Install compile_commands.json in kernel live patching devel package Continuous stable update tracker for Tumbleweed Partner-L3: SLES15 SP4: Hardlockups observed while doing smt=off or offlining cores.[Denali][P10][2TB/240c] [TRACKERBUG] 5.14 powerpc base kernel fixes Switching SMT modes takes a long time Kernel hard lockup when initializing FW sound device with jackdbus VUL-0: CVE-2023-37453: kernel: out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c. All threads of hotplugged CPUs onlined by kernel even when SMT mode with fewer threads is set. [trackerbug] 6.4 powerpc base kernel fixes SLES15 SP6: NVME Subsytem not recovered after NVME subsystem reset (Shearwater/NVME/Denali/P10) VUL-0: CVE-2024-26590: kernel-source,kernel-source-azure,kernel-source-rt: erofs: fix inconsistent per-file compression format VUL-0: CVE-2023-52581: kernel: netfilter: nf_tables: fix memleak when more than 255 elements expired VUL-0: CVE-2023-52489: kernel: mm/sparsemem: fix race in accessing memory_section->usage VUL-0: CVE-2024-26631: kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work SLES15 SP6 - [P10] - LPAR crashes and hangs on running ksefltest powerpc/mce/inject-ra-err with parameter "percpu_alloc=page" enabled VUL-0: CVE-2024-26637: kernel: wifi: ath11k: rely on mac80211 debugfs handling for vif [NetApp SLES15 SP6 Bug]: nvme connect with --tls_key option succeeds, but fails with --tls option Unresponsive /run/systemd/userdb/io.systemd.DynamicUser adding 45 second delay to su commands VUL-0: CVE-2024-26668: kernel: netfilter: nft_limit: reject configurations that cause integer overflow VUL-0: CVE-2024-26669: kernel: net/sched: flower: Fix chain template offload VUL-0: CVE-2024-26720: kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again VUL-0: CVE-2024-26735: kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref VUL-0: CVE-2024-26677: kernel: rxrpc: Fix delayed ACKs to not set the reference serial number VUL-0: CVE-2024-26682: kernel: wifi: mac80211: improve CSA/ECSA connection refusal VUL-0: CVE-2024-26683: kernel: wifi: cfg80211: detect stuck ECSA element in probe resp VUL-0: CVE-2024-27437: kernel: vfio/pci: Disable auto-enable of exclusive INTx IRQ VUL-0: CVE-2024-26809: kernel: netfilter: nft_set_pipapo: release elements in clone only from destroy path VUL-0: CVE-2024-26808: kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain VUL-0: CVE-2024-26812: kernel: vfio/pci: Create persistent INTx handler VUL-0: CVE-2024-26835: kernel: netfilter: nf_tables: table marked as active but no registered hooks during memory pressure VUL-0: CVE-2024-26837: kernel: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay VUL-0: CVE-2024-26849: kernel: netlink: read past the malformed (too small) attribute VUL-0: CVE-2024-26851: kernel: netfilter: nf_conntrack_h323: bmp length out of range powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt clustermd doesn't do recovery after adding a new disk VUL-0: CVE-2024-26976: kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed VUL-0: CVE-2024-27010: kernel: net/sched: Fix mirred deadlock on device recursion VUL-0: CVE-2024-26944: kernel: btrfs: zoned: use-after-free in do_zone_finish() VUL-0: CVE-2024-27079: kernel: iommu/vt-d: Fix NULL domain on device release VUL-0: CVE-2024-27049: kernel: wifi: mt76: mt7925e: fix use-after-free in free_irq() VUL-0: CVE-2024-27050: libbpf: use OPTS_SET() macro in bpf_xdp_query() VUL-0: CVE-2024-27024: kernel: net/rds: fix WARNING in rds_conn_connect_if_down VUL-0: CVE-2024-27011: kernel: netfilter: nf_tables: fix memleak in map from abort path [SLES15 SP4] [native nvme multipath] Delays observed in device wwn symmlink initialization in scaled environment VUL-0: CVE-2024-27403: kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow VUL-0: CVE-2024-35913: kernel: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF VUL-0: CVE-2024-35902: kernel: net/rds: fix possible cp null dereference VUL-0: CVE-2024-35897: kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion VUL-0: CVE-2024-35939: kernel: dma-direct: Leak pages on dma_set_decrypted() failure VUL-0: CVE-2023-52688: kernel: wifi: ath12k: fix the error handler of rfkill config VUL-0: CVE-2024-35854: kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash VUL-0: CVE-2023-52668: kernel: btrfs: zoned: fix lock ordering in btrfs_zone_activate() VUL-0: CVE-2024-35855: kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update VUL-0: CVE-2024-35949: kernel: btrfs: make sure that WRITTEN is set on all metadata blocks VUL-0: CVE-2024-27433: kernel: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() VUL-0: CVE-2023-52735: kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself VUL-0: CVE-2023-52859: kernel: perf: hisi: Fix use-after-free when register pmu fails [PATCH] printk: console flushing fixes VUL-0: CVE-2024-36881: kernel: mm/userfaultfd: reset ptes when close() for wr-protected ones VUL-0: CVE-2024-36907: kernel: SUNRPC: add a missing rpc_stat for TCP TLS VUL-0: CVE-2024-36929: kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs VUL-0: CVE-2024-36933: kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). VUL-0: CVE-2024-36939: kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init(). bpf: backport of iterator and callback handling fixes apparmor stops working due to "aa-logprof ERROR: Can't parse mount rule mount "" -> "/"," VUL-0: CVE-2024-36970: kernel: wifi: iwlwifi: Use request_module_nowait Backport arm64 write combining support optimization to SLES 15 [Trackerbug] Mana: Add support for page sizes other than 4KB on ARM64 cachefiles: remove requests from xarray during flushing requests VUL-0: CVE-2024-36979: kernel: net: bridge: mst: fix vlan use-after-free VUL-0: CVE-2024-38563: kernel: wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature VUL-0: CVE-2024-38609: kernel: wifi: mt76: connac: check for null before dereferencing VUL-0: CVE-2024-31076: kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline VUL-0: CVE-2024-36270: kernel: netfilter: tproxy: bail out if IP has been disabled on the device VUL-0: CVE-2024-36286: kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() VUL-0: CVE-2024-36288: kernel: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() VUL-0: CVE-2024-36489: kernel: tls: fix missing memory barrier in tls_init VUL-0: CVE-2024-38662: kernel: bpf: allow delete from sockmap/sockhash only if update is allowed Partner-L3: SLES15 SP6 GM [ Brazos ] [ 31TB/192c ]: Brazos 32TB/192c system fails to boot with SLES15 SP6. Bump base code of iwlwifi to 6.9.x (or 6.10.x) Builtin microphone doesn't work on OMEN by HP Gaming Laptop 16-n0xxx VUL-0: kernel: slab-out-of-bounds in hex_dump_to_buffer VUL-0: CVE-2024-39476: kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING VUL-0: CVE-2024-39486: kernel: drm/drm_file: Fix pid refcounting race VUL-0: CVE-2024-39484: kernel: mmc: davinci: Don't strip remove function when driver is builtin VUL-0: CVE-2024-39483: kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked VUL-0: CVE-2024-39488: kernel: arm64: asm-bug: add .align 2 to the end of __BUG_ENTRY VUL-0: CVE-2024-39493: kernel: crypto: qat - fix ADF_DEV_RESET_SYNC memory leak VUL-0: CVE-2024-39489: kernel: ipv6: sr: fix memleak in seg6_hmac_init_algo VUL-0: CVE-2024-39491: kernel: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance SLES 15 SP6 - KVM: s390: unhandled guest LPSWEY instruction [NetApp SLES15 SP6 RFE]: Add new NVMe queue-depth based I/O scheduler VUL-0: CVE-2024-39497: kernel: drm/shmem-helper: fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) VUL-0: CVE-2024-39500: kernel: sock_map: avoid race between sock_map_close and sk_psock_put VUL-0: CVE-2024-39499: kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver() VUL-0: CVE-2024-39505: kernel: drm/komeda: check for error-valued pointer VUL-0: CVE-2024-39506: kernel: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet VUL-0: CVE-2024-39508: kernel: io_uring/io-wq: use set_bit() and test_bit() at worker->flags VUL-0: CVE-2024-39509: kernel: HID: core: remove unnecessary WARN_ON() in implement() VUL-0: CVE-2024-39510: kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() SLES15 SP6 [6.4.0-150600.13-default] perf bench futex/wake-parallel test fails VUL-0: CVE-2023-52885: kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() VUL-0: CVE-2024-39501: kernel: drivers: core: synchronize really_probe() and dev_uevent() VUL-0: CVE-2024-40899: kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() VUL-0: CVE-2024-40900: kernel: cachefiles: remove requests from xarray during flushing requests VUL-0: CVE-2024-40905: kernel: ipv6: fix possible race in __fib6_drop_pcpu_from() VUL-0: CVE-2024-40902: kernel: jfs: xattr: fix buffer overflow for invalid xattr VUL-0: CVE-2024-40903: kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps VUL-0: CVE-2024-40942: kernel: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects VUL-0: CVE-2024-40941: kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation VUL-0: CVE-2024-40904: kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages VUL-0: CVE-2024-40929: kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids VUL-0: CVE-2024-40920: kernel: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state VUL-0: CVE-2024-40921: kernel: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state VUL-0: CVE-2024-40922: kernel: io_uring/rsrc: don't lock while !TASK_RUNNING VUL-0: CVE-2024-40924: kernel: drm/i915/dpt: make DPT object unshrinkable VUL-0: CVE-2024-40912: kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() VUL-0: CVE-2024-40926: kernel: drm/nouveau: don't attempt to schedule hpd_work on headless cards VUL-0: CVE-2024-40911: kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station VUL-0: CVE-2024-40934: kernel: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() VUL-0: CVE-2024-40909: kernel: bpf: Fix a potential use-after-free in bpf_link_free() VUL-0: CVE-2024-40939: kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail VUL-0: CVE-2024-40945: kernel: iommu: Return right value in iommu_sva_bind_device() VUL-0: CVE-2024-40954: kernel: net: do not leave a dangling sk pointer, when socket creation fails VUL-0: CVE-2024-40956: kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list VUL-0: CVE-2024-40957: kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors VUL-0: CVE-2024-40958: kernel: netns: Make get_net_ns() handle zero refcount net VUL-0: CVE-2024-40962: kernel: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes VUL-0: CVE-2024-40927: kernel: xhci: handle TD clearing for multiple streams case VUL-0: CVE-2024-40964: kernel: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() VUL-0: CVE-2024-40984: kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." VUL-0: CVE-2024-40989: kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown VUL-0: CVE-2024-40990: kernel: RDMA/mlx5: Add check for srq max_sge attribute VUL-0: CVE-2024-40992: kernel: RDMA/rxe: Fix responder length checking for UD request packets VUL-0: CVE-2024-40932: kernel: drm/exynos/vidi: fix memory leak in .get_modes() VUL-0: CVE-2024-40994: kernel: ptp: fix integer overflow in max_vclocks_store VUL-0: CVE-2024-40995: kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() VUL-0: CVE-2024-40910: kernel: ax25: Fix refcount imbalance on inbound connections VUL-0: CVE-2024-40936: kernel: cxl/region: fix memregion leaks in devm_cxl_add_region() [TRACKERBUG] Enable the vdpa driver on SLE15SP6 natively VUL-0: CVE-2024-40913: kernel: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds VUL-0: CVE-2024-40938: kernel: landlock: fix d_parent walk VUL-0: CVE-2024-40916: kernel: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found VUL-0: CVE-2024-40943: kernel: ocfs2: fix races between hole punching and AIO+DIO VUL-0: CVE-2024-41004: kernel: tracing: build event generation tests only as modules VUL-0: CVE-2024-40997: kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit VUL-0: CVE-2024-41007: kernel: tcp: avoid too many retransmit packets VUL-0: CVE-2024-40981: kernel: batman-adv: bypass empty buckets in batadv_purge_orig_ref() VUL-0: CVE-2024-40982: kernel: ssb: fix potential NULL pointer dereference in ssb_device_uevent() VUL-0: CVE-2024-41000: kernel: block/ioctl: prefer different overflow check VUL-0: CVE-2024-41001: kernel: io_uring/sqpoll: work around a potential audit memory leak VUL-0: CVE-2024-41002: kernel: crypto: hisilicon/sec - fix memory leak for sec resource release VUL-0: CVE-2024-40944: kernel: x86/kexec: Fix bug with call depth tracking VUL-0: CVE-2024-40959: kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() VUL-0: CVE-2024-40967: kernel: serial: imx: Introduce timeout when waiting on transmitter empty VUL-0: CVE-2024-40976: kernel: drm/lima: mask irqs in timeout path before hard reset VUL-0: CVE-2024-40978: kernel: scsi: qedi: Fix crash while reading debugfs attribute VUL-0: CVE-2024-40977: kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery VUL-0: CVE-2024-40988: kernel: drm/radeon: fix UBSAN warning in kv_dpm.c VUL-0: CVE-2023-52886: kernel: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() VUL-0: CVE-2024-41009: kernel: bpf: Fix overrunning reservations in ringbuf VUL-0: CVE-2024-41010: kernel: bpf: Fix too early release of tcx_entry libceph: fix race between delayed_work() and ceph_monc_stop() VUL-0: CVE-2024-40987: kernel: drm/amdgpu: fix UBSAN warning in kv_dpm.c VUL-0: CVE-2024-40930: kernel: wifi: cfg80211: validate HE operation element parsing VUL-0: CVE-2024-41012: kernel: filelock: Remove locks reliably when fcntl/close race is detected fstests btrfs/300 fails on kernel 6.4 VUL-0: CVE-2024-41015: kernel: ocfs2: add bounds checking to ocfs2_check_dir_entry() VUL-0: CVE-2024-41016: kernel: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() VUL-0: CVE-2023-52887: kernel: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new VUL-0: CVE-2024-41020: kernel: filelock: fix fcntl/close race recovery compat path VUL-0: CVE-2024-41022: kernel: drm/amdgpu: fix signedness bug in sdma_v4_0_process_trap_irq() VUL-0: CVE-2024-42095: kernel: serial: 8250_omap: Implementation of Errata i2310 VUL-0: CVE-2024-42092: kernel: gpio: davinci: Validate the obtained number of IRQs VUL-0: CVE-2024-42090: kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER VUL-0: CVE-2024-42089: kernel: ASoC: fsl-asoc-card: set priv->pdev before using it VUL-0: CVE-2024-42086: kernel: iio: chemical: bme680: Fix overflows in compensate() functions VUL-0: CVE-2024-42085: kernel: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock VUL-0: CVE-2024-42073: kernel: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems VUL-0: CVE-2024-41094: kernel: drm/fbdev-dma: Only set smem_start is enable per module option VUL-0: CVE-2024-41058: kernel: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() VUL-0: CVE-2024-41032: kernel: mm: vmalloc: check if a hash-index is in cpu_possible_mask VUL-0: CVE-2024-41057: kernel: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() VUL-0: CVE-2024-42069: kernel: net: mana: Fix possible double free in error handling path VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error VUL-0: CVE-2024-41051: kernel: cachefiles: wait for ondemand_object_worker to finish when dropping object VUL-0: CVE-2024-41088: kernel: can: mcp251xfd: fix infinite loop when xmit fails VUL-0: CVE-2024-42070: kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers VUL-0: CVE-2024-41084: kernel: cxl/region: Avoid null pointer dereference in region lookup VUL-0: CVE-2024-41096: kernel: PCI/MSI: Fix UAF in msi_capability_init VUL-0: CVE-2024-41056: kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files VUL-0: CVE-2024-42074: kernel: ASoC: amd: acp: add a null check for chip_pdev structure VUL-0: CVE-2024-42082: kernel: xdp: Remove WARN() from __xdp_reg_mem_model() VUL-0: CVE-2024-41092: kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers VUL-0: CVE-2024-42076: kernel: net: can: j1939: Initialize unused data in j1939_send_one() VUL-0: CVE-2024-41035: kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor VUL-0: CVE-2024-41049: kernel: filelock: fix potential use-after-free in posix_lock_inode VUL-0: CVE-2024-42148: kernel: bnx2x: Fix multiple UBSAN array-index-out-of-bounds VUL-0: CVE-2024-42230: kernel: powerpc/pseries: Fix scv instruction crash with kexec VUL-0: CVE-2024-42142: kernel: net/mlx5: E-switch, Create ingress ACL when needed VUL-0: CVE-2024-42132: kernel: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX VUL-0: CVE-2024-42106: kernel: inet_diag: Initialize pad field in struct inet_diag_req_v2 VUL-0: CVE-2024-42107: kernel: ice: Don't process extts if PTP is disabled VUL-0: CVE-2024-42101: kernel: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes VUL-0: CVE-2024-41036: kernel: net: ks8851: Fix deadlock with the SPI chip variant VUL-0: CVE-2024-41050: kernel: cachefiles: cyclic allocation of msg_id to avoid reuse VUL-0: CVE-2024-42138: kernel: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file VUL-0: CVE-2024-42110: kernel: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() VUL-0: CVE-2024-42141: kernel: Bluetooth: ISO: Check socket flag instead of hcon VUL-0: CVE-2024-42139: kernel: ice: Fix improper extts handling VUL-0: CVE-2024-42109: kernel: netfilter: nf_tables: unconditionally flush pending work before notifier VUL-0: CVE-2024-41037: kernel: ASoC: SOF: Intel: hda: fix null deref on system suspend entry VUL-0: CVE-2024-41038: kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers VUL-0: CVE-2024-42153: kernel: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr VUL-0: CVE-2024-42133: kernel: Bluetooth: Ignore too large handle values in BIG VUL-0: CVE-2024-41097: kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind() VUL-0: CVE-2024-41039: kernel: firmware: cs_dsp: Fix overflow checking of wmfw header VUL-0: CVE-2024-42077: kernel: ocfs2: fix DIO failure due to insufficient transaction credits VUL-0: CVE-2024-41040: kernel: net/sched: Fix UAF when resolving a clash VUL-0: CVE-2024-41041: kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). VUL-0: CVE-2024-41024: kernel: misc: fastrpc: restrict untrusted app to attach to privileged PD VUL-0: CVE-2024-41025: kernel: misc: fastrpc: fix memory leak in audio daemon attach operation VUL-0: CVE-2024-41044: kernel: ppp: reject claimed-as-LCP but actually malformed packets VUL-0: CVE-2024-41045: kernel: bpf: Defer work in bpf_timer_cancel_and_free VUL-0: CVE-2024-41028: kernel: platform/x86: toshiba_acpi: fix array out-of-bounds access VUL-0: CVE-2024-41059: kernel: hfsplus: fix uninit-value in copy_name VUL-0: CVE-2024-42137: kernel: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot VUL-0: CVE-2024-42114: kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values VUL-0: CVE-2024-41048: kernel: skmsg: Skip zero length skb in sk_msg_recvmsg VUL-0: CVE-2024-41060: kernel: drm/radeon: check bo_va->bo is non-NULL before using it VUL-0: CVE-2024-42113: kernel: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts VUL-0: CVE-2024-41061: kernel: drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport VUL-0: CVE-2024-41062: kernel: bluetooth/l2cap: sync sock recv cb and release VUL-0: CVE-2024-41068: kernel: s390/sclp: Fix sclp_init() cleanup on failure VUL-0: CVE-2024-41063: kernel: bluetooth: hci_core: cancel all works upon hci_unregister_dev() VUL-0: CVE-2024-41070: kernel: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() VUL-0: CVE-2024-42117: kernel: drm/amd/display: ASSERT when failing to find index by plane/stream id VUL-0: CVE-2024-42119: kernel: drm/amd/display: Skip finding free audio for unknown engine_id VUL-0: CVE-2024-42064: kernel: drm/amd/display: Skip pipe if the pipe idx not set properly VUL-0: CVE-2024-42120: kernel: drm/amd/display: Check pipe offset before setting vblank VUL-0: CVE-2024-42121: kernel: drm/amd/display: Check index msg_id before read or write VUL-0: CVE-2024-42122: kernel: drm/amd/display: Add NULL pointer check for kzalloc VUL-0: CVE-2024-41064: kernel: powerpc/eeh: avoid possible crash when edev->pdev changes VUL-0: CVE-2024-41079: kernel: nvmet: always initialize cqe.result VUL-0: CVE-2024-41080: kernel: io_uring: fix possible deadlock in io_register_iowq_max_workers() VUL-0: CVE-2024-41081: kernel: ila: block BH in ila_output() VUL-0: CVE-2024-41071: kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing VUL-0: CVE-2024-41072: kernel: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check VUL-0: CVE-2024-42096: kernel: x86: stop playing stack games in profile_pc() VUL-0: CVE-2024-41073: kernel: nvme: avoid double free special payload VUL-0: CVE-2024-41065: kernel: powerpc/pseries: whitelist dtl slub object for copying to userspace VUL-0: CVE-2024-41066: kernel: ibmvnic: add tx check to prevent skb leak VUL-0: CVE-2024-41074: kernel: cachefiles: Set object to close if ondemand_id < 0 in copen VUL-0: CVE-2024-41069: kernel: ASoC: topology: fix references to freed memory VUL-0: CVE-2024-41075: kernel: cachefiles: add consistency check for copen/cread VUL-0: CVE-2024-41076: kernel: NFSv4: Fix memory leak in nfs4_set_security_label VUL-0: CVE-2024-42131: kernel: mm: avoid overflows in dirty throttling logic VUL-0: CVE-2024-42104: kernel: nilfs2: add missing check for inode numbers on directory entries VUL-0: CVE-2024-41078: kernel: btrfs: qgroup: fix quota root leak after quota disable failure VUL-0: CVE-2024-42115: kernel: jffs2: fix potential illegal address access in jffs2_free_inode VUL-0: CVE-2024-41089: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes VUL-0: CVE-2024-41093: kernel: drm/amdgpu: avoid using null object of framebuffer VUL-0: CVE-2024-41095: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes VUL-0: CVE-2024-42105: kernel: nilfs2: fix inode number range checks VUL-0: CVE-2024-42144: kernel: thermal/drivers/mediatek/lvts_thermal: check NULL ptr on lvts_data VUL-0: CVE-2024-42228: kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc VUL-0: CVE-2024-42079: kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush VUL-0: CVE-2024-42080: kernel: RDMA/restrack: Fix potential invalid address access VUL-0: CVE-2024-42125: kernel: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband VUL-0: CVE-2024-42087: kernel: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep VUL-0: CVE-2024-42093: kernel: net/dpaa2: Avoid explicit cpumask var allocation on stack VUL-0: CVE-2024-42130: kernel: nfc/nci: add the inconsistency check between the input data length and count VUL-0: CVE-2024-42124: kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible VUL-0: CVE-2024-42162: kernel: gve: Account for stopped queues when reading NIC stats VUL-0: CVE-2024-42227: kernel: drm/amd/display: Fix overlapping copy within dml_core_mode_programming VUL-0: CVE-2024-42229: kernel: crypto: aead,cipher - zeroize key buffer after use VUL-0: CVE-2024-42226: kernel: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB VUL-0: CVE-2024-42225: kernel: wifi: mt76: replace skb_put with skb_put_zero VUL-0: CVE-2024-42126: kernel: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt. VUL-0: CVE-2024-42158: kernel: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings VUL-0: CVE-2024-42127: kernel: drm/lima: fix shared irq handling on driver remove VUL-0: CVE-2024-42156: kernel: s390/pkey: Wipe copies of clear-key structures on failure VUL-0: CVE-2024-42224: kernel: net: dsa: mv88e6xxx: Correct check for empty list VUL-0: CVE-2024-42152: kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment VUL-0: CVE-2024-42223: kernel: media: dvb-frontends: tda10048: Fix integer overflow VUL-0: CVE-2024-42157: kernel: s390/pkey: Wipe sensitive data on failure VUL-0: CVE-2024-42155: kernel: s390/pkey: wipe copies of protected- and secure-keys system reboot creating VFs with ICE Driver VUL-0: CVE-2024-42145: kernel: IB/core: implement a limit on UMAD receive List VUL-0: REJECTED: CVE-2024-42143: kernel: orangefs: fix out-of-bounds fsid access VUL-0: CVE-2024-42159: kernel: scsi: mpi3mr: sanitise num_phys VUL-0: CVE-2024-42161: kernel: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD SLES 15 SP6 - tcp_mem overflows causing side effects such as ssh daemon hang VUL-0: CVE-2024-42136: kernel: cdrom: rearrange last_media_change check to avoid unintentional overflow VUL-0: CVE-2024-42147: kernel: crypto: hisilicon/debugfs - fix debugfs uninit process issue VUL-0: CVE-2024-42097: kernel: ALSA: emux: improve patch ioctl data validation VUL-0: CVE-2024-42098: kernel: crypto: ecdh - explicitly zeroize private_key cgroup/cpuset: Prevent UAF in proc_cpuset_show() [SELinux] various AVC denials related to libvirt qla2xxx: update driver to 10.02.09.300-k Update Broadcom Emulex lpfc driver to 14.4.0.3 VUL-0: CVE-2024-42232: kernel: libceph: fix race between delayed_work() and ceph_monc_stop() VUL-0: CVE-2024-42236: kernel: usb: gadget: configfs: prevent OOB read/write in usb_string_copy() VUL-0: CVE-2024-42240: kernel: x86/bhi: avoid warning in #DB handler due to BHI mitigation VUL-0: CVE-2024-42244: kernel: USB: serial: mos7840: fix crash on resume SLES 15 SP6 - net/iucv: fix use after free in iucv_sock_close() VUL-0: CVE-2024-42250: kernel: cachefiles: add missing lock protection when polling VUL-0: CVE-2024-42245: kernel: Revert "sched/fair: Make sure to try to detach at least one movable task" VUL-0: CVE-2024-42239: kernel: bpf: Fail bpf_timer_cancel when callback is being cancelled VUL-0: CVE-2024-42241: kernel: mm/shmem: disable PMD-sized page cache if needed VUL-0: CVE-2024-42247: kernel: wireguard: allowedips: avoid unaligned 64-bit memory accesses VUL-0: CVE-2024-42246: kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket VUL-0: CVE-2024-42238: kernel: firmware: cs_dsp: Return error if block header overflows file VUL-0: CVE-2024-42237: kernel: firmware: cs_dsp: Validate payload length before processing block VUL-0: CVE-2024-42253: kernel: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race update minmax implementation SLERT-15SP6: /proc/sys/kernel/printk does not exist Enable kernel-default-livepatch-devel for TW since it's already enabled on Leap Sound device not working with kernel 6.4.0-150600.23.17-default intel sound card not detected after update Error probing device: Error sending ATA command IDENTIFY DEVICE to... after upgrade to Leap 15.6 suspend/resume kills touchpad mana: Fix RX buf alloc_size alignment and atomic op panic kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() L3: SLES 15 SP5 kernel soft lockup with timer thread [ ref:_00D1igLOd._500TrFqLno:ref ] mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings VUL-0: CVE-2024-42259: kernel: drm/i915/gem: fix Virtual Memory mapping boundaries calculation fstests generic/754 fails on xfs KVM: s390: fix validity interception issue when gisa is switched off kvm: s390: Reject memory region operations for ucontrol VMs s390/sclp: Prevent release of buffer in I/O s390/uv: Panic for set and remove shared access UVC errors s390/cpum_cf: Fix endless loop in CF_DIAG event stop s390/pci: Allow allocation of more than 1 MSI interrupt s390/dasd: fix error checks in dasd_copy_pair_store() s390/pci: Add missing virt_to_phys() for directed DIBV cachefiles: introduce object ondemand state cachefiles: extract ondemand info field from cachefiles_object cachefiles: resend an open request if the read request's object is closed cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode cachefiles: add restore command to recover inflight ondemand read requests cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() cachefiles: add spin_lock for cachefiles_ondemand_info cachefiles: never get a new anonymous fd if ondemand_id is valid cachefiles: defer exposing anon_fd until after copy_to_user() succeeds cachefiles: make on-demand read killable cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop cachefiles: stop sending new request when dropping object cachefiles: cancel all requests for the object that is being dropped cachefiles: add missing lock protection when polling VUL-0: CVE-2023-52889: kernel: apparmor: Fix null pointer deref when receiving skb during sock creation VUL-0: CVE-2024-43819: kernel: kvm: s390: Reject memory region operations for ucontrol VMs VUL-0: CVE-2024-43847: kernel: wifi: ath12k: fix invalid memory access while processing fragmented packets VUL-0: CVE-2024-43853: kernel: cgroup/cpuset: Prevent UAF in proc_cpuset_show() VUL-0: CVE-2024-43826: kernel: nfs: pass explicit offset/count to trace events VUL-0: CVE-2024-43818: kernel: ASoC: amd: Adjust error handling in case of absent codec device VUL-0: CVE-2024-43837: kernel: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT VUL-0: CVE-2024-43825: kernel: iio: Fix the sorting functionality in iio_gts_build_avail_time_table VUL-0: CVE-2024-43833: kernel: media: v4l: async: Fix NULL pointer dereference in adding ancillary links VUL-0: CVE-2024-43839: kernel: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures VUL-0: CVE-2024-43823: kernel: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() VUL-0: CVE-2024-43841: kernel: wifi: virt_wifi: avoid reporting connection success with wrong SSID VUL-0: CVE-2024-43830: kernel: leds: trigger: Unregister sysfs attributes before calling deactivate() VUL-0: CVE-2024-43849: kernel: soc: qcom: pdr: protect locator_addr with the main mutex VUL-0: CVE-2024-43831: kernel: media: mediatek: vcodec: Handle invalid decoder vsi VUL-0: CVE-2024-43817: kernel: net: missing check virtio VUL-0: CVE-2024-43851: kernel: soc: xilinx: rename cpu_number1 to dummy_cpu_number VUL-0: CVE-2024-43834: kernel: xdp: fix invalid wait context of page_pool_destroy() VUL-0: CVE-2024-43821: kernel: scsi: lpfc: Fix a possible null pointer dereference VUL-0: CVE-2024-43850: kernel: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove VUL-0: CVE-2024-43842: kernel: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() VUL-0: CVE-2024-43816: kernel: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages VUL-0: CVE-2024-43860: kernel: remoteproc: imx_rproc: Skip over memory region when node value is NULL VUL-0: CVE-2024-43824: kernel: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() SLES15SP6 [P10 Denali] [ 6.4.0-150600.16-default] In shared/dedicated mode core(CPU), both online and offline, is not functioning as intended when considering various SMT modes. VUL-0: CVE-2024-43829: kernel: drm/qxl: Add check for drm_cvt_mode VUL-0: CVE-2024-43855: kernel: md: fix deadlock between mddev_suspend and flush bio VUL-0: CVE-2024-43840: kernel: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG VUL-0: CVE-2024-43854: kernel: block: initialize integrity buffer to zero before writing it to media VUL-0: CVE-2024-43856: kernel: dma: fix call order in dmam_free_coherent VUL-0: CVE-2024-42322: kernel: ipvs: properly dereference pe in ip_vs_add_service VUL-0: CVE-2024-42320: kernel: s390/dasd: fix error checks in dasd_copy_pair_store() VUL-0: CVE-2024-42319: kernel: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() VUL-0: CVE-2024-42318: kernel: landlock: Don't lose track of restrictions on cred_transfer VUL-0: CVE-2024-42316: kernel: mm/mglru: fix div-by-zero in vmpressure_calc_level() VUL-0: CVE-2024-42315: kernel: exfat: fix potential deadlock on __exfat_get_dentry_set VUL-0: CVE-2024-42314: kernel: btrfs: fix extent map use-after-free when adding pages to compressed bio VUL-0: CVE-2024-42313: kernel: media: venus: fix use after free in vdec_close VUL-0: CVE-2024-42312: kernel: sysctl: always initialize i_uid/i_gid VUL-0: CVE-2024-42310: kernel: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes VUL-0: CVE-2024-42309: kernel: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes VUL-0: CVE-2024-43846: kernel: lib: objagg: Fix general protection fault VUL-0: CVE-2024-42303: kernel: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() VUL-0: CVE-2024-42302: kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal VUL-0: CVE-2024-42298: kernel: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value VUL-0: CVE-2024-42295: kernel: nilfs2: handle inconsistent state in nilfs_btnode_create_block() VUL-0: CVE-2024-42292: kernel: kobject_uevent: Fix OOB access within zap_modalias_env() VUL-0: CVE-2024-42291: kernel: ice: Add a per-VF limit on number of FDIR filters VUL-0: CVE-2024-42290: kernel: irqchip/imx-irqsteer: Handle runtime power management correctly VUL-0: CVE-2024-42285: kernel: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs VUL-0: CVE-2024-42284: kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error VUL-0: CVE-2024-42283: kernel: net: nexthop: Initialize all fields in dumped nexthops VUL-0: CVE-2024-42281: kernel: bpf: Fix a segment issue when downgrading gso_size VUL-0: CVE-2024-42280: kernel: mISDN: Fix a use after free in hfcmulti_tx() VUL-0: CVE-2024-42279: kernel: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer VUL-0: CVE-2024-42268: kernel: net/mlx5: Fix missing lock on sync reset reload VUL-0: CVE-2024-42287: kernel: scsi: qla2xxx: Complete command early within lock VUL-0: CVE-2024-42286: kernel: scsi: qla2xxx: validate nvme_local_port correctly VUL-0: CVE-2024-42288: kernel: scsi: qla2xxx: Fix for possible memory corruption VUL-0: CVE-2024-42289: kernel: scsi: qla2xxx: During vport delete send async logout explicitly VUL-0: CVE-2024-42271: kernel: net/iucv: fix use after free in iucv_sock_close() VUL-0: CVE-2024-42269: kernel: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). VUL-0: CVE-2024-42278: kernel: ASoC: TAS2781: fix tasdev_load_calibrated_data() VUL-0: CVE-2024-42270: kernel: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). VUL-0: CVE-2024-42301: kernel: dev/parport: fix the array out-of-bounds risk VUL-0: CVE-2024-42277: kernel: iommu: sprd: avoid NULL deref in sprd_iommu_hw_en VUL-0: CVE-2024-42276: kernel: nvme-pci: add missing condition check for existence of mapped data VUL-0: CVE-2024-42308: kernel: drm/amd/display: Check for NULL pointer VUL-0: CVE-2024-42311: kernel: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() VUL-0: CVE-2024-43858: kernel: jfs: Fix array-index-out-of-bounds in diFree VUL-0: CVE-2024-42274: kernel: revert "ALSA: firewire-lib: operate for period elapse event in process context" L3: TCP segment out of order for IPv6 tunnel [ ref:_00D1igLOd._500TrGL7wX:ref ] net/iucv: fix the allocation size of iucv_path_table array s390/dasd: fix error recovery leading to data corruption on ESE devices fs/netfs/fscache_cookie: add missing "n_accesses" check CVE-2024-44947: kernel: fuse: Initialize beyond-EOF page contents before setting uptodate VUL-0: CVE-2024-43881: kernel: wifi: ath12k: change DMA direction while mapping reinjected packets VUL-0: CVE-2024-43880: kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning VUL-0: CVE-2024-43879: kernel: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() VUL-0: CVE-2024-43877: kernel: media: pci: ivtv: Add check for DMA map result VUL-0: CVE-2024-43876: kernel: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() VUL-0: CVE-2024-43875: kernel: PCI: endpoint: Clean up error handling in vpci_scan_bus() VUL-0: CVE-2024-43874: kernel: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked VUL-0: CVE-2024-43873: kernel: vhost/vsock: always initialize seqpacket_allow VUL-0: CVE-2024-43872: kernel: RDMA/hns: Fix soft lockup under heavy CEQE load VUL-0: CVE-2024-43871: kernel: devres: Fix memory leakage caused by driver API devm_free_percpu() VUL-0: CVE-2024-43867: kernel: drm/nouveau: prime: fix refcount underflow VUL-0: CVE-2024-43866: kernel: net/mlx5: Always drain health in shutdown callback VUL-0: CVE-2024-43864: kernel: net/mlx5e: Fix CT entry update leaks of modify header context VUL-0: CVE-2024-43863: kernel: drm/vmwgfx: Fix a deadlock in dma buf fence polling VUL-0: CVE-2024-43861: kernel: net: usb: qmi_wwan: fix memory leak for not ip packets VUL-0: CVE-2024-43882: kernel: exec: Fix ToCToU between perm check and set-uid/gid usage VUL-0: CVE-2024-43883: kernel: usb: vhci-hcd: do not drop references before new references are gained VUL-0: CVE-2024-43884: kernel: Bluetooth: MGMT: add error handling to pair_device() VUL-0: CVE-2024-43889: kernel: padata: fix possible divide-by-0 panic in padata_mt_helper() VUL-0: CVE-2024-43894: kernel: drm/client: fix null pointer dereference in drm_client_modeset_probe VUL-0: CVE-2024-43885: kernel: btrfs: fix double inode unlock for direct IO sync writes VUL-0: CVE-2024-43897: kernel: net: drop bad gso csum_start and offset in virtio_net_hdr VUL-0: CVE-2024-43899: kernel: drm/amd/display: Fix null pointer deref in dcn20_resource.c VUL-0: CVE-2024-43895: kernel: drm/amd/display: skip recompute dsc params if no stream on link VUL-0: CVE-2024-43900: kernel: media: xc2028: avoid use-after-free in load_firmware_cb() VUL-0: CVE-2024-43893: kernel: serial: core: check uartclk for zero to avoid divide by zero VUL-0: CVE-2024-43892: kernel: memcg: protect concurrent access to mem_cgroup_idr VUL-0: CVE-2024-43902: kernel: drm/amd/display: add null checker before passing variables VUL-0: CVE-2024-43903: kernel: drm/amd/display: add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update VUL-0: CVE-2024-43905: kernel: drm/amd/pm: fix the null pointer dereference for vega10_hwmgr VUL-0: CVE-2024-43906: kernel: drm/admgpu: fix dereferencing null pointer context VUL-0: CVE-2024-43907: kernel: drm/amdgpu/pm: fix the null pointer dereference in apply_state_adjust_rules VUL-0: CVE-2024-43908: kernel: drm/amdgpu: fix the null pointer dereference to ras_manager VUL-0: CVE-2024-43909: kernel: drm/amdgpu/pm: fix the null pointer dereference for smu7 VUL-0: CVE-2024-44938: kernel: jfs: fix shift-out-of-bounds in dbDiscardAG VUL-0: CVE-2024-44939: kernel: jfs: fix null ptr deref in dtInsertEntry VUL-0: CVE-2024-43911: kernel: wifi: mac80211: fix NULL dereference at band check in starting tx ba session VUL-0: CVE-2024-43912: kernel: wifi: nl80211: disallow setting special AP channel widths VUL-0: CVE-2024-44931: kernel: gpio: prevent potential speculation leaks in gpio_device_get_desc() virtiofs: forbid newlines in tags ceph: periodically flush the cap releases security important Jeffreycheung The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326). - CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877). - CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582). - CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287). - CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252). - CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). - CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335). - CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350). - CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) - CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372). - CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). - CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633). - CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808). - CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967). - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). - CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074) - CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720). - CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803). - CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777). - CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742). - CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415). - CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711). - CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). - CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510). - CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). - CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) - CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874) - CVE-2024-36881: mm/userfaultfd: Fix reset ptes when close() for wr-protected (bsc#1225718). - CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). - CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). - CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1226604). - CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). - CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623) - CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). - CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) - CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). - CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). - CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840). - CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799). - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810). - CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811). - CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812). - CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). - CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929). - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823). - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829). - CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). - CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867). - CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). - CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). - CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021). - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247). - CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). - CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427). - CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460). - CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496). - CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518). - CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520). - CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530). - CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565). - CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499). - CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468). - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). - CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). - CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). - CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599). - CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640). - CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579). - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). - CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). - CVE-2024-41074: cachefiles: Set object to close if ondemand_id < 0 in copen (bsc#1228643). - CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646). - CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649). - CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655). - CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). - CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617). - CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472). - CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470). - CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457). - CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). - CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680). - CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446). - CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633). - CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). - CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494). - CVE-2024-42109: netfilter: nf_tables: unconditionally flush pending work before notifier (bsc#1228505). - CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). - CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568). - CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591). - CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705). - CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500). - CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503). - CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491). - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743). - CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). - CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733). - CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722). - CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727). - CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). - CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228754). - CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). - CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706). - CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723). - CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986). - CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978). - CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). - CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988). - CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391). - CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402). - CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404). - CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). - CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386). - CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383) - CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) - CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379). - CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374). - CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). - CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407). - CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357) - CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353). - CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351). - CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347) - CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315). - CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309). - CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314) - CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297). - CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). - CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316). - CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345) - CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342). - CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496). - CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495). - CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481). - CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) - CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754). - CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827). The following non-security bugs were fixed: - ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes). - ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes). - ACPI: battery: create alarm sysfs attribute atomically (stable-fixes). - ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git-fixes). - ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). - ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). - ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). - ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). - ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). - ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). - ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes). - ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes). - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable-fixes). - ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes). - ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes). - ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes). - ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable-fixes). - ALSA: hda/tas2781: Use correct endian conversion (git-fixes). - ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes). - ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes). - ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes). - ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes). - ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes). - ALSA: line6: Fix racy access to midibuf (stable-fixes). - ALSA: line6: Fix racy access to midibuf (stable-fixes). - ALSA: seq: Skip event type filtering for UMP events (git-fixes). - ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes). - ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes). - ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes). - ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes). - ALSA: timer: Relax start tick time check for slave timer elements (git-fixes). - ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes). - ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes). - ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes). - ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). - ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). - ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). - ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). - ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). - ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes). - ASoC: SOF: Remove libraries from topology lookups (git-fixes). - ASoC: SOF: Remove libraries from topology lookups (git-fixes). - ASoC: SOF: amd: Fix for acp init sequence (git-fixes). - ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes). - ASoC: SOF: mediatek: Add missing board compatible (stable-fixes). - ASoC: allow module autoloading for table board_ids (stable-fixes). - ASoC: allow module autoloading for table db1200_pids (stable-fixes). - ASoC: amd: acp: fix module autoloading (git-fixes). - ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182). - ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). - ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). - ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). - ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). - ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). - ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). - ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes). - ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). - ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). - ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes). - ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes). - ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). - ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). - ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable-fixes). - ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). - ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). - ASoC: nau8822: Lower debug print priority (stable-fixes). - ASoC: nau8822: Lower debug print priority (stable-fixes). - Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes). - Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). - Bluetooth: L2CAP: Fix deadlock (git-fixes). - Bluetooth: MGMT: Add error handling to pair_device() (git-fixes). - Bluetooth: SMP: Fix assumption of Central always being Initiator (git-fixes). - Bluetooth: bnep: Fix out-of-bound access (stable-fixes). - Bluetooth: btintel: Fail setup on error (git-fixes). - Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes). - Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable-fixes). - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable-fixes). - Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes). - Bluetooth: hci_core: Fix LE quote calculation (git-fixes). - Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). - Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). - Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes). - Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes). - Drop libata patch that caused a regression (bsc#1229054) - Fix build errors without patches.kabi (bsc#1226502) - HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). - Input: MT - limit max slots (stable-fixes). - Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056). - Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes). - Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes). - KVM: Always flush async #PF workqueue when vCPU is being destroyed (git-fixes). - KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git-fixes). - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). - KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199). - KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes). - KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). - KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (git-fixes). - KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes). - KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes). - KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git-fixes). - KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git-fixes). - KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). - KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes). - KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). - KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes). - KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes) - KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). - KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes). - KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes). - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). - KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). - KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes). - KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes). - KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes). - KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes). - KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes). - KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes). - KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes). - KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes). - KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). - KVM: s390: fix validity interception issue when gisa is switched off (git-fixes bsc#1229167). - KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes). - KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes). - Move upstreamed powerpc patches into sorted section - Move upstreamed sound patches into sorted section - Moved upstreamed ASoC patch into sorted section - NFSD: Support write delegations in LAYOUTGET (git-fixes). - NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). - PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes). - PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes). - PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes). - RDMA/cache: Release GID table even if leak is detected (git-fixes) - RDMA/device: Return error earlier if port in not valid (git-fixes) - RDMA/hns: Check atomic wr length (git-fixes) - RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes) - RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes) - RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) - RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) - RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes) - RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) - RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes) - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) - RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). - RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) - RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes) - RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) - RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) - RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes) - README.BRANCH: Add Petr Tesarik as branch maintainer - Revert "ALSA: firewire-lib: obsolete workqueue for period update" (bsc#1208783). - Revert "ALSA: firewire-lib: operate for period elapse event in process context" (bsc#1208783). - Revert "KVM: Prevent module exit until all VMs are freed" (git-fixes). - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (git-fixes). - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes). - Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" (git-fixes). - Revert "usb: gadget: uvc: cleanup request when not in correct state" (stable-fixes). - Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" (git-fixes). - SUNRPC: Fix a race to wake a sync task (git-fixes). - SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). - Squashfs: fix variable overflow triggered by sysbot (git-fixes). - USB: serial: debug: do not echo input by default (stable-fixes). - Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834) - Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920) - Update patch refefernce for MFD patch (jsc#PED-10029) - Update patch reference for MD patch (jsc#PED-10029 jsc#PED-10045) - Update patch reference for SPI patch (jsc#PED-10105) - Update patch reference for iwlwifi fix (jsc#PED-10055) - Update patch reference of USB patch (jsc#PED-10108) - Update patch references for ASoC regression fixes (bsc#1229045 bsc#1229046) - afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes). - apparmor: unpack transition table if dfa is not present (bsc#1226031). - arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes) - arm64: Add Neoverse-V2 part (git-fixes) - arm64: Fix KASAN random tag seed initialization (git-fixes) - arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes) - arm64: barrier: Restore spec_bar() macro (git-fixes) - arm64: cputype: Add Cortex-A720 definitions (git-fixes) - arm64: cputype: Add Cortex-A725 definitions (git-fixes) - arm64: cputype: Add Cortex-X1C definitions (git-fixes) - arm64: cputype: Add Cortex-X3 definitions (git-fixes) - arm64: cputype: Add Cortex-X4 definitions (git-fixes) - arm64: cputype: Add Cortex-X925 definitions (git-fixes) - arm64: cputype: Add Neoverse-V3 definitions (git-fixes) - arm64: dts: imx8mp: Add NPU Node (git-fixes) - arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes) - arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes) - arm64: dts: imx8mp: add HDMI power-domains (git-fixes) - arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) - arm64: errata: Expand speculative SSBS workaround (git-fixes) - arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files. - arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git-fixes) - ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable-fixes). - ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable-fixes). - blacklist.conf: Add libata upstream revert entry (bsc#1229054) - blacklist.conf: printk/sysctl: breaks kernel without pre-requisite patches (bsc#1229025) - bnxt_re: Fix imm_data endianness (git-fixes) - bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes) - bpf, lpm: Fix check prefixlen before walking trie (git-fixes). - bpf/tests: Remove duplicate JSGT tests (git-fixes). - bpf: Add crosstask check to __bpf_get_stack (git-fixes). - bpf: Detect IP == ksym.end as part of BPF program (git-fixes). - bpf: Ensure proper register state printing for cond jumps (git-fixes). - bpf: Fix a few selftest failures due to llvm18 change (git-fixes). - bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). - bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes). - bpf: Fix kfunc callback register type handling (git-fixes). - bpf: Fix prog_array_map_poke_run map poke update (git-fixes). - bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes). - bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git-fixes). - bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes). - bpf: Set uattr->batch.count as zero before batched update or deletion (git-fixes). - bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git-fixes). - bpf: enforce precision of R0 on callback return (git-fixes). - bpf: extract bpf_ctx_convert_map logic and make it more reusable (git-fixes). - bpf: fix control-flow graph checking in privileged mode (git-fixes). - bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes). - bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes). - bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). - bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git-fixes). - bpftool: Align output skeleton ELF code (git-fixes). - bpftool: Fix -Wcast-qual warning (git-fixes). - bpftool: Silence build warning about calloc() (git-fixes). - bpftool: mark orphaned programs during prog show (git-fixes). - btrfs: add a btrfs_finish_ordered_extent helper (git-fixes). - btrfs: add a is_data_bbio helper (git-fixes). - btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes). - btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321). - btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes). - btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes). - btrfs: factor out a can_finish_ordered_extent helper (git-fixes). - btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes). - btrfs: fix double inode unlock for direct IO sync writes (git-fixes). - btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes). - btrfs: fix leak of qgroup extent records after transaction abort (git-fixes). - btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git-fixes). - btrfs: limit write bios to a single ordered extent (git-fixes). - btrfs: make btrfs_finish_ordered_extent() return void (git-fixes). - btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes). - btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes). - btrfs: open code end_extent_writepage in end_bio_extent_writepage (git-fixes). - btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes). - btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes). - btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes). - btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes). - btrfs: remove btrfs_add_ordered_extent (git-fixes). - btrfs: rename err to ret in btrfs_direct_write() (git-fixes). - btrfs: uninline some static inline helpers from tree-log.h (git-fixes). - btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git-fixes). - btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes). - btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes). - btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git-fixes). - btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git-fixes). - btrfs: use btrfs_finish_ordered_extent to complete direct writes (git-fixes). - btrfs: use irq safe locking when running and adding delayed iputs (git-fixes). - cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode (bsc#1229245). - cachefiles: add missing lock protection when polling (bsc#1229256). - cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244). - cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249). - cachefiles: cancel all requests for the object that is being dropped (bsc#1229255). - cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251). - cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240). - cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247). - cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246). - cachefiles: introduce object ondemand state (bsc#1229239). - cachefiles: make on-demand read killable (bsc#1229252). - cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243). - cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250). - cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253). - cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248). - cachefiles: resend an open request if the read request's object is closed (bsc#1229241). - cachefiles: stop sending new request when dropping object (bsc#1229254). - can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes). - can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). - ceph: periodically flush the cap releases (bsc#1230056). - cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). - cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). - cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). - cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). - cgroup: Remove unnecessary list_empty() (bsc#1222254). - cgroup: preserve KABI of cgroup_root (bsc#1222254). - char: xillybus: Check USB endpoints when probing device (git-fixes). - char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes). - char: xillybus: Refine workqueue handling (git-fixes). - check-for-config-changes: ignore also GCC_ASM_GOTO_OUTPUT_BROKEN Mainline commit f2f6a8e88717 ("init/Kconfig: remove CONFIG_GCC_ASM_GOTO_OUTPUT_WORKAROUND") replaced GCC_ASM_GOTO_OUTPUT_WORKAROUND with GCC_ASM_GOTO_OUTPUT_BROKEN. Ignore both when checking config changes. - clk: en7523: fix rate divider for slic and spi clocks (git-fixes). - clk: qcom: Park shared RCGs upon registration (git-fixes). - clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git-fixes). - clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git-fixes). - clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git-fixes). - clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git-fixes). - clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes). - clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes). - clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git-fixes). - clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes). - clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes). - clocksource/drivers/sh_cmt: Address race condition for clock events (stable-fixes). - config.sh: generate and install compile_commands.json (bsc#1228971) This file contains the command line options used to compile every C file. It's useful for the livepatching team. - cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472) - dev/parport: fix the array out-of-bounds risk (stable-fixes). - device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes). - dmaengine: dw: Add memory bus width verification (git-fixes). - dmaengine: dw: Add peripheral bus width verification (git-fixes). - docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). - driver core: Fix uevent_show() vs driver detach race (git-fixes). - drm/admgpu: fix dereferencing null pointer context (stable-fixes). - drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes). - drm/amd/display: Add null checker before passing variables (stable-fixes). - drm/amd/display: Adjust cursor position (git-fixes). - drm/amd/display: Check for NULL pointer (stable-fixes). - drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes). - drm/amd/display: avoid using null object of framebuffer (git-fixes). - drm/amd/display: fix cursor offset on rotation 180 (git-fixes). - drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes). - drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes). - drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). - drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes). - drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). - drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). - drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). - drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes). - drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes). - drm/amdgpu: Actually check flags for all context ops (stable-fixes). - drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). - drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). - drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes). - drm/amdgpu: Validate TA binary size (stable-fixes). - drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). - drm/amdgpu: fix potential resource leak warning (stable-fixes). - drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable-fixes). - drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). - drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes). - drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). - drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). - drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes). - drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes). - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes). - drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes). - drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git-fixes). - drm/lima: set gp bus_stop bit before hard reset (stable-fixes). - drm/mediatek/dp: Fix spurious kfree() (git-fixes). - drm/msm/dp: fix the max supported bpp logic (git-fixes). - drm/msm/dp: reset the link phy params before link training (git-fixes). - drm/msm/dpu: capture snapshot on the first commit_done timeout (stable-fixes). - drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). - drm/msm/dpu: do not play tricks with debug macros (git-fixes). - drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes). - drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes). - drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable-fixes). - drm/msm/dpu: take plane rotation into account for wide planes (git-fixes). - drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes). - drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable-fixes). - drm/msm/mdss: Rename path references to mdp_path (stable-fixes). - drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes). - drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes). - drm/nouveau: prime: fix refcount underflow (git-fixes). - drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes). - drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024). - drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes). - drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes). - drm/virtio: Fix type of dma-fence context variable (git-fixes). - drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). - drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). - drm/vmwgfx: Fix prime with external buffers (git-fixes). - efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes). - evm: do not copy up 'security.evm' xattr (git-fixes). - firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes). - fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455). - fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456). - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes). - genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes). - genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes). - gfs2: setattr_chown: Add missing initialization (git-fixes). - gpio: mlxbf3: Support shutdown() function (git-fixes). - gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable-fixes). - gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes). - gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes). - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). - hwmon: (ltc2992) Avoid division by zero (stable-fixes). - hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes). - hwmon: (pc87360) Bounds check data->innr usage (stable-fixes). - i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). - i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). - i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes). - i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). - i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). - i2c: riic: avoid potential division by zero (stable-fixes). - i2c: smbus: Improve handling of stuck alerts (git-fixes). - i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). - i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes). - i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable-fixes). - i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable-fixes). - i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes). - ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737). - io_uring/advise: support 64-bit lengths (git-fixes). - io_uring: Drop per-ctx dummy_ubuf (git-fixes). - io_uring: Fix probe of disabled operations (git-fixes). - io_uring: fix io_match_task must_hold (git-fixes). - io_uring: tighten task exit cancellations (git-fixes). - iommu/amd: Convert comma to semicolon (git-fixes). - iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes). - iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git-fixes). - ip6_tunnel: Fix broken GRO (bsc#1229444). - ipv6: sr: fix incorrect unregister order (git-fixes). - irqdomain: Fixed unbalanced fwnode get and put (git-fixes). - jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes). - jfs: define xtree root and page independently (git-fixes). - jfs: fix null ptr deref in dtInsertEntry (git-fixes). - jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git-fixes). - jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes). - jump_label: Fix the fix, brown paper bags galore (git-fixes). - jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git-fixes). - kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes). - kABI workaround for sound core UMP conversion (stable-fixes). - kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). - kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). - kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) - kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users. - kcov: properly check for softirq context (git-fixes). - kernel-binary: generate and install compile_commands.json (bsc#1228971) - kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134). - kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git-fixes). - kprobes: Fix to check symbol prefixes correctly (git-fixes). - kprobes: Prohibit probing on CFI preamble symbol (git-fixes). - kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168). - libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes). - libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git-fixes). - libbpf: Fix faccessat() usage on Android (git-fixes). - libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes). - md-cluster: fix hanging issue while a new disk adding (bsc#1223395). - md-cluster: fix hanging issue while a new disk adding (bsc#1223395). - md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). - md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). - md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395). - md/md-bitmap: fix writing non bitmap pages (git-fixes). - md/raid1: set max_sectors during early return from choose_slow_rdev() (git-fixes). - md/raid1: support read error check (git-fixes). - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes). - md/raid5: fix spares errors about rcu usage (git-fixes). - md/raid5: recheck if reshape has finished with device_lock held (git-fixes). - md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git-fixes). - md: add a mddev_add_trace_msg helper (git-fixes). - md: add check for sleepers in md_wakeup_thread() (git-fixes). - md: change the return value type of md_write_start to void (git-fixes). - md: do not account sync_io if iostats of the disk is disabled (git-fixes). - md: do not delete safemode_timer in mddev_suspend (git-fixes). - md: factor out a helper exceed_read_errors() to check read_errors (git-fixes). - md: fix a suspicious RCU usage warning (git-fixes). - media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes). - media: amphion: Remove lock in s_ctrl callback (stable-fixes). - media: drivers/media/dvb-core: copy user arrays safely (stable-fixes). - media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). - media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes). - media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes). - media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes). - media: uvcvideo: Ignore empty TS packets (stable-fixes). - media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes). - media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes). - memcg: protect concurrent access to mem_cgroup_idr (git-fixes). - memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes). - memory: tegra: Skip SID programming if SID registers are not set (stable-fixes). - minmax: add a few more MIN_T/MAX_T users (bsc#1229024). - minmax: avoid overly complicated constant expressions in VM code (bsc#1229024). - minmax: do not use max() in situations that want a C constant expression (bsc#1229024). - minmax: fix up min3() and max3() too (bsc#1229024). - minmax: improve macro expansion and type checking (bsc#1229024). - minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024). - minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024). - minmax: simplify min()/max()/clamp() implementation (bsc#1229024). - mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). - mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). - mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). - mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). - mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes). - net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451). - net/iucv: fix use after free in iucv_sock_close() (bsc#1228973). - net/rds: fix possible cp null dereference (git-fixes). - net/sched: initialize noop_qdisc owner (git-fixes). - net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). - net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes). - net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757). - net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). - net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). - net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). - net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes). - net: missing check virtio (git-fixes). - net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes). - net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes). - net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). - net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes). - netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). - nfc: pn533: Add poll mod list filling check (git-fixes). - nfs: do not invalidate dentries on transient errors (git-fixes). - nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). - nfs: make the rpc_stat per net namespace (git-fixes). - nfs: pass explicit offset/count to trace events (git-fixes). - nfs: propagate readlink errors in nfs_symlink_filler (git-fixes). - nouveau/firmware: use dma non-coherent allocator (git-fixes). - nvme-multipath: find NUMA path only for online numa-node (git-fixes). - nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706). - nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706). - nvme-pci: Fix the instructions for disabling power management (git-fixes). - nvme-pci: add missing condition check for existence of mapped data (git-fixes). - nvme-pci: do not directly handle subsys reset fallout (bsc#1220066). - nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857). - nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857). - nvme-tcp: check for invalidated or revoked key (bsc#1221857). - nvme-tcp: sanitize TLS key handling (bsc#1221857). - nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857). - nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). - nvme: avoid double free special payload (git-fixes). - nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git-fixes). - nvme: fixup comment for nvme RDMA Provider Type (git-fixes). - nvme: split off TLS sysfs attributes into a separate group (bsc#1221857). - nvme: tcp: remove unnecessary goto statement (bsc#1221857). - nvme_core: scan namespaces asynchronously (bsc#1224105). - nvmet-auth: fix nvmet_auth hash error handling (git-fixes). - nvmet: always initialize cqe.result (git-fixes). - nvmet: do not return 'reserved' for empty TSAS values (git-fixes). - nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes). - nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes). - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). - padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). - perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes). - pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes). - pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git-fixes). - pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes). - pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes). - platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes). - platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes). - platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). - platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). - platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). - platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). - platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). - platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). - platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). - platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). - platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). - platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). - platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). - platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). - platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). - platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). - platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes). - platform/x86: lg-laptop: fix %s null argument warning (stable-fixes). - power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes). - power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). - power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes). - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). - powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). - powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). - powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). - powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). - powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). - powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). - powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). - powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). - powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). - powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). - printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607). - reiserfs: fix uninit-value in comp_keys (git-fixes). - rtc: nct3018y: fix possible NULL dereference (stable-fixes). - s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171). - s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173). - s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452). - s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174). - s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172). - s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172). - s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720). - s390/pkey: introduce dynamic debugging for pkey (bsc#1228720). - s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169). - s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170). - samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes). - samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes). - sbitmap: use READ_ONCE to access map->word (stable-fixes). - scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). - scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). - scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). - scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). - scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). - scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). - scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). - scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). - scsi: qla2xxx: Complete command early within lock (bsc#1228850). - scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). - scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). - scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). - scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). - scsi: qla2xxx: Fix flash read failure (bsc#1228850). - scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). - scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). - scsi: qla2xxx: Indent help text (bsc#1228850). - scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). - scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). - scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). - scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). - scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). - scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). - scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). - selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes). - selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903). - selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes). - selftests/bpf: Add netkit to tc_redirect selftest (git-fixes). - selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes). - selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes). - selftests/bpf: Fix erroneous bitmask operation (git-fixes). - selftests/bpf: Fix issues in setup_classid_environment() (git-fixes). - selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes). - selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes). - selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes). - selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes). - selftests/bpf: Make linked_list failure test more robust (git-fixes). - selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git-fixes). - selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes). - selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes). - selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes). - selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git-fixes). - selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes). - selftests/bpf: satisfy compiler by having explicit return in btf test (git-fixes). - serial: core: check uartclk for zero to avoid divide by zero (stable-fixes). - soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes). - soc: qcom: pmic_glink: Actually communicate when remote goes down (git-fixes). - soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes). - spi: Add empty versions of ACPI functions (stable-fixes). - spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes). - spi: microchip-core: switch to use modern name (stable-fixes). - spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). - spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes). - squashfs: squashfs_read_data need to check if the length is 0 (git-fixes). - ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes). - staging: iio: resolver: ad2s1210: fix use before initialization (stable-fixes). - staging: ks7010: disable bh on tx_dev_lock (stable-fixes). - string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849). - sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). - swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git-fixes). - swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). - syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). - thermal/drivers/broadcom: Fix race between removal and clock disable (git-fixes). - thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes). - thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes). - tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747). - tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747). - tools/perf: Fix timing issue with parallel threads in perf bench wake-up-parallel (bsc#1227747). - tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes). - tools/resolve_btfids: Fix cross-compilation to non-host endianness (git-fixes). - tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git-fixes). - tools/resolve_btfids: fix build with musl libc (git-fixes). - trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes). - tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). - tty: atmel_serial: use the correct RTS flag (git-fixes). - tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git-fixes). - usb: cdnsp: fix for Link TRB with TC (git-fixes). - usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes). - usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes). - usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes). - usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: add missing depopulate in probe error path (git-fixes). - usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). - usb: gadget: core: Check for unset descriptor (git-fixes). - usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes). - usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes). - usb: gadget: u_serial: Set start_delayed during suspend (git-fixes). - usb: gadget: uvc: cleanup request when not in correct state (stable-fixes). - usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes). - usb: typec: fsa4480: Check if the chip is really there (git-fixes). - usb: typec: fsa4480: Relax CHIP_ID check (git-fixes). - usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes). - usb: typec: fsa4480: rework mux & switch setup to handle more states (git-fixes). - usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes). - vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). - vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes). - vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). - vhost/vsock: always initialize seqpacket_allow (git-fixes). - vhost: Release worker mutex during flushes (git-fixes). - vhost: Use virtqueue mutex for swapping worker (git-fixes). - virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes). - virtio-crypto: handle config changed by work queue (git-fixes). - virtio: reenable config if freezing device failed (git-fixes). - virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). - virtiofs: forbid newlines in tags (bsc#1229940). - wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable-fixes). - wifi: ath12k: fix soft lockup on suspend (git-fixes). - wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes). - wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes). - wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). - wifi: mac80211: use monitor sdata with driver only if desired (git-fixes). - wifi: mwifiex: duplicate static structs used in driver instances (git-fixes). - wifi: nl80211: disallow setting special AP channel widths (stable-fixes). - wifi: nl80211: do not give key data to userspace (stable-fixes). - wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes). - wifi: wfx: repair open network AP mode (git-fixes). - workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). - workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). - x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git-fixes). - x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes). - x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). - x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes). - x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). - x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git-fixes). - x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes). - x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes). - x86/numa: Introduce numa_fill_memblks() (git-fixes). - x86/pci: Skip early E820 check for ECAM region (git-fixes). - x86/xen: Convert comma to semicolon (git-fixes). - xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). - xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). - xfs: allow cross-linking special files without project quota (git-fixes). - xfs: allow symlinks with short remote targets (bsc#1229160). - xfs: allow unlinked symlinks and dirs with zero size (git-fixes). - xfs: attr forks require attr, not attr2 (git-fixes). - xfs: convert comma to semicolon (git-fixes). - xfs: do not use current->journal_info (git-fixes). - xfs: fix unlink vs cluster buffer instantiation race (git-fixes). - xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes). - xfs: journal geometry is not properly bounds checked (git-fixes). - xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes). - xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes). - xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git-fixes). - xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). - xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes). - xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). - xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).

Security update for the Linux Kernel

kernel-source-rt kernel-source-rt:kernel-rt kernel-source-rt:kernel-rt_debug kernel-source-rt:kernel-syms-rt kernel-livepatch-MICRO-6-0-RT_Update_2