diff --git a/.gitmodules b/.gitmodules index 178dcc7..077d3a3 100644 --- a/.gitmodules +++ b/.gitmodules @@ -9134,3 +9134,6 @@ [submodule "kernel-livepatch-MICRO-6-0-RT_Update_3"] path = kernel-livepatch-MICRO-6-0-RT_Update_3 url = ../../ALP-pool/kernel-livepatch-MICRO-6-0-RT_Update_3 +[submodule "kernel-livepatch-MICRO-6-0_Update_3"] + path = kernel-livepatch-MICRO-6-0_Update_3 + url = ../../ALP-pool/kernel-livepatch-MICRO-6-0_Update_3 diff --git a/kernel-livepatch-MICRO-6-0_Update_3 b/kernel-livepatch-MICRO-6-0_Update_3 new file mode 160000 index 0000000..ae0d953 --- /dev/null +++ b/kernel-livepatch-MICRO-6-0_Update_3 @@ -0,0 +1 @@ +Subproject commit ae0d95355144939d77e52b113491a540d90ef961 diff --git a/kernel-source b/kernel-source index 1452f6a..405c594 160000 --- a/kernel-source +++ b/kernel-source @@ -1 +1 @@ -Subproject commit 1452f6a228aa0709f6efbb2f681f18a76e1c6af8 +Subproject commit 405c594f479c4d1e2363d64c282e53ef648f41c8 diff --git a/patchinfo.20241015104416836583.269002615871826/_patchinfo b/patchinfo.20241015104416836583.269002615871826/_patchinfo new file mode 100644 index 0000000..6287b53 --- /dev/null +++ b/patchinfo.20241015104416836583.269002615871826/_patchinfo @@ -0,0 +1,1168 @@ + + + Continuous stable update tracker for Tumbleweed + mount command hangs on reserved scsi disk + [trackerbug] 6.4 powerpc base kernel fixes + L3: ibmvfc max_xfer_size is missing ref:_00D1igLOd._5005qXBPNc:ref + kvm - qla2xxx IO errors and aborts in the host cause multipath failed devices in the guest + Partner-L3: x86/mm/ident_map: Use gbpages only where full GB page should be mapped. + [SLES][Xen] Unexpected call trace pertinent to CPA detected W^X violation + VUL-0: CVE-2023-52610: kernel: net/sched: act_ct: fix skb leak and crash on ooo frags + VUL-0: CVE-2024-26640: kernel: tcp: add sanity checks to rx zerocopy + VUL-0: CVE-2024-26804: kernel: net: ip_tunnel: prevent perpetual headroom growth + L3: RT kernel - IRQ appears on isolated cores when it shouldn't appear based on the irqbalance and kernel args configuration + L3: KVM passthrough disks are detected as 0 byte disks on guest + VUL-0: CVE-2023-52752: kernel: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() + VUL-0: CVE-2024-36953: kernel: KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() + bpf: backport of iterator and callback handling fixes + L3: Xen refuses to boot in AMD Ryzen Pro system - ref:_00D1igLOd._500Tr64Tw1:ref + [INTEL 15SP6 BUG][VROC] MD: Long delay for container drive removal + VUL-0: CVE-2024-38538: kernel: net: bridge: xmit: make sure we have at least eth header len bytes + ASR signed driver does not load on SUSE + VUL-0: CVE-2024-38596: kernel: af_unix: fix data races in unix_release_sock/unix_stream_sendmsg + VUL-0: CVE-2024-38632: kernel: vfio/pci: fix potential memory leak in vfio_intx_enable() + powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() + Multiple kernel warnings when using dasd_mod.dasd=ipldev if not IPLing from DASD + NFS 4.0 Server generating NFS4ERR_BAD_SEQID on lock attempts + VUL-0: CVE-2024-40983: kernel: tipc: force a dst refcount before doing decryption + VUL-0: CVE-2024-40965: kernel: i2c: lpi2c: Avoid calling clk_get_rate during transfer + VUL-0: CVE-2024-40973: kernel: media: mtk-vcodec: potential null pointer deference in SCP + perf fails with errors: 0x4319b368 [0x8]: failed to process type: 68 [Cannot allocate memory] + Backport arm64: PCI: Extend ACS configurability + continuously growing values in /proc/sys/fs/file-nr with the linux-5.14.21-150500.55.65 kernel during special NFS load tests + [NetApp SLES15 SP6 Bug]: NVMe device inconsistency seen during repeated old NS unmap & new NS map using reused NSID + VUL-0: CVE-2024-42154: kernel: tcp_metrics: validate source addr length + IPMI during the early boot is causing a panic on NVIDIA Grace Hopper nodes (Arm) + VUL-0: CVE-2024-42243: kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray + VUL-0: CVE-2024-42252: kernel: closures: change BUG_ON() to WARN_ON() + KVM:Starting KVM error "ensure all devices within the iommu_group are bound to their vfio bus driver" after kernel update + mana: Fix RX buf alloc_size alignment and atomic op panic + KVM: s390: fix validity interception issue when gisa is switched off + s390/sclp: Prevent release of buffer in I/O + VUL-0: CVE-2024-43835: kernel: virtio_net: Fix napi_skb_cache_put warning + VUL-0: CVE-2024-42265: kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions + VUL-0: CVE-2024-42306: kernel: udf: Avoid using corrupted block bitmap buffer + VUL-0: CVE-2024-42305: kernel: ext4: check dot and dotdot of dx_root before making dir indexed + VUL-0: CVE-2024-42304: kernel: ext4: make sure the first directory block is not a hole + VUL-0: CVE-2024-42294: kernel: block: fix deadlock between sd_remove & sd_release + VUL-0: CVE-2024-43832: kernel: s390/uv: Don't call folio_wait_writeback() without a folio reference + VUL-0: CVE-2024-43845: kernel: udf: Fix bogus checksum computation in udf_rename() + VUL-0: CVE-2024-43828: kernel: ext4: fix infinite loop when replaying fast_commit + Update Broadcom Emulex lpfc driver for SLES15 SP7 to 14.4.0.4 + Partner-L3: Backport x86/kaslr fix impacting ML/HPC workloads + s390/dasd: fix error recovery leading to data corruption on ESE devices + fs/netfs/fscache_cookie: add missing "n_accesses" check + CVE-2024-44947: kernel: fuse: Initialize beyond-EOF page contents before setting uptodate + VUL-0: CVE-2024-43870: kernel: perf: Fix event leak upon exit + Crash due to invalid per cpu cache freelist + VUL-0: CVE-2024-43898: kernel: ext4: sanity check for NULL pointer after ext4_force_shutdown + VUL-0: CVE-2024-43890: kernel: tracing: fix overflow in get_free_elt() + VUL-0: CVE-2024-43904: kernel: drm/amd/display: add null checks for 'stream' and 'plane' before dereferencing + VUL-0: CVE-2024-43914: kernel: md/raid5: avoid BUG_ON() while continue reshape after reassembling + VUL-0: CVE-2024-44935: kernel: sctp: Fix null-ptr-deref in reuseport_add_sock(). + VUL-0: CVE-2024-44944: kernel: Netfilter Conntrack Type Confusion Information Disclosure Vulnerability + Error: Unable to start qat_crypto service with XEN + VUL-0: CVE-2024-44946: kernel: kcm: Serialise kcm_sendmsg() for the same socket. + [HPE Bug] SLES15 SP6 cannot be installed with DL380a Gen12 (2P, SRF-SP) + NVidia L40 GPU in slot17 + fuse: use unsigned type for getxattr/listxattr size truncation + fuse: fix memory leak in fuse_create_open + fuse: update stats for pages in dropped aux writeback list + VUL-0: CVE-2024-45002: kernel: rtla/osnoise: Prevent NULL dereference in error handling + VUL-0: CVE-2024-45000: kernel: fs/netfs/fscache_cookie: add missing "n_accesses" check + VUL-0: CVE-2024-44998: kernel: atm: idt77252: prevent use after free in dequeue_rx() + VUL-0: CVE-2024-45005: kernel: KVM: s390: fix validity interception issue when gisa is switched off + VUL-0: CVE-2024-44948: kernel: x86/mtrr: Check if fixed MTRRs exist before saving them + VUL-0: CVE-2024-45007: kernel: char: xillybus: Don't destroy workqueue from work item running on it + VUL-0: CVE-2024-44954: kernel: ALSA: line6: Fix racy access to midibuf + VUL-0: CVE-2024-44952: kernel: driver core: Fix uevent_show() vs driver detach race + VUL-0: CVE-2024-44950: kernel: serial: sc16is7xx: fix invalid FIFO access with special register set + VUL-0: CVE-2024-44951: kernel: serial: sc16is7xx: fix TX fifo corruption + VUL-0: CVE-2024-44987: kernel: ipv6: prevent UAF in ip6_send_skb() + VUL-0: CVE-2024-44960: kernel: usb: gadget: core: Check for unset descriptor + VUL-0: CVE-2024-44988: kernel: net: dsa: mv88e6xxx: Fix out-of-bound access + VUL-0: CVE-2024-44989: kernel: bonding: fix xfrm real_dev null pointer dereference + VUL-0: CVE-2024-44990: kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok + VUL-0: CVE-2024-44991: kernel: tcp: prevent concurrent execution of tcp_sk_exit_batch + VUL-0: CVE-2024-44969: kernel: s390/sclp: Prevent release of buffer in I/O + VUL-0: CVE-2024-44982: kernel: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails + VUL-0: CVE-2024-44985: kernel: ipv6: prevent possible UAF in ip6_xmit() + VUL-0: CVE-2024-44961: kernel: drm/amdgpu: Forward soft recovery errors to userspace + VUL-0: CVE-2024-44970: kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink + VUL-0: CVE-2024-44971: kernel: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() + VUL-0: CVE-2024-44962: kernel: Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading + VUL-0: CVE-2024-44977: kernel: drm/amdgpu: Validate TA binary size + VUL-0: CVE-2024-44965: kernel: x86/mm: Fix pti_clone_pgtable() alignment assumption + VUL-0: CVE-2024-44967: kernel: drm/mgag200: Bind I2C lifetime to DRM device + VUL-0: CVE-2024-44986: kernel: ipv6: fix possible UAF in ip6_finish_output2() + VUL-0: CVE-2024-44997: kernel: net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() + VUL-0: CVE-2024-44999: kernel: gtp: pull network headers in gtp_dev_xmit() + VUL-0: CVE-2024-44984: kernel: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT + VUL-0: CVE-2024-45001: kernel: net: mana: Fix RX buf alloc_size alignment and atomic op panic + VUL-0: CVE-2024-45003: kernel: vfs: Don't evict inode under the inode lru traversing context + VUL-0: CVE-2024-45006: kernel: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration + VUL-0: CVE-2024-45008: kernel: Input: MT - limit max slots + VUL-0: CVE-2023-52916: kernel: media: aspeed: Fix memory overwrite if timing is 1600x900 + VUL-0: CVE-2023-52915: kernel: media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer + SLES15 SP6 - [P10][DD2.0][SHARED] - Hard lockups and Soft lockups are seen and LPAR hangs while running stress-ng (queued_spin_lock) + VUL-0: CVE-2024-26759: kernel: mm/swap: fix race when skipping swapcache + [Build :35534:dtb-armv7l] ndctl create-namespace fails with new kernel + SLES 15 SP6 - s390/dasd: Remove DMA alignment + VUL-0: CVE-2024-45017: kernel: net/mlx5: Fix IPsec RoCE MPV trace call + VUL-0: CVE-2024-45018: kernel: netfilter: flowtable: initialise extack before use + VUL-0: CVE-2024-45019: kernel: net/mlx5e: Take state lock during tx timeout reporter + VUL-0: CVE-2024-45020: kernel: bpf: Fix a kernel verifier crash in stacksafe() + VUL-0: CVE-2024-45021: kernel: memcg_write_event_control(): fix a user-triggerable oops + VUL-0: CVE-2024-45022: kernel: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 + VUL-0: CVE-2024-45011: kernel: char: xillybus: Check USB endpoints when probing device + VUL-0: CVE-2024-45012: kernel: nouveau/firmware: use dma non-coherent allocator + VUL-0: CVE-2024-45013: kernel: nvme: move stopping keep-alive into nvme_uninit_ctrl() + VUL-0: CVE-2024-45015: kernel: drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() + VUL-0: CVE-2024-45028: kernel: mmc: mmc_test: Fix NULL dereference on allocation failure + VUL-0: CVE-2024-45029: kernel: i2c: tegra: Do not mark ACPI devices as irq safe + VUL-0: CVE-2024-45026: kernel: s390/dasd: fix error recovery leading to data corruption on ESE devices + VUL-0: CVE-2024-45023: kernel: md/raid1: Fix data corruption for degraded array with slow disk + VUL-0: CVE-2024-45030: kernel: igb: cope with large MAX_SKB_FRAGS + VUL-0: CVE-2024-46672: kernel: wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion + VUL-0: CVE-2024-46673: kernel: scsi: aacraid: Fix double-free on probe failure + VUL-0: CVE-2024-46674: kernel: usb: dwc3: st: fix probed platform device ref count on probe error path + VUL-0: CVE-2024-46694: kernel: drm/amd/display: avoid using null object of framebuffer + VUL-0: CVE-2024-46685: kernel: pinctrl: single: fix potential NULL dereference in pcs_get_function() + VUL-0: CVE-2024-46686: kernel: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() + VUL-0: CVE-2024-46687: kernel: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() + VUL-0: CVE-2024-46695: kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook + VUL-0: CVE-2024-46692: kernel: firmware: qcom: scm: Mark get_wq_ctx() as atomic call + VUL-0: CVE-2024-46693: kernel: soc: qcom: pmic_glink: Fix race during initialization + VUL-0: CVE-2024-46689: kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB + VUL-0: CVE-2024-46691: kernel: usb: typec: ucsi: Move unregister out of atomic section + VUL-0: CVE-2024-46675: kernel: usb: dwc3: core: Prevent USB core invalid event buffer address access + VUL-0: CVE-2024-46676: kernel: nfc: pn533: Add poll mod list filling check + VUL-0: CVE-2024-46709: kernel: drm/vmwgfx: Fix prime with external buffers + VUL-0: CVE-2024-46710: kernel: drm/vmwgfx: Prevent unmapping active read buffers + VUL-0: CVE-2024-46677: kernel: gtp: fix a potential NULL pointer dereference + VUL-0: CVE-2024-46679: kernel: ethtool: check device is present when getting link settings + s390/mm: Convert gmap_make_secure to use a folio + s390/mm: Convert make_page_secure to use a folio + s390: allow pte_offset_map_lock() to fail + VUL-0: CVE-2024-46706: kernel: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port + VUL-0: CVE-2024-46707: kernel: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 + VUL-0: CVE-2024-46702: kernel: thunderbolt: Mark XDomain as unplugged when router is removed + fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF + VUL-0: CVE-2024-46714: kernel: drm/amd/display: Skip wbscl_set_scaler_filter if filter is null + VUL-0: CVE-2024-46715: kernel: driver: iio: add missing checks on iio_info's callback access + VUL-0: CVE-2024-46730: kernel: drm/amd/display: Ensure array index tg_inst won't be -1 + VUL-0: CVE-2024-46723: kernel: drm/amdgpu: fix ucode out-of-bounds read warning + VUL-0: CVE-2024-46728: kernel: drm/amd/display: Check index for aux_rd_interval before using + VUL-0: CVE-2024-46729: kernel: drm/amd/display: Fix incorrect size calculation for loop + VUL-0: CVE-2024-46725: kernel: drm/amdgpu: Fix out-of-bounds write warning + VUL-0: CVE-2024-46726: kernel: drm/amd/display: Ensure index calculation will not overflow + VUL-0: CVE-2024-46731: kernel: drm/amd/pm: fix the Out-of-bounds read warning + VUL-0: CVE-2024-46732: kernel: drm/amd/display: Assign linear_pitch_alignment even for VM + VUL-0: CVE-2024-46722: kernel: drm/amdgpu: fix mc_data out-of-bounds read warning + VUL-0: CVE-2024-46716: kernel: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor + VUL-0: CVE-2024-46717: kernel: net/mlx5e: SHAMPO, Fix incorrect page release + VUL-0: CVE-2024-46719: kernel: usb: typec: ucsi: Fix null pointer dereference in trace + VUL-0: CVE-2024-46720: kernel: drm/amdgpu: fix dereference after null check + VUL-0: CVE-2024-46724: kernel: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number + VUL-0: CVE-2024-46734: kernel: btrfs: fix race between direct IO write and fsync when using same fd + VUL-0: CVE-2024-46735: kernel: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() + VUL-0: CVE-2024-46737: kernel: nvmet-tcp: fix kernel crash if commands allocation fails + VUL-0: CVE-2024-46738: kernel: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() + VUL-0: CVE-2024-46739: kernel: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind + VUL-0: CVE-2024-46744: kernel: Squashfs: sanity check symbolic link size + VUL-0: CVE-2024-46745: kernel: Input: uinput - reject requests with unreasonable number of slots + VUL-0: CVE-2024-46741: kernel: misc: fastrpc: Fix double free of 'buf' in error path + VUL-0: CVE-2024-46746: kernel: HID: amd_sfh: free driver_data after destroying hid device + VUL-0: CVE-2024-46747: kernel: HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup + VUL-0: CVE-2024-46760: kernel: wifi: rtw88: usb: schedule rx work after everything is set up + VUL-0: CVE-2024-46743: kernel: of/irq: Prevent device address out-of-bounds read in interrupt map walk + VUL-0: CVE-2024-46761: kernel: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv + VUL-0: CVE-2024-46771: kernel: can: bcm: Remove proc entry when dev is unregistered. + VUL-0: CVE-2024-46774: kernel: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() + VUL-0: CVE-2024-46781: kernel: nilfs2: fix missing cleanup on rollforward recovery error + VUL-0: CVE-2024-46784: kernel: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup + VUL-0: CVE-2024-46772: kernel: drm/amd/display: Check denominator crb_pipes before used + VUL-0: CVE-2024-46776: kernel: drm/amd/display: Run DC_LOG_DC after checking link->link_enc + VUL-0: CVE-2024-46778: kernel: drm/amd/display: Check UnboundedRequestEnabled's value + VUL-0: CVE-2024-46749: kernel: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() + VUL-0: CVE-2024-46750: kernel: PCI: Add missing bridge lock to pci_bus_lock() + VUL-0: CVE-2024-46751: kernel: btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() + VUL-0: CVE-2024-46767: kernel: net: phy: Fix missing of_node_put() for leds + VUL-0: CVE-2024-46773: kernel: drm/amd/display: Check denominator pbn_div before used + VUL-0: CVE-2024-46752: kernel: btrfs: replace BUG_ON() with error handling at update_ref_for_cow() + VUL-0: CVE-2024-46753: kernel: btrfs: handle errors from btrfs_dec_ref() properly + VUL-0: CVE-2024-46755: kernel: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() + VUL-0: CVE-2024-46756: kernel: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes + VUL-0: CVE-2024-46780: kernel: nilfs2: protect references to superblock parameters exposed in sysfs + VUL-0: CVE-2024-46757: kernel: hwmon: (nct6775-core) Fix underflows seen when writing limit attributes + VUL-0: CVE-2024-46783: kernel: tcp_bpf: fix return value of tcp_bpf_sendmsg() + VUL-0: CVE-2024-46758: kernel: hwmon: (lm95234) Fix underflows seen when writing limit attributes + VUL-0: CVE-2024-46786: kernel: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF + VUL-0: CVE-2024-46759: kernel: hwmon: (adc128d818) Fix underflows seen when writing limit attributes + VUL-0: CVE-2024-46787: kernel: userfaultfd: fix checks for huge PMDs + VUL-0: CVE-2024-46791: kernel: can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open + VUL-0: CVE-2024-46794: kernel: x86/tdx: Fix data leak in mmio_read() + VUL-0: CVE-2024-46798: kernel: ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object + VUL-0: CVE-2024-46797: kernel: powerpc/qspinlock: Fix deadlock in MCS queue + xfstests btrfs/319 fails on kernel 6.4 + gfs2: fatal assertion failed during fio writes + cachefiles: Fix non-taking of sb_writers around set/removexattr + SLES 15 SP6 - inkernel crypto xctr(aes) alg: skcipher: failed to allocate transform for ctr(aes): -2 + VUL-0: CVE-2024-46822: kernel: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry + kthread: Fix task state in kthread worker if being frozen + ceph: remove the incorrect Fw reference check when dirtying pages + cachefiles: fix dentry leak in cachefiles_open_file() + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + security + important + tiwai + + The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes. + + +The following security bugs were fixed: + +- CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610). +- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). +- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269). +- CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650). +- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). +- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). +- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). +- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846). +- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). +- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). +- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). +- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). +- CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001). +- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004). +- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334). +- CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371). +- CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364). +- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363). +- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362). +- CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394). +- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380). +- CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389). +- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). +- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753). +- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). +- CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810). +- CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899). +- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). +- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180). +- CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181). +- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). +- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). +- CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240). +- CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206). +- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). +- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). +- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). +- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). +- CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195). +- CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171). +- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). +- CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169). +- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). +- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). +- CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430). +- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). +- CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432). +- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). +- CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435). +- CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455). +- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). +- CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457). +- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). +- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). +- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). +- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). +- CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518). +- CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526). +- CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520). +- CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521). +- CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540). +- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). +- CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704). +- CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727). +- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). +- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). +- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794). +- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). +- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). +- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). +- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). +- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). +- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). + +The following non-security bugs were fixed: + +- ABI: testing: fix admv8818 attr description (git-fixes). +- ACPI: CPPC: Add helper to get the highest performance value (stable-fixes). +- ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). +- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes). +- ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes). +- ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). +- ACPI: sysfs: validate return type of _STR method (git-fixes). +- ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE (stable-fixes). +- ACPICA: executer/exsystem: Do not nag user about every Stall() violating the spec (git-fixes). +- ALSA: control: Apply sanity check of input values for user elements (stable-fixes). +- ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes). +- ALSA: hda/realtek - Fix inactive headset mic jack for ASUS Vivobook 15 X1504VAP (stable-fixes). +- ALSA: hda/realtek: Enable Mute Led for HP Victus 15-fb1xxx (stable-fixes). +- ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes). +- ALSA: hda/realtek: add patch for internal mic in Lenovo V145 (stable-fixes). +- ALSA: hda/realtek: extend quirks for Clevo V5[46]0 (stable-fixes). +- ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). +- ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes). +- ALSA: hda: cs35l41: fix module autoloading (git-fixes). +- ARM: 9406/1: Fix callchain_trace() return value (git-fixes). +- ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). +- ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes). +- ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-fixes). +- ASoC: cs42l42: Convert comma to semicolon (git-fixes). +- ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes). +- ASoC: intel: fix module autoloading (stable-fixes). +- ASoC: meson: Remove unused declartion in header file (git-fixes). +- ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). +- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). +- ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). +- ASoC: soc-ac97: Fix the incorrect description (git-fixes). +- ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes). +- ASoC: tas2781-i2c: Get the right GPIO line (git-fixes). +- ASoC: tda7419: fix module autoloading (stable-fixes). +- ASoC: tegra: Fix CBB error during probe() (git-fixes). +- ASoC: topology: Properly initialize soc_enum values (stable-fixes). +- ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes). +- ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment (stable-fixes). +- Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes). +- Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() (stable-fixes). +- Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). +- Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). +- Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-fixes). +- Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue (stable-fixes). +- Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes). +- Detect memory allocation failure in annotated_source__alloc_histograms (bsc#1227962). +- Documentation: ioctl: document 0x07 ioctl code (git-fixes). +- Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes). +- Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). +- Drop mm patches that caused regressions (bsc#1230413) +- HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). +- HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes). +- HID: multitouch: Add support for GT7868Q (stable-fixes). +- HID: wacom: Do not warn about dropped packets for first packet (git-fixes). +- HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes). +- IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) +- Input: adp5588-keys - fix check on return code (git-fixes). +- Input: ads7846 - ratelimit the spi_sync error message (stable-fixes). +- Input: ili210x - use kvmalloc() to allocate buffer for firmware update (stable-fixes). +- Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). +- Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). +- Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). +- Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes). +- Input: tsc2004/5 - fix reset handling on probe (git-fixes). +- Input: tsc2004/5 - use device core to create driver-specific device attributes (git-fixes). +- Input: uinput - reject requests with unreasonable number of slots (stable-fixes). +- KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes). +- KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). +- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). +- KVM: arm64: Block unsafe FF-A calls from the host (git-fixes). +- KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging (git-fixes). +- KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-fixes). +- KVM: arm64: Do not re-initialize the KVM lock (git-fixes). +- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). +- KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (git-fixes). +- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). +- KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes). +- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes). +- KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes). +- Move fixes into sorted section (bsc#1230119) +- Move s390 kabi patch into the kabi section +- Move upstreamed SCSI patches into sorted section +- Move upstreamed input patch into sorted section +- Move upstreamed kaslr patch into sorted section +- Move upstreamed nvme patches into sorted section +- NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726). +- NFSD: Fix frame size warning in svc_export_parse() (git-fixes). +- NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes). +- NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). +- PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). +- PCI: Wait for Link before restoring Downstream Buses (git-fixes). +- PCI: al: Check IORESOURCE_BUS existence during probe (stable-fixes). +- PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). +- PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ (git-fixes). +- PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). +- PCI: imx6: Fix missing call to phy_power_off() in error handling (git-fixes). +- PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes). +- PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). +- PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes). +- PCI: qcom-ep: Enable controller resources like PHY only after refclk is available (git-fixes). +- PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). +- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). +- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). +- RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) +- RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) +- RDMA/efa: Properly handle unexpected AQ completions (git-fixes) +- RDMA/erdma: Return QP state in erdma_query_qp (git-fixes) +- RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) +- RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes) +- RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes) +- RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes) +- RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes) +- RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes) +- RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) +- RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) +- RDMA/hns: Optimize hem allocation performance (git-fixes) +- RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) +- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes) +- RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes) +- RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes) +- RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes) +- RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes) +- RDMA/mlx5: Obtain upper net device only when needed (git-fixes) +- RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) +- RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes) +- Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes). +- Squashfs: sanity check symbolic link size (git-fixes). +- USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). +- USB: serial: kobil_sct: restore initial terminal settings (git-fixes). +- USB: serial: option: add MeiG Smart SRM825L (git-fixes). +- USB: serial: option: add MeiG Smart SRM825L (stable-fixes). +- USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). +- USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). +- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes). +- afs: Do not cross .backup mountpoint from backup volume (git-fixes). +- afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes). +- arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) +- arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) +- arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). +- arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes). +- arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-fixes). +- arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes). +- arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes). +- arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-fixes). +- arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). +- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes). +- arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma (git-fixes). +- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). +- arm64: signal: Fix some under-bracketed UAPI macros (git-fixes). +- arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) +- arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) +- arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) +- ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes). +- ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-fixes). +- ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). +- ata: pata_macio: Use WARN instead of BUG (stable-fixes). +- blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). +- blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). +- bpf, events: Use prog to emit ksymbol event for main program (git-fixes). +- bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes). +- btrfs: fix race between direct IO write and fsync when using same fd (git-fixes). +- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1230854). +- bus: integrator-lm: fix OF node leak in probe() (git-fixes). +- cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231008). +- cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231183). +- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes). +- can: bcm: Remove proc entry when dev is unregistered (git-fixes). +- can: j1939: use correct function name in comment (git-fixes). +- can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes). +- can: m_can: Release irq on error in m_can_open (git-fixes). +- can: m_can: enable NAPI before enabling interrupts (git-fixes). +- can: m_can: m_can_close(): stop clocks after device has been shut down (git-fixes). +- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-fixes). +- can: mcp251xfd: clarify the meaning of timestamp (stable-fixes). +- can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode (git-fixes). +- can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function (stable-fixes). +- can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration (stable-fixes). +- can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into mcp251xfd_chip_start/stop() (stable-fixes). +- can: mcp251xfd: properly indent labels (stable-fixes). +- can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). +- can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum (stable-fixes). +- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes). +- cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (stable-fixes). +- ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231182). +- clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). +- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). +- clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes). +- clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-fixes). +- clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes). +- clk: qcom: gcc-sc8280xp: do not use parking clk_ops for QUPs (git-fixes). +- clk: qcom: gcc-sm8550: Do not park the USB RCG at registration time (git-fixes). +- clk: qcom: gcc-sm8550: Do not use parking clk_ops for QUPs (git-fixes). +- clk: qcom: ipq9574: Update the alpha PLL type for GPLLs (git-fixes). +- clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes). +- clocksource/drivers/imx-tpm: Fix next event not taking effect sometime (git-fixes). +- clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX (git-fixes). +- clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() (git-fixes). +- cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-fixes). +- cpufreq: amd-pstate: fix the highest frequency issue which limits performance (git-fixes). +- cpufreq: scmi: Avoid overflow of target_freq in fast switch (stable-fixes). +- cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). +- crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). +- crypto: ccp - do not request interrupt on cmd completion when irqs disabled (git-fixes). +- crypto: iaa - Fix potential use after free bug (git-fixes). +- crypto: qat - fix unintentional re-enabling of error interrupts (stable-fixes). +- crypto: xor - fix template benchmarking (git-fixes). +- cxl/core: Fix incorrect vendor debug UUID define (git-fixes). +- cxl/pci: Fix to record only non-zero ranges (git-fixes). +- devres: Initialize an uninitialized struct member (stable-fixes). +- dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes). +- dma-debug: avoid deadlock between dma debug vs printk and netconsole (stable-fixes). +- dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (stable-fixes). +- dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking callbacks (stable-fixes). +- driver core: Fix a potential null-ptr-deref in module_add_driver() (git-fixes). +- driver core: Fix error handling in driver API device_rename() (git-fixes). +- driver: iio: add missing checks on iio_info's callback access (stable-fixes). +- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). +- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). +- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). +- drm/amd/amdgpu: Check tbo resource pointer (stable-fixes). +- drm/amd/amdgpu: Properly tune the size of struct (git-fixes). +- drm/amd/display: Add array index check for hdcp ddc access (stable-fixes). +- drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (git-fixes). +- drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing (stable-fixes). +- drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes). +- drm/amd/display: Avoid overflow from uint32_t to uint8_t (stable-fixes). +- drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() (git-fixes). +- drm/amd/display: Check BIOS images before it is used (stable-fixes). +- drm/amd/display: Check HDCP returned status (stable-fixes). +- drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes). +- drm/amd/display: Check denominator pbn_div before used (stable-fixes). +- drm/amd/display: Check gpio_id before used as array index (stable-fixes). +- drm/amd/display: Check index for aux_rd_interval before using (stable-fixes). +- drm/amd/display: Check msg_id before processing transcation (stable-fixes). +- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes). +- drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes). +- drm/amd/display: Defer handling mst up request in resume (stable-fixes). +- drm/amd/display: Disable error correction if it's not supported (stable-fixes). +- drm/amd/display: Do not use fsleep for PSR exit waits on dmub replay (stable-fixes). +- drm/amd/display: Ensure array index tg_inst won't be -1 (stable-fixes). +- drm/amd/display: Ensure index calculation will not overflow (stable-fixes). +- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes). +- drm/amd/display: Fix Coverity INTEGER_OVERFLOW within decide_fallback_link_setting_max_bw_policy (stable-fixes). +- drm/amd/display: Fix Coverity INTERGER_OVERFLOW within construct_integrated_info (stable-fixes). +- drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes). +- drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (stable-fixes). +- drm/amd/display: Fix pipe addition logic in calc_blocks_to_ungate DCN35 (stable-fixes). +- drm/amd/display: Handle the case which quad_part is equal 0 (stable-fixes). +- drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection (stable-fixes). +- drm/amd/display: Replace dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd (git-fixes). +- drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes). +- drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes). +- drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-fixes). +- drm/amd/display: Solve mst monitors blank out problem after resume (git-fixes). +- drm/amd/display: Spinlock before reading event (stable-fixes). +- drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes). +- drm/amd/display: Wake DMCUB before sending a command for replay feature (stable-fixes). +- drm/amd/display: added NULL check at start of dc_validate_stream (stable-fixes). +- drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-fixes). +- drm/amd/display: use preferred link settings for dp signal only (stable-fixes). +- drm/amd/pm: Fix negative array index read (stable-fixes). +- drm/amd/pm: check negtive return for table entries (stable-fixes). +- drm/amd/pm: check specific index for aldebaran (stable-fixes). +- drm/amd/pm: check specific index for smu13 (stable-fixes). +- drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes). +- drm/amd/pm: fix uninitialized variable warning (stable-fixes). +- drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-fixes). +- drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-fixes). +- drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-fixes). +- drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-fixes). +- drm/amd: Add gfx12 swizzle mode defs (stable-fixes). +- drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). +- drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported (stable-fixes). +- drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes). +- drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-fixes). +- drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes). +- drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes). +- drm/amdgpu/swsmu: always force a state reprogram on init (stable-fixes). +- drm/amdgpu: Fix get each xcp macro (git-fixes). +- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes). +- drm/amdgpu: Fix out-of-bounds write warning (stable-fixes). +- drm/amdgpu: Fix smatch static checker warning (stable-fixes). +- drm/amdgpu: Fix the uninitialized variable warning (stable-fixes). +- drm/amdgpu: Fix the warning division or modulo by zero (stable-fixes). +- drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-fixes). +- drm/amdgpu: Fix uninitialized variable warning in amdgpu_info_ioctl (stable-fixes). +- drm/amdgpu: Handle sg size limit for contiguous allocation (stable-fixes). +- drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). +- drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb (stable-fixes). +- drm/amdgpu: add lock in kfd_process_dequeue_from_device (stable-fixes). +- drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes). +- drm/amdgpu: add skip_hw_access checks for sriov (stable-fixes). +- drm/amdgpu: align pp_power_profile_mode with kernel docs (stable-fixes). +- drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes). +- drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). +- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). +- drm/amdgpu: fix a possible null pointer dereference (git-fixes). +- drm/amdgpu: fix contiguous handling for IB parsing v2 (git-fixes). +- drm/amdgpu: fix dereference after null check (stable-fixes). +- drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes). +- drm/amdgpu: fix overflowed array index read warning (stable-fixes). +- drm/amdgpu: fix overflowed constant warning in mmhub_set_clockgating() (stable-fixes). +- drm/amdgpu: fix the waring dereferencing hive (stable-fixes). +- drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes). +- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes). +- drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes). +- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). +- drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes). +- drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes). +- drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-fixes). +- drm/amdgu: fix Unintentional integer overflow for mall size (stable-fixes). +- drm/amdkfd: Check debug trap enable before write dbg_ev_file (stable-fixes). +- drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes). +- drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). +- drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes). +- drm/drm-bridge: Drop conditionals around of_node pointers (stable-fixes). +- drm/fb-helper: Do not schedule_work() to flush frame buffer during panic() (stable-fixes). +- drm/gpuvm: fix missing dependency to DRM_EXEC (git-fixes). +- drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes). +- drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-fixes). +- drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). +- drm/i915: Do not attempt to load the GSC multiple times (git-fixes). +- drm/kfd: Correct pinned buffer handling at kfd restore and validate process (stable-fixes). +- drm/mediatek: Set sensible cursor width/height values to fix crash (stable-fixes). +- drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes). +- drm/meson: plane: Add error handling (stable-fixes). +- drm/msm/a5xx: disable preemption in submits by default (git-fixes). +- drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). +- drm/msm/a5xx: properly clear preemption records on resume (git-fixes). +- drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). +- drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). +- drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes). +- drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). +- drm/msm: fix %s null argument error (git-fixes). +- drm/nouveau/fb: restore init() for ramgp102 (git-fixes). +- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes). +- drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes). +- drm/radeon: properly handle vbios fake edid sizing (git-fixes). +- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes). +- drm/rockchip: vop: Allow 4096px width scaling (git-fixes). +- drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes). +- drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes). +- drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes). +- drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). +- drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes). +- drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes). +- drm: komeda: Fix an issue related to normalized zpos (stable-fixes). +- drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). +- drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes). +- drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes). +- drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes). +- ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes). +- erofs: fix incorrect symlink detection in fast symlink (git-fixes). +- exfat: fix memory leak in exfat_load_bitmap() (git-fixes). +- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). +- firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes). +- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). +- firmware_loader: Block path traversal (git-fixes). +- fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230602). +- fuse: fix memory leak in fuse_create_open (bsc#1230124). +- fuse: update stats for pages in dropped aux writeback list (bsc#1230125). +- fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230123). +- gpio: modepin: Enable module autoloading (git-fixes). +- gpio: rockchip: fix OF node leak in probe() (git-fixes). +- hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). +- hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes). +- hwmon: (k10temp) Check return value of amd_smn_read() (stable-fixes). +- hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes). +- hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). +- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes (stable-fixes). +- hwmon: (ntc_thermistor) fix module autoloading (git-fixes). +- hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 (git-fixes). +- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). +- hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes). +- hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes). +- hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). +- i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-fixes). +- i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled (git-fixes). +- i2c: isch: Add missed 'else' (git-fixes). +- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). +- i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes). +- i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition (git-fixes). +- i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes). +- iio: adc: ad7124: fix chip ID mismatch (git-fixes). +- iio: adc: ad7124: fix config comparison (git-fixes). +- iio: adc: ad7606: fix oversampling gpio array (git-fixes). +- iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes). +- iio: adc: ad7606: remove frstdata check for serial mode (git-fixes). +- iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes). +- iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes). +- iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-fixes). +- iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). +- ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). +- ipmi:ssif: Improve detecting during probing (bsc#1228771) +- ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230206) +- jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). +- kABI workaround for cros_ec stuff (git-fixes). +- kABI: Split kABI out of 'io_uring/kbuf: get rid of bl->is_ready' +- kABI: Split kABI out of 'io_uring: Re-add dummy_ubuf for kABI purposes' +- kABI: Split kABI out of io_uring/kbuf: protect io_buffer_list teardown with a reference +- kabi: dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776). +- kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-fixes). +- kthread: Fix task state in kthread worker if being frozen (bsc#1231146). +- leds: spi-byte: Call of_node_put() on error path (stable-fixes). +- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-fixes). +- lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). +- mailbox: bcm2835: Fix timeout during suspend mode (git-fixes). +- mailbox: rockchip: fix a typo in module autoloading (git-fixes). +- media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes). +- media: ov5675: Fix power on/off delay timings (git-fixes). +- media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE (git-fixes). +- media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). +- media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes). +- media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). +- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). +- media: uvcvideo: Enforce alignment of frame and interval (stable-fixes). +- media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). +- media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). +- media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). +- media: vivid: fix wrong sizeimage value for mplane (stable-fixes). +- memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes). +- memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes). +- minmax: reduce min/max macro expansion in atomisp driver (git-fixes). +- misc: fastrpc: Fix double free of 'buf' in error path (git-fixes). +- mmc: core: apply SD quirks earlier during probe (git-fixes). +- mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes). +- mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes). +- mmc: sdhci-of-aspeed: fix module autoloading (git-fixes). +- module: Fix KCOV-ignored file name (git-fixes). +- mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). +- mtd: slram: insert break after errors in parsing the map (git-fixes). +- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes). +- net: phy: Fix missing of_node_put() for leds (git-fixes). +- net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes). +- net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). +- net: usb: qmi_wwan: add MeiG Smart SRM825L (stable-fixes). +- nfsd: Do not leave work of closing files to a work queue (bsc#1228140). +- nilfs2: determine empty node blocks as corrupted (git-fixes). +- nilfs2: fix missing cleanup on rollforward recovery error (git-fixes). +- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). +- nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). +- nilfs2: fix state management in error path of log writing function (git-fixes). +- nilfs2: protect references to superblock parameters exposed in sysfs (git-fixes). +- nouveau: fix the fwsec sb verification register (git-fixes). +- nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244). +- nvme-multipath: system fails to create generic nvme device (bsc#1228244). +- nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). +- nvme-pci: allocate tagset on reset if necessary (git-fixes). +- nvme-tcp: fix link failure for TCP auth (git-fixes). +- nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). +- nvme: clear caller pointer on identify failure (git-fixes). +- nvme: fix namespace removal list (git-fixes). +- nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). +- nvmet-tcp: do not continue for invalid icreq (git-fixes). +- nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). +- nvmet-trace: avoid dereferencing pointer too early (git-fixes). +- nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). +- ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). +- ocfs2: fix null-ptr-deref when journal load failed (git-fixes). +- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). +- ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). +- pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). +- pcmcia: Use resource_size function on resource object (stable-fixes). +- perf annotate: Introduce global annotation_options (git-fixes). +- perf annotate: Split branch stack cycles information out of 'struct annotation_line' (git-fixes). +- perf annotate: Use global annotation_options (git-fixes). +- perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes). +- perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes). +- perf intel-pt: Fix exclude_guest setting (git-fixes). +- perf machine thread: Remove exited threads by default (git-fixes). +- perf maps: Move symbol maps functions to maps.c (git-fixes). +- perf pmu: Assume sysfs events are always the same case (git-fixes). +- perf pmus: Fixes always false when compare duplicates aliases (git-fixes). +- perf record: Lazy load kernel symbols (git-fixes). +- perf report: Convert to the global annotation_options (git-fixes). +- perf report: Fix condition in sort__sym_cmp() (git-fixes). +- perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes). +- perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes). +- perf tool: fix dereferencing NULL al->maps (git-fixes). +- perf tools: Add/use PMU reverse lookup from config to name (git-fixes). +- perf tools: Use pmus to describe type from attribute (git-fixes). +- perf top: Convert to the global annotation_options (git-fixes). +- perf/core: Fix missing wakeup when waiting for context reference (git-fixes). +- perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-fixes). +- perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes). +- perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes). +- perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes). +- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-fixes). +- perf/x86/intel/pt: Fix topa_entry base length (git-fixes). +- perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-fixes). +- perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119). +- perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes). +- perf/x86/intel: Factor out the initialization code for SPR (git fixes). +- perf/x86/intel: Limit the period on Haswell (git-fixes). +- perf/x86/intel: Use the common uarch name for the shared functions (git fixes). +- perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (bsc#1230119). +- perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (bsc#1230119). +- perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (bsc#1230119). +- perf/x86/uncore: Cleanup unused unit structure (bsc#1230119). +- perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (bsc#1230119). +- perf/x86/uncore: Save the unit control address of all units (bsc#1230119). +- perf/x86/uncore: Support per PMU cpumask (bsc#1230119). +- perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes). +- perf/x86: Serialize set_attr_rdpmc() (git-fixes). +- perf: Fix default aux_watermark calculation (git-fixes). +- perf: Fix event leak upon exit (git-fixes). +- perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes). +- perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes). +- perf: script: add raw|disasm arguments to --insn-trace option (git-fixes). +- phy: zynqmp: Take the phy mutex in xlate (stable-fixes). +- pinctrl: at91: make it work with current gpiolib (stable-fixes). +- pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes). +- pinctrl: single: fix missing error code in pcs_probe() (git-fixes). +- platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-fixes). +- platform/surface: aggregator_registry: Add Support for Surface Pro 10 (stable-fixes). +- platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). +- platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes). +- platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). +- platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes). +- platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). +- power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). +- power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes). +- power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). +- power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). +- powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes). +- powerpc/qspinlock: Fix deadlock in MCS queue (bac#1230295 ltc#206656). +- pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode (stable-fixes). +- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes). +- regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes). +- regmap: spi: Fix potential off-by-one when calculating reserved size (stable-fixes). +- regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes). +- regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value (git-fixes). +- regulator: core: Fix short description for _regulator_check_status_enabled() (git-fixes). +- regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR (git-fixes). +- regulator: rt5120: Convert comma to semicolon (git-fixes). +- regulator: wm831x-isink: Convert comma to semicolon (git-fixes). +- remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes). +- remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes). +- remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes). +- reset: berlin: fix OF node leak in probe() error path (git-fixes). +- reset: k210: fix OF node leak in probe() error path (git-fixes). +- resource: fix region_intersects() vs add_memory_driver_managed() (git-fixes). +- rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). +- s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694). +- s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes). +- s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562). +- s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563). +- s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564). +- scripts: kconfig: merge_config: config files: add a trailing newline (stable-fixes). +- scripts: sphinx-pre-install: remove unnecessary double check for $cur_version (git-fixes). +- scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). +- scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899). +- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429 jsc#PED-9899). +- scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). +- selftests: lib: remove strscpy test (git-fixes). +- selinux,smack: do not bypass permissions check in inode_setsecctx hook (stable-fixes). +- soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes). +- soc: versatile: integrator: fix OF node leak in probe() error path (git-fixes). +- spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes). +- spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes). +- spi: bcm63xx: Enable module autoloading (stable-fixes). +- spi: bcm63xx: Fix module autoloading (git-fixes). +- spi: meson-spicc: convert comma to semicolon (git-fixes). +- spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). +- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). +- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). +- spi: rockchip: Resolve unbalanced runtime PM / system PM handling (git-fixes). +- spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). +- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). +- spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes). +- spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). +- staging: iio: frequency: ad9834: Validate frequency parameter value (git-fixes). +- supported.conf: mark adiantum and xctr crypto modules as supported (bsc#1231035) +- thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes). +- thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-fixes). +- thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-fixes). +- thunderbolt: There are only 5 basic router registers in pre-USB4 routers (git-fixes). +- tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes). +- tools/perf: Fix the string match for "/tmp/perf-$PID.map" files in dso__load (git-fixes). +- tpm: Clean up TPM space after command failure (git-fixes). +- tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). +- tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). +- uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes). +- usb: cdnsp: Fix incorrect usb_request status (git-fixes). +- usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). +- usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). +- usb: dwc3: Avoid waking up gadget during startxfer (git-fixes). +- usb: dwc3: core: Prevent USB core invalid event buffer address access (git-fixes). +- usb: dwc3: core: Prevent USB core invalid event buffer address access (stable-fixes). +- usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes). +- usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes). +- usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes). +- usb: typec: ucsi: Wait 20ms before reading CCI after a reset (git-fixes). +- usb: uas: set host status byte on data completion error (stable-fixes). +- usbip: Do not submit special requests twice (stable-fixes). +- usbnet: ipheth: add CDC NCM support (git-fixes). +- usbnet: ipheth: do not stop RX on failing RX callback (git-fixes). +- usbnet: ipheth: drop RX URBs with no payload (git-fixes). +- usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes). +- usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes). +- usbnet: ipheth: race between ipheth_close and error handling (stable-fixes). +- usbnet: ipheth: remove extraneous rx URB length check (git-fixes). +- usbnet: ipheth: transmit URBs without trailing padding (git-fixes). +- usbnet: modern method to get random MAC (git-fixes). +- virtio-net: synchronize probe with ndo_set_features (git-fixes). +- virtio_net: Fix napi_skb_cache_put warning (git-fixes). +- virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). +- watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). +- wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() (stable-fixes). +- wifi: ath12k: fix BSS chan info request WMI command (git-fixes). +- wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes). +- wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() (git-fixes). +- wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he() (stable-fixes). +- wifi: ath12k: initialize 'ret' in ath12k_dp_rxdma_ring_sel_config_wcn7850() (stable-fixes). +- wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() (stable-fixes). +- wifi: ath12k: match WMI BSS chan info structure with firmware definition (git-fixes). +- wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). +- wifi: brcmfmac: introducing fwil query functions (git-fixes). +- wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). +- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). +- wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-fixes). +- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes). +- wifi: cfg80211: make hash table duplicates more survivable (stable-fixes). +- wifi: cfg80211: restrict operation during radar detection (stable-fixes). +- wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). +- wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). +- wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-fixes). +- wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes). +- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). +- wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes). +- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes). +- wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes). +- wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD (stable-fixes). +- wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes). +- wifi: mac80211: fix the comeback long retry times (git-fixes). +- wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-fixes). +- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes). +- wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes). +- wifi: mt76: mt7603: fix mixed declarations and code (git-fixes). +- wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). +- wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes). +- wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes). +- wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes). +- wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes). +- wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change (stable-fixes). +- wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage (git-fixes). +- wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc (git-fixes). +- wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes). +- wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes). +- wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he (git-fixes). +- wifi: mt76: mt7996: fix traffic delay when switching back to working channel (git-fixes). +- wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes). +- wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes). +- wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes). +- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). +- wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). +- wifi: rtw88: always wait for both firmware loading attempts (git-fixes). +- wifi: rtw88: remove CPT execution branch never used (git-fixes). +- wifi: rtw88: usb: schedule rx work after everything is set up (stable-fixes). +- wifi: rtw89: ser: avoid multiple deinit on same CAM (stable-fixes). +- wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware (stable-fixes). +- wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). +- x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). +- x86/kaslr: Expose and use the end of the physical memory address space (bsc#1229443). +- x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). +- x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). +- x86/mm: Use lookup_address_in_pgd_attr() in show_fault_oops() (bsc#1221527). +- x86/pat: Fix W^X violation false-positives when running as Xen PV guest (bsc#1221527). +- x86/pat: Introduce lookup_address_in_pgd_attr() (bsc#1221527). +- x86/pat: Restructure _lookup_address_cpa() (bsc#1221527). +- xen/swiotlb: add alignment check for dma buffers (bsc#1229928). +- xen/swiotlb: fix allocated size (git-fixes). +- xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). +- xen: allow mapping ACPI data using a different physical address (bsc#1226003). +- xen: introduce generic helper checking for memory map conflicts (bsc#1226003). +- xen: move checks for e820 conflicts further up (bsc#1226003). +- xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). +- xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). +- xen: use correct end address of kernel for conflict checking (bsc#1226003). +- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-fixes). +- xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes). +- xz: cleanup CRC32 edits from 2018 (git-fixes). + + Security update for the Linux Kernel + kernel-source + kernel-source:dtb-aarch64 + kernel-source:kernel-64kb + kernel-source:kernel-debug + kernel-source:kernel-default + kernel-source:kernel-docs + kernel-source:kernel-kvmsmall + kernel-source:kernel-obs-build + kernel-source:kernel-obs-qa + kernel-source:kernel-syms + kernel-source:kernel-zfcpdump + kernel-default-base + kernel-livepatch-MICRO-6-0_Update_3 + +