SUSE_ALP_Standard/patchinfo.20240905161518457739.90520734224245/_patchinfo

1760 lines
142 KiB
Plaintext

<patchinfo>
<!-- generated with prepare-submission.rb from request 343755 -->
<issue id="1228971" tracker="bnc">Install compile_commands.json in kernel live patching devel package</issue>
<issue id="1012628" tracker="bnc">Continuous stable update tracker for Tumbleweed</issue>
<issue id="1193454" tracker="bnc">Partner-L3: SLES15 SP4: Hardlockups observed while doing smt=off or offlining cores.[Denali][P10][2TB/240c]</issue>
<issue id="1194869" tracker="bnc">[TRACKERBUG] 5.14 powerpc base kernel fixes</issue>
<issue id="1205462" tracker="bnc">Switching SMT modes takes a long time</issue>
<issue id="1208783" tracker="bnc">Kernel hard lockup when initializing FW sound device with jackdbus</issue>
<issue id="1213123" tracker="bnc">VUL-0: CVE-2023-37453: kernel: out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.</issue>
<issue id="1214285" tracker="bnc">All threads of hotplugged CPUs onlined by kernel even when SMT mode with fewer threads is set.</issue>
<issue id="1215199" tracker="bnc">[trackerbug] 6.4 powerpc base kernel fixes</issue>
<issue id="1220066" tracker="bnc">SLES15 SP6: NVME Subsytem not recovered after NVME subsystem reset (Shearwater/NVME/Denali/P10)</issue>
<issue id="1220252" tracker="bnc">VUL-0: CVE-2024-26590: kernel-source,kernel-source-azure,kernel-source-rt: erofs: fix inconsistent per-file compression format</issue>
<issue id="1220877" tracker="bnc">VUL-0: CVE-2023-52581: kernel: netfilter: nf_tables: fix memleak when more than 255 elements expired</issue>
<issue id="1221326" tracker="bnc">VUL-0: CVE-2023-52489: kernel: mm/sparsemem: fix race in accessing memory_section-&gt;usage</issue>
<issue id="1221630" tracker="bnc">VUL-0: CVE-2024-26631: kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work</issue>
<issue id="1221645" tracker="bnc">SLES15 SP6 - [P10] - LPAR crashes and hangs on running ksefltest powerpc/mce/inject-ra-err with parameter "percpu_alloc=page" enabled</issue>
<issue id="1221652" tracker="bnc">VUL-0: CVE-2024-26637: kernel: wifi: ath11k: rely on mac80211 debugfs handling for vif</issue>
<issue id="1221857" tracker="bnc">[NetApp SLES15 SP6 Bug]: nvme connect with --tls_key option succeeds, but fails with --tls option</issue>
<issue id="1222254" tracker="bnc">L3: Unresponsive /run/systemd/userdb/io.systemd.DynamicUser adding 45 second delay to su commands</issue>
<issue id="1222335" tracker="bnc">VUL-0: CVE-2024-26668: kernel: netfilter: nft_limit: reject configurations that cause integer overflow</issue>
<issue id="1222350" tracker="bnc">VUL-0: CVE-2024-26669: kernel: net/sched: flower: Fix chain template offload</issue>
<issue id="1222364" tracker="bnc">VUL-0: CVE-2024-26720: kernel: mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again</issue>
<issue id="1222372" tracker="bnc">VUL-0: CVE-2024-26735: kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref</issue>
<issue id="1222387" tracker="bnc">VUL-0: CVE-2024-26677: kernel: rxrpc: Fix delayed ACKs to not set the reference serial number</issue>
<issue id="1222433" tracker="bnc">VUL-0: CVE-2024-26682: kernel: wifi: mac80211: improve CSA/ECSA connection refusal</issue>
<issue id="1222434" tracker="bnc">VUL-0: CVE-2024-26683: kernel: wifi: cfg80211: detect stuck ECSA element in probe resp</issue>
<issue id="1222625" tracker="bnc">VUL-0: CVE-2024-27437: kernel: vfio/pci: Disable auto-enable of exclusive INTx IRQ</issue>
<issue id="1222633" tracker="bnc">VUL-0: CVE-2024-26809: kernel: netfilter: nft_set_pipapo: release elements in clone only from destroy path</issue>
<issue id="1222634" tracker="bnc">VUL-0: CVE-2024-26808: kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain</issue>
<issue id="1222808" tracker="bnc">VUL-0: CVE-2024-26812: kernel: vfio/pci: Create persistent INTx handler</issue>
<issue id="1222967" tracker="bnc">VUL-0: CVE-2024-26835: kernel: netfilter: nf_tables: table marked as active but no registered hooks during memory pressure</issue>
<issue id="1222973" tracker="bnc">VUL-0: CVE-2024-26837: kernel: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay</issue>
<issue id="1223053" tracker="bnc">VUL-0: CVE-2024-26849: kernel: netlink: read past the malformed (too small) attribute</issue>
<issue id="1223074" tracker="bnc">VUL-0: CVE-2024-26851: kernel: netfilter: nf_conntrack_h323: bmp length out of range</issue>
<issue id="1223191" tracker="bnc">powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt</issue>
<issue id="1223395" tracker="bnc">clustermd doesn't do recovery after adding a new disk</issue>
<issue id="1223635" tracker="bnc">VUL-0: CVE-2024-26976: kernel: KVM: Always flush async #PF workqueue when vCPU is being destroyed</issue>
<issue id="1223720" tracker="bnc">VUL-0: CVE-2024-27010: kernel: net/sched: Fix mirred deadlock on device recursion</issue>
<issue id="1223731" tracker="bnc">VUL-0: CVE-2024-26944: kernel: btrfs: zoned: use-after-free in do_zone_finish()</issue>
<issue id="1223742" tracker="bnc">VUL-0: CVE-2024-27079: kernel: iommu/vt-d: Fix NULL domain on device release</issue>
<issue id="1223763" tracker="bnc">VUL-0: CVE-2024-27049: kernel: wifi: mt76: mt7925e: fix use-after-free in free_irq()</issue>
<issue id="1223767" tracker="bnc">VUL-0: CVE-2024-27050: libbpf: use OPTS_SET() macro in bpf_xdp_query()</issue>
<issue id="1223777" tracker="bnc">VUL-0: CVE-2024-27024: kernel: net/rds: fix WARNING in rds_conn_connect_if_down</issue>
<issue id="1223803" tracker="bnc">VUL-0: CVE-2024-27011: kernel: netfilter: nf_tables: fix memleak in map from abort path</issue>
<issue id="1224105" tracker="bnc">Partner-L3: [SLES15 SP4] [native nvme multipath] Delays observed in device wwn symmlink initialization in scaled environment</issue>
<issue id="1224415" tracker="bnc">VUL-0: CVE-2024-27403: kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow</issue>
<issue id="1224485" tracker="bnc">VUL-0: CVE-2024-35913: kernel: wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF</issue>
<issue id="1224496" tracker="bnc">VUL-0: CVE-2024-35902: kernel: net/rds: fix possible cp null dereference</issue>
<issue id="1224510" tracker="bnc">VUL-0: CVE-2024-35897: kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion</issue>
<issue id="1224535" tracker="bnc">VUL-0: CVE-2024-35939: kernel: dma-direct: Leak pages on dma_set_decrypted() failure</issue>
<issue id="1224631" tracker="bnc">VUL-0: CVE-2023-52688: kernel: wifi: ath12k: fix the error handler of rfkill config</issue>
<issue id="1224636" tracker="bnc">VUL-0: CVE-2024-35854: kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash</issue>
<issue id="1224690" tracker="bnc">VUL-0: CVE-2023-52668: kernel: btrfs: zoned: fix lock ordering in btrfs_zone_activate()</issue>
<issue id="1224694" tracker="bnc">VUL-0: CVE-2024-35855: kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update</issue>
<issue id="1224700" tracker="bnc">VUL-0: CVE-2024-35949: kernel: btrfs: make sure that WRITTEN is set on all metadata blocks</issue>
<issue id="1224711" tracker="bnc">VUL-0: CVE-2024-27433: kernel: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe()</issue>
<issue id="1225475" tracker="bnc">VUL-0: CVE-2023-52735: kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself</issue>
<issue id="1225582" tracker="bnc">VUL-0: CVE-2023-52859: kernel: perf: hisi: Fix use-after-free when register pmu fails</issue>
<issue id="1225607" tracker="bnc">[PATCH] printk: console flushing fixes</issue>
<issue id="1225718" tracker="bnc">VUL-0: CVE-2024-36881: kernel: mm/userfaultfd: reset ptes when close() for wr-protected ones</issue>
<issue id="1225751" tracker="bnc">VUL-0: CVE-2024-36907: kernel: SUNRPC: add a missing rpc_stat for TCP TLS</issue>
<issue id="1225814" tracker="bnc">VUL-0: CVE-2024-36929: kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs</issue>
<issue id="1225832" tracker="bnc">VUL-0: CVE-2024-36933: kernel: nsh: Restore skb-&gt;{protocol,data,mac_header} for outer header in nsh_gso_segment().</issue>
<issue id="1225838" tracker="bnc">VUL-0: CVE-2024-36939: kernel: nfs: Handle error of rpc_proc_register() in nfs_net_init().</issue>
<issue id="1225903" tracker="bnc">bpf: backport of iterator and callback handling fixes</issue>
<issue id="1226031" tracker="bnc">apparmor stops working due to "aa-logprof ERROR: Can't parse mount rule mount "" -&gt; "/","</issue>
<issue id="1226127" tracker="bnc">VUL-0: CVE-2024-36970: kernel: wifi: iwlwifi: Use request_module_nowait</issue>
<issue id="1226502" tracker="bnc">Backport arm64 write combining support optimization to SLES 15</issue>
<issue id="1226530" tracker="bnc">[Trackerbug] Mana: Add support for page sizes other than 4KB on ARM64</issue>
<issue id="1226588" tracker="bnc">cachefiles: remove requests from xarray during flushing requests</issue>
<issue id="1226604" tracker="bnc">VUL-0: CVE-2024-36979: kernel: net: bridge: mst: fix vlan use-after-free</issue>
<issue id="1226743" tracker="bnc">VUL-0: CVE-2024-38563: kernel: wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature</issue>
<issue id="1226751" tracker="bnc">VUL-0: CVE-2024-38609: kernel: wifi: mt76: connac: check for null before dereferencing</issue>
<issue id="1226765" tracker="bnc">VUL-0: CVE-2024-31076: kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline</issue>
<issue id="1226798" tracker="bnc">VUL-0: CVE-2024-36270: kernel: netfilter: tproxy: bail out if IP has been disabled on the device</issue>
<issue id="1226801" tracker="bnc">VUL-0: CVE-2024-36286: kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu()</issue>
<issue id="1226834" tracker="bnc">VUL-0: CVE-2024-36288: kernel: SUNRPC: Fix loop termination condition in gss_free_in_token_pages()</issue>
<issue id="1226874" tracker="bnc">VUL-0: CVE-2024-36489: kernel: tls: fix missing memory barrier in tls_init</issue>
<issue id="1226885" tracker="bnc">VUL-0: CVE-2024-38662: kernel: bpf: allow delete from sockmap/sockhash only if update is allowed</issue>
<issue id="1226920" tracker="bnc">Partner-L3: SLES15 SP6 GM [ Brazos ] [ 31TB/192c ]: Brazos 32TB/192c system fails to boot with SLES15 SP6.</issue>
<issue id="1227149" tracker="bnc">Bump base code of iwlwifi to 6.9.x (or 6.10.x)</issue>
<issue id="1227182" tracker="bnc">Builtin microphone doesn't work on OMEN by HP Gaming Laptop 16-n0xxx</issue>
<issue id="1227383" tracker="bnc">VUL-0: kernel: slab-out-of-bounds in hex_dump_to_buffer</issue>
<issue id="1227437" tracker="bnc">VUL-0: CVE-2024-39476: kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING</issue>
<issue id="1227492" tracker="bnc">VUL-0: CVE-2024-39486: kernel: drm/drm_file: Fix pid refcounting race</issue>
<issue id="1227493" tracker="bnc">VUL-0: CVE-2024-39484: kernel: mmc: davinci: Don't strip remove function when driver is builtin</issue>
<issue id="1227494" tracker="bnc">VUL-0: CVE-2024-39483: kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked</issue>
<issue id="1227618" tracker="bnc">VUL-0: CVE-2024-39488: kernel: arm64: asm-bug: add .align 2 to the end of __BUG_ENTRY</issue>
<issue id="1227620" tracker="bnc">VUL-0: CVE-2024-39493: kernel: crypto: qat - fix ADF_DEV_RESET_SYNC memory leak</issue>
<issue id="1227623" tracker="bnc">VUL-0: CVE-2024-39489: kernel: ipv6: sr: fix memleak in seg6_hmac_init_algo</issue>
<issue id="1227627" tracker="bnc">VUL-0: CVE-2024-39491: kernel: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance</issue>
<issue id="1227634" tracker="bnc">SLES 15 SP6 - KVM: s390: unhandled guest LPSWEY instruction</issue>
<issue id="1227706" tracker="bnc">[NetApp SLES15 SP6 RFE]: Add new NVMe queue-depth based I/O scheduler</issue>
<issue id="1227722" tracker="bnc">VUL-0: CVE-2024-39497: kernel: drm/shmem-helper: fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)</issue>
<issue id="1227724" tracker="bnc">VUL-0: CVE-2024-39500: kernel: sock_map: avoid race between sock_map_close and sk_psock_put</issue>
<issue id="1227725" tracker="bnc">VUL-0: CVE-2024-39499: kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver()</issue>
<issue id="1227728" tracker="bnc">VUL-0: CVE-2024-39505: kernel: drm/komeda: check for error-valued pointer</issue>
<issue id="1227729" tracker="bnc">VUL-0: CVE-2024-39506: kernel: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet</issue>
<issue id="1227732" tracker="bnc">VUL-0: CVE-2024-39508: kernel: io_uring/io-wq: use set_bit() and test_bit() at worker-&gt;flags</issue>
<issue id="1227733" tracker="bnc">VUL-0: CVE-2024-39509: kernel: HID: core: remove unnecessary WARN_ON() in implement()</issue>
<issue id="1227734" tracker="bnc">VUL-0: CVE-2024-39510: kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read()</issue>
<issue id="1227747" tracker="bnc">SLES15 SP6 [6.4.0-150600.13-default] perf bench futex/wake-parallel test fails</issue>
<issue id="1227750" tracker="bnc">VUL-0: CVE-2023-52885: kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()</issue>
<issue id="1227754" tracker="bnc">VUL-0: CVE-2024-39501: kernel: drivers: core: synchronize really_probe() and dev_uevent()</issue>
<issue id="1227758" tracker="bnc">VUL-0: CVE-2024-40899: kernel: cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd()</issue>
<issue id="1227760" tracker="bnc">VUL-0: CVE-2024-40900: kernel: cachefiles: remove requests from xarray during flushing requests</issue>
<issue id="1227761" tracker="bnc">VUL-0: CVE-2024-40905: kernel: ipv6: fix possible race in __fib6_drop_pcpu_from()</issue>
<issue id="1227764" tracker="bnc">VUL-0: CVE-2024-40902: kernel: jfs: xattr: fix buffer overflow for invalid xattr</issue>
<issue id="1227766" tracker="bnc">VUL-0: CVE-2024-40903: kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps</issue>
<issue id="1227770" tracker="bnc">VUL-0: CVE-2024-40942: kernel: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects</issue>
<issue id="1227771" tracker="bnc">VUL-0: CVE-2024-40941: kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation</issue>
<issue id="1227772" tracker="bnc">VUL-0: CVE-2024-40904: kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages</issue>
<issue id="1227774" tracker="bnc">VUL-0: CVE-2024-40929: kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids</issue>
<issue id="1227781" tracker="bnc">VUL-0: CVE-2024-40920: kernel: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state</issue>
<issue id="1227784" tracker="bnc">VUL-0: CVE-2024-40921: kernel: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state</issue>
<issue id="1227785" tracker="bnc">VUL-0: CVE-2024-40922: kernel: io_uring/rsrc: don't lock while !TASK_RUNNING</issue>
<issue id="1227787" tracker="bnc">VUL-0: CVE-2024-40924: kernel: drm/i915/dpt: make DPT object unshrinkable</issue>
<issue id="1227790" tracker="bnc">VUL-0: CVE-2024-40912: kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup()</issue>
<issue id="1227791" tracker="bnc">VUL-0: CVE-2024-40926: kernel: drm/nouveau: don't attempt to schedule hpd_work on headless cards</issue>
<issue id="1227792" tracker="bnc">VUL-0: CVE-2024-40911: kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station</issue>
<issue id="1227796" tracker="bnc">VUL-0: CVE-2024-40934: kernel: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode()</issue>
<issue id="1227798" tracker="bnc">VUL-0: CVE-2024-40909: kernel: bpf: Fix a potential use-after-free in bpf_link_free()</issue>
<issue id="1227799" tracker="bnc">VUL-0: CVE-2024-40939: kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail</issue>
<issue id="1227802" tracker="bnc">VUL-0: CVE-2024-40945: kernel: iommu: Return right value in iommu_sva_bind_device()</issue>
<issue id="1227808" tracker="bnc">VUL-0: CVE-2024-40954: kernel: net: do not leave a dangling sk pointer, when socket creation fails</issue>
<issue id="1227810" tracker="bnc">VUL-0: CVE-2024-40956: kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list</issue>
<issue id="1227811" tracker="bnc">VUL-0: CVE-2024-40957: kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors</issue>
<issue id="1227812" tracker="bnc">VUL-0: CVE-2024-40958: kernel: netns: Make get_net_ns() handle zero refcount net</issue>
<issue id="1227815" tracker="bnc">VUL-0: CVE-2024-40962: kernel: btrfs: zoned: allocate dummy checksums for zoned NODATASUM writes</issue>
<issue id="1227816" tracker="bnc">VUL-0: CVE-2024-40927: kernel: xhci: handle TD clearing for multiple streams case</issue>
<issue id="1227818" tracker="bnc">VUL-0: CVE-2024-40964: kernel: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind()</issue>
<issue id="1227820" tracker="bnc">VUL-0: CVE-2024-40984: kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."</issue>
<issue id="1227823" tracker="bnc">VUL-0: CVE-2024-40989: kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown</issue>
<issue id="1227824" tracker="bnc">VUL-0: CVE-2024-40990: kernel: RDMA/mlx5: Add check for srq max_sge attribute</issue>
<issue id="1227826" tracker="bnc">VUL-0: CVE-2024-40992: kernel: RDMA/rxe: Fix responder length checking for UD request packets</issue>
<issue id="1227828" tracker="bnc">VUL-0: CVE-2024-40932: kernel: drm/exynos/vidi: fix memory leak in .get_modes()</issue>
<issue id="1227829" tracker="bnc">VUL-0: CVE-2024-40994: kernel: ptp: fix integer overflow in max_vclocks_store</issue>
<issue id="1227830" tracker="bnc">VUL-0: CVE-2024-40995: kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()</issue>
<issue id="1227832" tracker="bnc">VUL-0: CVE-2024-40910: kernel: ax25: Fix refcount imbalance on inbound connections</issue>
<issue id="1227833" tracker="bnc">VUL-0: CVE-2024-40936: kernel: cxl/region: fix memregion leaks in devm_cxl_add_region()</issue>
<issue id="1227834" tracker="bnc">[TRACKERBUG] Enable the vdpa driver on SLE15SP6 natively</issue>
<issue id="1227839" tracker="bnc">VUL-0: CVE-2024-40913: kernel: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds</issue>
<issue id="1227840" tracker="bnc">VUL-0: CVE-2024-40938: kernel: landlock: fix d_parent walk</issue>
<issue id="1227846" tracker="bnc">VUL-0: CVE-2024-40916: kernel: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found</issue>
<issue id="1227849" tracker="bnc">VUL-0: CVE-2024-40943: kernel: ocfs2: fix races between hole punching and AIO+DIO</issue>
<issue id="1227851" tracker="bnc">VUL-0: CVE-2024-41004: kernel: tracing: build event generation tests only as modules</issue>
<issue id="1227853" tracker="bnc">VUL-0: CVE-2024-40997: kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit</issue>
<issue id="1227863" tracker="bnc">VUL-0: CVE-2024-41007: kernel: tcp: avoid too many retransmit packets</issue>
<issue id="1227864" tracker="bnc">VUL-0: CVE-2024-40981: kernel: batman-adv: bypass empty buckets in batadv_purge_orig_ref()</issue>
<issue id="1227865" tracker="bnc">VUL-0: CVE-2024-40982: kernel: ssb: fix potential NULL pointer dereference in ssb_device_uevent()</issue>
<issue id="1227867" tracker="bnc">VUL-0: CVE-2024-41000: kernel: block/ioctl: prefer different overflow check</issue>
<issue id="1227869" tracker="bnc">VUL-0: CVE-2024-41001: kernel: io_uring/sqpoll: work around a potential audit memory leak</issue>
<issue id="1227870" tracker="bnc">VUL-0: CVE-2024-41002: kernel: crypto: hisilicon/sec - fix memory leak for sec resource release</issue>
<issue id="1227883" tracker="bnc">VUL-0: CVE-2024-40944: kernel: x86/kexec: Fix bug with call depth tracking</issue>
<issue id="1227884" tracker="bnc">VUL-0: CVE-2024-40959: kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()</issue>
<issue id="1227891" tracker="bnc">VUL-0: CVE-2024-40967: kernel: serial: imx: Introduce timeout when waiting on transmitter empty</issue>
<issue id="1227893" tracker="bnc">VUL-0: CVE-2024-40976: kernel: drm/lima: mask irqs in timeout path before hard reset</issue>
<issue id="1227929" tracker="bnc">VUL-0: CVE-2024-40978: kernel: scsi: qedi: Fix crash while reading debugfs attribute</issue>
<issue id="1227950" tracker="bnc">VUL-0: CVE-2024-40977: kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery</issue>
<issue id="1227957" tracker="bnc">VUL-0: CVE-2024-40988: kernel: drm/radeon: fix UBSAN warning in kv_dpm.c</issue>
<issue id="1227981" tracker="bnc">VUL-0: CVE-2023-52886: kernel: USB: core: Fix race by not overwriting udev-&gt;descriptor in hub_port_init()</issue>
<issue id="1228020" tracker="bnc">VUL-0: CVE-2024-41009: kernel: bpf: Fix overrunning reservations in ringbuf</issue>
<issue id="1228021" tracker="bnc">VUL-0: CVE-2024-41010: kernel: bpf: Fix too early release of tcx_entry</issue>
<issue id="1228192" tracker="bnc">libceph: fix race between delayed_work() and ceph_monc_stop()</issue>
<issue id="1228235" tracker="bnc">VUL-0: CVE-2024-40987: kernel: drm/amdgpu: fix UBSAN warning in kv_dpm.c</issue>
<issue id="1228236" tracker="bnc">VUL-0: CVE-2024-40930: kernel: wifi: cfg80211: validate HE operation element parsing</issue>
<issue id="1228247" tracker="bnc">VUL-0: CVE-2024-41012: kernel: filelock: Remove locks reliably when fcntl/close race is detected</issue>
<issue id="1228321" tracker="bnc">fstests btrfs/300 fails on kernel 6.4</issue>
<issue id="1228409" tracker="bnc">VUL-0: CVE-2024-41015: kernel: ocfs2: add bounds checking to ocfs2_check_dir_entry()</issue>
<issue id="1228410" tracker="bnc">VUL-0: CVE-2024-41016: kernel: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()</issue>
<issue id="1228426" tracker="bnc">VUL-0: CVE-2023-52887: kernel: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new</issue>
<issue id="1228427" tracker="bnc">VUL-0: CVE-2024-41020: kernel: filelock: fix fcntl/close race recovery compat path</issue>
<issue id="1228429" tracker="bnc">VUL-0: CVE-2024-41022: kernel: drm/amdgpu: fix signedness bug in sdma_v4_0_process_trap_irq()</issue>
<issue id="1228446" tracker="bnc">VUL-0: CVE-2024-42095: kernel: serial: 8250_omap: Implementation of Errata i2310</issue>
<issue id="1228447" tracker="bnc">VUL-0: CVE-2024-42092: kernel: gpio: davinci: Validate the obtained number of IRQs</issue>
<issue id="1228449" tracker="bnc">VUL-0: CVE-2024-42090: kernel: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER</issue>
<issue id="1228450" tracker="bnc">VUL-0: CVE-2024-42089: kernel: ASoC: fsl-asoc-card: set priv-&gt;pdev before using it</issue>
<issue id="1228452" tracker="bnc">VUL-0: CVE-2024-42086: kernel: iio: chemical: bme680: Fix overflows in compensate() functions</issue>
<issue id="1228456" tracker="bnc">VUL-0: CVE-2024-42085: kernel: usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock</issue>
<issue id="1228457" tracker="bnc">VUL-0: CVE-2024-42073: kernel: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems</issue>
<issue id="1228458" tracker="bnc">VUL-0: CVE-2024-41094: kernel: drm/fbdev-dma: Only set smem_start is enable per module option</issue>
<issue id="1228459" tracker="bnc">VUL-0: CVE-2024-41058: kernel: cachefiles: fix slab-use-after-free in fscache_withdraw_volume()</issue>
<issue id="1228460" tracker="bnc">VUL-0: CVE-2024-41032: kernel: mm: vmalloc: check if a hash-index is in cpu_possible_mask</issue>
<issue id="1228462" tracker="bnc">VUL-0: CVE-2024-41057: kernel: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()</issue>
<issue id="1228463" tracker="bnc">VUL-0: CVE-2024-42069: kernel: net: mana: Fix possible double free in error handling path</issue>
<issue id="1228466" tracker="bnc">VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error</issue>
<issue id="1228467" tracker="bnc">VUL-0: CVE-2024-41098: kernel: ata: libata-core: Fix null pointer dereference on error</issue>
<issue id="1228468" tracker="bnc">VUL-0: CVE-2024-41051: kernel: cachefiles: wait for ondemand_object_worker to finish when dropping object</issue>
<issue id="1228469" tracker="bnc">VUL-0: CVE-2024-41088: kernel: can: mcp251xfd: fix infinite loop when xmit fails</issue>
<issue id="1228470" tracker="bnc">VUL-0: CVE-2024-42070: kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers</issue>
<issue id="1228472" tracker="bnc">VUL-0: CVE-2024-41084: kernel: cxl/region: Avoid null pointer dereference in region lookup</issue>
<issue id="1228479" tracker="bnc">VUL-0: CVE-2024-41096: kernel: PCI/MSI: Fix UAF in msi_capability_init</issue>
<issue id="1228480" tracker="bnc">VUL-0: CVE-2024-41056: kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files</issue>
<issue id="1228481" tracker="bnc">VUL-0: CVE-2024-42074: kernel: ASoC: amd: acp: add a null check for chip_pdev structure</issue>
<issue id="1228482" tracker="bnc">VUL-0: CVE-2024-42082: kernel: xdp: Remove WARN() from __xdp_reg_mem_model()</issue>
<issue id="1228483" tracker="bnc">VUL-0: CVE-2024-41092: kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers</issue>
<issue id="1228484" tracker="bnc">VUL-0: CVE-2024-42076: kernel: net: can: j1939: Initialize unused data in j1939_send_one()</issue>
<issue id="1228485" tracker="bnc">VUL-0: CVE-2024-41035: kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor</issue>
<issue id="1228486" tracker="bnc">VUL-0: CVE-2024-41049: kernel: filelock: fix potential use-after-free in posix_lock_inode</issue>
<issue id="1228487" tracker="bnc">VUL-0: CVE-2024-42148: kernel: bnx2x: Fix multiple UBSAN array-index-out-of-bounds</issue>
<issue id="1228489" tracker="bnc">VUL-0: CVE-2024-42230: kernel: powerpc/pseries: Fix scv instruction crash with kexec</issue>
<issue id="1228491" tracker="bnc">VUL-0: CVE-2024-42142: kernel: net/mlx5: E-switch, Create ingress ACL when needed</issue>
<issue id="1228492" tracker="bnc">VUL-0: CVE-2024-42132: kernel: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX</issue>
<issue id="1228493" tracker="bnc">VUL-0: CVE-2024-42106: kernel: inet_diag: Initialize pad field in struct inet_diag_req_v2</issue>
<issue id="1228494" tracker="bnc">VUL-0: CVE-2024-42107: kernel: ice: Don't process extts if PTP is disabled</issue>
<issue id="1228495" tracker="bnc">VUL-0: CVE-2024-42101: kernel: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes</issue>
<issue id="1228496" tracker="bnc">VUL-0: CVE-2024-41036: kernel: net: ks8851: Fix deadlock with the SPI chip variant</issue>
<issue id="1228499" tracker="bnc">VUL-0: CVE-2024-41050: kernel: cachefiles: cyclic allocation of msg_id to avoid reuse</issue>
<issue id="1228500" tracker="bnc">VUL-0: CVE-2024-42138: kernel: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file</issue>
<issue id="1228501" tracker="bnc">VUL-0: CVE-2024-42110: kernel: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()</issue>
<issue id="1228502" tracker="bnc">VUL-0: CVE-2024-42141: kernel: Bluetooth: ISO: Check socket flag instead of hcon</issue>
<issue id="1228503" tracker="bnc">VUL-0: CVE-2024-42139: kernel: ice: Fix improper extts handling</issue>
<issue id="1228505" tracker="bnc">VUL-0: CVE-2024-42109: kernel: netfilter: nf_tables: unconditionally flush pending work before notifier</issue>
<issue id="1228508" tracker="bnc">VUL-0: CVE-2024-41037: kernel: ASoC: SOF: Intel: hda: fix null deref on system suspend entry</issue>
<issue id="1228509" tracker="bnc">VUL-0: CVE-2024-41038: kernel: firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers</issue>
<issue id="1228510" tracker="bnc">VUL-0: CVE-2024-42153: kernel: i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr</issue>
<issue id="1228511" tracker="bnc">VUL-0: CVE-2024-42133: kernel: Bluetooth: Ignore too large handle values in BIG</issue>
<issue id="1228513" tracker="bnc">VUL-0: CVE-2024-41097: kernel: usb: atm: cxacru: fix endpoint checking in cxacru_bind()</issue>
<issue id="1228515" tracker="bnc">VUL-0: CVE-2024-41039: kernel: firmware: cs_dsp: Fix overflow checking of wmfw header</issue>
<issue id="1228516" tracker="bnc">VUL-0: CVE-2024-42077: kernel: ocfs2: fix DIO failure due to insufficient transaction credits</issue>
<issue id="1228518" tracker="bnc">VUL-0: CVE-2024-41040: kernel: net/sched: Fix UAF when resolving a clash</issue>
<issue id="1228520" tracker="bnc">VUL-0: CVE-2024-41041: kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().</issue>
<issue id="1228525" tracker="bnc">VUL-0: CVE-2024-41024: kernel: misc: fastrpc: restrict untrusted app to attach to privileged PD</issue>
<issue id="1228527" tracker="bnc">VUL-0: CVE-2024-41025: kernel: misc: fastrpc: fix memory leak in audio daemon attach operation</issue>
<issue id="1228530" tracker="bnc">VUL-0: CVE-2024-41044: kernel: ppp: reject claimed-as-LCP but actually malformed packets</issue>
<issue id="1228531" tracker="bnc">VUL-0: CVE-2024-41045: kernel: bpf: Defer work in bpf_timer_cancel_and_free</issue>
<issue id="1228539" tracker="bnc">VUL-0: CVE-2024-41028: kernel: platform/x86: toshiba_acpi: fix array out-of-bounds access</issue>
<issue id="1228561" tracker="bnc">VUL-0: CVE-2024-41059: kernel: hfsplus: fix uninit-value in copy_name</issue>
<issue id="1228563" tracker="bnc">VUL-0: CVE-2024-42137: kernel: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot</issue>
<issue id="1228564" tracker="bnc">VUL-0: CVE-2024-42114: kernel: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values</issue>
<issue id="1228565" tracker="bnc">VUL-0: CVE-2024-41048: kernel: skmsg: Skip zero length skb in sk_msg_recvmsg</issue>
<issue id="1228567" tracker="bnc">VUL-0: CVE-2024-41060: kernel: drm/radeon: check bo_va-&gt;bo is non-NULL before using it</issue>
<issue id="1228568" tracker="bnc">VUL-0: CVE-2024-42113: kernel: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts</issue>
<issue id="1228572" tracker="bnc">VUL-0: CVE-2024-41061: kernel: drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport</issue>
<issue id="1228576" tracker="bnc">VUL-0: CVE-2024-41062: kernel: bluetooth/l2cap: sync sock recv cb and release</issue>
<issue id="1228579" tracker="bnc">VUL-0: CVE-2024-41068: kernel: s390/sclp: Fix sclp_init() cleanup on failure</issue>
<issue id="1228580" tracker="bnc">VUL-0: CVE-2024-41063: kernel: bluetooth: hci_core: cancel all works upon hci_unregister_dev()</issue>
<issue id="1228581" tracker="bnc">VUL-0: CVE-2024-41070: kernel: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group()</issue>
<issue id="1228582" tracker="bnc">VUL-0: CVE-2024-42117: kernel: drm/amd/display: ASSERT when failing to find index by plane/stream id</issue>
<issue id="1228584" tracker="bnc">VUL-0: CVE-2024-42119: kernel: drm/amd/display: Skip finding free audio for unknown engine_id</issue>
<issue id="1228586" tracker="bnc">VUL-0: CVE-2024-42064: kernel: drm/amd/display: Skip pipe if the pipe idx not set properly</issue>
<issue id="1228588" tracker="bnc">VUL-0: CVE-2024-42120: kernel: drm/amd/display: Check pipe offset before setting vblank</issue>
<issue id="1228590" tracker="bnc">VUL-0: CVE-2024-42121: kernel: drm/amd/display: Check index msg_id before read or write</issue>
<issue id="1228591" tracker="bnc">VUL-0: CVE-2024-42122: kernel: drm/amd/display: Add NULL pointer check for kzalloc</issue>
<issue id="1228599" tracker="bnc">VUL-0: CVE-2024-41064: kernel: powerpc/eeh: avoid possible crash when edev-&gt;pdev changes</issue>
<issue id="1228615" tracker="bnc">VUL-0: CVE-2024-41079: kernel: nvmet: always initialize cqe.result</issue>
<issue id="1228616" tracker="bnc">VUL-0: CVE-2024-41080: kernel: io_uring: fix possible deadlock in io_register_iowq_max_workers()</issue>
<issue id="1228617" tracker="bnc">VUL-0: CVE-2024-41081: kernel: ila: block BH in ila_output()</issue>
<issue id="1228625" tracker="bnc">VUL-0: CVE-2024-41071: kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing</issue>
<issue id="1228626" tracker="bnc">VUL-0: CVE-2024-41072: kernel: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check</issue>
<issue id="1228633" tracker="bnc">VUL-0: CVE-2024-42096: kernel: x86: stop playing stack games in profile_pc()</issue>
<issue id="1228635" tracker="bnc">VUL-0: CVE-2024-41073: kernel: nvme: avoid double free special payload</issue>
<issue id="1228636" tracker="bnc">VUL-0: CVE-2024-41065: kernel: powerpc/pseries: whitelist dtl slub object for copying to userspace</issue>
<issue id="1228640" tracker="bnc">VUL-0: CVE-2024-41066: kernel: ibmvnic: add tx check to prevent skb leak</issue>
<issue id="1228643" tracker="bnc">VUL-0: CVE-2024-41074: kernel: cachefiles: Set object to close if ondemand_id &lt; 0 in copen</issue>
<issue id="1228644" tracker="bnc">VUL-0: CVE-2024-41069: kernel: ASoC: topology: fix references to freed memory</issue>
<issue id="1228646" tracker="bnc">VUL-0: CVE-2024-41075: kernel: cachefiles: add consistency check for copen/cread</issue>
<issue id="1228649" tracker="bnc">VUL-0: CVE-2024-41076: kernel: NFSv4: Fix memory leak in nfs4_set_security_label</issue>
<issue id="1228650" tracker="bnc">VUL-0: CVE-2024-42131: kernel: mm: avoid overflows in dirty throttling logic</issue>
<issue id="1228654" tracker="bnc">VUL-0: CVE-2024-42104: kernel: nilfs2: add missing check for inode numbers on directory entries</issue>
<issue id="1228655" tracker="bnc">VUL-0: CVE-2024-41078: kernel: btrfs: qgroup: fix quota root leak after quota disable failure</issue>
<issue id="1228656" tracker="bnc">VUL-0: CVE-2024-42115: kernel: jffs2: fix potential illegal address access in jffs2_free_inode</issue>
<issue id="1228658" tracker="bnc">VUL-0: CVE-2024-41089: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes</issue>
<issue id="1228660" tracker="bnc">VUL-0: CVE-2024-41093: kernel: drm/amdgpu: avoid using null object of framebuffer</issue>
<issue id="1228662" tracker="bnc">VUL-0: CVE-2024-41095: kernel: drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes</issue>
<issue id="1228665" tracker="bnc">VUL-0: CVE-2024-42105: kernel: nilfs2: fix inode number range checks</issue>
<issue id="1228666" tracker="bnc">VUL-0: CVE-2024-42144: kernel: thermal/drivers/mediatek/lvts_thermal: check NULL ptr on lvts_data</issue>
<issue id="1228667" tracker="bnc">VUL-0: CVE-2024-42228: kernel: drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc</issue>
<issue id="1228672" tracker="bnc">VUL-0: CVE-2024-42079: kernel: gfs2: Fix NULL pointer dereference in gfs2_log_flush</issue>
<issue id="1228673" tracker="bnc">VUL-0: CVE-2024-42080: kernel: RDMA/restrack: Fix potential invalid address access</issue>
<issue id="1228674" tracker="bnc">VUL-0: CVE-2024-42125: kernel: wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband</issue>
<issue id="1228677" tracker="bnc">VUL-0: CVE-2024-42087: kernel: drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep</issue>
<issue id="1228680" tracker="bnc">VUL-0: CVE-2024-42093: kernel: net/dpaa2: Avoid explicit cpumask var allocation on stack</issue>
<issue id="1228687" tracker="bnc">VUL-0: CVE-2024-42130: kernel: nfc/nci: add the inconsistency check between the input data length and count</issue>
<issue id="1228705" tracker="bnc">VUL-0: CVE-2024-42124: kernel: scsi: qedf: Make qedf_execute_tmf() non-preemptible</issue>
<issue id="1228706" tracker="bnc">VUL-0: CVE-2024-42162: kernel: gve: Account for stopped queues when reading NIC stats</issue>
<issue id="1228707" tracker="bnc">VUL-0: CVE-2024-42227: kernel: drm/amd/display: Fix overlapping copy within dml_core_mode_programming</issue>
<issue id="1228708" tracker="bnc">VUL-0: CVE-2024-42229: kernel: crypto: aead,cipher - zeroize key buffer after use</issue>
<issue id="1228709" tracker="bnc">VUL-0: CVE-2024-42226: kernel: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB</issue>
<issue id="1228710" tracker="bnc">VUL-0: CVE-2024-42225: kernel: wifi: mt76: replace skb_put with skb_put_zero</issue>
<issue id="1228718" tracker="bnc">VUL-0: CVE-2024-42126: kernel: powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.</issue>
<issue id="1228720" tracker="bnc">VUL-0: CVE-2024-42158: kernel: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings</issue>
<issue id="1228721" tracker="bnc">VUL-0: CVE-2024-42127: kernel: drm/lima: fix shared irq handling on driver remove</issue>
<issue id="1228722" tracker="bnc">VUL-0: CVE-2024-42156: kernel: s390/pkey: Wipe copies of clear-key structures on failure</issue>
<issue id="1228723" tracker="bnc">VUL-0: CVE-2024-42224: kernel: net: dsa: mv88e6xxx: Correct check for empty list</issue>
<issue id="1228724" tracker="bnc">VUL-0: CVE-2024-42152: kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment</issue>
<issue id="1228726" tracker="bnc">VUL-0: CVE-2024-42223: kernel: media: dvb-frontends: tda10048: Fix integer overflow</issue>
<issue id="1228727" tracker="bnc">VUL-0: CVE-2024-42157: kernel: s390/pkey: Wipe sensitive data on failure</issue>
<issue id="1228733" tracker="bnc">VUL-0: CVE-2024-42155: kernel: s390/pkey: wipe copies of protected- and secure-keys</issue>
<issue id="1228737" tracker="bnc">L3: system reboot creating VFs with ICE Driver</issue>
<issue id="1228743" tracker="bnc">VUL-0: CVE-2024-42145: kernel: IB/core: implement a limit on UMAD receive List</issue>
<issue id="1228748" tracker="bnc">VUL-0: REJECTED: CVE-2024-42143: kernel: orangefs: fix out-of-bounds fsid access</issue>
<issue id="1228754" tracker="bnc">VUL-0: CVE-2024-42159: kernel: scsi: mpi3mr: sanitise num_phys</issue>
<issue id="1228756" tracker="bnc">VUL-0: CVE-2024-42161: kernel: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD</issue>
<issue id="1228757" tracker="bnc">SLES 15 SP6 - tcp_mem overflows causing side effects such as ssh daemon hang</issue>
<issue id="1228758" tracker="bnc">VUL-0: CVE-2024-42136: kernel: cdrom: rearrange last_media_change check to avoid unintentional overflow</issue>
<issue id="1228764" tracker="bnc">VUL-0: CVE-2024-42147: kernel: crypto: hisilicon/debugfs - fix debugfs uninit process issue</issue>
<issue id="1228766" tracker="bnc">VUL-0: CVE-2024-42097: kernel: ALSA: emux: improve patch ioctl data validation</issue>
<issue id="1228779" tracker="bnc">VUL-0: CVE-2024-42098: kernel: crypto: ecdh - explicitly zeroize private_key</issue>
<issue id="1228801" tracker="bnc">cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1228849" tracker="bnc">[SELinux] various AVC denials related to libvirt</issue>
<issue id="1228850" tracker="bnc">qla2xxx: update driver to 10.02.09.300-k</issue>
<issue id="1228857" tracker="bnc">Update Broadcom Emulex lpfc driver to 14.4.0.3</issue>
<issue id="1228959" tracker="bnc">VUL-0: CVE-2024-42232: kernel: libceph: fix race between delayed_work() and ceph_monc_stop()</issue>
<issue id="1228964" tracker="bnc">VUL-0: CVE-2024-42236: kernel: usb: gadget: configfs: prevent OOB read/write in usb_string_copy()</issue>
<issue id="1228966" tracker="bnc">VUL-0: CVE-2024-42240: kernel: x86/bhi: avoid warning in #DB handler due to BHI mitigation</issue>
<issue id="1228967" tracker="bnc">VUL-0: CVE-2024-42244: kernel: USB: serial: mos7840: fix crash on resume</issue>
<issue id="1228973" tracker="bnc">SLES 15 SP6 - net/iucv: fix use after free in iucv_sock_close()</issue>
<issue id="1228977" tracker="bnc">VUL-0: CVE-2024-42250: kernel: cachefiles: add missing lock protection when polling</issue>
<issue id="1228978" tracker="bnc">VUL-0: CVE-2024-42245: kernel: Revert "sched/fair: Make sure to try to detach at least one movable task"</issue>
<issue id="1228979" tracker="bnc">VUL-0: CVE-2024-42239: kernel: bpf: Fail bpf_timer_cancel when callback is being cancelled</issue>
<issue id="1228986" tracker="bnc">VUL-0: CVE-2024-42241: kernel: mm/shmem: disable PMD-sized page cache if needed</issue>
<issue id="1228988" tracker="bnc">VUL-0: CVE-2024-42247: kernel: wireguard: allowedips: avoid unaligned 64-bit memory accesses</issue>
<issue id="1228989" tracker="bnc">VUL-0: CVE-2024-42246: kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket</issue>
<issue id="1228991" tracker="bnc">VUL-0: CVE-2024-42238: kernel: firmware: cs_dsp: Return error if block header overflows file</issue>
<issue id="1228992" tracker="bnc">VUL-0: CVE-2024-42237: kernel: firmware: cs_dsp: Validate payload length before processing block</issue>
<issue id="1229005" tracker="bnc">VUL-0: CVE-2024-42253: kernel: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race</issue>
<issue id="1229024" tracker="bnc">update minmax implementation</issue>
<issue id="1229042" tracker="bnc">Enable kernel-default-livepatch-devel for TW since it's already enabled on Leap</issue>
<issue id="1229045" tracker="bnc">Sound device not working with kernel 6.4.0-150600.23.17-default</issue>
<issue id="1229046" tracker="bnc">intel sound card not detected after update</issue>
<issue id="1229054" tracker="bnc">Error probing device: Error sending ATA command IDENTIFY DEVICE to...</issue>
<issue id="1229056" tracker="bnc">after upgrade to Leap 15.6 suspend/resume kills touchpad</issue>
<issue id="1229086" tracker="bnc">mana: Fix RX buf alloc_size alignment and atomic op panic</issue>
<issue id="1229134" tracker="bnc">kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy()</issue>
<issue id="1229136" tracker="bnc">L3: SLES 15 SP5 kernel soft lockup with timer thread [ ref:_00D1igLOd._500TrFqLno:ref ]</issue>
<issue id="1229154" tracker="bnc">mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings</issue>
<issue id="1229156" tracker="bnc">VUL-0: CVE-2024-42259: kernel: drm/i915/gem: fix Virtual Memory mapping boundaries calculation</issue>
<issue id="1229160" tracker="bnc">fstests generic/754 fails on xfs</issue>
<issue id="1229167" tracker="bnc">KVM: s390: fix validity interception issue when gisa is switched off</issue>
<issue id="1229168" tracker="bnc">kvm: s390: Reject memory region operations for ucontrol VMs</issue>
<issue id="1229169" tracker="bnc">s390/sclp: Prevent release of buffer in I/O</issue>
<issue id="1229170" tracker="bnc">s390/uv: Panic for set and remove shared access UVC errors</issue>
<issue id="1229171" tracker="bnc">s390/cpum_cf: Fix endless loop in CF_DIAG event stop</issue>
<issue id="1229172" tracker="bnc">s390/pci: Allow allocation of more than 1 MSI interrupt</issue>
<issue id="1229173" tracker="bnc">s390/dasd: fix error checks in dasd_copy_pair_store()</issue>
<issue id="1229174" tracker="bnc">s390/pci: Add missing virt_to_phys() for directed DIBV</issue>
<issue id="1229239" tracker="bnc">cachefiles: introduce object ondemand state</issue>
<issue id="1229240" tracker="bnc">cachefiles: extract ondemand info field from cachefiles_object</issue>
<issue id="1229241" tracker="bnc">cachefiles: resend an open request if the read request's object is closed</issue>
<issue id="1229243" tracker="bnc">cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode</issue>
<issue id="1229244" tracker="bnc">cachefiles: add restore command to recover inflight ondemand read requests</issue>
<issue id="1229245" tracker="bnc">cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode</issue>
<issue id="1229246" tracker="bnc">cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd()</issue>
<issue id="1229247" tracker="bnc">cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read()</issue>
<issue id="1229248" tracker="bnc">cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read()</issue>
<issue id="1229249" tracker="bnc">cachefiles: add spin_lock for cachefiles_ondemand_info</issue>
<issue id="1229250" tracker="bnc">cachefiles: never get a new anonymous fd if ondemand_id is valid</issue>
<issue id="1229251" tracker="bnc">cachefiles: defer exposing anon_fd until after copy_to_user() succeeds</issue>
<issue id="1229252" tracker="bnc">cachefiles: make on-demand read killable</issue>
<issue id="1229253" tracker="bnc">cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop</issue>
<issue id="1229254" tracker="bnc">cachefiles: stop sending new request when dropping object</issue>
<issue id="1229255" tracker="bnc">cachefiles: cancel all requests for the object that is being dropped</issue>
<issue id="1229256" tracker="bnc">cachefiles: add missing lock protection when polling</issue>
<issue id="1229287" tracker="bnc">VUL-0: CVE-2023-52889: kernel: apparmor: Fix null pointer deref when receiving skb during sock creation</issue>
<issue id="1229290" tracker="bnc">VUL-0: CVE-2024-43819: kernel: kvm: s390: Reject memory region operations for ucontrol VMs</issue>
<issue id="1229291" tracker="bnc">VUL-0: CVE-2024-43847: kernel: wifi: ath12k: fix invalid memory access while processing fragmented packets</issue>
<issue id="1229292" tracker="bnc">VUL-0: CVE-2024-43853: kernel: cgroup/cpuset: Prevent UAF in proc_cpuset_show()</issue>
<issue id="1229294" tracker="bnc">VUL-0: CVE-2024-43826: kernel: nfs: pass explicit offset/count to trace events</issue>
<issue id="1229296" tracker="bnc">VUL-0: CVE-2024-43818: kernel: ASoC: amd: Adjust error handling in case of absent codec device</issue>
<issue id="1229297" tracker="bnc">VUL-0: CVE-2024-43837: kernel: bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT</issue>
<issue id="1229298" tracker="bnc">VUL-0: CVE-2024-43825: kernel: iio: Fix the sorting functionality in iio_gts_build_avail_time_table</issue>
<issue id="1229299" tracker="bnc">VUL-0: CVE-2024-43833: kernel: media: v4l: async: Fix NULL pointer dereference in adding ancillary links</issue>
<issue id="1229301" tracker="bnc">VUL-0: CVE-2024-43839: kernel: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures</issue>
<issue id="1229303" tracker="bnc">VUL-0: CVE-2024-43823: kernel: PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()</issue>
<issue id="1229304" tracker="bnc">VUL-0: CVE-2024-43841: kernel: wifi: virt_wifi: avoid reporting connection success with wrong SSID</issue>
<issue id="1229305" tracker="bnc">VUL-0: CVE-2024-43830: kernel: leds: trigger: Unregister sysfs attributes before calling deactivate()</issue>
<issue id="1229307" tracker="bnc">VUL-0: CVE-2024-43849: kernel: soc: qcom: pdr: protect locator_addr with the main mutex</issue>
<issue id="1229309" tracker="bnc">VUL-0: CVE-2024-43831: kernel: media: mediatek: vcodec: Handle invalid decoder vsi</issue>
<issue id="1229312" tracker="bnc">VUL-0: CVE-2024-43817: kernel: net: missing check virtio</issue>
<issue id="1229313" tracker="bnc">VUL-0: CVE-2024-43851: kernel: soc: xilinx: rename cpu_number1 to dummy_cpu_number</issue>
<issue id="1229314" tracker="bnc">VUL-0: CVE-2024-43834: kernel: xdp: fix invalid wait context of page_pool_destroy()</issue>
<issue id="1229315" tracker="bnc">VUL-0: CVE-2024-43821: kernel: scsi: lpfc: Fix a possible null pointer dereference</issue>
<issue id="1229316" tracker="bnc">VUL-0: CVE-2024-43850: kernel: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove</issue>
<issue id="1229317" tracker="bnc">VUL-0: CVE-2024-43842: kernel: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter()</issue>
<issue id="1229318" tracker="bnc">VUL-0: CVE-2024-43816: kernel: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages</issue>
<issue id="1229319" tracker="bnc">VUL-0: CVE-2024-43860: kernel: remoteproc: imx_rproc: Skip over memory region when node value is NULL</issue>
<issue id="1229320" tracker="bnc">VUL-0: CVE-2024-43824: kernel: PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()</issue>
<issue id="1229327" tracker="bnc">SLES15SP6 [P10 Denali] [ 6.4.0-150600.16-default] In shared/dedicated mode core(CPU), both online and offline, is not functioning as intended when considering various SMT modes.</issue>
<issue id="1229341" tracker="bnc">VUL-0: CVE-2024-43829: kernel: drm/qxl: Add check for drm_cvt_mode</issue>
<issue id="1229342" tracker="bnc">VUL-0: CVE-2024-43855: kernel: md: fix deadlock between mddev_suspend and flush bio</issue>
<issue id="1229344" tracker="bnc">VUL-0: CVE-2024-43840: kernel: bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG</issue>
<issue id="1229345" tracker="bnc">VUL-0: CVE-2024-43854: kernel: block: initialize integrity buffer to zero before writing it to media</issue>
<issue id="1229346" tracker="bnc">VUL-0: CVE-2024-43856: kernel: dma: fix call order in dmam_free_coherent</issue>
<issue id="1229347" tracker="bnc">VUL-0: CVE-2024-42322: kernel: ipvs: properly dereference pe in ip_vs_add_service</issue>
<issue id="1229349" tracker="bnc">VUL-0: CVE-2024-42320: kernel: s390/dasd: fix error checks in dasd_copy_pair_store()</issue>
<issue id="1229350" tracker="bnc">VUL-0: CVE-2024-42319: kernel: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable()</issue>
<issue id="1229351" tracker="bnc">VUL-0: CVE-2024-42318: kernel: landlock: Don't lose track of restrictions on cred_transfer</issue>
<issue id="1229353" tracker="bnc">VUL-0: CVE-2024-42316: kernel: mm/mglru: fix div-by-zero in vmpressure_calc_level()</issue>
<issue id="1229354" tracker="bnc">VUL-0: CVE-2024-42315: kernel: exfat: fix potential deadlock on __exfat_get_dentry_set</issue>
<issue id="1229355" tracker="bnc">VUL-0: CVE-2024-42314: kernel: btrfs: fix extent map use-after-free when adding pages to compressed bio</issue>
<issue id="1229356" tracker="bnc">VUL-0: CVE-2024-42313: kernel: media: venus: fix use after free in vdec_close</issue>
<issue id="1229357" tracker="bnc">VUL-0: CVE-2024-42312: kernel: sysctl: always initialize i_uid/i_gid</issue>
<issue id="1229358" tracker="bnc">VUL-0: CVE-2024-42310: kernel: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes</issue>
<issue id="1229359" tracker="bnc">VUL-0: CVE-2024-42309: kernel: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes</issue>
<issue id="1229360" tracker="bnc">VUL-0: CVE-2024-43846: kernel: lib: objagg: Fix general protection fault</issue>
<issue id="1229365" tracker="bnc">VUL-0: CVE-2024-42303: kernel: media: imx-pxp: Fix ERR_PTR dereference in pxp_probe()</issue>
<issue id="1229366" tracker="bnc">VUL-0: CVE-2024-42302: kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal</issue>
<issue id="1229369" tracker="bnc">VUL-0: CVE-2024-42298: kernel: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value</issue>
<issue id="1229370" tracker="bnc">VUL-0: CVE-2024-42295: kernel: nilfs2: handle inconsistent state in nilfs_btnode_create_block()</issue>
<issue id="1229373" tracker="bnc">VUL-0: CVE-2024-42292: kernel: kobject_uevent: Fix OOB access within zap_modalias_env()</issue>
<issue id="1229374" tracker="bnc">VUL-0: CVE-2024-42291: kernel: ice: Add a per-VF limit on number of FDIR filters</issue>
<issue id="1229379" tracker="bnc">VUL-0: CVE-2024-42290: kernel: irqchip/imx-irqsteer: Handle runtime power management correctly</issue>
<issue id="1229381" tracker="bnc">VUL-0: CVE-2024-42285: kernel: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs</issue>
<issue id="1229382" tracker="bnc">VUL-0: CVE-2024-42284: kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error</issue>
<issue id="1229383" tracker="bnc">VUL-0: CVE-2024-42283: kernel: net: nexthop: Initialize all fields in dumped nexthops</issue>
<issue id="1229386" tracker="bnc">VUL-0: CVE-2024-42281: kernel: bpf: Fix a segment issue when downgrading gso_size</issue>
<issue id="1229388" tracker="bnc">VUL-0: CVE-2024-42280: kernel: mISDN: Fix a use after free in hfcmulti_tx()</issue>
<issue id="1229390" tracker="bnc">VUL-0: CVE-2024-42279: kernel: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer</issue>
<issue id="1229391" tracker="bnc">VUL-0: CVE-2024-42268: kernel: net/mlx5: Fix missing lock on sync reset reload</issue>
<issue id="1229392" tracker="bnc">VUL-0: CVE-2024-42287: kernel: scsi: qla2xxx: Complete command early within lock</issue>
<issue id="1229395" tracker="bnc">VUL-0: CVE-2024-42286: kernel: scsi: qla2xxx: validate nvme_local_port correctly</issue>
<issue id="1229398" tracker="bnc">VUL-0: CVE-2024-42288: kernel: scsi: qla2xxx: Fix for possible memory corruption</issue>
<issue id="1229399" tracker="bnc">VUL-0: CVE-2024-42289: kernel: scsi: qla2xxx: During vport delete send async logout explicitly</issue>
<issue id="1229400" tracker="bnc">VUL-0: CVE-2024-42271: kernel: net/iucv: fix use after free in iucv_sock_close()</issue>
<issue id="1229402" tracker="bnc">VUL-0: CVE-2024-42269: kernel: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().</issue>
<issue id="1229403" tracker="bnc">VUL-0: CVE-2024-42278: kernel: ASoC: TAS2781: fix tasdev_load_calibrated_data()</issue>
<issue id="1229404" tracker="bnc">VUL-0: CVE-2024-42270: kernel: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().</issue>
<issue id="1229407" tracker="bnc">VUL-0: CVE-2024-42301: kernel: dev/parport: fix the array out-of-bounds risk</issue>
<issue id="1229409" tracker="bnc">VUL-0: CVE-2024-42277: kernel: iommu: sprd: avoid NULL deref in sprd_iommu_hw_en</issue>
<issue id="1229410" tracker="bnc">VUL-0: CVE-2024-42276: kernel: nvme-pci: add missing condition check for existence of mapped data</issue>
<issue id="1229411" tracker="bnc">VUL-0: CVE-2024-42308: kernel: drm/amd/display: Check for NULL pointer</issue>
<issue id="1229413" tracker="bnc">VUL-0: CVE-2024-42311: kernel: hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode()</issue>
<issue id="1229414" tracker="bnc">VUL-0: CVE-2024-43858: kernel: jfs: Fix array-index-out-of-bounds in diFree</issue>
<issue id="1229417" tracker="bnc">VUL-0: CVE-2024-42274: kernel: revert "ALSA: firewire-lib: operate for period elapse event in process context"</issue>
<issue id="1229444" tracker="bnc">L3: TCP segment out of order for IPv6 tunnel [ ref:_00D1igLOd._500TrGL7wX:ref ]</issue>
<issue id="1229451" tracker="bnc">net/iucv: fix the allocation size of iucv_path_table array</issue>
<issue id="1229452" tracker="bnc">s390/dasd: fix error recovery leading to data corruption on ESE devices</issue>
<issue id="1229455" tracker="bnc">fs/netfs/fscache_cookie: add missing "n_accesses" check</issue>
<issue id="1229456" tracker="bnc">CVE-2024-44947: kernel: fuse: Initialize beyond-EOF page contents before setting uptodate</issue>
<issue id="1229480" tracker="bnc">VUL-0: CVE-2024-43881: kernel: wifi: ath12k: change DMA direction while mapping reinjected packets</issue>
<issue id="1229481" tracker="bnc">VUL-0: CVE-2024-43880: kernel: mlxsw: spectrum_acl_erp: Fix object nesting warning</issue>
<issue id="1229482" tracker="bnc">VUL-0: CVE-2024-43879: kernel: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he()</issue>
<issue id="1229484" tracker="bnc">VUL-0: CVE-2024-43877: kernel: media: pci: ivtv: Add check for DMA map result</issue>
<issue id="1229485" tracker="bnc">VUL-0: CVE-2024-43876: kernel: PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup()</issue>
<issue id="1229486" tracker="bnc">VUL-0: CVE-2024-43875: kernel: PCI: endpoint: Clean up error handling in vpci_scan_bus()</issue>
<issue id="1229487" tracker="bnc">VUL-0: CVE-2024-43874: kernel: crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked</issue>
<issue id="1229488" tracker="bnc">VUL-0: CVE-2024-43873: kernel: vhost/vsock: always initialize seqpacket_allow</issue>
<issue id="1229489" tracker="bnc">VUL-0: CVE-2024-43872: kernel: RDMA/hns: Fix soft lockup under heavy CEQE load</issue>
<issue id="1229490" tracker="bnc">VUL-0: CVE-2024-43871: kernel: devres: Fix memory leakage caused by driver API devm_free_percpu()</issue>
<issue id="1229493" tracker="bnc">VUL-0: CVE-2024-43867: kernel: drm/nouveau: prime: fix refcount underflow</issue>
<issue id="1229495" tracker="bnc">VUL-0: CVE-2024-43866: kernel: net/mlx5: Always drain health in shutdown callback</issue>
<issue id="1229496" tracker="bnc">VUL-0: CVE-2024-43864: kernel: net/mlx5e: Fix CT entry update leaks of modify header context</issue>
<issue id="1229497" tracker="bnc">VUL-0: CVE-2024-43863: kernel: drm/vmwgfx: Fix a deadlock in dma buf fence polling</issue>
<issue id="1229500" tracker="bnc">VUL-0: CVE-2024-43861: kernel: net: usb: qmi_wwan: fix memory leak for not ip packets</issue>
<issue id="1229503" tracker="bnc">VUL-0: CVE-2024-43882: kernel: exec: Fix ToCToU between perm check and set-uid/gid usage</issue>
<issue id="1229707" tracker="bnc">VUL-0: CVE-2024-43883: kernel: usb: vhci-hcd: do not drop references before new references are gained</issue>
<issue id="1229739" tracker="bnc">VUL-0: CVE-2024-43884: kernel: Bluetooth: MGMT: add error handling to pair_device()</issue>
<issue id="1229743" tracker="bnc">VUL-0: CVE-2024-43889: kernel: padata: fix possible divide-by-0 panic in padata_mt_helper()</issue>
<issue id="1229746" tracker="bnc">VUL-0: CVE-2024-43894: kernel: drm/client: fix null pointer dereference in drm_client_modeset_probe</issue>
<issue id="1229747" tracker="bnc">VUL-0: CVE-2024-43885: kernel: btrfs: fix double inode unlock for direct IO sync writes</issue>
<issue id="1229752" tracker="bnc">VUL-0: CVE-2024-43897: kernel: net: drop bad gso csum_start and offset in virtio_net_hdr</issue>
<issue id="1229754" tracker="bnc">VUL-0: CVE-2024-43899: kernel: drm/amd/display: Fix null pointer deref in dcn20_resource.c</issue>
<issue id="1229755" tracker="bnc">VUL-0: CVE-2024-43895: kernel: drm/amd/display: skip recompute dsc params if no stream on link</issue>
<issue id="1229756" tracker="bnc">VUL-0: CVE-2024-43900: kernel: media: xc2028: avoid use-after-free in load_firmware_cb()</issue>
<issue id="1229759" tracker="bnc">VUL-0: CVE-2024-43893: kernel: serial: core: check uartclk for zero to avoid divide by zero</issue>
<issue id="1229761" tracker="bnc">VUL-0: CVE-2024-43892: kernel: memcg: protect concurrent access to mem_cgroup_idr</issue>
<issue id="1229767" tracker="bnc">VUL-0: CVE-2024-43902: kernel: drm/amd/display: add null checker before passing variables</issue>
<issue id="1229781" tracker="bnc">VUL-0: CVE-2024-43903: kernel: drm/amd/display: add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update</issue>
<issue id="1229784" tracker="bnc">VUL-0: CVE-2024-43905: kernel: drm/amd/pm: fix the null pointer dereference for vega10_hwmgr</issue>
<issue id="1229785" tracker="bnc">VUL-0: CVE-2024-43906: kernel: drm/admgpu: fix dereferencing null pointer context</issue>
<issue id="1229787" tracker="bnc">VUL-0: CVE-2024-43907: kernel: drm/amdgpu/pm: fix the null pointer dereference in apply_state_adjust_rules</issue>
<issue id="1229788" tracker="bnc">VUL-0: CVE-2024-43908: kernel: drm/amdgpu: fix the null pointer dereference to ras_manager</issue>
<issue id="1229789" tracker="bnc">VUL-0: CVE-2024-43909: kernel: drm/amdgpu/pm: fix the null pointer dereference for smu7</issue>
<issue id="1229792" tracker="bnc">VUL-0: CVE-2024-44938: kernel: jfs: fix shift-out-of-bounds in dbDiscardAG</issue>
<issue id="1229820" tracker="bnc">VUL-0: CVE-2024-44939: kernel: jfs: fix null ptr deref in dtInsertEntry</issue>
<issue id="1229827" tracker="bnc">VUL-0: CVE-2024-43911: kernel: wifi: mac80211: fix NULL dereference at band check in starting tx ba session</issue>
<issue id="1229830" tracker="bnc">VUL-0: CVE-2024-43912: kernel: wifi: nl80211: disallow setting special AP channel widths</issue>
<issue id="1229837" tracker="bnc">VUL-0: CVE-2024-44931: kernel: gpio: prevent potential speculation leaks in gpio_device_get_desc()</issue>
<issue id="1229940" tracker="bnc">virtiofs: forbid newlines in tags</issue>
<issue id="1230056" tracker="bnc">ceph: periodically flush the cap releases</issue>
<issue id="2024-35902" tracker="cve" />
<issue id="2024-42278" tracker="cve" />
<issue id="2024-43818" tracker="cve" />
<issue id="2024-42298" tracker="cve" />
<issue id="2024-43884" tracker="cve" />
<issue id="2024-26976" tracker="cve" />
<issue id="2024-42302" tracker="cve" />
<issue id="2024-43875" tracker="cve" />
<issue id="2024-43824" tracker="cve" />
<issue id="2024-43823" tracker="cve" />
<issue id="2024-43876" tracker="cve" />
<issue id="2024-43872" tracker="cve" />
<issue id="2024-42285" tracker="cve" />
<issue id="2024-42274" tracker="cve" />
<issue id="2024-36907" tracker="cve" />
<issue id="2024-43840" tracker="cve" />
<issue id="2024-43885" tracker="cve" />
<issue id="2024-42314" tracker="cve" />
<issue id="2024-43853" tracker="cve" />
<issue id="2024-43874" tracker="cve" />
<issue id="2024-43871" tracker="cve" />
<issue id="2024-43856" tracker="cve" />
<issue id="2024-43906" tracker="cve" />
<issue id="2024-43903" tracker="cve" />
<issue id="2024-43902" tracker="cve" />
<issue id="2024-43895" tracker="cve" />
<issue id="2024-43905" tracker="cve" />
<issue id="2024-43908" tracker="cve" />
<issue id="2024-43909" tracker="cve" />
<issue id="2024-43907" tracker="cve" />
<issue id="2024-43894" tracker="cve" />
<issue id="2024-42310" tracker="cve" />
<issue id="2024-42309" tracker="cve" />
<issue id="2024-43867" tracker="cve" />
<issue id="2024-43829" tracker="cve" />
<issue id="2024-43863" tracker="cve" />
<issue id="2024-42315" tracker="cve" />
<issue id="2024-44931" tracker="cve" />
<issue id="2024-42311" tracker="cve" />
<issue id="2024-43825" tracker="cve" />
<issue id="2024-43858" tracker="cve" />
<issue id="2024-44938" tracker="cve" />
<issue id="2024-44939" tracker="cve" />
<issue id="2024-42292" tracker="cve" />
<issue id="2024-43819" tracker="cve" />
<issue id="2024-43830" tracker="cve" />
<issue id="2024-43846" tracker="cve" />
<issue id="2024-27050" tracker="cve" />
<issue id="2024-42280" tracker="cve" />
<issue id="2024-42319" tracker="cve" />
<issue id="2024-39476" tracker="cve" />
<issue id="2024-42303" tracker="cve" />
<issue id="2024-43877" tracker="cve" />
<issue id="2024-43833" tracker="cve" />
<issue id="2024-42313" tracker="cve" />
<issue id="2024-43900" tracker="cve" />
<issue id="2024-43892" tracker="cve" />
<issue id="2024-43897" tracker="cve" />
<issue id="2024-42271" tracker="cve" />
<issue id="2024-43817" tracker="cve" />
<issue id="2024-43861" tracker="cve" />
<issue id="2024-43826" tracker="cve" />
<issue id="2024-42276" tracker="cve" />
<issue id="2024-43889" tracker="cve" />
<issue id="2024-43860" tracker="cve" />
<issue id="2024-42320" tracker="cve" />
<issue id="2024-43816" tracker="cve" />
<issue id="2024-42287" tracker="cve" />
<issue id="2024-42289" tracker="cve" />
<issue id="2024-42288" tracker="cve" />
<issue id="2024-42286" tracker="cve" />
<issue id="2024-43893" tracker="cve" />
<issue id="2024-43849" tracker="cve" />
<issue id="2024-43851" tracker="cve" />
<issue id="2024-42279" tracker="cve" />
<issue id="2024-43883" tracker="cve" />
<issue id="2024-43873" tracker="cve" />
<issue id="2024-43881" tracker="cve" />
<issue id="2024-43847" tracker="cve" />
<issue id="2024-43879" tracker="cve" />
<issue id="2024-43912" tracker="cve" />
<issue id="2024-43842" tracker="cve" />
<issue id="2024-43841" tracker="cve" />
<issue id="2024-26849" tracker="cve" />
<issue id="2024-41087" tracker="cve" />
<issue id="2024-42250" tracker="cve" />
<issue id="2024-40913" tracker="cve" />
<issue id="2024-39510" tracker="cve" />
<issue id="2024-40899" tracker="cve" />
<issue id="2024-42259" tracker="cve" />
<issue id="2024-41065" tracker="cve" />
<issue id="2024-42097" tracker="cve" />
<issue id="2024-41037" tracker="cve" />
<issue id="2024-42074" tracker="cve" />
<issue id="2024-42089" tracker="cve" />
<issue id="2024-42141" tracker="cve" />
<issue id="2024-42133" tracker="cve" />
<issue id="2024-41063" tracker="cve" />
<issue id="2024-42137" tracker="cve" />
<issue id="2024-41096" tracker="cve" />
<issue id="2024-42080" tracker="cve" />
<issue id="2024-41035" tracker="cve" />
<issue id="2024-42244" tracker="cve" />
<issue id="2024-41098" tracker="cve" />
<issue id="2024-42132" tracker="cve" />
<issue id="2024-41045" tracker="cve" />
<issue id="2024-42239" tracker="cve" />
<issue id="2024-41088" tracker="cve" />
<issue id="2024-42136" tracker="cve" />
<issue id="2024-42229" tracker="cve" />
<issue id="2024-42098" tracker="cve" />
<issue id="2024-42117" tracker="cve" />
<issue id="2024-42121" tracker="cve" />
<issue id="2024-42120" tracker="cve" />
<issue id="2024-41061" tracker="cve" />
<issue id="2024-42227" tracker="cve" />
<issue id="2024-42119" tracker="cve" />
<issue id="2024-42064" tracker="cve" />
<issue id="2024-41022" tracker="cve" />
<issue id="2024-42228" tracker="cve" />
<issue id="2024-41093" tracker="cve" />
<issue id="2024-41094" tracker="cve" />
<issue id="2024-41092" tracker="cve" />
<issue id="2024-42127" tracker="cve" />
<issue id="2024-41095" tracker="cve" />
<issue id="2024-41089" tracker="cve" />
<issue id="2024-42101" tracker="cve" />
<issue id="2024-42087" tracker="cve" />
<issue id="2024-41060" tracker="cve" />
<issue id="2024-41049" tracker="cve" />
<issue id="2024-41039" tracker="cve" />
<issue id="2024-41038" tracker="cve" />
<issue id="2024-42238" tracker="cve" />
<issue id="2024-41056" tracker="cve" />
<issue id="2024-42237" tracker="cve" />
<issue id="2024-31076" tracker="cve" />
<issue id="2024-42092" tracker="cve" />
<issue id="2024-42253" tracker="cve" />
<issue id="2024-42153" tracker="cve" />
<issue id="2024-42086" tracker="cve" />
<issue id="2024-42115" tracker="cve" />
<issue id="2024-42232" tracker="cve" />
<issue id="2024-42223" tracker="cve" />
<issue id="2024-41025" tracker="cve" />
<issue id="2024-41024" tracker="cve" />
<issue id="2024-42131" tracker="cve" />
<issue id="2024-42069" tracker="cve" />
<issue id="2024-42076" tracker="cve" />
<issue id="2023-52887" tracker="cve" />
<issue id="2024-42130" tracker="cve" />
<issue id="2024-42104" tracker="cve" />
<issue id="2024-41073" tracker="cve" />
<issue id="2024-41079" tracker="cve" />
<issue id="2024-42152" tracker="cve" />
<issue id="2024-42077" tracker="cve" />
<issue id="2024-41016" tracker="cve" />
<issue id="2024-42143" tracker="cve" />
<issue id="2024-42090" tracker="cve" />
<issue id="2024-41028" tracker="cve" />
<issue id="2024-42126" tracker="cve" />
<issue id="2024-42230" tracker="cve" />
<issue id="2024-42144" tracker="cve" />
<issue id="2024-41097" tracker="cve" />
<issue id="2024-42085" tracker="cve" />
<issue id="2024-42236" tracker="cve" />
<issue id="2024-42226" tracker="cve" />
<issue id="2024-42114" tracker="cve" />
<issue id="2024-41072" tracker="cve" />
<issue id="2024-41071" tracker="cve" />
<issue id="2024-42225" tracker="cve" />
<issue id="2024-42125" tracker="cve" />
<issue id="2024-42240" tracker="cve" />
<issue id="2024-42147" tracker="cve" />
<issue id="2024-35855" tracker="cve" />
<issue id="2024-40984" tracker="cve" />
<issue id="2024-40964" tracker="cve" />
<issue id="2024-39491" tracker="cve" />
<issue id="2024-39509" tracker="cve" />
<issue id="2024-40934" tracker="cve" />
<issue id="2024-39483" tracker="cve" />
<issue id="2024-40990" tracker="cve" />
<issue id="2024-40992" tracker="cve" />
<issue id="2024-36288" tracker="cve" />
<issue id="2024-40904" tracker="cve" />
<issue id="2024-39488" tracker="cve" />
<issue id="2024-40910" tracker="cve" />
<issue id="2024-40981" tracker="cve" />
<issue id="2024-40962" tracker="cve" />
<issue id="2024-40900" tracker="cve" />
<issue id="2024-40997" tracker="cve" />
<issue id="2024-41002" tracker="cve" />
<issue id="2024-39493" tracker="cve" />
<issue id="2024-40936" tracker="cve" />
<issue id="2024-39501" tracker="cve" />
<issue id="2024-40987" tracker="cve" />
<issue id="2024-39486" tracker="cve" />
<issue id="2024-40916" tracker="cve" />
<issue id="2024-40932" tracker="cve" />
<issue id="2024-40924" tracker="cve" />
<issue id="2024-39505" tracker="cve" />
<issue id="2024-40976" tracker="cve" />
<issue id="2024-40926" tracker="cve" />
<issue id="2024-40988" tracker="cve" />
<issue id="2024-39497" tracker="cve" />
<issue id="2024-39508" tracker="cve" />
<issue id="2024-40922" tracker="cve" />
<issue id="2024-41001" tracker="cve" />
<issue id="2024-40945" tracker="cve" />
<issue id="2024-40902" tracker="cve" />
<issue id="2024-39484" tracker="cve" />
<issue id="2024-36939" tracker="cve" />
<issue id="2024-40943" tracker="cve" />
<issue id="2024-40967" tracker="cve" />
<issue id="2024-39500" tracker="cve" />
<issue id="2024-40982" tracker="cve" />
<issue id="2024-41004" tracker="cve" />
<issue id="2024-40903" tracker="cve" />
<issue id="2024-39499" tracker="cve" />
<issue id="2024-26637" tracker="cve" />
<issue id="2024-40911" tracker="cve" />
<issue id="2024-26683" tracker="cve" />
<issue id="2024-40930" tracker="cve" />
<issue id="2024-36970" tracker="cve" />
<issue id="2024-40929" tracker="cve" />
<issue id="2024-40941" tracker="cve" />
<issue id="2024-35913" tracker="cve" />
<issue id="2024-40912" tracker="cve" />
<issue id="2024-26682" tracker="cve" />
<issue id="2024-40942" tracker="cve" />
<issue id="2024-38609" tracker="cve" />
<issue id="2024-40977" tracker="cve" />
<issue id="2024-27049" tracker="cve" />
<issue id="2024-38563" tracker="cve" />
<issue id="2024-40944" tracker="cve" />
<issue id="2024-40927" tracker="cve" />
<issue id="2023-52885" tracker="cve" />
<issue id="2023-52886" tracker="cve" />
<issue id="2023-52668" tracker="cve" />
<issue id="2023-52688" tracker="cve" />
<issue id="2024-42105" tracker="cve" />
<issue id="2024-41059" tracker="cve" />
<issue id="2024-41062" tracker="cve" />
<issue id="2023-52489" tracker="cve" />
<issue id="2024-43821" tracker="cve" />
<issue id="2024-43911" tracker="cve" />
<issue id="2024-42277" tracker="cve" />
<issue id="2024-43880" tracker="cve" />
<issue id="2024-43899" tracker="cve" />
<issue id="2024-43882" tracker="cve" />
<issue id="2024-43866" tracker="cve" />
<issue id="2024-26812" tracker="cve" />
<issue id="2024-27010" tracker="cve" />
<issue id="2024-36270" tracker="cve" />
<issue id="2024-36881" tracker="cve" />
<issue id="2024-42316" tracker="cve" />
<issue id="2024-43855" tracker="cve" />
<issue id="2024-43864" tracker="cve" />
<issue id="2024-26631" tracker="cve" />
<issue id="2024-42109" tracker="cve" />
<issue id="2024-41084" tracker="cve" />
<issue id="2024-40905" tracker="cve" />
<issue id="2024-39489" tracker="cve" />
<issue id="2024-36489" tracker="cve" />
<issue id="2024-27079" tracker="cve" />
<issue id="2024-41020" tracker="cve" />
<issue id="2024-35897" tracker="cve" />
<issue id="2024-27403" tracker="cve" />
<issue id="2024-27011" tracker="cve" />
<issue id="2024-26668" tracker="cve" />
<issue id="2024-26835" tracker="cve" />
<issue id="2024-26808" tracker="cve" />
<issue id="2024-26809" tracker="cve" />
<issue id="2023-52581" tracker="cve" />
<issue id="2024-43837" tracker="cve" />
<issue id="2024-35939" tracker="cve" />
<issue id="2024-42291" tracker="cve" />
<issue id="2024-42268" tracker="cve" />
<issue id="2024-43834" tracker="cve" />
<issue id="2024-27433" tracker="cve" />
<issue id="2024-36286" tracker="cve" />
<issue id="2024-26851" tracker="cve" />
<issue id="2024-40920" tracker="cve" />
<issue id="2024-40921" tracker="cve" />
<issue id="2024-36979" tracker="cve" />
<issue id="2024-26590" tracker="cve" />
<issue id="2023-52859" tracker="cve" />
<issue id="2024-42270" tracker="cve" />
<issue id="2024-42269" tracker="cve" />
<issue id="2024-42284" tracker="cve" />
<issue id="2024-42283" tracker="cve" />
<issue id="2024-42312" tracker="cve" />
<issue id="2024-43854" tracker="cve" />
<issue id="2024-42322" tracker="cve" />
<issue id="2024-42308" tracker="cve" />
<issue id="2024-42301" tracker="cve" />
<issue id="2024-42290" tracker="cve" />
<issue id="2024-42318" tracker="cve" />
<issue id="2023-52889" tracker="cve" />
<issue id="2024-42295" tracker="cve" />
<issue id="2024-43850" tracker="cve" />
<issue id="2024-43831" tracker="cve" />
<issue id="2024-43839" tracker="cve" />
<issue id="2024-41007" tracker="cve" />
<issue id="2024-42281" tracker="cve" />
<issue id="2024-26669" tracker="cve" />
<issue id="2024-26677" tracker="cve" />
<issue id="2024-41050" tracker="cve" />
<issue id="2024-41051" tracker="cve" />
<issue id="2024-41074" tracker="cve" />
<issue id="2024-41075" tracker="cve" />
<issue id="2024-41012" tracker="cve" />
<issue id="2024-41080" tracker="cve" />
<issue id="2024-42246" tracker="cve" />
<issue id="2024-42159" tracker="cve" />
<issue id="2024-42241" tracker="cve" />
<issue id="2024-42245" tracker="cve" />
<issue id="2024-26735" tracker="cve" />
<issue id="2024-26837" tracker="cve" />
<issue id="2024-42155" tracker="cve" />
<issue id="2024-42156" tracker="cve" />
<issue id="2024-42157" tracker="cve" />
<issue id="2024-42158" tracker="cve" />
<issue id="2024-38662" tracker="cve" />
<issue id="2024-40938" tracker="cve" />
<issue id="2024-42247" tracker="cve" />
<issue id="2024-41010" tracker="cve" />
<issue id="2024-42106" tracker="cve" />
<issue id="2024-42095" tracker="cve" />
<issue id="2024-41068" tracker="cve" />
<issue id="2024-42138" tracker="cve" />
<issue id="2024-42107" tracker="cve" />
<issue id="2024-42139" tracker="cve" />
<issue id="2024-42110" tracker="cve" />
<issue id="2024-42113" tracker="cve" />
<issue id="2024-42148" tracker="cve" />
<issue id="2024-42142" tracker="cve" />
<issue id="2024-42073" tracker="cve" />
<issue id="2024-42162" tracker="cve" />
<issue id="2024-42082" tracker="cve" />
<issue id="2024-40978" tracker="cve" />
<issue id="2024-41000" tracker="cve" />
<issue id="2024-40995" tracker="cve" />
<issue id="2024-42161" tracker="cve" />
<issue id="2024-41069" tracker="cve" />
<issue id="2024-39506" tracker="cve" />
<issue id="2024-42145" tracker="cve" />
<issue id="2024-40994" tracker="cve" />
<issue id="2024-42124" tracker="cve" />
<issue id="2024-42096" tracker="cve" />
<issue id="2024-42224" tracker="cve" />
<issue id="2024-41048" tracker="cve" />
<issue id="2024-40958" tracker="cve" />
<issue id="2024-40939" tracker="cve" />
<issue id="2024-36933" tracker="cve" />
<issue id="2024-36929" tracker="cve" />
<issue id="2024-41044" tracker="cve" />
<issue id="2024-41066" tracker="cve" />
<issue id="2024-42093" tracker="cve" />
<issue id="2024-42122" tracker="cve" />
<issue id="2024-41078" tracker="cve" />
<issue id="2024-40989" tracker="cve" />
<issue id="2024-41064" tracker="cve" />
<issue id="2024-41036" tracker="cve" />
<issue id="2024-41040" tracker="cve" />
<issue id="2024-35949" tracker="cve" />
<issue id="2024-41081" tracker="cve" />
<issue id="2024-41076" tracker="cve" />
<issue id="2024-42079" tracker="cve" />
<issue id="2024-41057" tracker="cve" />
<issue id="2024-41058" tracker="cve" />
<issue id="2024-41015" tracker="cve" />
<issue id="2024-40956" tracker="cve" />
<issue id="2024-27437" tracker="cve" />
<issue id="2024-41032" tracker="cve" />
<issue id="2024-40957" tracker="cve" />
<issue id="2024-41041" tracker="cve" />
<issue id="2024-40954" tracker="cve" />
<issue id="2024-42070" tracker="cve" />
<issue id="2024-41070" tracker="cve" />
<issue id="2024-40959" tracker="cve" />
<issue id="2024-41009" tracker="cve" />
<issue id="2024-40909" tracker="cve" />
<issue id="2024-27024" tracker="cve" />
<issue id="PED-8491" tracker="jsc" />
<issue id="PED-8954" tracker="jsc" />
<issue id="PED-10029" tracker="jsc" />
<issue id="PED-10045" tracker="jsc" />
<issue id="PED-10055" tracker="jsc" />
<issue id="PED-10105" tracker="jsc" />
<issue id="PED-10108" tracker="jsc" />
<issue id="PED-8779" tracker="jsc" />
<category>security</category>
<rating>important</rating>
<packager>tiwai</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.
This release includes the first live patch.
The following security bugs were fixed:
- CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
- CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252).
- CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350).
- CVE-2024-26677: blacklist.conf: Add e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387)
- CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633).
- CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808).
- CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26837: net: bridge: switchdev: Skip MDB replays of deferred events on offload (bsc#1222973).
- CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803).
- CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
- CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-36881: mm/userfaultfd: reset ptes when close() for wr-protected ones (bsc#1225718).
- CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. (bsc#1226604).
- CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
- CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840).
- CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811).
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
- CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460).
- CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518).
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499).
- CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41074: cachefiles: Set object to close if ondemand_id &lt; 0 in copen (bsc#1228643).
- CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42109: netfilter: nf_tables: unconditionall (bsc#1228505).
- CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
- CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503).
- CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
- CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
- CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-42159: scsi: mpi3mr: sanitise num_phys (bsc#1228754).
- CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986).
- CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978).
- CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). (bsc#1229402).
- CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). (bsc#1229404).
- CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379).
- CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42308: Update DRM patch reference (bsc#1229411)
- CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
- CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
- CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342).
- CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496).
- CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827).
Additional CVEs were previously fixed and are only mentioned in the metadata.
The following non-security bugs were fixed:
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes).
- ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes).
- ACPI: battery: create alarm sysfs attribute atomically (stable-fixes).
- ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes).
- ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable-fixes).
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes).
- ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes).
- ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable-fixes).
- ALSA: hda/tas2781: Use correct endian conversion (git-fixes).
- ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes).
- ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Skip event type filtering for UMP events (git-fixes).
- ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes).
- ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes).
- ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
- ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: amd: Fix for acp init sequence (git-fixes).
- ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes).
- ASoC: SOF: mediatek: Add missing board compatible (stable-fixes).
- ASoC: allow module autoloading for table board_ids (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids (stable-fixes).
- ASoC: amd: acp: fix module autoloading (git-fixes).
- ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes).
- Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- Bluetooth: MGMT: Add error handling to pair_device() (git-fixes).
- Bluetooth: SMP: Fix assumption of Central always being Initiator (git-fixes).
- Bluetooth: bnep: Fix out-of-bound access (stable-fixes).
- Bluetooth: btintel: Fail setup on error (git-fixes).
- Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable-fixes).
- Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes).
- Bluetooth: hci_core: Fix LE quote calculation (git-fixes).
- Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
- Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes).
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
- Drop libata patch that caused a regression (bsc#1229054)
- HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes).
- Input: MT - limit max slots (stable-fixes).
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056).
- Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes).
- Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes).
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (git-fixes).
- KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git-fixes).
- KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199).
- KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes).
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (git-fixes).
- KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes).
- KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes).
- KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git-fixes).
- KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git-fixes).
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes).
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes).
- KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes).
- KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes).
- KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes)
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes).
- KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes).
- KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes).
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes).
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes).
- KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes).
- KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes).
- KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes).
- KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes).
- KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes).
- KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes).
- KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes).
- KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- KVM: s390: fix validity interception issue when gisa is switched off (git-fixes bsc#1229167).
- KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes).
- KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes).
- Move upstreamed powerpc patches into sorted section
- Move upstreamed sound patches into sorted section
- Moved upstreamed ASoC patch into sorted section
- NFSD: Support write delegations in LAYOUTGET (git-fixes).
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes).
- RDMA/cache: Release GID table even if leak is detected (git-fixes)
- RDMA/device: Return error earlier if port in not valid (git-fixes)
- RDMA/hns: Check atomic wr length (git-fixes)
- RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
- RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
- RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes)
- Revert "ALSA: firewire-lib: obsolete workqueue for period update" (bsc#1208783).
- Revert "ALSA: firewire-lib: operate for period elapse event in process context" (bsc#1208783).
- Revert "KVM: Prevent module exit until all VMs are freed" (git-fixes).
- Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (git-fixes).
- Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes).
- Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" (git-fixes).
- Revert "usb: gadget: uvc: cleanup request when not in correct state" (stable-fixes).
- Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" (git-fixes).
- SUNRPC: Fix a race to wake a sync task (git-fixes).
- SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- Squashfs: fix variable overflow triggered by sysbot (git-fixes).
- USB: serial: debug: do not echo input by default (stable-fixes).
- Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834)
- Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920)
- Update patch references for ASoC regression fixes (bsc#1229045 bsc#1229046)
- afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes).
- apparmor: unpack transition table if dfa is not present (bsc#1226031).
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: barrier: Restore spec_bar() macro (git-fixes)
- arm64: cputype: Add Cortex-A720 definitions (git-fixes)
- arm64: cputype: Add Cortex-A725 definitions (git-fixes)
- arm64: cputype: Add Cortex-X1C definitions (git-fixes)
- arm64: cputype: Add Cortex-X3 definitions (git-fixes)
- arm64: cputype: Add Cortex-X4 definitions (git-fixes)
- arm64: cputype: Add Cortex-X925 definitions (git-fixes)
- arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
- arm64: dts: imx8mp: Add NPU Node (git-fixes)
- arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes)
- arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes)
- arm64: dts: imx8mp: add HDMI power-domains (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (git-fixes)
- arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files.
- arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git-fixes)
- ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable-fixes).
- ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable-fixes).
- blacklist.conf: Add libata upstream revert entry (bsc#1229054)
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes)
- bpf, lpm: Fix check prefixlen before walking trie (git-fixes).
- bpf/tests: Remove duplicate JSGT tests (git-fixes).
- bpf: Add crosstask check to __bpf_get_stack (git-fixes).
- bpf: Detect IP == ksym.end as part of BPF program (git-fixes).
- bpf: Ensure proper register state printing for cond jumps (git-fixes).
- bpf: Fix a few selftest failures due to llvm18 change (git-fixes).
- bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes).
- bpf: Fix kfunc callback register type handling (git-fixes).
- bpf: Fix prog_array_map_poke_run map poke update (git-fixes).
- bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes).
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git-fixes).
- bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes).
- bpf: Set uattr->batch.count as zero before batched update or deletion (git-fixes).
- bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git-fixes).
- bpf: enforce precision of R0 on callback return (git-fixes).
- bpf: extract bpf_ctx_convert_map logic and make it more reusable (git-fixes).
- bpf: fix control-flow graph checking in privileged mode (git-fixes).
- bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes).
- bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes).
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
- bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git-fixes).
- bpftool: Align output skeleton ELF code (git-fixes).
- bpftool: Fix -Wcast-qual warning (git-fixes).
- bpftool: Silence build warning about calloc() (git-fixes).
- bpftool: mark orphaned programs during prog show (git-fixes).
- btrfs: add a btrfs_finish_ordered_extent helper (git-fixes).
- btrfs: add a is_data_bbio helper (git-fixes).
- btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes).
- btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321).
- btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes).
- btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes).
- btrfs: factor out a can_finish_ordered_extent helper (git-fixes).
- btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes).
- btrfs: fix double inode unlock for direct IO sync writes (git-fixes).
- btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes).
- btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
- btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git-fixes).
- btrfs: limit write bios to a single ordered extent (git-fixes).
- btrfs: make btrfs_finish_ordered_extent() return void (git-fixes).
- btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes).
- btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes).
- btrfs: open code end_extent_writepage in end_bio_extent_writepage (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes).
- btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes).
- btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes).
- btrfs: remove btrfs_add_ordered_extent (git-fixes).
- btrfs: rename err to ret in btrfs_direct_write() (git-fixes).
- btrfs: uninline some static inline helpers from tree-log.h (git-fixes).
- btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git-fixes).
- btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes).
- btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete direct writes (git-fixes).
- btrfs: use irq safe locking when running and adding delayed iputs (git-fixes).
- cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode (bsc#1229245).
- cachefiles: add missing lock protection when polling (bsc#1229256).
- cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244).
- cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249).
- cachefiles: cancel all requests for the object that is being dropped (bsc#1229255).
- cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251).
- cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246).
- cachefiles: introduce object ondemand state (bsc#1229239).
- cachefiles: make on-demand read killable (bsc#1229252).
- cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243).
- cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250).
- cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253).
- cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248).
- cachefiles: resend an open request if the read request's object is closed (bsc#1229241).
- cachefiles: stop sending new request when dropping object (bsc#1229254).
- can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes).
- can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- ceph: periodically flush the cap releases (bsc#1230056).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- char: xillybus: Check USB endpoints when probing device (git-fixes).
- char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes).
- char: xillybus: Refine workqueue handling (git-fixes).
- clk: en7523: fix rate divider for slic and spi clocks (git-fixes).
- clk: qcom: Park shared RCGs upon registration (git-fixes).
- clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git-fixes).
- clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git-fixes).
- clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git-fixes).
- clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes).
- clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes).
- clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes).
- clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes).
- clocksource/drivers/sh_cmt: Address race condition for clock events (stable-fixes).
- cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472)
- dev/parport: fix the array out-of-bounds risk (stable-fixes).
- device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes).
- dmaengine: dw: Add memory bus width verification (git-fixes).
- dmaengine: dw: Add peripheral bus width verification (git-fixes).
- docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
- driver core: Fix uevent_show() vs driver detach race (git-fixes).
- drm/admgpu: fix dereferencing null pointer context (stable-fixes).
- drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes).
- drm/amd/display: Add null checker before passing variables (stable-fixes).
- drm/amd/display: Adjust cursor position (git-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- drm/amd/display: avoid using null object of framebuffer (git-fixes).
- drm/amd/display: fix cursor offset on rotation 180 (git-fixes).
- drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes).
- drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
- drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes).
- drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes).
- drm/amdgpu: Actually check flags for all context ops (stable-fixes).
- drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
- drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
- drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes).
- drm/amdgpu: Validate TA binary size (stable-fixes).
- drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- drm/amdgpu: fix potential resource leak warning (stable-fixes).
- drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable-fixes).
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
- drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes).
- drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes).
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes).
- drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes).
- drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git-fixes).
- drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
- drm/mediatek/dp: Fix spurious kfree() (git-fixes).
- drm/msm/dp: fix the max supported bpp logic (git-fixes).
- drm/msm/dp: reset the link phy params before link training (git-fixes).
- drm/msm/dpu: capture snapshot on the first commit_done timeout (stable-fixes).
- drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
- drm/msm/dpu: do not play tricks with debug macros (git-fixes).
- drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes).
- drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes).
- drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable-fixes).
- drm/msm/dpu: take plane rotation into account for wide planes (git-fixes).
- drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes).
- drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable-fixes).
- drm/msm/mdss: Rename path references to mdp_path (stable-fixes).
- drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes).
- drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes).
- drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024).
- drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes).
- drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes).
- drm/virtio: Fix type of dma-fence context variable (git-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- drm/vmwgfx: Fix prime with external buffers (git-fixes).
- efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes).
- evm: do not copy up 'security.evm' xattr (git-fixes).
- firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes).
- fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455).
- fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456).
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- gfs2: setattr_chown: Add missing initialization (git-fixes).
- gpio: mlxbf3: Support shutdown() function (git-fixes).
- gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable-fixes).
- gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- hwmon: (ltc2992) Avoid division by zero (stable-fixes).
- hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes).
- hwmon: (pc87360) Bounds check data->innr usage (stable-fixes).
- i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
- i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
- i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: riic: avoid potential division by zero (stable-fixes).
- i2c: smbus: Improve handling of stuck alerts (git-fixes).
- i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
- i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes).
- i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable-fixes).
- i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable-fixes).
- i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes).
- ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737).
- io_uring/advise: support 64-bit lengths (git-fixes).
- io_uring: Drop per-ctx dummy_ubuf (git-fixes).
- io_uring: Fix probe of disabled operations (git-fixes).
- io_uring: fix io_match_task must_hold (git-fixes).
- io_uring: tighten task exit cancellations (git-fixes).
- iommu/amd: Convert comma to semicolon (git-fixes).
- iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes).
- iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git-fixes).
- ip6_tunnel: Fix broken GRO (bsc#1229444).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
- jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes).
- jfs: define xtree root and page independently (git-fixes).
- jfs: fix null ptr deref in dtInsertEntry (git-fixes).
- jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git-fixes).
- jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes).
- jump_label: Fix the fix, brown paper bags galore (git-fixes).
- jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git-fixes).
- kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes).
- kABI workaround for sound core UMP conversion (stable-fixes).
- kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kcov: properly check for softirq context (git-fixes).
- kernel-binary: generate and install compile_commands.json (bsc#1228971)
- kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134).
- kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git-fixes).
- kprobes: Fix to check symbol prefixes correctly (git-fixes).
- kprobes: Prohibit probing on CFI preamble symbol (git-fixes).
- kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168).
- libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes).
- libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git-fixes).
- libbpf: Fix faccessat() usage on Android (git-fixes).
- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395).
- md/md-bitmap: fix writing non bitmap pages (git-fixes).
- md/raid1: set max_sectors during early return from choose_slow_rdev() (git-fixes).
- md/raid1: support read error check (git-fixes).
- md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes).
- md/raid5: fix spares errors about rcu usage (git-fixes).
- md/raid5: recheck if reshape has finished with device_lock held (git-fixes).
- md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git-fixes).
- md: add a mddev_add_trace_msg helper (git-fixes).
- md: add check for sleepers in md_wakeup_thread() (git-fixes).
- md: change the return value type of md_write_start to void (git-fixes).
- md: do not account sync_io if iostats of the disk is disabled (git-fixes).
- md: do not delete safemode_timer in mddev_suspend (git-fixes).
- md: factor out a helper exceed_read_errors() to check read_errors (git-fixes).
- md: fix a suspicious RCU usage warning (git-fixes).
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes).
- media: amphion: Remove lock in s_ctrl callback (stable-fixes).
- media: drivers/media/dvb-core: copy user arrays safely (stable-fixes).
- media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes).
- media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes).
- media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes).
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes).
- media: uvcvideo: Ignore empty TS packets (stable-fixes).
- media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes).
- media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes).
- memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
- memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes).
- memory: tegra: Skip SID programming if SID registers are not set (stable-fixes).
- minmax: add a few more MIN_T/MAX_T users (bsc#1229024).
- minmax: avoid overly complicated constant expressions in VM code (bsc#1229024).
- minmax: do not use max() in situations that want a C constant expression (bsc#1229024).
- minmax: fix up min3() and max3() too (bsc#1229024).
- minmax: improve macro expansion and type checking (bsc#1229024).
- minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024).
- minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024).
- minmax: simplify min()/max()/clamp() implementation (bsc#1229024).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
- mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
- mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes).
- net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451).
- net/iucv: fix use after free in iucv_sock_close() (bsc#1228973).
- net/rds: fix possible cp null dereference (git-fixes).
- net/sched: initialize noop_qdisc owner (git-fixes).
- net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
- net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes).
- net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757).
- net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- net: missing check virtio (git-fixes).
- net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes).
- net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes).
- net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- nfc: pn533: Add poll mod list filling check (git-fixes).
- nfs: do not invalidate dentries on transient errors (git-fixes).
- nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- nfs: make the rpc_stat per net namespace (git-fixes).
- nfs: pass explicit offset/count to trace events (git-fixes).
- nfs: propagate readlink errors in nfs_symlink_filler (git-fixes).
- nouveau/firmware: use dma non-coherent allocator (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706).
- nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: do not directly handle subsys reset fallout (bsc#1220066).
- nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857).
- nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857).
- nvme-tcp: check for invalidated or revoked key (bsc#1221857).
- nvme-tcp: sanitize TLS key handling (bsc#1221857).
- nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme: split off TLS sysfs attributes into a separate group (bsc#1221857).
- nvme: tcp: remove unnecessary goto statement (bsc#1221857).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet: do not return 'reserved' for empty TSAS values (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes).
- pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git-fixes).
- pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
- pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes).
- platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
- platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
- platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
- platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
- platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
- platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes).
- platform/x86: lg-laptop: fix %s null argument warning (stable-fixes).
- power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
- power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
- powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
- powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
- printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607).
- reiserfs: fix uninit-value in comp_keys (git-fixes).
- rtc: nct3018y: fix possible NULL dereference (stable-fixes).
- s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171).
- s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173).
- s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452).
- s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174).
- s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172).
- s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172).
- s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720).
- s390/pkey: introduce dynamic debugging for pkey (bsc#1228720).
- s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169).
- s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170).
- samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes).
- samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes).
- sbitmap: use READ_ONCE to access map->word (stable-fixes).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes).
- selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903).
- selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes).
- selftests/bpf: Add netkit to tc_redirect selftest (git-fixes).
- selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes).
- selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes).
- selftests/bpf: Fix erroneous bitmask operation (git-fixes).
- selftests/bpf: Fix issues in setup_classid_environment() (git-fixes).
- selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes).
- selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes).
- selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes).
- selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes).
- selftests/bpf: Make linked_list failure test more robust (git-fixes).
- selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git-fixes).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes).
- selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes).
- selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes).
- selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git-fixes).
- selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes).
- selftests/bpf: satisfy compiler by having explicit return in btf test (git-fixes).
- serial: core: check uartclk for zero to avoid divide by zero (stable-fixes).
- soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes).
- soc: qcom: pmic_glink: Actually communicate when remote goes down (git-fixes).
- soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes).
- spi: Add empty versions of ACPI functions (stable-fixes).
- spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes).
- spi: microchip-core: switch to use modern name (stable-fixes).
- spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
- spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes).
- squashfs: squashfs_read_data need to check if the length is 0 (git-fixes).
- ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes).
- staging: iio: resolver: ad2s1210: fix use before initialization (stable-fixes).
- staging: ks7010: disable bh on tx_dev_lock (stable-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849).
- sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
- swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git-fixes).
- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- thermal/drivers/broadcom: Fix race between removal and clock disable (git-fixes).
- thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes).
- thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
- tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix timing issue with parallel threads in perf bench wake-up-parallel (bsc#1227747).
- tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes).
- tools/resolve_btfids: Fix cross-compilation to non-host endianness (git-fixes).
- tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git-fixes).
- tools/resolve_btfids: fix build with musl libc (git-fixes).
- trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes).
- tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- tty: atmel_serial: use the correct RTS flag (git-fixes).
- tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git-fixes).
- usb: cdnsp: fix for Link TRB with TC (git-fixes).
- usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes).
- usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes).
- usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes).
- usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
- usb: gadget: core: Check for unset descriptor (git-fixes).
- usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes).
- usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes).
- usb: gadget: u_serial: Set start_delayed during suspend (git-fixes).
- usb: gadget: uvc: cleanup request when not in correct state (stable-fixes).
- usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes).
- usb: typec: fsa4480: Check if the chip is really there (git-fixes).
- usb: typec: fsa4480: Relax CHIP_ID check (git-fixes).
- usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes).
- usb: typec: fsa4480: rework mux &amp; switch setup to handle more states (git-fixes).
- usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes).
- vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
- vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes).
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
- vhost/vsock: always initialize seqpacket_allow (git-fixes).
- vhost: Release worker mutex during flushes (git-fixes).
- vhost: Use virtqueue mutex for swapping worker (git-fixes).
- virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes).
- virtio-crypto: handle config changed by work queue (git-fixes).
- virtio: reenable config if freezing device failed (git-fixes).
- virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
- virtiofs: forbid newlines in tags (bsc#1229940).
- wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable-fixes).
- wifi: ath12k: fix soft lockup on suspend (git-fixes).
- wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes).
- wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes).
- wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
- wifi: mac80211: use monitor sdata with driver only if desired (git-fixes).
- wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
- wifi: nl80211: disallow setting special AP channel widths (stable-fixes).
- wifi: nl80211: do not give key data to userspace (stable-fixes).
- wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes).
- wifi: wfx: repair open network AP mode (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git-fixes).
- x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes).
- x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
- x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes).
- x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
- x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git-fixes).
- x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes).
- x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes).
- x86/numa: Introduce numa_fill_memblks() (git-fixes).
- x86/pci: Skip early E820 check for ECAM region (git-fixes).
- x86/xen: Convert comma to semicolon (git-fixes).
- xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- xfs: allow cross-linking special files without project quota (git-fixes).
- xfs: allow symlinks with short remote targets (bsc#1229160).
- xfs: allow unlinked symlinks and dirs with zero size (git-fixes).
- xfs: attr forks require attr, not attr2 (git-fixes).
- xfs: convert comma to semicolon (git-fixes).
- xfs: do not use current->journal_info (git-fixes).
- xfs: fix unlink vs cluster buffer instantiation race (git-fixes).
- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes).
- xfs: journal geometry is not properly bounds checked (git-fixes).
- xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes).
- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes).
- xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git-fixes).
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes).
- xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).
</description>
<summary>Security update for the Linux Kernel</summary>
<package>kernel-source</package>
<package>kernel-source:dtb-aarch64</package>
<package>kernel-source:kernel-64kb</package>
<package>kernel-source:kernel-debug</package>
<package>kernel-source:kernel-default</package>
<package>kernel-source:kernel-docs</package>
<package>kernel-source:kernel-kvmsmall</package>
<package>kernel-source:kernel-obs-build</package>
<package>kernel-source:kernel-obs-qa</package>
<package>kernel-source:kernel-syms</package>
<package>kernel-source:kernel-zfcpdump</package>
<package>kernel-default-base</package>
<package>kernel-livepatch-MICRO-6-0_Update_2</package>
<seperate_build_arch/>
</patchinfo>