SUSE-SU-2025:03602-1

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2025-39782: jbd2: prevent softlockup in jbd2logdo_checkpoint() (bsc#1249526).
• CVE-2025-39773: net: bridge: fix soft lockup in brmulticastquery_expired() (bsc#1249504).
• CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
• CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
• CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
• CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
• CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
• CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
• CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metrictbladdr is non-NULL (bsc#1249290).
• CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
• CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
• CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
• CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
• CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
• CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
• CVE-2025-38701: ext4: do not BUG when INLINEDATAFL lacks system.data xattr (bsc#1249258).
• CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
• CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
• CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
• CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
• CVE-2025-38664: ice: Fix a null pointer dereference in icecopyandinitpkg() (bsc#1248628).
• CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
• CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
• CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
• CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211checkandendcac() (bsc#1248681).
• CVE-2025-38640: bpf: Disable migration in nfhookrun_bpf() (bsc#1248622).
• CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
• CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
• CVE-2025-38622: net: drop UFO packets in udprcvsegment() (bsc#1248619).
• CVE-2025-38618: vsock: Do not allow binding to VMADDRPORTANY (bsc#1248511).
• CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
• CVE-2025-38608: bpf, ktls: Fix data corruption when using bpfmsgpop_data() in ktls (bsc#1248338).
• CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12kdptxgetencap_type() (bsc#1248334).
• CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
• CVE-2025-38595: xen: fix UAF in dmabufexpfrom_pages() (bsc#1248380).
• CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
• CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
• CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
• CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmingetvar_int() (bsc#1248355).
• CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
• CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
• CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
• CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
• CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
• CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
• CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
• CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
• CVE-2025-38527: smb: client: fix use-after-free in cifsoplockbreak (bsc#1248199).
• CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
• CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
• CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
• CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
• CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
• CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
• CVE-2025-38499: cloneprivatemnt(): make sure that caller has CAPSYSADMIN in the right userns (bsc#1247976).
• CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
• CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
• CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
• CVE-2025-38466: perf: Revert to requiring CAPSYSADMIN for uprobes (bsc#1247442).
• CVE-2025-38464: tipc: Fix use-after-free in tipcconnclose() (bsc#1247112).
• CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
• CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
• CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser() (bsc#1247099).
• CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
• CVE-2025-38444: raid10: cleanup memleak at raid10makerequest (bsc#1247162).
• CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nfflowpppoe_proto() (bsc#1247167).
• CVE-2025-38439: bnxten: Set DMA unmap len correctly for XDPREDIRECT (bsc#1247155).
• CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rprochandleresources() fails in rproc_attach() (bsc#1247136).
• CVE-2025-38418: remoteproc: core: Release rproc->cleantable after rprocattach() fails (bsc#1247137).
• CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
• CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
• CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
• CVE-2025-38263: bcache: fix NULL pointer in cachesetflush() (bsc#1246248).
• CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
• CVE-2025-38245: atm: Release atmdevmutex after removing procfs in atmdevderegister() (bsc#1246193).
• CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
• CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
• CVE-2025-38201: netfilter: nftsetpipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
• CVE-2025-38190: atm: Revert atmaccounttx() if copyfromiter_full() fails (bsc#1245973).
• CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcpcsend() (bsc#1246012).
• CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
• CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypiclkregister() (bsc#1245780).
• CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
• CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
• CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
• CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
• CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
• CVE-2025-37885: KVM: x86: Reset IRTE to host control if new route isn't postable (bsc#1242960).
• CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
• CVE-2024-53125: bpf: synclinkedregs() must preserve subreg_def (bsc#1234156).
• CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange (bsc#1230708).

The following non-security bugs were fixed:

• ACPI/IORT: Fix memory leak in iortrmralloc_sids() (git-fixes).
• ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
• ACPI: EC: Add device to acpiecno_wakeup[] qurik list (stable-fixes).
• ACPI: pfr_update: Fix the driver update version check (git-fixes).
• ACPI: processor: fix acpi_object initialization (stable-fixes).
• ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
• ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol (stable-fixes).
• ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
• ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
• ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
• ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
• ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
• ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
• ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
• ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
• ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
• ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
• ALSA: hda: Disable jack polling at shutdown (stable-fixes).
• ALSA: hda: Handle the jack polling always via a work (stable-fixes).
• ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
• ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
• ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
• ALSA: scarlett2: Add retry on -EPROTO from scarlett2usbtx() (git-fixes).
• ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
• ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
• ALSA: usb-audio: Fix size validation in convertchmapv3() (git-fixes).
• ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
• ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
• ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
• ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
• ASoC: Intel: fix SNDSOCSOF dependencies (stable-fixes).
• ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
• ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
• ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
• ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
• ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
• ASoC: codecs: tx-macro: correct txmacrocomponent_drv name (stable-fixes).
• ASoC: core: Check for rtd == NULL in sndsocremovepcmruntime() (stable-fixes).
• ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
• ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
• ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
• ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
• ASoC: soc-dapm: set biaslevel if sndsocdapmsetbiaslevel() was successed (stable-fixes).
• ASoC: wm8940: Correct PLL rate rounding (git-fixes).
• ASoC: wm8940: Correct typo in control name (git-fixes).
• ASoC: wm8974: Correct PLL rate rounding (git-fixes).
• Bluetooth: Fix use-after-free in l2capsockcleanup_listen() (git-fixes).
• Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
• Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
• Bluetooth: hciconn: do return error from hcienhancedsetupsync() (git-fixes).
• Bluetooth: hcievent: Detect if HCIEVNUMCOMP_PKTS is unbalanced (git-fixes).
• Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
• Bluetooth: hcievent: Treat UNKNOWNCONN_ID on disconnect as success (git-fixes).
• Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
• Bluetooth: hcisock: Reset cookie to zero in hcisockfreecookie() (stable-fixes).
• Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
• Bluetooth: hcisync: fix setlocal_name race condition (git-fixes).
• Bluetooth: qca: fix invalid device address check (git-fixes).
• Bluetooth: qca: fix wcn3991 device address check (git-fixes).
• Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
• HID: asus: fix UAF via HIDCLAIMEDINPUT validation (git-fixes).
• HID: hid-ntrig: fix unable to handle page fault in ntrigreportversion() (stable-fixes).
• HID: input: rename hidinputsetbatterychargestatus() (stable-fixes).
• HID: input: report battery status changes immediately (git-fixes).
• HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
• HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
• HID: multitouch: fix slab out-of-bounds access in mtreportfixup() (git-fixes).
• HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
• HID: wacom: Add a new Art Pen 2 (stable-fixes).
• IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
• Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
• Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
• KVM: s390: Fix incorrect usage of mmunotifierregister() (git-fixes bsc#1250336).
• Limit patch filenames to 100 characters (bsc#1249604).
• Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
• NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
• NFSv4: Clear the NFSCAPFS_LOCATIONS flag if it is not set (git-fixes).
• NFSv4: Clear the NFSCAPXATTR flag if not supported by the server (git-fixes).
• NFSv4: Do not clear capabilities that won't be reset (git-fixes).
• PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
• PCI/portdrv: Use ispciehp instead of ishotplug_bridge (git-fixes).
• PCI: Add ACS quirk for Loongson PCIe (git-fixes).
• PCI: Drop PCI patches that broke kdump capture boot (bsc#1246509)
• PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
• PCI: apple: Fix missing OF node reference in applepciesetup_port (git-fixes).
• PCI: imx6: Add IMX8MMEP and IMX8MPEP fixed 256-byte BAR 4 in epc_features (git-fixes).
• PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
• PCI: imx6: Remove appsreset toggling from imxpcie_{assert/deassert}corereset (git-fixes).
• PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
• PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
• PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
• PCI: rockchip: Use standard PCIe definitions (git-fixes).
• PM / devfreq: governor: Replace sscanf() with kstrtoul() in setfreqstore() (stable-fixes).
• PM: runtime: Clear power.needsforceresume in pmruntimereinit() (stable-fixes).
• PM: sleep: console: Fix the black screen issue (stable-fixes).
• RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
• RAS/AMD/FMPM: Get masked address (bsc#1242034).
• RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
• RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
• RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
• RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
• RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
• RDMA/core: reduce stack using in nldevstatget_doit() (git-fixes)
• RDMA/erdma: Fix ignored return value of initkernelqp (git-fixes)
• RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
• RDMA: hfi1: fix possible divide-by-zero in findhwthread_mask() (git-fixes)
• Revert 'SUNRPC: Do not allow waiting for exiting tasks' (git-fixes).
• Revert 'drm/amdgpu: fix incorrect vm flags to map bo' (stable-fixes).
• Revert 'gpio: mlxbf3: only get IRQ for device instance 0' (git-fixes).
• SUNRPC: call xssockprocess_cmsg for all cmsg (git-fixes).
• USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
• USB: serial: option: add Foxconn T99W709 (stable-fixes).
• USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
• USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
• USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
• USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
• aoe: defer rexmit timer downdev work to workqueue (git-fixes).
• arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
• arm64/cpufeatures/kvm: Add ARMv8.9 FEATECBHB bits in IDAA64MMFR1 (git-fixes)
• arm64/entry: Mask DAIF in cpuswitchto(), callonirq_stack() (git-fixes)
• arm64/mm: Check PUDTYPETABLE in pud_bad() (git-fixes)
• arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
• arm64: Drop arm64 patches that may lead to module load failure (bsc#1250057)
• arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
• arm64: Handle KCOV __init vs inline mismatches (git-fixes)
• arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
• arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
• arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
• arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
• arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
• arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
• arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
• arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
• arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
• arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
• arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
• arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
• arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
• arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
• arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
• arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
• arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
• arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
• arm64: ftrace: fix unreachable PLT for ftracecaller in initmodule (git-fixes)
• arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
• arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
• arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
• ata: libata-scsi: Fix CDL control (git-fixes).
• ax25: properly unshare skbs in ax25kissrcv() (git-fixes).
• batman-adv: fix OOB read/write in network-coding decode (git-fixes).
• block: fix kobject leak in blkunregisterqueue (git-fixes).
• block: mtip32xx: Fix usage of dmamapsg() (git-fixes).
• bpf, bpftool: Fix incorrect disasm pc (git-fixes).
• bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
• bpf: Fix iter/task tid filtering (git-fixes).
• bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
• bpf: Make regnotnull() true for CONSTPTRTO_MAP (git-fixes).
• bpf: Properly test iter/task tid filtering (git-fixes).
• bpf: bpftool: Setting error code in do_loader() (git-fixes).
• bpf: fix kfunc btf caching for modules (git-fixes).
• bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
• bpftool: Fix memory leak in dumpxxnlmsg on realloc failure (git-fixes).
• bpftool: Fix readlink usage in getfdtype (git-fixes).
• bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
• bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
• btrfs: abort transaction during log replay if walklogtree() failed (git-fixes).
• btrfs: abort transaction on unexpected eb generation at btrfscopyroot() (git-fixes).
• btrfs: add cancellation points to trim loops (git-fixes).
• btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
• btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
• btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
• btrfs: convert BUGON in btrfsreloccowblock() to proper error handling (git-fixes).
• btrfs: correctly escape subvol in btrfsshowoptions() (git-fixes).
• btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
• btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
• btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
• btrfs: fix data race when accessing the inode's diskisize at btrfsdropextents() (git-fixes).
• btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
• btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
• btrfs: fix race between setting lastdirindex_offset and inode logging (git-fixes).
• btrfs: fix the length of reserved qgroup to free (bsc#1240708)
• btrfs: make foundlogicalret parameter mandatory for function queuescrubstripe() (git-fixes).
• btrfs: move transaction aborts to the error site in addblockgroupfreespace() (git-fixes).
• btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
• btrfs: retry block group reclaim without infinite loop (git-fixes).
• btrfs: return accurate error code on open failure in openfsdevices() (bsc#1233120)
• btrfs: run delayed iputs when flushing delalloc (git-fixes).
• btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
• btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
• btrfs: scrub: fix grouping of read IO (git-fixes).
• btrfs: scrub: remove scrubctx::csumlist member (git-fixes).
• btrfs: split remaining space to discard in chunks (git-fixes).
• btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
• btrfs: update target inode's ctime on unlink (git-fixes).
• btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
• can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
• can: j1939: j1939localecuget(): undo increment when j1939localecuget() fails (git-fixes).
• can: j1939: j1939skbind(): call j1939privput() immediately when j1939localecu_get() failed (git-fixes).
• can: xilinxcan: xcanwrite_frame(): fix use-after-free of transmitted SKB (git-fixes).
• cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
• cdx: Fix off-by-one error in cdxrpmsgprobe() (git-fixes).
• ceph: fix possible integer overflow in cephzeroobjects() (git-fixes).
• ceph: validate snapdirname option length when mounting (git-fixes).
• cgroup/cpuset: Use staticbranchenablecpuslocked() on cpusetsinsaneconfigkey (bsc#1241166).
• char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
• comedi: Fix use of uninitialized memory in doinsnioctl() and doinsnlistioctl() (git-fixes).
• comedi: Make insnrwemulate_bits() do insn->n samples (git-fixes).
• comedi: fix race between polling and detaching (git-fixes).
• comedi: pcl726: Prevent invalid irq number (git-fixes).
• compiler-clang.h: define _SANITIZE*__ macros only when undefined (stable-fixes).
• cpufreq: CPPC: Mark driver with NEEDUPDATELIMITS flag (stable-fixes).
• cpufreq: Exit governor when failed to start old governor (stable-fixes).
• cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
• cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
• cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
• cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
• cpufreq: governor: Fix negative 'idletime' handling in dbsupdate() (git-fixes).
• cpufreq: intelpstate: Always use HWPDESIRED_PERF in passive mode (git-fixes).
• cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
• cpufreq: scpi: compare kHz instead of Hz (git-fixes).
• cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
• crypto: afalg - Set merge to zero early in afalg_sendmsg (git-fixes).
• crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
• crypto: jitter - fix intermediary handling (stable-fixes).
• crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
• crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
• dma/pool: Ensure DMADIRECTREMAP allocations are decrypted (stable-fixes).
• dmaengine: dw: dmamux: Fix device reference leak in rzn1dmamuxroute_allocate (git-fixes).
• dmaengine: idxd: Fix double free in idxdsetupwqs() (git-fixes).
• dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
• dmaengine: idxd: Remove improper idxd_free (git-fixes).
• dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
• dmaengine: ti: edma: Fix memory allocation size for queueprioritymap (git-fixes).
• drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
• drivers/base/node: remove registermemblockundernode_early() (bsc#1241866).
• drivers/base/node: remove registermemoryblocksundernode() function call from registeronenode (bsc#1241866).
• drivers/base/node: rename __registeronenode() to registeronenode() (bsc#1241866).
• drivers/base/node: rename registermemoryblocksundernode() and remove context argument (bsc#1241866).
• drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
• drm/amd/display: Add null pointer check in modhdcphdcp1createsession() (git-fixes).
• drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
• drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
• drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
• drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
• drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
• drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
• drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
• drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
• drm/amd/display: Fill display clock and vblank time in dce110filldisplay_configs (stable-fixes).
• drm/amd/display: Find first CRTC and its line time in dce110filldisplay_configs (stable-fixes).
• drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
• drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
• drm/amd/display: Fix fractional fb divider in setpixelclock_v3 (git-fixes).
• drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
• drm/amd/display: Separate setgsl from setgslsourceselect (stable-fixes).
• drm/amd/display: use udelay rather than fsleep (git-fixes).
• drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
• drm/amd: Restore cached power limit during resume (stable-fixes).
• drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
• drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
• drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
• drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
• drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
• drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
• drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
• drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
• drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
• drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
• drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
• drm/dp: Change AUX DPCD probe address from DPCDREV to LANE01_STATUS (stable-fixes).
• drm/dp: Change AUX DPCD probe address from LANE01STATUS to TRAININGPATTERNSET (bsc#1248121).
• drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
• drm/edid: Define the quirks in an enum list (bsc#1248121).
• drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
• drm/i915/power: fix size for foreachset_bit() in abox iteration (git-fixes).
• drm/mediatek: Fix device/node reference count leaks in mtkdrmgetalldrm_priv (git-fixes).
• drm/mediatek: fix potential OF node use-after-free (git-fixes).
• drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
• drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
• drm/msm: use trylock for debugfs (stable-fixes).
• drm/nouveau/disp: Always accept linear modifier (git-fixes).
• drm/nouveau/nvif: Fix potential memory leak in nvifvmmctor() (git-fixes).
• drm/nouveau: fix error path in nvkmgspfwsec_v2 (git-fixes).
• drm/nouveau: fix typos in comments (git-fixes).
• drm/nouveau: remove unused increment in gm200flcnpioimemwr (git-fixes).
• drm/nouveau: remove unused memory target test (git-fixes).
• drm/ttm: Respect the shrinker core free target (stable-fixes).
• drm/ttm: Should to return the evict error (stable-fixes).
• drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
• drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
• erofs: fix atomic context detection when !CONFIGDEBUGLOCK_ALLOC (git-fixes).
• et131x: Add missing check after DMA map (stable-fixes).
• exfat: add cluster chain loop check for dir (git-fixes).
• ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
• fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
• fbdev: fix potential buffer overflow in doregisterframebuffer() (stable-fixes).
• flexfiles/pNFS: fix NULL checks on result of fflayoutchoosedsfor_read (git-fixes).
• fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
• fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
• gpio: mlxbf3: use platformgetirq_optional() (git-fixes).
• gpio: tps65912: check the return value of regmapupdatebits() (stable-fixes).
• gpio: wcd934x: check the return value of regmapupdatebits() (stable-fixes).
• hfs: fix not erasing deleted b-tree node issue (git-fixes).
• hfs: fix slab-out-of-bounds in hfsbnoderead() (git-fixes).
• hfsplus: do not use BUGON() in hfspluscreateattributesfile() (git-fixes).
• hfsplus: fix slab-out-of-bounds in hfsplusbnoderead() (git-fixes).
• hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
• hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
• hvnetvsc: Set VF privflags to IFFNOADDRCONF before open to prevent IPv6 addrconf (git-fixes).
• hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
• hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
• hypfscreatecpufiles(): add missing check for hypfsmkdir() failure (git-fixes bsc#1249122).
• i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
• i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
• i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
• i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
• i3c: master: Initialize ret in i3ci2cnotifier_call() (stable-fixes).
• iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
• iio: adc: adsigmadelta: do not overallocate scan buffer (stable-fixes).
• iio: imu: invicm42600: switch timestamp type from int64t _aligned(8) to aligneds64 (stable-fixes).
• iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
• iio: pressure: bmp280: Use ISERR() in bmp280common_probe() (git-fixes).
• iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
• integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
• iosys-map: Fix undefined behavior in iosysmapclear() (git-fixes).
• ipmi: Fix strcpy source and destination the same (stable-fixes).
• ipmi: Use devwarnratelimited() for incorrect message warnings (stable-fixes).
• isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
• jfs: Regular file corruption check (git-fixes).
• jfs: truncate good inode pages when hard link is 0 (git-fixes).
• jfs: upper bound check of tree index in dbAllocAG (git-fixes).
• kABI fix for 'netfilter: nf_tables: Audit log rule reset' (git-fixes).
• kABI workaround for 'drm/dp: Add an EDID quirk for the DPCD register access probe' (bsc#1248121).
• kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
• kABI: adjust new field on ipctsctp struct (git-fixes).
• kABI: arm64: ftrace: Restore struct modarchspecific layout (git-fixes).
• kABI: make nfttransgc_catchall() public again (git-fixes).
• kABI: netfilter flowtable move gc operation to bottom (git-fixes).
• kernel-binary: Another installation ordering fix (bsc#1241353).
• kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
• kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
• leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
• loop: use kiocb helpers to fix lockdep warning (git-fixes).
• mISDN: Fix memory leak in dsphwecenable() (git-fixes).
• mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
• md/md-cluster: handle REMOVE message earlier (bsc#1247057).
• md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
• md: allow removing faulty rdev during resync (git-fixes).
• md: make rdev_addable usable for rcu mode (git-fixes).
• media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090prwon_apb() (stable-fixes).
• media: dvb-frontends: w7090p: fix null-ptr-deref in w7090ptunerwriteserpar and w7090ptunerreadserpar (stable-fixes).
• media: tc358743: Check I2C succeeded during probe (stable-fixes).
• media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
• media: tc358743: Return an appropriate colorspace from tc358743setfmt (stable-fixes).
• media: usb: hdpvr: disable zero-length read messages (stable-fixes).
• media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
• media: v4l2-common: Reduce warnings about missing V4L2CIDLINK_FREQ control (stable-fixes).
• mei: bus: Check for still connected devices in meiclbusdevrelease() (stable-fixes).
• memstick: Fix deadlock by moving removing flag earlier (git-fixes).
• mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
• mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
• mm/ptdump: take the memory hotplug lock inside ptdumpwalkpgd() (git-fixes)
• mm: introduce and use {pgd,p4d}populatekernel() (git-fixes).
• mm: move page table sync declarations to linux/pgtable.h (git-fixes).
• mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
• mmc: mvsdio: Fix dmaunmapsg() nents value (git-fixes).
• mmc: rtsxusbsdmmc: Fix error-path in sdsetpower_mode() (stable-fixes).
• mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
• mmc: sdhci-pci-gli: GL9763e: Rename the glisetgl9763e() for consistency (git-fixes).
• most: core: Drop device reference after usage in get_channel() (git-fixes).
• mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
• mptcp: reset when MPTCP opts are dropped after join (git-fixes).
• mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
• mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
• mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
• mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
• net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
• net: phy: micrel: Add ksz9131_resume() (stable-fixes).
• net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
• net: rose: convert 'use' field to refcount_t (git-fixes).
• net: rose: fix a typo in roseclearroutes() (git-fixes).
• net: rose: include node references in rose_neigh refcount (git-fixes).
• net: rose: split remove and free operations in roseremoveneigh() (stable-fixes).
• net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
• net: thunderbolt: Fix the parameter passing of tbxdomainenablepaths()/tbxdomaindisablepaths() (stable-fixes).
• net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
• net: usb: asixdevices: add phymask for ax88772 mdio bus (git-fixes).
• net: usb: cdc-ncm: check for filtering capability (git-fixes).
• net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
• netfilter: conntrack: fix extension size table (git-fixes).
• netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
• netfilter: handle the connecting collision properly in nfconntrackproto_sctp (git-fixes).
• netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
• netfilter: nfconntrackbridge: initialize err to 0 (git-fixes).
• netfilter: nftables: A better name for nftobj_filter (git-fixes).
• netfilter: nf_tables: Audit log rule reset (git-fixes).
• netfilter: nftables: Carry reset boolean in nftobjdumpctx (git-fixes).
• netfilter: nftables: Carry sidx in nftobjdump_ctx (git-fixes).
• netfilter: nftables: Deduplicate nftregister_obj audit logs (git-fixes).
• netfilter: nftables: Drop pointless memset in nftablesdumpobj (git-fixes).
• netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
• netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
• netfilter: nftables: Introduce nftablesgetrulesingle() (git-fixes).
• netfilter: nftables: Open-code audit log call in nftables_getrule() (git-fixes).
• netfilter: nf_tables: Unbreak audit log reset (git-fixes).
• netfilter: nftables: Unconditionally allocate nftobj_filter (git-fixes).
• netfilter: nf_tables: audit log object reset once per table (git-fixes).
• netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
• netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
• netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
• netfilter: nftables: nftobj_filter fits into cb->ctx (git-fixes).
• netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
• netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
• netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
• netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
• netfilter: nft_payload: fix wrong mac header matching (git-fixes).
• netfilter: nftsethash: try later when GC hits EAGAIN on iteration (git-fixes).
• netfilter: nftsetpipapo: call nfttransgcqueuesync() in catchall GC (git-fixes).
• netfilter: nftsetpipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
• netfilter: nftsetrbtree: prefer sync gc to async worker (git-fixes).
• netfilter: nftsetrbtree: rename gc deactivate+erase function (git-fixes).
• netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
• nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
• nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
• nvme-pci: try function level reset on init failure (git-fixes).
• pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
• pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
• pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
• pNFS: Handle RPC size limit for layoutcommits (git-fixes).
• pcmcia: Add error handling for addinterval() in dovalidate_mem() (git-fixes).
• pcmcia: Fix a NULL pointer dereference in _iodynfindioregion() (git-fixes).
• pcmcia: omap: Add missing check for platformgetresource (git-fixes).
• phy: mscc: Fix parsing of unicast frames (git-fixes).
• phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
• phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
• phy: ti-pipe3: fix device leak at unbind (git-fixes).
• pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
• pinctrl: stm32: Manage irq affinity settings (stable-fixes).
• platform/chrome: crosectypec: Defer probe on missing EC parent (stable-fixes).
• platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
• platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
• platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
• platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
• platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
• platform/x86: think-lmi: Fix class device unregistration (git-fixes).
• platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
• pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
• power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
• power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
• power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
• powerpc/eeh: Export eehunfreezepe() (bsc#1215199).
• powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
• powerpc/eeh: Rely on dev->linkactivereporting (bsc#1215199).
• powerpc/kernel: Fix ppcsaveregs inclusion in build (bsc#1215199).
• powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
• powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
• powerpc: do not build ppcsaveregs.o always (bsc#1215199).
• pptp: fix pptp_xmit() error path (git-fixes).
• pwm: mediatek: Fix duty and period setting (git-fixes).
• pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
• regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
• reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
• rpm: Configure KABI checkingness macro (bsc#1249186).
• rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
• rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
• rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
• s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
• s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
• s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
• s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
• s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
• s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
• s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
• s390/stp: Remove udelay from stpsyncclock() (git-fixes bsc#1249124).
• s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
• s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
• samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
• scsi: Revert 'scsi: iscsi: Fix HW conn removal use after free' (git-fixes).
• scsi: core: Fix kernel doc for scsitrackqueue_full() (git-fixes).
• scsi: elx: efct: Fix dmaunmapsg() nents value (git-fixes).
• scsi: ibmvscsitgt: Fix dmaunmap_sg() nents value (git-fixes).
• scsi: isci: Fix dmaunmapsg() nents value (git-fixes).
• scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
• scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
• scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
• scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
• scsi: mvsas: Fix dmaunmapsg() nents value (git-fixes).
• scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
• selftests/bpf: Add asserts for netfilter link info (git-fixes).
• selftests/bpf: Add cmpmappointerwithconst test (git-fixes).
• selftests/bpf: Add test cases with CONSTPTRTO_MAP null checks (git-fixes).
• selftests/bpf: adapt one more case in testlrumap to the new target_free (git-fixes).
• selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
• selftests/tracing: Fix false failure of subsystem event test (git-fixes).
• selftests: Fix errno checking in syscalluserdispatch test (git-fixes).
• selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
• serial: 8250: fix panic due to PSLVERR (git-fixes).
• serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
• slab: Decouple slabdebug and nohash_pointers (bsc#1249022).
• soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
• soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
• spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
• spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
• spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
• squashfs: fix memory leak in squashfsfillsuper (git-fixes).
• struct cdcncmctx: hide new member filtering_supported (git-fixes).
• struct l2capchan: shift new member rxavail to end (git-fixes).
• sunvdc: Balance device refcount in vdcportmpgroup_check (git-fixes).
• supported.conf: mark hyperv_drm as external
• thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
• thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
• ublk: sanity check add_dev input for underflow (git-fixes).
• ublk: use vmalloc for ublk_device's __queues (git-fixes).
• usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
• usb: core: hcd: fix accessing unmapped memory in SINGLESTEPSET_FEATURE test (git-fixes).
• usb: core: usbsubmiturb: downgrade type check (stable-fixes).
• usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
• usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
• usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
• usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
• usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
• usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
• usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
• usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
• usb: typec: intelpmcmux: Defer probe if SCU IPC isn't present (stable-fixes).
• usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
• usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
• usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
• usb: xhci: Fix slot_id resource race conflict (git-fixes).
• usb: xhci: Set avgtrblen = 8 for EP0 during Address Device Command (stable-fixes).
• usb: xhci: print xhci->xhcstate when queuecommand failed (stable-fixes).
• vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
• watchdog: dw_wdt: Fix default timeout (stable-fixes).
• watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
• watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
• wifi: ath11k: fix group data packet drops during rekey (git-fixes).
• wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
• wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
• wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
• wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
• wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work (git-fixes).
• wifi: cfg80211: Fix interface type validation (stable-fixes).
• wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
• wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
• wifi: cfg80211: remove cfg80211informsinglebssframe_data() (git-fixes).
• wifi: cfg80211: sme: cap SSID length in __cfg80211connectresult() (git-fixes).
• wifi: cw1200: cap SSID length in cw1200dojoin() (git-fixes).
• wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
• wifi: iwlwifi: dvm: fix potential overflow in rsfilllink_cmd() (stable-fixes).
• wifi: iwlwifi: fw: Fix possible memory leak in iwlfwdbg_collect (stable-fixes).
• wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
• wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
• wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
• wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
• wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
• wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
• wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
• wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
• wifi: mt76: mt7996: Initialize hdr before passing to skbputdata() (git-fixes).
• wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
• wifi: rtlwifi: fix possible skb memory leak in rtlpciinitone_rxdesc() (stable-fixes).
• wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_rx_interrupt() (stable-fixes).
• wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
• wifi: rtw89: Fix rtw89macpower_switch() for USB (stable-fixes).
• wifi: rtw89: Lower the timeout in rtw89fwreadc2hreg() for USB (stable-fixes).
• wireless: purelifi: plfxlc: fix memory leak in plfxlcusbwreq_asyn() (git-fixes).
• x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
• x86/Kconfig: Always enable ARCHSPARSEMEMENABLE (git-fixes).
• x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
• x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
• x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
• x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
• x86/mm/64: define ARCHPAGETABLESYNCMASK and archsynckernel_mappings() (git-fixes).
• x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
• xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
• xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
• xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).