fixed potential UAF in cifsdebugfilesprocshow() (bsc#1223532).
• CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
• CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout (bsc#1224177).
• CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).
• CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
• CVE-2024-35805: dm snapshot: fix lockup in dmexceptiontable_exit (bsc#1224743).
• CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
• CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
• CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).
• CVE-2024-35828: wifi: libertas: fix some memleaks in lbsallocatecmd_buffer() (bsc#1224622).
• CVE-2024-35835: net/mlx5e: fix a double-free in arfscreategroups (bsc#1224605).
• CVE-2024-35862: Fixed potential UAF in smb2isnetworknamedeleted() (bsc#1224764).
• CVE-2024-35863: Fixed potential UAF in isvalidoplock_break() (bsc#1224763).
• CVE-2024-35864: Fixed potential UAF in smb2isvalidleasebreak() (bsc#1224765).
• CVE-2024-35865: Fixed potential UAF in smb2isvalidoplockbreak() (bsc#1224668).
• CVE-2024-35867: Fixed potential UAF in cifsstatsproc_show() (bsc#1224664).
• CVE-2024-35868: Fixed potential UAF in cifsstatsproc_write() (bsc#1224678).
• CVE-2024-35870: Fixed UAF in smb2reconnectserver() (bsc#1224672).
• CVE-2024-35886: ipv6: Fix infinite recursion in fib6dumpdone() (bsc#1224670).
• CVE-2024-35922: fbmon: prevent division by zero in fbvideomodefrom_videomode() (bsc#1224660)
• CVE-2024-35925: block: prevent division by zero in blkrqstat_sum() (bsc#1224661).
• CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc() (bsc#1224651).
• CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647).
• CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
• CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
• CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
• CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
• CVE-2024-35976: Validate user input for XDP{UMEM|COMPLETION}FILL_RING (bsc#1224575).
• CVE-2024-35979: raid1: fix use-after-free for original bio in raid1writerequest() (bsc#1224572).
• CVE-2024-35997: Remove I2CHIDREAD_PENDING flag to prevent lock-up (bsc#1224552).
• CVE-2024-35998: Fixed lock ordering potential deadlock in cifssyncmid_result (bsc#1224549).
• CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
• CVE-2024-36016: tty: ngsm: fix possible out-of-bounds in gsm0receive() (bsc#1225642).
• CVE-2024-36017: rtnetlink: Correct nested IFLAVFVLAN_LIST attribute validation (bsc#1225681).
• CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
• CVE-2024-36952: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898).
• CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).
• CVE-2024-36894: usb: gadget: ffs: Fix race between aiocancel() and AIO request complete (bsc#1225749).
• CVE-2024-36915: nfc: llcp: fix nfcllcpsetsockopt() unsafe copies (bsc#1225758).
• CVE-2024-36917: block: fix overflow in blkioctldiscard() (bsc#1225770).
• CVE-2024-36919: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload (bsc#1225767).
• CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
• CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
• CVE-2024-36938: Fixed NULL pointer dereference in skpsockskbingressenqueue (bsc#1225761).
• CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
• CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
• CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
• CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).
• CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)
• CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
• CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
• CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
• CVE-2024-38544: RDMA/rxe: Fix seg fault in rxecompqueue_pkt (bsc#1226597)
• CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
• CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).
• CVE-2024-38549: drm/mediatek: Add 0 size check to mtkdrmgem_obj (bsc#1226735)
• CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)
• CVE-2024-38553: net: fec: remove .ndopollcontroller to avoid deadlock (bsc#1226744).
• CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).
• CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).
• CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
• CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).
• CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
• CVE-2024-38597: eth: sungem: remove .ndopollcontroller to avoid deadlocks (bsc#1226749).
• CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
• CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
• CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).
• CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
• CVE-2024-38621: media: stk1160: fix bounds checking in stk1160copyvideo() (bsc#1226895).
• CVE-2024-38627: stm class: Fix a double free in stmregisterdevice() (bsc#1226857).
• CVE-2024-38659: enic: Validate length of nl attributes in enicsetvf_port (bsc#1226883).
• CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
• CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from syncprintobj() (bsc#1226886).
• CVE-2024-39301: net/9p: fix uninit-value in p9clientrpc() (bsc#1226994).
• CVE-2024-39475: fbdev: savage: Handle err return when savagefbcheckvar failed (bsc#1227435)

The following non-security bugs were fixed:

• Btrfs: bail out on error during replaydirdeletes (git-fixes)
• Btrfs: clean up resources during umount after trans is aborted (git-fixes)
• Btrfs: fix NULL pointer dereference in logdiritems (git-fixes)
• Btrfs: fix memory and mount leak in btrfsioctlrmdevv2() (git-fixes)
• Btrfs: fix unexpected EEXIST from btrfsgetextent (git-fixes)
• Btrfs: send, fix issuing write op when processing hole in no data mode (git-fixes)
• KVM: allow KVMBUG/KVMBUG_ON to handle 64-bit cond (git-fixes).
• NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791).
• NFSv4: nfssetopen_stateid must not trigger state recovery for closed state (bsc#1221791).
• PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes).
• PNFS for stateid errors retry against MDS first (bsc#1221791).
• RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
• Revert 'build initrd without systemd' (bsc#1195775)'
• SUNRPC: Fix gssfreeintokenpages() (git-fixes).
• SUNRPC: Fix loop termination condition in gssfreeintokenpages() (git-fixes).
• USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
• USB: serial: option: add Quectel EG912Y module support (git-fixes).
• USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
• arm64: asm-bug: Add .align 2 to the end of _BUGENTRY (git-fixes).
• blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init (bsc#1216062 bsc#1225203).
• blk-cgroup: fix missing pdonlinefn() while activating policy (git-fixes bsc#1225203).
• blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203).
• bpf, scripts: Correct GPL license name (git-fixes).
• bsc#1225894: Fix build warning Fix the following build warning. * unused-variable (i) in ../drivers/gpu/drm/amd/amdkfd/kfddevice.c in kgd2kfdresume ../drivers/gpu/drm/amd/amdkfd/kfddevice.c: In function 'kgd2kfdresume': ../drivers/gpu/drm/amd/amdkfd/kfd_device.c:621:11: warning: unused variable 'i' [-Wunused-variable]
• btrfs: add barriers to btrfssynclog before logcommitwait wakeups (git-fixes)
• btrfs: fix crash when trying to resume balance without the resume flag (git-fixes)
• btrfs: fix describe_relocation when printing unknown flags (git-fixes)
• btrfs: fix false EIO for missing device (git-fixes)
• btrfs: tree-check: reduce stack consumption in checkdiritem (git-fixes)
• btrfs: use correct compare function of dirtymetadatabytes (git-fixes)
• drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
• drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
• fix compat handling of FICLONERANGE, FIDEDUPERANGE and FSIOCFIEMAP (bsc#1225848).
• fs: make fiemap work from compat_ioctl (bsc#1225848).
• iommu/amd: Fix sysfs leak in iommu init (git-fixes).
• iommu/vt-d: Allocate local memory for page request queue (git-fixes).
• ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
• kabi: blkcgpolicydata fix KABI (bsc#1216062 bsc#1225203).
• kgdb: Add kgdbhashit_break function (git-fixes).
• kgdb: Move the extern declaration kgdbhashit_break() to generic kgdb.h (git-fixes).
• mkspec-dtb: add toplevel symlinks also on arm
• net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
• net: usb: rtl8150 fix unintiatilzed variables in rtl8150getlink_ksettings (git-fixes).
• net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
• nfs: Handle error of rpcprocregister() in nfsnetinit() (git-fixes).
• nfsd: optimise recalculatedenymode() for a common case (bsc#1217912).
• nvmet: fix ns enable/disable possible hang (git-fixes).
• ocfs2: adjust enabling place for la window (bsc#1219224).
• ocfs2: fix sparse warnings (bsc#1219224).
• ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
• ocfs2: speed up chain-list searching (bsc#1219224).
• powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
• rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
• rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
• rpm/kernel-obs-build.spec.in: Include algifhash, aegis128 and xts modules afgifhash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
• sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
• scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes).
• scsi: 53c700: Check that command slot is not NULL (git-fixes).
• scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes).
• scsi: be2iscsi: Fix a memleak in beiscsiinitwrb_handle() (git-fixes).
• scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
• scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
• scsi: core: Decrease scsidevice's iorequestcnt if dispatch failed (git-fixes).
• scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).
• scsi: core: Fix possible memory leak if device_add() fails (git-fixes).
• scsi: csiostor: Avoid function pointer casts (git-fixes).
• scsi: isci: Fix an error code problem in isciiorequest_build() (git-fixes).
• scsi: iscsi: Add length check for nlattr payload (git-fixes).
• scsi: iscsi: Add strlen() check in iscsiifset{host}param() (git-fixes).
• scsi: iscsi_tcp: restrict to TCP sockets (git-fixes).
• scsi: libfc: Fix potential NULL pointer dereference in fclportptp_setup() (git-fixes).
• scsi: libsas: Add a helper sasgetsasaddranddevtype() (git-fixes).
• scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
• scsi: libsas: Introduce struct smpdiscresp (git-fixes).
• scsi: lpfc: Correct size for wqe for memset() (git-fixes).
• scsi: lpfc: Fix double free in lpfccmplelslogoacc() caused by lpfcnlpnot_used() (git-fixes).
• scsi: lpfc: Fix the NULL vs ISERR() bug for debugfscreate_file() (git-fixes).
• scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
• scsi: mpt3sas: Fix in error path (git-fixes).
• scsi: mpt3sas: Fix loop logic (git-fixes).
• scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes).
• scsi: qedf: Do not touch _user pointer in qedfdbgdebugcmd_read() directly (git-fixes).
• scsi: qedf: Do not touch _user pointer in qedfdbgfpintcmdread() directly (git-fixes).
• scsi: qedf: Do not touch _user pointer in qedfdbgstopioonerrorcmdread() directly (git-fixes).
• scsi: qedf: Fix NULL dereference in error handling (git-fixes).
• scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).
• scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).
• scsi: qedi: Fix potential deadlock on &qedipercpu->pwork_lock (git-fixes).
• scsi: qla2xxx: Fix off by one in qlaedifapp_getstats() (git-fixes).
• scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes).
• scsi: snic: Fix double free in snictgtcreate() (git-fixes).
• scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).
• scsi: stex: Fix gcc 13 warnings (git-fixes).
• scsi: target: core: Add TMF to tmr_list handling (bsc#1223018 CVE-26845).
• sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
• usb: port: Do not try to peer unused USB ports based on location (git-fixes).
• usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).
• x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes).
• x86/boot/e820: Fix typo in e820.c comment (git-fixes).
• x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
• x86/fpu: Return proper error codes from user access functions (git-fixes).
• x86/ioremap: Fix page aligned size calculation in _ioremapcaller() (git-fixes).
• x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-fixes).
• x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-fixes).
• x86/msr: Fix wr/rdmsrsaferegsoncpu() prototypes (git-fixes).
• x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
• x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
• x86: _memcpyflushcache: fix wrong alignment if size > 2^32 (git-fixes).