SUSE-SU-2026:0278-1

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues

The following security issues were fixed:

• CVE-2025-38321: smb: Log an error when closeallcached_dirs fails (bsc#1246328).
• CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
• CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
• CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
• CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686).
• CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in prurprocset_ctable() (bsc#1252824).
• CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
• CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
• CVE-2025-40081: perf: armspe: Prevent overflow in PERFIDX2OFF() (bsc#1252776).
• CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).
• CVE-2025-40134: dm: fix NULL pointer dereference in _dmsuspend() (bsc#1253386).
• CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
• CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
• CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
• CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
• CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
• CVE-2025-40170: net: use dstdevrcu() in sksetupcaps() (bsc#1253413).
• CVE-2025-40178: pid: Add a judgment for ns null in pidnrns (bsc#1253463).
• CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
• CVE-2025-40187: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce() (bsc#1253647).
• CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
• CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
• CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
• CVE-2025-40231: vsock: fix lock inversion in vsockassigntransport() (bsc#1254815).
• CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
• CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
• CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock (bsc#1255075).
• CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
• CVE-2025-40250: net/mlx5: Clean up only new IRQ glue on request_irq() failure (bsc#1254854).
• CVE-2025-40251: devlink: rate: Unset parent pointer in devlratenodes_destroy (bsc#1254856).
• CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont() and qedetpaend() (bsc#1254849).
• CVE-2025-40258: mptcp: fix race condition in mptcpschedulework() (bsc#1254843).
• CVE-2025-40268: cifs: client: fix memory leak in smb3fscontextparseparam (bsc#1255082).
• CVE-2025-40271: fs/proc: fix uaf in procreaddirde() (bsc#1255297).
• CVE-2025-40274: KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (bsc#1254830).
• CVE-2025-40278: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak (bsc#1254825).
• CVE-2025-40279: net: sched: actconnmark: initialize struct tcife to fix kernel leak (bsc#1254846).
• CVE-2025-40280: tipc: Fix use-after-free in tipcmonreinit_self() (bsc#1254847).
• CVE-2025-40287: exfat: fix improper check of dentry.stream.valid_size (bsc#1255030).
• CVE-2025-40289: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (bsc#1255042).
• CVE-2025-40292: virtio-net: fix received length check in big packets (bsc#1255175).
• CVE-2025-40293: iommufd: Don't overflow during division for dirty tracking (bsc#1255179).
• CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass (bsc#1255187).
• CVE-2025-40307: exfat: validate cluster allocation bits of the allocation bitmap (bsc#1255039).
• CVE-2025-40319: bpf: Sync pending IRQ work before freeing ring buffer (bsc#1254794).
• CVE-2025-40330: bnxten: Shutdown FW DMA in bnxtshutdown() (bsc#1254616).
• CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
• CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
• CVE-2025-40338: ASoC: Intel: avs: Do not share the name pointer between components (bsc#1255273).
• CVE-2025-40346: archtopology: Fix incorrect error check in topologyparsecpucapacity() (bsc#1255318).
• CVE-2025-40357: net/smc: fix general protection fault in __smcdiagdump (bsc#1255097).
• CVE-2025-68197: bnxten: Fix null pointer dereference in bnxtbstracecheck_wrap() (bsc#1255242).
• CVE-2025-68204: pmdomain: arm: scmi: Fix genpd leak on provider registration failure (bsc#1255224).
• CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
• CVE-2025-68208: bpf: account for current allocated stack depth in widenimprecisescalars() (bsc#1255227).
• CVE-2025-68209: mlx5: Fix default values in create CQ (bsc#1255230).
• CVE-2025-68239: binfmtmisc: restore write access before closing files opened by openexec() (bsc#1255272).
• CVE-2025-68255: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (bsc#1255395).
• CVE-2025-68259: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (bsc#1255199).
• CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
• CVE-2025-68302: net: sxgbe: fix potential NULL dereference in sxgbe_rx() (bsc#1255121).
• CVE-2025-68340: team: Move team device type change at the end of teamportadd (bsc#1255507).
• CVE-2025-68378: bpf: Refactor stack map trace depth calculation into helper function (bsc#1255614).
• CVE-2025-68742: bpf: Improve program stats run-time calculation (bsc#1255707).
• CVE-2025-68744: bpf: Free special fields when update [lru_,]percpu_hash maps (bsc#1255709).

The following non security issues were fixed:

• ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes).
• ACPI: PCC: Fix race condition by removing static qualifier (git-fixes).
• ACPI: processorcore: fix mapx2apic_id for amd-pstate on am4 (git-fixes).
• ACPI: property: Fix fwnode refcount leak in acpifwnodegraphparseendpoint() (git-fixes).
• ACPI: property: Use ACPI functions in acpigraphgetnextendpoint() only (stable-fixes).
• ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes).
• ALSA: ac97: fix a double free in sndac97controller_register() (git-fixes).
• ALSA: dice: fix buffer overflow in detectstreamformats() (git-fixes).
• ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes).
• ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes).
• ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41hdaread_acpi() (git-fixes).
• ALSA: pcmcia: Fix resource leak in sndpdacfprobe error path (git-fixes).
• ALSA: uapi: Fix typo in asound.h comment (git-fixes).
• ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes).
• ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes).
• ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes).
• ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes).
• ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes).
• ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
• ASoC: ak4458: Disable regulator when error happens (git-fixes).
• ASoC: ak4458: remove the reset operation in probe and remove (git-fixes).
• ASoC: ak5558: Disable regulator when error happens (git-fixes).
• ASoC: bcm: bcm63xx-pcm-whistler: Check return value of ofdmaconfigure() (git-fixes).
• ASoC: codecs: lpass-tx-macro: fix SM6115 support (git-fixes).
• ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes).
• ASoC: fsl_xcvr: clear the channel status control memory (git-fixes).
• ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes).
• ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes).
• ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes).
• ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes).
• ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
• ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes).
• ASoC: stm32: sai: fix device leak on probe (git-fixes).
• ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4ispdifquirks (git-fixes).
• Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes).
• Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete (git-fixes).
• Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes).
• Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes).
• Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes).
• Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes).
• Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf() NULL deref (git-fixes).
• Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface (git-fixes).
• Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes).
• Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes).
• Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes).
• Documentation: hid-alps: Fix packet format section headings (git-fixes).
• Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes).
• HID: apple: Add SONiX AK870 PRO to nonapplekeyboards quirk list (stable-fixes).
• HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes).
• HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes).
• HID: input: map HIDGDZ to ABS_DISTANCE for stylus/pen (stable-fixes).
• HID: logitech-dj: Remove duplicate error logging (git-fixes).
• HID: logitech-hidpp: Do not assume FAP in hidppsendmessage_sync() (git-fixes).
• HID: quirks: work around VID/PID conflict for appledisplay (git-fixes).
• Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes).
• Input: croseckeyb - fix an invalid memory access (stable-fixes).
• Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
• Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
• Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes).
• Input: tiam335xtsc - fix off-by-one error in wire_order validation (git-fixes).
• KEYS: trusted: Fix a memory leak in tpm2loadcmd (git-fixes).
• KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes).
• KVM: SEV: Drop GHCBVERSIONDEFAULT and open code it (bsc#1255463).
• PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes).
• PCI: dwc: Fix wrong PORTLOGICLTSSMSTATEMASK definition (git-fixes).
• PCI: keystone: Exit kspcieprobe() for invalid mode (git-fixes).
• PCI: rcar-gen2: Drop ARM dependency from PCIRCARGEN2 (git-fixes).
• PM: runtime: Do not clear needsforceresume with enabled runtime PM (git-fixes).
• Revert 'drm/amd/display: Fix pbn to kbps Conversion' (stable-fixes).
• Revert 'drm/amd/display: Move setupstreamattribute' (stable-fixes).
• Revert 'drm/amd: Skip power ungate during suspend for VPE' (git-fixes).
• Revert 'mtd: rawnand: marvell: fix layouts' (git-fixes).
• Revert 'net: r8169: Disable multicast filter for RTL8168H and RTL8107E' (jsc#PED-14353).
• Revert 'r8169: don't try to disable interrupts if NAPI is, scheduled already' (jsc#PED-14353).
• USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes).
• USB: lpc32xx_udc: Fix error handling in probe (git-fixes).
• USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
• USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes).
• USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes).
• USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
• USB: serial: option: add Foxconn T99W760 (stable-fixes).
• USB: serial: option: add Quectel RG255C (stable-fixes).
• USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes).
• USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes).
• USB: serial: option: add UNISOC UIS7720 (stable-fixes).
• USB: serial: option: add support for Rolling RW101R-GL (stable-fixes).
• USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes).
• USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes).
• accel/ivpu: Fix DCT active percent format (git-fixes).
• accel/ivpu: Fix race condition when unbinding BOs (git-fixes).
• arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes).
• arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes).
• atm/fore200e: Fix possible data race in fore200e_open() (git-fixes).
• atm: Fix dmafreecoherent() size (git-fixes).
• atm: idt77252: Add missing dma_map_error() (stable-fixes).
• backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
• backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
• bpf: Do not limit bpfcgroupfrom_id to current's namespace (bsc#1255433).
• bpf: Reject bpftimer for PREEMPTRT (git-fixes).
• broadcom: b44: prevent uninitialized value usage (git-fixes).
• btrfs: make sure extent and csum paths are always released in scrubraid56parity_stripe() (git-fixes).
• can: gsusb: gscan_open(): fix error handling (git-fixes).
• can: gsusb: gsusbxmitcallback(): fix handling of failed transmitted URBs (git-fixes).
• can: j1939: make j1939skbind() fail if device is no longer registered (git-fixes).
• can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes).
• can: sja1000: fix max irq loop handling (git-fixes).
• can: sun4ican: sun4ican_interrupt(): fix max irq loop handling (git-fixes).
• cgroup: rstat: use LOCK CMPXCHG in cssrstatupdated (bsc#1255434).
• char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes).
• cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449).
• clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
• clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes).
• clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes).
• clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes).
• clk: samsung: exynos-clkout: Assign .num before accessing .hws (git-fixes).
• comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes).
• comedi: check device's attached status in compat ioctls (git-fixes).
• comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes).
• comedi: pcl818: fix null-ptr-deref in pcl818aicancel() (git-fixes).
• cpufreq: intelpstate: Check IDA only before MSRIA32PERFCTL writes (git-fixes).
• cpufreq: nforce2: fix reference count leak in nforce2 (git-fixes).
• cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026).
• crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid (git-fixes).
• crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes).
• crypto: ccree - Correctly handle return of sgnentsfor_len (git-fixes).
• crypto: hisilicon/qm - restore original qos values (git-fixes).
• crypto: iaa - Fix incorrect return value in saveiaawq() (git-fixes).
• crypto: qat - fix duplicate restarting msg during AER error (git-fixes).
• crypto: rockchip - drop redundant cryptoskcipherivsize() calls (git-fixes).
• crypto: seqiv - Do not use req->iv after cryptoaeadencrypt (git-fixes).
• dm-integrity: limit MAXTAGSIZE to 255 (git-fixes).
• dm-verity: fix unreliable memory allocation (git-fixes).
• dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386).
• drivers/usb/dwc3: fix PCI parent check (git-fixes).
• drm/amd/amdgpu: reserve vm invalidation engine for uni_mes (stable-fixes).
• drm/amd/display: Check NULL before accessing (stable-fixes).
• drm/amd/display: Clear the CUR_ENABLE register on DCN20 on DPP5 (stable-fixes).
• drm/amd/display: Don't change brightness for disabled connectors (stable-fixes).
• drm/amd/display: Fix logical vs bitwise bug in getembeddedpanelinfov2_1() (git-fixes).
• drm/amd/display: Fix pbn to kbps Conversion (stable-fixes).
• drm/amd/display: Fix scratch registers offsets for DCN35 (stable-fixes).
• drm/amd/display: Fix scratch registers offsets for DCN351 (stable-fixes).
• drm/amd/display: Increase DPCD read retries (stable-fixes).
• drm/amd/display: Insert dccg log for easy debug (stable-fixes).
• drm/amd/display: Move sleep into each retry for retrievelinkcap() (stable-fixes).
• drm/amd/display: Prevent Gating DTBCLK before It Is Properly Latched (git-fixes).
• drm/amd/display: Use GFPATOMIC in dccreateplanestate() (stable-fixes).
• drm/amd/display: avoid reset DTBCLK at clock init (stable-fixes).
• drm/amd/display: disable DPP RCG before DPP CLK enable (stable-fixes).
• drm/amd: Skip power ungate during suspend for VPE (stable-fixes).
• drm/amdgpu/gmc11: add amdgpuvmhandle_fault() handling (stable-fixes).
• drm/amdgpu/gmc12: add amdgpuvmhandle_fault() handling (stable-fixes).
• drm/amdgpu: Forward VMID reservation errors (git-fixes).
• drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes).
• drm/amdgpu: add missing lock to amdgputtmaccessmemorysdma (git-fixes).
• drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes).
• drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (stable-fixes).
• drm/amdkfd: Export the cwsrsize and ctlstack_size to userspace (stable-fixes).
• drm/amdkfd: Fix GPU mappings for APU after prefetch (stable-fixes).
• drm/amdkfd: Trap handler support for expert scheduling mode (stable-fixes).
• drm/amdkfd: Use huge page size to check split svm range alignment (git-fixes).
• drm/amdkfd: bump minimum vgpr size for gfx1151 (stable-fixes).
• drm/displayid: add quirk to ignore DisplayID checksum errors (stable-fixes).
• drm/displayid: pass iter to drmfinddisplayid_extension() (stable-fixes).
• drm/edid: add DRMEDIDIDENTINIT() to initialize struct drmedid_ident (stable-fixes).
• drm/gma500: Remove unused helper psbfbdevfb_setcolreg() (git-fixes).
• drm/i915/dp: Initialize the source OUI write timestamp always (stable-fixes).
• drm/i915/dp_mst: Disable Panel Replay (git-fixes).
• drm/i915/gem: Zero-initialize the eb.vma array in i915gemdo_execbuffer (git-fixes).
• drm/i915: Fix format string truncation warning (git-fixes).
• drm/imagination: Disallow exporting of PM/FW protected objects (git-fixes).
• drm/imagination: Fix reference to devmplatformgetandioremap_resource() (git-fixes).
• drm/me/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
• drm/mediatek: Fix CCORR mtkctms3132tos1n function issue (git-fixes).
• drm/mediatek: Fix device node reference leak in mtkdpdt_parse() (git-fixes).
• drm/mediatek: Fix probe device leaks (git-fixes).
• drm/mediatek: Fix probe memory leak (git-fixes).
• drm/mediatek: Fix probe resource leaks (git-fixes).
• drm/mediatek: ovl_adaptor: Fix probe device leaks (git-fixes).
• drm/mgag200: Fix big-endian support (git-fixes).
• drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes).
• drm/msm/a6xx: Fix out of bound IO access in a6xxgetgmu_registers (git-fixes).
• drm/msm/a6xx: Fix the gemnoc workaround (git-fixes).
• drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
• drm/msm/a6xx: Improve MX rail fallback in RPMH vote init (git-fixes).
• drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes).
• drm/msm/dpu: Remove dead-code in dpuencoderhelperresetmixers() (git-fixes).
• drm/msm/dpu: drop dpuhwdsc_destroy() prototype (git-fixes).
• drm/nouveau/dispnv50: Don't call drmatomicgetcrtcstate() in prepare_fb (git-fixes).
• drm/nouveau: refactor deprecated strcpy (git-fixes).
• drm/nouveau: restrict the flush page to a 32-bit address (git-fixes).
• drm/panel: sony-td4353-jdi: Enable prepareprevfirst (git-fixes).
• drm/panel: visionox-rm69299: Don't clear all mode flags (git-fixes).
• drm/panthor: Avoid adding of kernel BOs to extobj list (git-fixes).
• drm/panthor: Fix UAF on kernel BO VA nodes (git-fixes).
• drm/panthor: Fix groupfreequeue() for partially initialized queues (git-fixes).
• drm/panthor: Fix potential memleak of vma structure (git-fixes).
• drm/panthor: Fix race with suspend during unplug (git-fixes).
• drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (git-fixes).
• drm/panthor: Handle errors returned by drmschedentity_init() (git-fixes).
• drm/pl111: Fix error handling in pl111ambaprobe (git-fixes).
• drm/plane: Fix ISERR() vs NULL check in drmplanecreatehotspot_properties() (git-fixes).
• drm/radeon: delete radeonfenceprocess in is_signaled, no deadlock (stable-fixes).
• drm/sched: Fix race in drmschedentityselectrq() (git-fixes).
• drm/tilcdc: Fix removal actions in case of failed probe (git-fixes).
• drm/tilcdc: request and mapp iomem with devres (stable-fixes).
• drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
• drm/vgem-fence: Fix potential deadlock on release (git-fixes).
• drm/vmwgfx: Use kref in vmwbodirty (stable-fixes).
• drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table (git-fixes).
• drm/xe/oa: Disallow 0 OA property values (git-fixes).
• drm/xe/oa: Fix potential UAF in xeoaaddconfigioctl() (git-fixes).
• drm/xe/oa: Limit num_syncs to prevent oversized allocations (git-fixes).
• drm/xe: Adjust long-running workload timeslices to reasonable values (git-fixes).
• drm/xe: Drop preempt-fences when destroying imported dma-bufs (git-fixes).
• drm/xe: Fix conversion from clock ticks to milliseconds (git-fixes).
• drm/xe: Limit num_syncs to prevent oversized allocations (git-fixes).
• drm/xe: Prevent BIT() overflow when handling invalid prefetch region (git-fixes).
• drm/xe: Restore engine registers before restarting schedulers after GT reset (git-fixes).
• drm/xe: Use usleep_range for accurate long-running workload timeslicing (git-fixes).
• drm: atmel-hlcdc: fix atmelxlcdcplanesetupscaler() (git-fixes).
• drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
• drm: sti: fix device leaks at component probe (git-fixes).
• efi/libstub: Avoid physical address 0x0 when doing random allocation (stable-fixes).
• efi/libstub: Describe missing 'out' parameter in efiloadinitrd (git-fixes).
• efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes).
• efi: stmm: Fix incorrect buffer allocation method (git-fixes).
• efi: stmm: fix kernel-doc 'bad line' warnings (git-fixes).
• exfat: add a check for invalid data size (git-fixes).
• exfat: using hweight instead of internal logic (git-fixes).
• ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
• ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366).
• fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes).
• fbdev: pxafb: Fix multiple clamped values in pxafbadjusttiming (git-fixes).
• fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes).
• fbdev: tcx.c fix memmap to correct smemstart offset (git-fixes).
• firewire: nosy: Fix dmafreecoherent() size (git-fixes).
• firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes).
• firmware: imx: scu-irq: fix OF node leak in (git-fixes).
• firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes).
• firmware: stratix10-svc: fix bug in saving controller data (git-fixes).
• firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes).
• fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025).
• ftrace: bpf: Fix IPMODIFY + DIRECT in modifyftracedirect() (git-fixes).
• genalloc.h: fix htmldocs warning (git-fixes).
• gpio: rockchip: mark the GPIO controller as sleeping (git-fixes).
• gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
• hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes).
• hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes).
• hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes).
• hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes).
• hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes).
• hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes).
• i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
• i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes).
• i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
• i3c: fix refcount inconsistency in i3cmasterregister (git-fixes).
• i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes).
• i3c: master: svc: Prevent incomplete IBI transaction (git-fixes).
• idr: fix idr_alloc() returning an ID out of range (git-fixes).
• iio: accel: bmc150: Fix irq assumption regression (stable-fixes).
• iio: accel: fix ADXL355 startup race condition (git-fixes).
• iio: adc: ad7280a: fix ad7280storebalance_timer() (git-fixes).
• iio: adc: tiam335xadc: Limit step_avg to valid range for gcc complains (stable-fixes).
• iio: core: Clean up device correctly on iiodevicealloc() failure (git-fixes).
• iio: core: add missing mutexdestroy in iiodev_release() (git-fixes).
• iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes).
• iio: imu: stlsm6dsx: fix array size for stlsm6dsx_settings fields (git-fixes).
• iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes).
• ima: Handle error code returned by imafilterrule_match() (git-fixes).
• intelth: Fix error handling in intelthoutputopen (git-fixes).
• ipmi: Fix _scanchannels() failing to rescan channels (stable-fixes).
• ipmi: Fix handling of messages with provided receive message pointer (git-fixes).
• ipmi: Fix the race between __scanchannels() and deliverresponse() (stable-fixes).
• ipmi: Rework user message limit handling (git-fixes).
• irqchip/mchp-eic: Fix error code in mchpeicdomain_alloc() (git-fixes).
• kconfig/mconf: Initialize the default locale at startup (stable-fixes).
• kconfig/nconf: Initialize the default locale at startup (stable-fixes).
• leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes).
• leds: leds-lp50xx: Enable chip before any communication (git-fixes).
• leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes).
• leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes).
• lib/vsprintf: Check pointer before dereferencing in timeanddate() (git-fixes).
• mailbox: mailbox-test: Fix debugfscreatedir error checking (git-fixes).
• media: TDA1997x: Remove redundant canceldelayedwork in probe (git-fixes).
• media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplog_status() (git-fixes).
• media: amphion: Add a frame flush mode for decoder (stable-fixes).
• media: amphion: Cancel message work before releasing the VPU core (git-fixes).
• media: amphion: Make some vpu_v4l2 functions static (stable-fixes).
• media: amphion: Remove vpuvbis_codecconfig (git-fixes).
• media: atomisp: Prefix firmware paths with 'intel/ipu/' (bsc#1252973).
• media: atomisp: Remove firmware_name module parameter (bsc#1252973).
• media: cec: Fix debugfs leak on bus_register() failure (git-fixes).
• media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg() (git-fixes).
• media: i2c: ADV7604: Remove redundant canceldelayedwork in probe (git-fixes).
• media: i2c: adv7842: Remove redundant canceldelayedwork in probe (git-fixes).
• media: imx-mipi-csis: Drop extra clock enable at probe() (git-fixes).
• media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes).
• media: nxp: imx8-isi: Mark all crossbar sink pads as MUST_CONNECT (stable-fixes).
• media: ov5640: fix vblank unchange issue when work at dvp mode (git-fixes).
• media: pci: ivtv: Don't create fake v4l2_fh (stable-fixes).
• media: pvrusb2: Fix incorrect variable used in trace message (git-fixes).
• media: qcom: camss: Fix genpd cleanup (git-fixes).
• media: qcom: camss: Fix ordering of pmruntimeenable (git-fixes).
• media: qcom: camss: cleanup media device allocated resource on error path (git-fixes).
• media: qcom: venus: fix incorrect return value (stable-fixes).
• media: radio-isa: use devname to fill in businfo (stable-fixes).
• media: rc: st_rc: Fix reset control resource leak (git-fixes).
• media: renesas: rcardrif: fix device node reference leak in rcardrifbondenabled (git-fixes).
• media: s5p-mfc: Fix potential deadlock on condlock (stable-fixes).
• media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes).
• media: uvcvideo: Force UVC version to 1.0a for 0408:4033 (stable-fixes).
• media: v4l2-mem2mem: Fix outdated documentation (git-fixes).
• media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes).
• media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes).
• media: verisilicon: Store chroma and motion vectors offset (stable-fixes).
• media: verisilicon: g2: Use common helpers to compute chroma and mv offsets (stable-fixes).
• media: videobuf2: Fix device reference leak in vb2dcalloc error path (git-fixes).
• media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes).
• media: vpif_capture: fix section mismatch (git-fixes).
• media: vpif_display: fix section mismatch (git-fixes).
• mei: gsc: add dependency on Xe driver (git-fixes).
• mei: me: add wildcat lake P DID (stable-fixes).
• mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes).
• mfd: da9055: Fix missing regmapdelirq_chip() in error path (git-fixes).
• mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes).
• mfd: mt6358-irq: Fix missing irqdomainremove() in error path (git-fixes).
• mfd: mt6397-irq: Fix missing irqdomainremove() in error path (git-fixes).
• mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes).
• mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes).
• most: usb: fix double free on late probe failure (git-fixes).
• mt76: mt7615: Fix memory leak in mt7615mcuwtblstaadd() (git-fixes).
• mtd: lpddrcmds: fix signed shifts in lpddrcmds (git-fixes).
• mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes).
• mtd: nand: relax ECC parameter validation check (git-fixes).
• mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes).
• mtd: rawnand: renesas: Handle devmpmruntime_enable() errors (git-fixes).
• net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes).
• net: nfc: fix deadlock between nfcunregisterdevice and rfkillfopwrite (git-fixes).
• net: phy: adin1100: Fix software power-down ready condition (git-fixes).
• net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes).
• net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes).
• net: r8169: Disable multicast filter for RTL8168H and RTL8107E (jsc#PED-14353).
• net: rose: fix invalid array index in rosekillby_device() (git-fixes).
• net: usb: pegasus: fix memory leak in updateethregs_async() (git-fixes).
• net: usb: rtl8150: fix memory leak on usbsubmiturb() failure (git-fixes).
• net: usb: sr9700: fix incorrect command used to write single register (git-fixes).
• net: wwan: iosm: Fix memory leak in ipcmuxdeinit() (git-fixes).
• netdevsim: print human readable IP address (bsc#1255071).
• nfc: pn533: Fix error code in pn533acr122poweron_rdr() (git-fixes).
• nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223).
• nfsd: fix return error codes for nfsdmapnametoid (bsc#1232223).
• nvme: Use non zero KATO for persistent discovery connections (git-fixes).
• orangefs: fix xattr related buffer overflow.. (git-fixes).
• perf list: Add IBM z17 event descriptions (jsc#PED-13611).
• perf/x86/intel: Fix KASAN global-out-of-bounds warning (git-fixes).
• phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes).
• phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcargen3phyusb2probe() (git-fixes).
• pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes).
• pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes).
• pinctrl: single: Fix PINCONFIGBIAS_DISABLE handling (stable-fixes).
• pinctrl: single: Fix incorrect type for error return variable (git-fixes).
• pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes).
• platform/chrome: crosecishtp: Fix UAF after unbinding driver (git-fixes).
• platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes).
• platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes).
• platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes).
• platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes).
• platform/x86: acer-wmi: Ignore backlight event (stable-fixes).
• platform/x86: asus-wmi: use brightnesssetblocking() for kbd led (git-fixes).
• platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing (git-fixes).
• platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes).
• platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes).
• platform/x86: intel: chtwc_int33fe: don't dereference swnode args (git-fixes).
• platform/x86: intel: punit_ipc: fix memory corruption (git-fixes).
• platform/x86: msi-laptop: add missing sysfsremovegroup() (git-fixes).
• power: supply: apmpower: only unset own apmgetpowerstatus (git-fixes).
• power: supply: cw2015: Check devmdelayedwork_autocancel() return code (git-fixes).
• power: supply: rt9467: Prevent using uninitialized local variable in rt9467setvaluefromranges() (git-fixes).
• power: supply: rt9467: Return error on failure in rt9467setvaluefromranges() (git-fixes).
• power: supply: wm831x: Check wm831xsetbits() return value (git-fixes).
• powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187).
• powerpc/eeh: fix recursive pcilockrescan_remove locking in EEH event handling (bsc#1253262 ltc#216029).
• powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496).
• pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes).
• r8169: Fix spelling mistake: 'txunderun' -> 'txunderrun' (jsc#PED-14353).
• r8169: Use PCIIRQINTX instead of PCIIRQLEGACY (jsc#PED-14353).
• r8169: add MODULE_FIRMWARE entry for RTL8126A (jsc#PED-14353).
• r8169: add PHY c45 ops for MDIOMMDVENDOR2 registers (jsc#PED-14353).
• r8169: add generic rtlseteeetxidletimer function (jsc#PED-14353).
• r8169: add missing MODULE_FIRMWARE entry for RTL8126A rev.b (jsc#PED-14353).
• r8169: add support for Intel Killer E5000 (jsc#PED-14353).
• r8169: add support for RTL8125BP rev.b (jsc#PED-14353).
• r8169: add support for RTL8125D (jsc#PED-14353).
• r8169: add support for RTL8125D rev.b (jsc#PED-14353).
• r8169: add support for RTL8126A rev.b (jsc#PED-14353).
• r8169: add support for RTL8168M (jsc#PED-14353).
• r8169: add support for returning txlpitimer in ethtool get_eee (jsc#PED-14353).
• r8169: add support for the temperature sensor being available from RTL8125B (jsc#PED-14353).
• r8169: adjust version numbering for RTL8126 (jsc#PED-14353).
• r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353).
• r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353).
• r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353).
• r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353).
• r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353).
• r8169: avoid unsolicited interrupts (jsc#PED-14353).
• r8169: check for PCI read error in probe (jsc#PED-14353).
• r8169: disable ALDPS per default for RTL8125 (jsc#PED-14353).
• r8169: disable RTL8126 ZRX-DC timeout (jsc#PED-14353).
• r8169: disable interrupt source RxOverflow (jsc#PED-14353).
• r8169: don't apply UDP padding quirk on RTL8126A (jsc#PED-14353).
• r8169: don't increment txdropped in case of NETDEVTX_BUSY (jsc#PED-14353).
• r8169: don't scan PHY addresses > 0 (jsc#PED-14353).
• r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353).
• r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353).
• r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353).
• r8169: fix RTL8117 Wake-on-Lan in DASH mode (git-fixes).
• r8169: fix inconsistent indenting in rtl8169getethmacstats (jsc#PED-14353).
• r8169: implement additional ethtool stats ops (jsc#PED-14353).
• r8169: improve RTL8411b phy-down fixup (jsc#PED-14353).
• r8169: improve __rtl8169setwol (jsc#PED-14353).
• r8169: improve handling task scheduling (jsc#PED-14353).
• r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353).
• r8169: improve rtlsetd3plldown (jsc#PED-14353).
• r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353).
• r8169: remove detection of chip version 11 (early RTL8168b) (jsc#PED-14353).
• r8169: remove leftover locks after reverted change (jsc#PED-14353).
• r8169: remove multicast filter limit (jsc#PED-14353).
• r8169: remove not needed check in rtlfwwrite_firmware (jsc#PED-14353).
• r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353).
• r8169: remove redundant hwmon support (jsc#PED-14353).
• r8169: remove rtldashloopwaithigh/low (jsc#PED-14353).
• r8169: remove support for chip version 11 (jsc#PED-14353).
• r8169: remove unused flag RTLFLAGTASKRESETNOQUEUEWAKE (jsc#PED-14353).
• r8169: set EEE speed down ratio to 1 (stable-fixes).
• r8169: simplify EEE handling (jsc#PED-14353).
• r8169: simplify code by using core-provided pcpu stats allocation (jsc#PED-14353).
• r8169: support setting the EEE tx idle timer on RTL8168h (jsc#PED-14353).
• r8169: use deverrprobe in all appropriate places in rtlinitone() (jsc#PED-14353).
• r8169: use helper r8169modreg8cond to simplify rtljumbo_config (jsc#PED-14353).
• regulator: core: Protect regulatorsupplyaliaslist with regulatorlist_mutex (git-fixes).
• regulator: core: disable supply if enabling main regulator fails (git-fixes).
• reset: fix BIT macro reference (stable-fixes).
• rpmsg: glink: fix rpmsg device leak (git-fixes).
• rtc: gamecube: Check the return value of ioremap() (git-fixes).
• scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119).
• scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119).
• scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119).
• scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119).
• scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119).
• scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119).
• scsi: lpfc: Remove redundant NULL ptr assignment in lpfcelsfree_iocb() (bsc#1254119).
• scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119).
• scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
• scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119).
• scsi: mpi3mr: Fix I/O failures during controller reset (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Fix controller init failure on fault during queue creation (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Fix device loss during enclosure reboot due to zero link speed (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Fix premature TM timeouts on virtual drives (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Update MPI headers to revision 37 (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Update driver version to 8.14.0.5.50 (bsc#1251752 jsc#PED-14280).
• scsi: mpi3mr: Update driver version to 8.15.0.5.50 (bsc#1251752 jsc#PED-14280).
• selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes).
• selftests/net: calibrate txtimestamp (bsc#1255085).
• selftests/net: convert fcnal-test.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert fib-onlink-tests.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert fibnexthopmultiprefix to run it in unique namespace (bsc#1254235).
• selftests/net: convert fibnexthopnongw.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert fib_nexthops.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert fibruletests.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert fib_tests.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert srv6enddt46l3vpntest.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert srv6enddt4l3vpntest.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert srv6enddt6l3vpntest.sh to run it in unique namespace (bsc#1254235).
• selftests/net: convert testvxlanvnifiltering.sh to run it in unique namespace (bsc#1255349).
• selftests/net: convert vrfrouteleaking.sh to run it in unique namespace (bsc#1255349).
• selftests/net: synchronize udpgro tests' tx and rx connection (bsc#1254235).
• selftests: Introduce Makefile variable to list shared bash scripts (bsc#1254235).
• selftests: bonding: Add net/forwarding/lib.sh to TEST_INCLUDES (bsc#1254235).
• selftests: dsa: Replace test symlinks by wrapper script (bsc#1254235).
• selftests: net: Remove executable bits from library scripts (bsc#1254235).
• selftests: net: explicitly wait for listener ready (bsc#1254235).
• selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346).
• selftests: net: include forwarding lib (bsc#1254235).
• selftests: net: included needed helper in the install targets (bsc#1254235).
• selftests: net: more strict check in net_helper (bsc#1254235).
• selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349).
• selftests: net: use slowwait to stabilize vrfrouteleaking test (bsc#1255349).
• selftests: net: veth: test the ability to independently manipulate GRO and XDP (bsc#1255101).
• selftests: team: Add shared library scripts to TEST_INCLUDES (bsc#1254235).
• selftests: vrfrouteleaking: remove ipv6pingfrag from default testing (bsc#1255349).
• serial: add support of CPCI cards (stable-fixes).
• serial: amba-pl011: prefer dmamappingerror() over explicit address checking (git-fixes).
• serial: core: Fix serial device initialization (git-fixes).
• serial: core: Restore sysfs fwnode information (git-fixes).
• serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes).
• slimbus: ngd: Fix reference count leak in qcomslimngdnotifyslaves (git-fixes).
• smc91x: fix broken irq-context in PREEMPT_RT (git-fixes).
• soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
• soc: amlogic: canvas: fix device leak on lookup (git-fixes).
• soc: qcom: ocmem: fix device leak on lookup (git-fixes).
• soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes).
• spi: amlogic-spifc-a1: Handle devmpmruntime_enable() errors (git-fixes).
• spi: bcm63xx: drop wrong casts in probe() (git-fixes).
• spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes).
• spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes).
• spi: imx: keep dma request disabled before dma transfer setup (stable-fixes).
• spi: tegra210-qspi: Remove cache operations (git-fixes).
• spi: tegra210-quad: Add support for internal DMA (git-fixes).
• spi: tegra210-quad: Check hardware status on timeout (bsc#1253155).
• spi: tegra210-quad: Fix timeout handling (bsc#1253155).
• spi: tegra210-quad: Fix timeout handling (git-fixes).
• spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155).
• spi: tegra210-quad: Update dummy sequence configuration (git-fixes).
• spi: xilinx: increase number of retries before declaring stall (stable-fixes).
• staging: fbtft: core: fix potential memory leak in fbtftprobecommon() (git-fixes).
• staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes).
• staging: rtl8723bs: fix out-of-bounds read in rtwgetie() parser (stable-fixes).
• thunderbolt: Add support for Intel Wildcat Lake (stable-fixes).
• tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477).
• tracing: Fix access to traceeventfile (bsc#1254373).
• uio: uiofslelbcgpcm:: Add null pointer check to uiofslelbcgpcm_probe (git-fixes).
• usb: cdns3: Fix double resource release in cdns3pciprobe (git-fixes).
• usb: chaoskey: fix locking for O_NONBLOCK (git-fixes).
• usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes).
• usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes).
• usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes).
• usb: dwc2: fix hang during suspend if set as peripheral (git-fixes).
• usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
• usb: dwc3: Fix race condition between concurrent dwc3removerequests() call paths (git-fixes).
• usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes).
• usb: dwc3: of-simple: fix clock resource leak in dwc3ofsimple_probe (git-fixes).
• usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes).
• usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes).
• usb: gadget: configfs: Correctly set useosstring at bind (git-fixes).
• usb: gadget: feem: Fix memory leak in eemunwrap (git-fixes).
• usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes).
• usb: gadget: renesasusbf: Handle devmpmruntimeenable() errors (git-fixes).
• usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes).
• usb: ohci-nxp: Use helper function devmclkget_enabled() (stable-fixes).
• usb: ohci-nxp: fix device leak on probe failure (git-fixes).
• usb: phy: Initialize struct usbphy listhead (git-fixes).
• usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes).
• usb: raw-gadget: cap rawio transfer length to KMALLOCMAX_SIZE (git-fixes).
• usb: raw-gadget: do not limit transfer length (git-fixes).
• usb: renesasusbhs: Fix a resource leak in usbhspipe_malloc() (git-fixes).
• usb: storage: Fix memory leak in USB bulk transport (git-fixes).
• usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes).
• usb: typec: tipd: Clear interrupts first (git-fixes).
• usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes).
• usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes).
• usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes).
• usb: udc: Add trace event for usbgadgetset_state (stable-fixes).
• usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes).
• usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes).
• usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
• usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes).
• usbip: Fix locking bug in RT-enabled kernels (stable-fixes).
• via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes).
• virtio_console: fix order of fields cols and rows (stable-fixes).
• watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes).
• wifi: ath10k: Add missing include of export.h (stable-fixes).
• wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes).
• wifi: ath10k: move recovery check logic into a new work (git-fixes).
• wifi: ath11k: fix peer HE MCS assignment (git-fixes).
• wifi: ath11k: restore register window after global reset (git-fixes).
• wifi: ath12k: fix potential memory leak in ath12kwowarpnsoffload() (git-fixes).
• wifi: avoid kernel-infoleak from struct iw_point (git-fixes).
• wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes).
• wifi: cfg80211: sme: store capped length in __cfg80211connectresult() (git-fixes).
• wifi: cfg80211: stop radar detection in cfg80211_leave() (stable-fixes).
• wifi: cfg80211: use cfg80211_leave() in iftype change (stable-fixes).
• wifi: cw1200: Fix potential memory leak in cw1200bhrx_helper() (git-fixes).
• wifi: ieee80211: correct FILS status codes (git-fixes).
• wifi: mac80211: do not use old MBSSID elements (git-fixes).
• wifi: mac80211: fix CMAC functions not handling errors (git-fixes).
• wifi: mac80211: restore non-chanctx injection behaviour (git-fixes).
• wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes).
• wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (stable-fixes).
• wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (stable-fixes).
• wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load (stable-fixes).
• wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes).
• wifi: rtl818x: Fix potential memory leaks in rtl8180initrx_ring() (git-fixes).
• wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb() (git-fixes).
• wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfill_desc() (git-fixes).
• wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes).
• wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes).
• x86/hyperv: Fix APIC ID and VP index confusion in hvsnpboot_ap() (git-fixes).
• x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
• x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
• x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
• x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
• x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
• x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
• x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
• x86/microcode/AMD: Fix __applymicrocodeamd()'s return value (bsc#1256528).
• x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
• x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
• x86/microcode/AMD: Select which microcode patch to load (bsc#1256528).
• x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
• x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
• xhci: dbgtty: fix device unregister (git-fixes).
• xhci: fix stale flag preventig URBs after link state error is cleared (git-fixes).