SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3408-1)

2022-09-27T00:00:00

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3408-1 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516) - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203) - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. (CVE-2022-1012) - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368) - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel (CVE-2022-20369) - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385) - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373) - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639) - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663) - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581) - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977) - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028) - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879) - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

{"id": "SUSE_SU-2022-3408-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3408-1)", "description": "The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3408-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. (CVE-2022-1012)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-09-27T00:00:00", "modified": "2023-03-10T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 4.2}, "href": "https://www.tenable.com/plugins/nessus/165501", "reporter": "This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.suse.com/1177440", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1012", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3028", "https://bugzilla.suse.com/1202097", "https://bugzilla.suse.com/1201948", "https://www.suse.com/security/cve/CVE-2022-3028", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20369", "https://bugzilla.suse.com/1180153", "https://www.suse.com/security/cve/CVE-2020-36516", "https://bugzilla.suse.com/1202347", "https://bugzilla.suse.com/1194535", "https://bugzilla.suse.com/1202154", "https://bugzilla.suse.com/1202335", "https://bugzilla.suse.com/1197158", "https://bugzilla.suse.com/1203107", "https://www.suse.com/security/cve/CVE-2022-2663", "https://bugzilla.suse.com/1199482", "https://bugzilla.suse.com/1202096", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36879", "https://www.suse.com/security/cve/CVE-2022-26373", "https://www.suse.com/security/cve/CVE-2022-36879", "https://bugzilla.suse.com/1201726", "https://www.suse.com/security/cve/CVE-2022-20369", "https://www.suse.com/security/cve/CVE-2022-21385", "https://www.suse.com/security/cve/CVE-2022-2639", "https://www.suse.com/security/cve/CVE-2022-2588", "https://bugzilla.suse.com/1201705", "https://bugzilla.suse.com/1188944", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20368", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2663", "https://bugzilla.suse.com/1199665", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2639", "https://www.suse.com/security/cve/CVE-2022-20368", "https://bugzilla.suse.com/1202672", "https://www.suse.com/security/cve/CVE-2022-2977", "https://bugzilla.suse.com/1202396", "https://bugzilla.suse.com/1201019", "https://www.suse.com/security/cve/CVE-2022-1012", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4203", "https://bugzilla.suse.com/1201420", "https://www.suse.com/security/cve/CVE-2022-39188", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29581", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588", "https://bugzilla.suse.com/1202393", "https://bugzilla.suse.com/1202898", "https://bugzilla.suse.com/1202897", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36516", "https://bugzilla.suse.com/1191881", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39188", "https://bugzilla.suse.com/1202346", "https://www.suse.com/security/cve/CVE-2022-29581", "https://bugzilla.suse.com/1196616", "https://www.suse.com/security/cve/CVE-2021-4203", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21385", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2977", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26373", "http://www.nessus.org/u?3cfce971", "https://bugzilla.suse.com/1203098"], "cvelist": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-1012", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "immutableFields": [], "lastseen": "2023-03-10T19:23:37", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1988", "ALSA-2022:5819", "ALSA-2022:7110", "ALSA-2022:7683"]}, {"type": "altlinux", "idList": ["69D1753D74C2782AF5C4B3E24536D125"]}, {"type": "amazon", "idList": ["ALAS-2022-1577", "ALAS-2022-1591", "ALAS-2022-1604", "ALAS-2022-1636", "ALAS-2022-1645", "ALAS-2022-1768", "ALAS-2022-1852", "ALAS-2022-1888", "ALAS2-2022-1798", "ALAS2-2022-1813", "ALAS2-2022-1833", "ALAS2-2022-1838", "ALAS2-2022-1852", "ALAS2-2022-1888"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "cnvd", "idList": ["CNVD-2022-17770", "CNVD-2022-54887", "CNVD-2022-69201"]}, {"type": "cve", "idList": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-1012", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2941-1:96084", "DEBIAN:DLA-3065-1:C1710", "DEBIAN:DLA-3102-1:8DD52", "DEBIAN:DLA-3131-1:083C4", "DEBIAN:DLA-3173-1:82909", "DEBIAN:DLA-3245-1:5D45B", "DEBIAN:DSA-5096-1:B47F5", "DEBIAN:DSA-5161-1:2800F", "DEBIAN:DSA-5173-1:5A28E", "DEBIAN:DSA-5207-1:0D465", "DEBIAN:DSA-5257-1:DB743"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-36516", "DEBIANCVE:CVE-2021-4203", "DEBIANCVE:CVE-2022-1012", "DEBIANCVE:CVE-2022-20368", "DEBIANCVE:CVE-2022-20369", "DEBIANCVE:CVE-2022-21385", "DEBIANCVE:CVE-2022-2588", "DEBIANCVE:CVE-2022-26373", "DEBIANCVE:CVE-2022-2639", "DEBIANCVE:CVE-2022-2663", "DEBIANCVE:CVE-2022-29581", "DEBIANCVE:CVE-2022-2977", "DEBIANCVE:CVE-2022-3028", "DEBIANCVE:CVE-2022-36879", "DEBIANCVE:CVE-2022-39188"]}, {"type": "f5", "idList": ["F5:K32615023", "F5:K52259753"]}, {"type": "fedora", "idList": ["FEDORA:37C8F316AAE9", "FEDORA:5334A316CFA4", "FEDORA:671D6305F850", "FEDORA:791D3304C27B", "FEDORA:A1AF5304C6C7", "FEDORA:A4846305797B", "FEDORA:A8BA33168D26"]}, {"type": "github", "idList": ["GHSA-34VW-M4RH-R36P"]}, {"type": "githubexploit", "idList": ["027DC021-9759-5152-B253-BB124AAF3689", "1DED936B-C668-5163-BDB3-81F7AC0611B0", "33212288-81D4-514F-8070-F223DCDD9BE7", "59D4903F-B387-50CB-AC2C-B34EB1920BF5", "9E1C498D-25A3-57B2-A391-764CDA0E674F", "B5E6CCAE-6F85-50D3-A016-7CA8BDF4385C", "C38E0645-3DE1-5134-94E3-00DFE9B99A88", "D632E896-5824-5634-95FB-A564581718DA", "DC3905DC-182D-514C-A689-6B8E9D2771E0", "F3F45FED-B716-5B56-9880-08CA523A08B7"]}, {"type": "ibm", "idList": ["2007FD1781CF2022D192260E43DD6A6A9D75EAE1E583F1FF51351C7A5D643FB1", "433DE0092D030E14A71A2FA1BA9CEFA42E20E0192C794E75B0C1FF4CE223EEE8", "4799E621AAC3B2F147ABA50C4B1BDDD086D1674BCB8D390C130E00A00C814DF6", "579B3E4AEEBFE2F354CC5701A955BC373C28300C7CF3CEAAD268410F2BAD7847", "63C8B1DC63A3A0D366B1AA0E3DB24BD123F14B4EB29B74139B4FE1590E5E48A3", "7A31AC3AD76478BCDFF5EAFDE198D822A87AF40F80D6BE332BB307F284077425", "7F16B180A017EE946A9293B7F73BB16643FA0EDB494E3BDE4E5E8DC3D7C98EE5", "8252E44A34109A3FF009BBFE514754BDBBDA4A863EC3277626019A6C284A3C94", "AD6CCE2A1D5A9869BD583668A696E96D5711DC6790008CC35A1991D46E49ABE2", "B315A585CDBD4D516E60AAEBBA49CDD9274D016108F5F855F13CF2FE3AA0F562", "E86F95B423516140DF23D5DD16D74175F74D96C23CCC412FE50D4D07B828F8A1", "E8EFCA8810003524E6931CD5AFDC084870201D5052BAC467C09EBF324F61A84B", "ED670677BEE7F824FAA4922AD08CFBF43478203FCCB636E589E6854737336228", "F42698819438A0AFD00188966548F0688DA81186746B5D708D7F1D8C8274475E", "F8949F00CDCE086FCFA5F40AFADF9DB9E3B4DD10AB910034C41279EA96313C2A"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00706"]}, {"type": "mageia", "idList": ["MGASA-2022-0194", "MGASA-2022-0195", "MGASA-2022-0278", "MGASA-2022-0279", "MGASA-2022-0305", "MGASA-2022-0308", "MGASA-2022-0324", "MGASA-2022-0379", "MGASA-2022-0380"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-083.NASL", "AL2022_ALAS2022-2022-127.NASL", "AL2022_ALAS2022-2022-150.NASL", "AL2022_ALAS2022-2022-185.NASL", "AL2_ALAS-2022-1768.NASL", "AL2_ALAS-2022-1798.NASL", "AL2_ALAS-2022-1813.NASL", "AL2_ALAS-2022-1833.NASL", "AL2_ALAS-2022-1838.NASL", "AL2_ALAS-2022-1852.NASL", "AL2_ALAS-2022-1888.NASL", "AL2_ALASKERNEL-5_10-2022-013.NASL", "AL2_ALASKERNEL-5_10-2022-014.NASL", "AL2_ALASKERNEL-5_10-2022-015.NASL", "AL2_ALASKERNEL-5_10-2022-016.NASL", "AL2_ALASKERNEL-5_10-2022-017.NASL", "AL2_ALASKERNEL-5_10-2022-019.NASL", "AL2_ALASKERNEL-5_10-2022-020.NASL", "AL2_ALASKERNEL-5_15-2022-001.NASL", "AL2_ALASKERNEL-5_15-2022-006.NASL", "AL2_ALASKERNEL-5_15-2022-007.NASL", "AL2_ALASKERNEL-5_15-2022-008.NASL", "AL2_ALASKERNEL-5_4-2022-025.NASL", "AL2_ALASKERNEL-5_4-2022-026.NASL", "AL2_ALASKERNEL-5_4-2022-028.NASL", "AL2_ALASKERNEL-5_4-2022-030.NASL", "AL2_ALASKERNEL-5_4-2022-032.NASL", "AL2_ALASKERNEL-5_4-2022-034.NASL", "AL2_ALASKERNEL-5_4-2022-035.NASL", "AL2_ALASKERNEL-5_4-2022-036.NASL", "ALA_ALAS-2022-1577.NASL", "ALA_ALAS-2022-1591.NASL", "ALA_ALAS-2022-1604.NASL", "ALA_ALAS-2022-1636.NASL", "ALA_ALAS-2022-1645.NASL", "ALMA_LINUX_ALSA-2022-1988.NASL", "ALMA_LINUX_ALSA-2022-5214.NASL", "ALMA_LINUX_ALSA-2022-5249.NASL", "ALMA_LINUX_ALSA-2022-5267.NASL", "ALMA_LINUX_ALSA-2022-5819.NASL", "ALMA_LINUX_ALSA-2022-5834.NASL", "ALMA_LINUX_ALSA-2022-7110.NASL", "ALMA_LINUX_ALSA-2022-7134.NASL", "ALMA_LINUX_ALSA-2022-7137.NASL", "ALMA_LINUX_ALSA-2022-7444.NASL", "ALMA_LINUX_ALSA-2022-7683.NASL", "ALMA_LINUX_ALSA-2022-7933.NASL", "ALMA_LINUX_ALSA-2022-8267.NASL", "DEBIAN_DLA-3065.NASL", "DEBIAN_DLA-3102.NASL", "DEBIAN_DLA-3131.NASL", "DEBIAN_DLA-3173.NASL", "DEBIAN_DLA-3245.NASL", "DEBIAN_DSA-5096.NASL", "DEBIAN_DSA-5161.NASL", "DEBIAN_DSA-5173.NASL", "DEBIAN_DSA-5207.NASL", "DEBIAN_DSA-5257.NASL", "EULEROS_SA-2022-1429.NASL", "EULEROS_SA-2022-1450.NASL", "EULEROS_SA-2022-1489.NASL", "EULEROS_SA-2022-1508.NASL", "EULEROS_SA-2022-1607.NASL", "EULEROS_SA-2022-1630.NASL", "EULEROS_SA-2022-1791.NASL", "EULEROS_SA-2022-1896.NASL", "EULEROS_SA-2022-1969.NASL", "EULEROS_SA-2022-1999.NASL", "EULEROS_SA-2022-2026.NASL", "EULEROS_SA-2022-2054.NASL", "EULEROS_SA-2022-2090.NASL", "EULEROS_SA-2022-2134.NASL", "EULEROS_SA-2022-2225.NASL", "EULEROS_SA-2022-2244.NASL", "EULEROS_SA-2022-2257.NASL", "EULEROS_SA-2022-2348.NASL", "EULEROS_SA-2022-2384.NASL", "EULEROS_SA-2022-2441.NASL", "EULEROS_SA-2022-2466.NASL", "EULEROS_SA-2022-2566.NASL", "EULEROS_SA-2022-2654.NASL", "EULEROS_SA-2022-2686.NASL", "EULEROS_SA-2022-2732.NASL", "EULEROS_SA-2022-2767.NASL", "EULEROS_SA-2022-2796.NASL", "EULEROS_SA-2022-2823.NASL", "EULEROS_SA-2022-2848.NASL", "EULEROS_SA-2022-2873.NASL", "EULEROS_SA-2022-2891.NASL", "EULEROS_SA-2022-2906.NASL", "EULEROS_SA-2022-2932.NASL", "EULEROS_SA-2023-1012.NASL", "EULEROS_SA-2023-1037.NASL", "EULEROS_SA-2023-1147.NASL", "EULEROS_SA-2023-1168.NASL", "EULEROS_SA-2023-1193.NASL", "EULEROS_SA-2023-1223.NASL", "EULEROS_SA-2023-1507.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0005_KERNEL.NASL", "ORACLELINUX_ELSA-2022-10065.NASL", "ORACLELINUX_ELSA-2022-1988.NASL", "ORACLELINUX_ELSA-2022-5249.NASL", "ORACLELINUX_ELSA-2022-5819.NASL", "ORACLELINUX_ELSA-2022-7110.NASL", "ORACLELINUX_ELSA-2022-7337.NASL", "ORACLELINUX_ELSA-2022-7683.NASL", "ORACLELINUX_ELSA-2022-8267.NASL", "ORACLELINUX_ELSA-2022-9260.NASL", "ORACLELINUX_ELSA-2022-9273.NASL", "ORACLELINUX_ELSA-2022-9274.NASL", "ORACLELINUX_ELSA-2022-9313.NASL", "ORACLELINUX_ELSA-2022-9314.NASL", "ORACLELINUX_ELSA-2022-9348.NASL", "ORACLELINUX_ELSA-2022-9689.NASL", "ORACLELINUX_ELSA-2022-9690.NASL", "ORACLELINUX_ELSA-2022-9691.NASL", "ORACLELINUX_ELSA-2022-9692.NASL", "ORACLELINUX_ELSA-2022-9693.NASL", "ORACLELINUX_ELSA-2022-9694.NASL", "ORACLELINUX_ELSA-2022-9699.NASL", "ORACLELINUX_ELSA-2022-9709.NASL", "ORACLELINUX_ELSA-2022-9710.NASL", "ORACLELINUX_ELSA-2022-9726.NASL", "ORACLELINUX_ELSA-2022-9727.NASL", "ORACLELINUX_ELSA-2022-9728.NASL", "ORACLELINUX_ELSA-2022-9729.NASL", "ORACLELINUX_ELSA-2022-9730.NASL", "ORACLELINUX_ELSA-2022-9731.NASL", "ORACLELINUX_ELSA-2022-9761.NASL", "ORACLELINUX_ELSA-2022-9787.NASL", "ORACLELINUX_ELSA-2022-9788.NASL", "ORACLELINUX_ELSA-2022-9827.NASL", "ORACLELINUX_ELSA-2022-9828.NASL", "ORACLELINUX_ELSA-2022-9829.NASL", "ORACLELINUX_ELSA-2022-9830.NASL", "ORACLELINUX_ELSA-2022-9852.NASL", "ORACLELINUX_ELSA-2022-9870.NASL", "ORACLELINUX_ELSA-2022-9871.NASL", "ORACLELINUX_ELSA-2022-9926.NASL", "ORACLELINUX_ELSA-2022-9927.NASL", "ORACLELINUX_ELSA-2022-9930.NASL", "ORACLELINUX_ELSA-2022-9931.NASL", "ORACLELINUX_ELSA-2022-9998.NASL", "ORACLELINUX_ELSA-2022-9999.NASL", "ORACLEVM_OVMSA-2022-0011.NASL", "ORACLEVM_OVMSA-2022-0014.NASL", "ORACLEVM_OVMSA-2022-0022.NASL", "ORACLEVM_OVMSA-2022-0024.NASL", "ORACLEVM_OVMSA-2022-0026.NASL", "ORACLEVM_OVMSA-2022-0031.NASL", "ORACLEVM_OVMSA-2023-0001.NASL", "REDHAT-RHSA-2022-1975.NASL", "REDHAT-RHSA-2022-1988.NASL", "REDHAT-RHSA-2022-5214.NASL", "REDHAT-RHSA-2022-5220.NASL", "REDHAT-RHSA-2022-5224.NASL", "REDHAT-RHSA-2022-5249.NASL", "REDHAT-RHSA-2022-5267.NASL", "REDHAT-RHSA-2022-5626.NASL", "REDHAT-RHSA-2022-5633.NASL", "REDHAT-RHSA-2022-5636.NASL", "REDHAT-RHSA-2022-5819.NASL", "REDHAT-RHSA-2022-5834.NASL", "REDHAT-RHSA-2022-6551.NASL", "REDHAT-RHSA-2022-6872.NASL", "REDHAT-RHSA-2022-6875.NASL", "REDHAT-RHSA-2022-6978.NASL", "REDHAT-RHSA-2022-6983.NASL", "REDHAT-RHSA-2022-6991.NASL", "REDHAT-RHSA-2022-7110.NASL", "REDHAT-RHSA-2022-7134.NASL", "REDHAT-RHSA-2022-7137.NASL", "REDHAT-RHSA-2022-7146.NASL", "REDHAT-RHSA-2022-7171.NASL", "REDHAT-RHSA-2022-7173.NASL", "REDHAT-RHSA-2022-7279.NASL", "REDHAT-RHSA-2022-7280.NASL", "REDHAT-RHSA-2022-7337.NASL", "REDHAT-RHSA-2022-7338.NASL", "REDHAT-RHSA-2022-7344.NASL", "REDHAT-RHSA-2022-7444.NASL", "REDHAT-RHSA-2022-7683.NASL", "REDHAT-RHSA-2022-7885.NASL", "REDHAT-RHSA-2022-7933.NASL", "REDHAT-RHSA-2022-8267.NASL", "REDHAT-RHSA-2022-8765.NASL", "REDHAT-RHSA-2022-8767.NASL", "REDHAT-RHSA-2022-8768.NASL", "REDHAT-RHSA-2022-8809.NASL", "REDHAT-RHSA-2022-8831.NASL", "REDHAT-RHSA-2022-8940.NASL", "REDHAT-RHSA-2022-8941.NASL", "REDHAT-RHSA-2022-8973.NASL", "REDHAT-RHSA-2022-8974.NASL", "REDHAT-RHSA-2022-8989.NASL", "REDHAT-RHSA-2022-9082.NASL", "REDHAT-RHSA-2023-0058.NASL", "REDHAT-RHSA-2023-0059.NASL", "REDHAT-RHSA-2023-0440.NASL", "ROCKY_LINUX_RLSA-2022-7110.NASL", "ROCKY_LINUX_RLSA-2022-7134.NASL", "SLACKWARE_SSA_2022-031-01.NASL", "SLACKWARE_SSA_2022-237-02.NASL", "SLACKWARE_SSA_2022-333-01.NASL", "SL_20221103_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2022-2172-1.NASL", "SUSE_SU-2022-2377-1.NASL", "SUSE_SU-2022-2382-1.NASL", "SUSE_SU-2022-2422-1.NASL", "SUSE_SU-2022-2424-1.NASL", "SUSE_SU-2022-2520-1.NASL", "SUSE_SU-2022-2549-1.NASL", "SUSE_SU-2022-2615-1.NASL", "SUSE_SU-2022-2629-1.NASL", "SUSE_SU-2022-2722-1.NASL", "SUSE_SU-2022-2741-1.NASL", "SUSE_SU-2022-2803-1.NASL", "SUSE_SU-2022-2875-1.NASL", "SUSE_SU-2022-2892-1.NASL", "SUSE_SU-2022-2910-1.NASL", "SUSE_SU-2022-3061-1.NASL", "SUSE_SU-2022-3064-1.NASL", "SUSE_SU-2022-3072-1.NASL", "SUSE_SU-2022-3088-1.NASL", "SUSE_SU-2022-3108-1.NASL", "SUSE_SU-2022-3123-1.NASL", "SUSE_SU-2022-3263-1.NASL", "SUSE_SU-2022-3264-1.NASL", "SUSE_SU-2022-3265-1.NASL", "SUSE_SU-2022-3274-1.NASL", "SUSE_SU-2022-3282-1.NASL", "SUSE_SU-2022-3288-1.NASL", "SUSE_SU-2022-3291-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-3294-1.NASL", "SUSE_SU-2022-3342-1.NASL", "SUSE_SU-2022-3346-1.NASL", "SUSE_SU-2022-3350-1.NASL", "SUSE_SU-2022-3359-1.NASL", "SUSE_SU-2022-3360-1.NASL", "SUSE_SU-2022-3362-1.NASL", "SUSE_SU-2022-3366-1.NASL", "SUSE_SU-2022-3368-1.NASL", "SUSE_SU-2022-3369-1.NASL", "SUSE_SU-2022-3370-1.NASL", "SUSE_SU-2022-3372-1.NASL", "SUSE_SU-2022-3373-1.NASL", "SUSE_SU-2022-3377-1.NASL", "SUSE_SU-2022-3379-1.NASL", "SUSE_SU-2022-3406-1.NASL", "SUSE_SU-2022-3407-1.NASL", "SUSE_SU-2022-3412-1.NASL", "SUSE_SU-2022-3415-1.NASL", "SUSE_SU-2022-3422-1.NASL", "SUSE_SU-2022-3424-1.NASL", "SUSE_SU-2022-3432-1.NASL", "SUSE_SU-2022-3433-1.NASL", "SUSE_SU-2022-3445-1.NASL", "SUSE_SU-2022-3450-1.NASL", "SUSE_SU-2022-3463-1.NASL", "SUSE_SU-2022-3464-1.NASL", "SUSE_SU-2022-3465-1.NASL", "SUSE_SU-2022-3476-1.NASL", "SUSE_SU-2022-3584-1.NASL", "SUSE_SU-2022-3586-1.NASL", "SUSE_SU-2022-3587-1.NASL", "SUSE_SU-2022-3609-1.NASL", "SUSE_SU-2022-3809-1.NASL", "SUSE_SU-2022-4024-1.NASL", "SUSE_SU-2022-4027-1.NASL", "SUSE_SU-2022-4030-1.NASL", "SUSE_SU-2022-4033-1.NASL", "SUSE_SU-2022-4034-1.NASL", "SUSE_SU-2022-4035-1.NASL", "SUSE_SU-2022-4039-1.NASL", "SUSE_SU-2022-4100-1.NASL", "SUSE_SU-2022-4112-1.NASL", "SUSE_SU-2022-4113-1.NASL", "SUSE_SU-2022-4129-1.NASL", "SUSE_SU-2022-4561-1.NASL", "SUSE_SU-2022-4611-1.NASL", "SUSE_SU-2022-4617-1.NASL", "SUSE_SU-2023-0634-1.NASL", "UBUNTU_USN-5442-1.NASL", "UBUNTU_USN-5442-2.NASL", "UBUNTU_USN-5443-1.NASL", "UBUNTU_USN-5443-2.NASL", "UBUNTU_USN-5444-1.NASL", "UBUNTU_USN-5471-1.NASL", "UBUNTU_USN-5557-1.NASL", "UBUNTU_USN-5560-1.NASL", "UBUNTU_USN-5560-2.NASL", "UBUNTU_USN-5562-1.NASL", "UBUNTU_USN-5564-1.NASL", "UBUNTU_USN-5565-1.NASL", "UBUNTU_USN-5566-1.NASL", "UBUNTU_USN-5567-1.NASL", "UBUNTU_USN-5580-1.NASL", "UBUNTU_USN-5582-1.NASL", "UBUNTU_USN-5594-1.NASL", "UBUNTU_USN-5599-1.NASL", "UBUNTU_USN-5602-1.NASL", "UBUNTU_USN-5616-1.NASL", "UBUNTU_USN-5622-1.NASL", "UBUNTU_USN-5623-1.NASL", "UBUNTU_USN-5630-1.NASL", "UBUNTU_USN-5639-1.NASL", "UBUNTU_USN-5647-1.NASL", "UBUNTU_USN-5650-1.NASL", "UBUNTU_USN-5654-1.NASL", "UBUNTU_USN-5660-1.NASL", "UBUNTU_USN-5667-1.NASL", "UBUNTU_USN-5668-1.NASL", "UBUNTU_USN-5669-1.NASL", "UBUNTU_USN-5669-2.NASL", "UBUNTU_USN-5677-1.NASL", "UBUNTU_USN-5678-1.NASL", "UBUNTU_USN-5679-1.NASL", "UBUNTU_USN-5682-1.NASL", "UBUNTU_USN-5683-1.NASL", "UBUNTU_USN-5684-1.NASL", "UBUNTU_USN-5687-1.NASL", "UBUNTU_USN-5693-1.NASL", "UBUNTU_USN-5695-1.NASL", "UBUNTU_USN-5703-1.NASL", "UBUNTU_USN-5706-1.NASL", "UBUNTU_USN-5727-1.NASL", "UBUNTU_USN-5727-2.NASL", "UBUNTU_USN-5728-1.NASL", "UBUNTU_USN-5728-2.NASL", "UBUNTU_USN-5728-3.NASL", "UBUNTU_USN-5729-1.NASL", "UBUNTU_USN-5729-2.NASL", "UBUNTU_USN-5774-1.NASL", "UBUNTU_USN-5790-1.NASL", "UBUNTU_USN-5791-1.NASL", "UBUNTU_USN-5791-2.NASL", "UBUNTU_USN-5791-3.NASL", "UBUNTU_USN-5792-1.NASL", "UBUNTU_USN-5792-2.NASL", "UBUNTU_USN-5793-1.NASL", "UBUNTU_USN-5793-2.NASL", "UBUNTU_USN-5793-3.NASL", "UBUNTU_USN-5793-4.NASL", "UBUNTU_USN-5815-1.NASL", "UBUNTU_USN-5854-1.NASL", "UBUNTU_USN-5861-1.NASL", "UBUNTU_USN-5862-1.NASL", "UBUNTU_USN-5865-1.NASL", "UBUNTU_USN-5877-1.NASL", "UBUNTU_USN-5883-1.NASL", "UBUNTU_USN-5913-1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2023", "ORACLE:CPUJUL2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-10065", "ELSA-2022-10108", "ELSA-2022-1988", "ELSA-2022-5249", "ELSA-2022-5819", "ELSA-2022-7110", "ELSA-2022-7337", "ELSA-2022-7683", "ELSA-2022-8267", "ELSA-2022-9260", "ELSA-2022-9273", "ELSA-2022-9274", "ELSA-2022-9313", "ELSA-2022-9314", "ELSA-2022-9348", "ELSA-2022-9689", "ELSA-2022-9690", "ELSA-2022-9691", "ELSA-2022-9692", "ELSA-2022-9693", "ELSA-2022-9694", "ELSA-2022-9699", "ELSA-2022-9709", "ELSA-2022-9710", "ELSA-2022-9726", "ELSA-2022-9727", "ELSA-2022-9728", "ELSA-2022-9729", "ELSA-2022-9730", "ELSA-2022-9731", "ELSA-2022-9761", "ELSA-2022-9787", "ELSA-2022-9788", "ELSA-2022-9827", "ELSA-2022-9828", "ELSA-2022-9829", "ELSA-2022-9830", "ELSA-2022-9852", "ELSA-2022-9870", "ELSA-2022-9871", "ELSA-2022-9926", "ELSA-2022-9927", "ELSA-2022-9930", "ELSA-2022-9931", "ELSA-2022-9998", "ELSA-2022-9999"]}, {"type": "osv", "idList": ["OSV:DLA-2941-1", "OSV:DLA-3065-1", "OSV:DLA-3102-1", "OSV:DLA-3131-1", "OSV:DLA-3173-1", "OSV:DLA-3245-1", "OSV:DSA-5096-1", "OSV:DSA-5161-1", "OSV:DSA-5173-1", "OSV:DSA-5207-1", "OSV:DSA-5257-1", "OSV:DSA-5257-2", "OSV:GHSA-34VW-M4RH-R36P"]}, {"type": "photon", "idList": ["PHSA-2021-3.0-0325", "PHSA-2022-0201", "PHSA-2022-0226", "PHSA-2022-0238", "PHSA-2022-0248", "PHSA-2022-0393", "PHSA-2022-0399", "PHSA-2022-0506", "PHSA-2022-0517", "PHSA-2022-3.0-0393", "PHSA-2022-3.0-0399", "PHSA-2022-3.0-0433", "PHSA-2022-3.0-0446", "PHSA-2022-3.0-0461", "PHSA-2022-3.0-0477", "PHSA-2022-3.0-0485", "PHSA-2022-4.0-0201", "PHSA-2022-4.0-0226", "PHSA-2022-4.0-0238", "PHSA-2022-4.0-0248", "PHSA-2022-4.0-0275"]}, {"type": "redhat", "idList": ["RHSA-2022:1975", "RHSA-2022:1988", "RHSA-2022:4814", "RHSA-2022:4956", "RHSA-2022:5069", "RHSA-2022:5201", "RHSA-2022:5214", "RHSA-2022:5220", "RHSA-2022:5224", "RHSA-2022:5249", "RHSA-2022:5267", "RHSA-2022:5392", "RHSA-2022:5483", "RHSA-2022:5626", "RHSA-2022:5633", "RHSA-2022:5636", "RHSA-2022:5730", "RHSA-2022:5819", "RHSA-2022:5834", "RHSA-2022:5879", "RHSA-2022:6051", "RHSA-2022:6053", "RHSA-2022:6103", "RHSA-2022:6271", "RHSA-2022:6370", "RHSA-2022:6507", "RHSA-2022:6551", "RHSA-2022:6872", "RHSA-2022:6875", "RHSA-2022:6882", "RHSA-2022:6978", "RHSA-2022:6983", "RHSA-2022:6991", "RHSA-2022:7110", "RHSA-2022:7134", "RHSA-2022:7137", "RHSA-2022:7146", "RHSA-2022:7171", "RHSA-2022:7173", "RHSA-2022:7201", "RHSA-2022:7211", "RHSA-2022:7216", "RHSA-2022:7276", "RHSA-2022:7279", "RHSA-2022:7280", "RHSA-2022:7313", "RHSA-2022:7337", "RHSA-2022:7338", "RHSA-2022:7344", "RHSA-2022:7434", "RHSA-2022:7444", "RHSA-2022:7683", "RHSA-2022:7874", "RHSA-2022:7885", "RHSA-2022:7933", "RHSA-2022:8267", "RHSA-2022:8609", "RHSA-2022:8765", "RHSA-2022:8767", "RHSA-2022:8768", "RHSA-2022:8781", "RHSA-2022:8809", "RHSA-2022:8831", "RHSA-2022:8889", "RHSA-2022:8893", "RHSA-2022:8940", "RHSA-2022:8941", "RHSA-2022:8973", "RHSA-2022:8974", "RHSA-2022:8989", "RHSA-2022:9040", "RHSA-2022:9082", "RHSA-2022:9111", "RHSA-2023:0058", "RHSA-2023:0059", "RHSA-2023:0440"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-36516", "RH:CVE-2021-4203", "RH:CVE-2022-1012", "RH:CVE-2022-20368", "RH:CVE-2022-20369", "RH:CVE-2022-2588", "RH:CVE-2022-26373", "RH:CVE-2022-2639", "RH:CVE-2022-2663", "RH:CVE-2022-29581", "RH:CVE-2022-2977", "RH:CVE-2022-3028", "RH:CVE-2022-32296", "RH:CVE-2022-36879", "RH:CVE-2022-39188"]}, {"type": "redos", "idList": ["ROS-20221220-01"]}, {"type": "rocky", "idList": ["RLSA-2022:1975", "RLSA-2022:1988", "RLSA-2022:5819", "RLSA-2022:5834", "RLSA-2022:7110", "RLSA-2022:7134", "RLSA-2022:7444", "RLSA-2022:7683"]}, {"type": "slackware", "idList": ["SSA-2022-031-01", "SSA-2022-237-02", "SSA-2022-333-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:2422-1", "OPENSUSE-SU-2022:2549-1", "SUSE-SU-2022:2172-1", "SUSE-SU-2022:2422-1", "SUSE-SU-2022:2424-2", "SUSE-SU-2022:2520-1", "SUSE-SU-2022:2549-1", "SUSE-SU-2022:2615-1", "SUSE-SU-2022:2722-1", "SUSE-SU-2022:2741-1", "SUSE-SU-2022:2803-1", "SUSE-SU-2022:2875-1", "SUSE-SU-2022:2875-2", "SUSE-SU-2022:2892-2", "SUSE-SU-2022:3264-1", "SUSE-SU-2022:3288-1", "SUSE-SU-2022:3293-1", "SUSE-SU-2022:3408-1", "SUSE-SU-2022:3609-1", "SUSE-SU-2022:3809-1"]}, {"type": "thn", "idList": ["THN:7653AAD966BDC7D71A9D1981CA662AC3"]}, {"type": "ubuntu", "idList": ["LSN-0086-1", "LSN-0089-1", "USN-5442-1", "USN-5442-2", "USN-5443-1", "USN-5443-2", "USN-5444-1", "USN-5471-1", "USN-5557-1", "USN-5560-1", "USN-5560-2", "USN-5562-1", "USN-5564-1", "USN-5565-1", "USN-5566-1", "USN-5567-1", "USN-5580-1", "USN-5582-1", "USN-5588-1", "USN-5594-1", "USN-5599-1", "USN-5602-1", "USN-5616-1", "USN-5622-1", "USN-5623-1", "USN-5630-1", "USN-5639-1", "USN-5647-1", "USN-5650-1", "USN-5654-1", "USN-5660-1", "USN-5667-1", "USN-5668-1", "USN-5669-1", "USN-5669-2", "USN-5677-1", "USN-5678-1", "USN-5679-1", "USN-5682-1", "USN-5683-1", "USN-5684-1", "USN-5687-1", "USN-5693-1", "USN-5695-1", "USN-5703-1", "USN-5706-1", "USN-5727-1", "USN-5727-2", "USN-5728-1", "USN-5728-2", "USN-5728-3", "USN-5729-1", "USN-5729-2", "USN-5774-1", "USN-5790-1", "USN-5791-1", "USN-5791-2", "USN-5791-3", "USN-5792-1", "USN-5792-2", "USN-5793-1", "USN-5793-2", "USN-5793-3", "USN-5793-4", "USN-5815-1", "USN-5854-1", "USN-5861-1", "USN-5862-1", "USN-5865-1", "USN-5877-1", "USN-5883-1", "USN-5913-1", "USN-5924-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-36516", "UB:CVE-2021-4203", "UB:CVE-2022-1012", "UB:CVE-2022-20158", "UB:CVE-2022-20368", "UB:CVE-2022-20369", "UB:CVE-2022-21385", "UB:CVE-2022-2588", "UB:CVE-2022-26373", "UB:CVE-2022-2639", "UB:CVE-2022-2663", "UB:CVE-2022-29581", "UB:CVE-2022-2977", "UB:CVE-2022-3028", "UB:CVE-2022-32296", "UB:CVE-2022-36879", "UB:CVE-2022-39188"]}, {"type": "veracode", "idList": ["VERACODE:33902", "VERACODE:36423", "VERACODE:37434", "VERACODE:37529", "VERACODE:38431", "VERACODE:38646", "VERACODE:38894", "VERACODE:39036", "VERACODE:39127", "VERACODE:39547"]}, {"type": "virtuozzo", "idList": ["VZA-2023-004"]}, {"type": "vmware", "idList": ["VMSA-2022-0020", "VMSA-2022-0020.1", "VMSA-2022-0020.2"]}, {"type": "zdi", "idList": ["ZDI-22-1117"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "epss": [{"cve": "CVE-2020-36516", "epss": "0.000470000", "percentile": "0.142870000", "modified": "2023-03-19"}, {"cve": "CVE-2021-4203", "epss": "0.000780000", "percentile": "0.315020000", "modified": "2023-03-19"}, {"cve": "CVE-2022-1012", "epss": "0.000530000", "percentile": "0.190510000", "modified": "2023-03-19"}, {"cve": "CVE-2022-20368", "epss": "0.000430000", "percentile": "0.069270000", "modified": "2023-03-19"}, {"cve": "CVE-2022-20369", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-21385", "epss": "0.000450000", "percentile": "0.118440000", "modified": "2023-03-19"}, {"cve": "CVE-2022-26373", "epss": "0.000450000", "percentile": "0.118840000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2639", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2663", "epss": "0.000600000", "percentile": "0.233870000", "modified": "2023-03-19"}, {"cve": "CVE-2022-29581", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-2977", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-3028", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-36879", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}, {"cve": "CVE-2022-39188", "epss": "0.000420000", "percentile": "0.056360000", "modified": "2023-03-19"}], "vulnersScore": 0.3}, "_state": {"dependencies": 1678476413, "score": 1678476788, "epss": 1679305349}, "_internal": {"score_hash": "e91218366f86fe5aad79efaa2d1216f8"}, "pluginID": "165501", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3408-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165501);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2020-36516\",\n \"CVE-2021-4203\",\n \"CVE-2022-1012\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2663\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-29581\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3408-1\");\n\n script_name(english:\"SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3408-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:3408-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the\n small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of\n service problem. (CVE-2022-1012)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to\n cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14\n and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199482\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202335\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012386.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3cfce971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29581\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150100_197_123-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SUSE15\\.3|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-default-base-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-default-devel-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-devel-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-macros-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-obs-build-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-source-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-syms-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'reiserfs-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1']},\n {'reference':'kernel-default-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-default-base-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-default-devel-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-obs-build-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-syms-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'kernel-default-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-default-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-default-base-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-default-base-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-default-devel-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-default-devel-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-devel-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'kernel-macros-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'kernel-obs-build-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-obs-build-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-source-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'kernel-syms-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-syms-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'kernel-debug-base-4.12.14-150100.197.123.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-man-4.12.14-150100.197.123.1', 'cpu':'s390x', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-kvmsmall-base-4.12.14-150100.197.123.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-vanilla-4.12.14-150100.197.123.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-vanilla-base-4.12.14-150100.197.123.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-vanilla-devel-4.12.14-150100.197.123.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-vanilla-livepatch-devel-4.12.14-150100.197.123.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-zfcpdump-man-4.12.14-150100.197.123.1', 'cpu':'s390x', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-debug-base-4.12.14-150100.197.123.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-default-man-4.12.14-150100.197.123.1', 'cpu':'s390x', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-kvmsmall-base-4.12.14-150100.197.123.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-vanilla-4.12.14-150100.197.123.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-vanilla-base-4.12.14-150100.197.123.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-vanilla-devel-4.12.14-150100.197.123.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-vanilla-livepatch-devel-4.12.14-150100.197.123.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'kernel-zfcpdump-man-4.12.14-150100.197.123.1', 'cpu':'s390x', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'cluster-md-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},\n {'reference':'dlm-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},\n {'reference':'gfs2-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},\n {'reference':'ocfs2-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},\n {'reference':'kernel-default-livepatch-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.1']},\n {'reference':'kernel-default-livepatch-devel-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.1']},\n {'reference':'kernel-livepatch-4_12_14-150100_197_123-default-1-150100.3.3.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.1']},\n {'reference':'kernel-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'kernel-default-base-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'kernel-default-devel-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'kernel-default-man-4.12.14-150100.197.123.1', 'sp':'1', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'kernel-obs-build-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'kernel-syms-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'reiserfs-kmp-default-4.12.14-150100.197.123.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-default", "p-cpe:/a:novell:suse_linux:dlm-kmp-default", "p-cpe:/a:novell:suse_linux:gfs2-kmp-default", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-devel", "p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150100_197_123-default", "p-cpe:/a:novell:suse_linux:kernel-macros", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "cpe:/o:novell:suse_linux:15"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2022-29581", "vendor_cvss2": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2022-09-26T00:00:00", "vulnerabilityPublicationDate": "2022-02-26T00:00:00", "exploitableWith": ["Core Impact"]}

{"suse": [{"lastseen": "2022-11-10T08:09:23", "description": "An update that solves 15 vulnerabilities and has 12 fixes\n is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive\n various security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where\n an attacker was able to inject data into or terminate a victim's TCP\n session (bnc#1196616).\n - CVE-2021-4203: Fixed use-after-free read flaw that was found in\n sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (bnc#1194535).\n - CVE-2022-1012: Fixed a memory leak problem that was found in the TCP\n source port generation algorithm in net/ipv4/tcp.c (bnc#1199482).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed\n unprivileged local users to crash the machine (bnc#1202897).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-26373: Fixed non-transparent sharing of return predictor\n targets between contexts in some Intel Processors (bnc#1201726).\n - CVE-2022-2639: Fixed an integer coercion error that was found in the\n openvswitch kernel module (bnc#1202154).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-29581: Fixed improper update of reference count vulnerability\n in net/sched that allowed a local attacker to cause privilege escalation\n to root (bnc#1199665).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n\n The following non-security bugs were fixed:\n\n - rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - cifs: fix error paths in cifs_tree_connect() (bsc#1177440).\n - cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share\n (bsc#1188944).\n - cifs: report error instead of invalid when revalidating a dentry fails\n (bsc#1177440).\n - cifs: skip trailing separators of prefix paths (bsc#1188944).\n - kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420\n ZDI-CAN-17325).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - mm/rmap.c: do not reuse anon_vma if we just want a copy (git-fixes,\n bsc#1203098).\n - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes, bsc#1203098).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - objtool: Add --backtrace support (bsc#1202396).\n - objtool: Add support for intra-function calls (bsc#1202396).\n - objtool: Allow no-op CFI ops in alternatives (bsc#1202396).\n - objtool: Convert insn type to enum (bsc#1202396).\n - objtool: Do not use ignore flag for fake jumps (bsc#1202396).\n - objtool: Fix !CFI insn_state propagation (bsc#1202396).\n - objtool: Fix ORC vs alternatives (bsc#1202396).\n - objtool: Fix sibling call detection (bsc#1202396).\n - objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n - objtool: Remove INSN_STACK (bsc#1202396).\n - objtool: Remove check preventing branches within alternative\n (bsc#1202396).\n - objtool: Rename elf_open() to prevent conflict with libelf from\n elftoolchain (bsc#1202396).\n - objtool: Rename struct cfi_state (bsc#1202396).\n - objtool: Rework allocating stack_ops on decode (bsc#1202396).\n - objtool: Rewrite alt->skip_orig (bsc#1202396).\n - objtool: Set insn->func for alternatives (bsc#1202396).\n - objtool: Support conditional retpolines (bsc#1202396).\n - objtool: Support multiple stack_op per instruction (bsc#1202396).\n - objtool: Track original function across branches (bsc#1202396).\n - objtool: Uniquely identify alternative instruction groups (bsc#1202396).\n - objtool: Use Elf_Scn typedef instead of assuming struct name\n (bsc#1202396).\n - tcp: add some entropy in __inet_hash_connect() (bsc#1180153 bsc#1202335).\n - tcp: change source port randomizarion at connect() time (bsc#1180153\n bsc#1202335).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-3408=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-3408=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP1:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3408=1\n\n - SUSE Linux Enterprise Server 15-SP1-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3408=1\n\n - SUSE Linux Enterprise Server 15-SP1-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3408=1\n\n - SUSE Linux Enterprise Module for Live Patching 15-SP1:\n\n zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-3408=1\n\n Please note that this is the initial kernel livepatch without fixes\n itself, this livepatch package is later updated by seperate standalone\n livepatch updates.\n\n - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3408=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3408=1\n\n - SUSE Linux Enterprise High Availability 15-SP1:\n\n zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-3408=1\n\n - SUSE Enterprise Storage 6:\n\n zypper in -t patch SUSE-Storage-6-2022-3408=1\n\n - SUSE CaaS Platform 4.0:\n\n To install this update, use the SUSE CaaS Platform 'skuba' tool. It\n will inform you if it detects new updates and let you then trigger\n updating of the complete cluster in a controlled way.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-27T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-1012", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2022-09-27T00:00:00", "id": "SUSE-SU-2022:3408-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3DXWZUKFQ3QUANZE2T6LHY4ZSFX3LXZ5/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-14T12:06:49", "description": "An update that solves 15 vulnerabilities, contains one\n feature and has 61 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP3 kernel was updated receive various\n security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2022-39190: Fixed an issue that was discovered in\n net/netfilter/nf_tables_api.c and could cause a denial of service upon\n binding to an already bound chain (bnc#1203117).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke\n descriptors (bsc#1202564, bsc#1202860).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-26373: Fixed non-transparent sharing of return predictor\n targets between contexts in some Intel Processors (bnc#1201726).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2021-4203: Fixed use-after-free read flaw that was found in\n sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (bnc#1194535).\n - CVE-2021-4155: Fixed a data leak flaw that was found in the way\n XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).\n - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()\n printer_ioctl() when accessing a deallocated instance (bnc#1202895).\n - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in\n drivers/acpi/apei/einj.c that allowed users to simulate hardware errors\n and consequently cause a denial of service (bnc#1023051).\n\n The following non-security bugs were fixed:\n\n - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks\n (git-fixes).\n - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).\n - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).\n - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool\n (git-fixes).\n - ACPI: video: Force backlight native for some TongFang devices\n (git-fixes).\n - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).\n - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model\n (git-fixes).\n - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED\n (git-fixes).\n - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n - ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise\n (git-fixes).\n - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n - ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).\n - ALSA: hda/realtek: Fix deadlock by COEF mutex (git-fixes).\n - ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).\n - ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).\n - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine\n (git-fixes).\n - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP\n machines (git-fixes).\n - ALSA: info: Fix llseek return value when using callback (git-fixes).\n - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II\n (git-fixes).\n - ARM: 9077/1: PLT: Move struct plt_entries definition to header\n (git-fixes).\n - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link()\n (git-fixes).\n - ARM: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).\n - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without\n DYNAMIC_FTRACE (git-fixes).\n - ASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n (git-fixes).\n - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).\n - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV\n (git-fixes).\n - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n (git-fixes).\n - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n - ASoC: tas2770: Allow mono streams (git-fixes).\n - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n - Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n (git-fixes).\n - HID: wacom: Do not register pad_input for touch switch (git-fixes).\n - HID: wacom: Only report rotation for art pen (git-fixes).\n - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n (git-fixes).\n - Input: rk805-pwrkey - fix module autoloading (git-fixes).\n - KABI: cgroup: Restore KABI of css_set (bsc#1201610).\n - KVM: PPC: Book3S HV: Context tracking exit guest context before enabling\n irqs (bsc#1065729).\n - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB\n (bsc#1156395).\n - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()\n (bsc#1156395).\n - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant\n (bsc#1156395).\n - KVM: VMX: Refuse to load kvm_intel if EPT and NX are disabled\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case\n (git-fixes).\n - KVM: x86: accept userspace interrupt only if no event is injected\n (git-fixes).\n - NFS: fix nfs_path in case of a rename retry (git-fixes).\n - NFSD: Add missing NFSv2 .pc_func methods (git-fixes).\n - NFSD: Clamp WRITE offsets (git-fixes).\n - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n - NFSD: prevent integer overflow on 32 bit systems (git-fixes).\n - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag\n (git-fixes).\n - NFSv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).\n - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error\n (git-fixes).\n - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).\n - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n - PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n - PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n - PCI: hv: Make the code arch neutral by adding arch specific interfaces\n (bsc#1200845).\n - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()\n (bsc#1200845).\n - PCI: qcom: Fix pipe clock imbalance (git-fixes).\n - SUNRPC reverting d03727b248d0 (\"NFSv4 fix CLOSE not waiting for direct\n IO compeletion\") (git-fixes).\n - SUNRPC: Clean up scheduling of autoclose (git-fixes).\n - SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).\n - SUNRPC: Fix READ_PLUS crasher (git-fixes).\n - SUNRPC: Prevent immediate close+reconnect (git-fixes).\n - VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).\n - VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Fix some error handling paths in vmci_guest_probe_device()\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Release notification_bitmap in error path (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: allocate send and receive buffers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: detect DMA datagram capability (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: whitespace formatting change for vmci register defines\n (bsc#1199291, jsc#SLE-24635).\n - arm64: signal: nofpsimd: Do not allocate fp/simd context when not\n available (git-fixes).\n - asm-generic: sections: refactor memory_intersects (git-fixes).\n - ata: libata-eh: Add missing command name (git-fixes).\n - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n - blk-iocost: clamp inuse and skip noops in __propagate_weights()\n (bsc#1202722).\n - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).\n - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).\n - blk-iocost: rename propagate_active_weights() to propagate_weights()\n (bsc#1202722).\n - blktrace: fix blk_rq_merge documentation (git-fixes).\n - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n - can: m_can: process interrupt only when not runtime suspended\n (git-fixes).\n - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).\n - ceph: do not truncate file in atomic_open (bsc#1202811).\n - cgroup: Trace event cgroup id fields should be u64 (git-fixes).\n - cgroup: Use separate src/dst nodes when preloading css_sets for\n migration (bsc#1201610).\n - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).\n - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).\n - devlink: Fix use-after-free after a failed reload (git-fixes).\n - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed\n (git-fixes).\n - dpaa2-eth: unregister the netdev before disconnecting from the PHY\n (git-fixes).\n - driver core: Do not probe devices after bus_type.match() probe deferral\n (git-fixes).\n - drm/amdgpu: Check BO's requested pinning domains against its\n preferred_domains (git-fixes).\n - drm/amdgpu: remove useless condition in\n amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()\n error (git-fixes).\n - drm/i915/reg: Fix spelling mistake \"Unsupport\" -> \"Unsupported\"\n (git-fixes).\n - drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n (git-fixes).\n - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n - drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n - drm/sun4i: dsi: Prevent underflow when computing packet sizes\n (git-fixes).\n - ehea: fix error return code in ehea_restart_qps() (git-fixes).\n - enetc: Fix endianness issues for enetc_qos (git-fixes).\n - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()\n (git-fixes).\n - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n - ext4: add reserved GDT blocks check (bsc#1202712).\n - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).\n - ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n - ext4: fix bug_on in ext4_writepages (bsc#1200872).\n - ext4: fix error handling code in add_new_gdb (bsc#1179722).\n - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n - ext4: fix invalid inode checksum (bsc#1179723).\n - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).\n - ext4: fix overhead calculation to account for the reserved gdt blocks\n (bsc#1200869).\n - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).\n - ext4: fix race when reusing xattr blocks (bsc#1198971).\n - ext4: fix symlink file size not match to file content (bsc#1200868).\n - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n - ext4: force overhead calculation if the s_overhead_cluster makes no\n sense (bsc#1200870).\n - ext4: recover csum seed of tmp_inode after migrating to extents\n (bsc#1202713).\n - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n - firmware: tegra: bpmp: Do only aligned access to IPC memory area\n (git-fixes).\n - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped\n pages (bsc#1200873).\n - fuse: Remove the control interface for virtio-fs (bsc#1203137).\n - fuse: ioctl: translate ENOSYS (bsc#1203136).\n - fuse: limit nsec (bsc#1203135).\n - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n - geneve: fix TOS inheriting for ipv4 (git-fixes).\n - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info\n (bsc#1202701).\n - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n - ice: report supported and advertised autoneg using PHY capabilities\n (git-fixes).\n - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n - iio: adc: mcp3911: make use of the sign bit (git-fixes).\n - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n - intel_th: pci: Add Meteor Lake-P support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement\n (git-fixes).\n - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop\n (git-fixes).\n - iommu/exynos: Handle failed IOMMU device registration properly\n (git-fixes).\n - iommu/iova: Improve 32-bit free space estimate (git-fixes).\n - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n - iommu/omap: Fix regression in probe for NULL pointer dereference\n (git-fixes).\n - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n (git-fixes).\n - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n - ipmi: ssif: initialize ssif_info->client early (git-fixes).\n - ixgbevf: add correct exception tracing for XDP (git-fixes).\n - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal\n aborted (bsc#1202716).\n - jbd2: fix outstanding credits assert in\n jbd2_journal_commit_transaction() (bsc#1202715).\n - kabi/severities: add stmmac driver local sumbols\n - kbuild: do not create built-in objects for external module builds\n (jsc#SLE-24559 bsc#1202756).\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862\n git-fixes).\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).\n - kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n - kfifo: fix kfifo_to_user() return type (git-fixes).\n - kfifo: fix ternary sign extension bugs (git-fixes).\n - lib/list_debug.c: Detect uninitialized lists (git-fixes).\n - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()\n (git-fixes).\n - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420\n ZDI-CAN-17325).\n - list: add \"list_del_init_careful()\" to go with \"list_empty_careful()\"\n (bsc#1202745).\n - locking/lockdep: Avoid potential access of invalid memory in lock_class\n (git-fixes).\n - loop: Fix missing discard support when using LOOP_CONFIGURE\n (bsc#1202718).\n - mbcache: add functions to delete entry if unused (bsc#1198971).\n - mbcache: do not reclaim used entries (bsc#1198971).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n - mfd: t7l66xb: Drop platform disable callback (git-fixes).\n - misc: fastrpc: fix memory corruption on open (git-fixes).\n - misc: fastrpc: fix memory corruption on probe (git-fixes).\n - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes, bsc#1203098).\n - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n - mmc: pxamci: Fix another error handling path in pxamci_probe()\n (git-fixes).\n - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols\n (git-fixes).\n - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release\n (git-fixes).\n - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path\n (git-fixes).\n - net/mlx5e: Check for needed capability for cvlan matching (git-fixes).\n - net/sonic: Fix a resource leak in an error handling path in\n 'jazz_sonic_probe()' (git-fixes).\n - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).\n - net: cpsw: Properly initialise struct page_pool_params (git-fixes).\n - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).\n - net: davinci_emac: Fix incorrect masking of tx and rx error channel\n (git-fixes).\n - net: dsa: b53: fix an off by one in checking \"vlan->vid\" (git-fixes).\n - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).\n - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).\n - net: enetc: Use pci_release_region() to release some resources\n (git-fixes).\n - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).\n - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).\n - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).\n - net: ethernet: ezchip: fix error handling (git-fixes).\n - net: ethernet: ezchip: remove redundant check (git-fixes).\n - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).\n - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory\n (git-fixes).\n - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).\n - net: fec_ptp: add clock rate zero check (git-fixes).\n - net: ftgmac100: Fix crash when removing driver (git-fixes).\n - net: hdlc_x25: Return meaningful error code in x25_open (git-fixes).\n - net: hns: Fix kernel-doc (git-fixes).\n - net: lantiq: fix memory corruption in RX ring (git-fixes).\n - net: lapbether: Prevent racing when checking whether the netif is\n running (git-fixes).\n - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).\n - net: mscc: ocelot: correctly report the timestamping RX filters in\n ethtool (git-fixes).\n - net: mscc: ocelot: do not downgrade timestamping RX filters in\n SIOCSHWTSTAMP (git-fixes).\n - net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes).\n - net: netcp: Fix an error message (git-fixes).\n - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).\n - net: rose: fix netdev reference changes (git-fixes).\n - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale\n pointer (git-fixes).\n - net: stmicro: handle clk_prepare() failure during init (git-fixes).\n - net: stmmac: Modify configuration method of EEE timers (git-fixes).\n - net: stmmac: Use resolved link config in mac_link_up() (git-fixes).\n - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).\n - net: stmmac: dwmac1000: Fix extended MAC address registers definition\n (git-fixes).\n - net: vmxnet3: fix possible NULL pointer dereference in\n vmxnet3_rq_cleanup() (bsc#1200431).\n - net: vmxnet3: fix possible use-after-free bugs in\n vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c\n (bsc#1200431).\n - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send\n (git-fixes).\n - net:enetc: allocate CBD ring data memory using DMA coherent methods\n (git-fixes).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - nfsd: fix use-after-free due to delegation race (git-fixes).\n - nvme: fix RCU hole that allowed for endless looping in multipath round\n robin (bsc#1202636).\n - objtool: Add support for intra-function calls (bsc#1202396).\n - objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n - objtool: Remove INSN_STACK (bsc#1202396).\n - objtool: Rework allocating stack_ops on decode (bsc#1202396).\n - objtool: Support multiple stack_op per instruction (bsc#1202396).\n - ocfs2: drop acl cache for directories too (bsc#1191667).\n - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).\n - octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes).\n - perf bench: Share some global variables to fix build with gcc 10\n (git-fixes).\n - pinctrl/rockchip: fix gpio device creation (git-fixes).\n - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n (git-fixes).\n - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for\n PMI check in power_pmu_disable (bsc#1156395).\n - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n - powerpc/powernv: Staticify functions without prototypes (bsc#1065729).\n - powerpc/powernv: delay rng platform device creation until later in boot\n (bsc#1065729).\n - powerpc/powernv: rename remaining rng powernv_ functions to pnv_\n (bsc#1065729).\n - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n - powerpc: define get_cycles macro for arch-override (bsc#1065729).\n - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n - profiling: fix shift too large makes kernel panic (git-fixes).\n - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).\n - random: fix crash on multiple early calls to add_bootloader_randomness()\n (git-fixes).\n - ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr\n (bsc#1202714).\n - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config\n (git-fixes).\n - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n - s390/crash: fix incorrect number of bytes to copy to user space\n (git-fixes).\n - s390/crash: make copy_oldmem_page() return number of bytes copied\n (git-fixes).\n - s390/mm: do not trigger write fault when vma does not allow VM_WRITE\n (git-fixes).\n - s390/mm: fix 2KB pgtable release race (git-fixes).\n - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594\n LTC#197522).\n - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE\n (bsc#1203063).\n - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for\n GFT_ID (bsc#1203063).\n - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT\n discovery (bsc#1203063).\n - scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n - selftests: futex: Use variable MAKE instead of make (git-fixes).\n - serial: 8250_dw: Store LSR into lsr_saved_flags in\n dw8250_tx_wait_empty() (git-fixes).\n - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n - serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n - serial: tegra: Change lower tolerance baud rate limit for tegra20 and\n tegra30 (git-fixes).\n - silence nfscache allocation warnings with kvzalloc (git-fixes).\n - spi: Fix incorrect cs_setup delay handling (git-fixes).\n - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n (git-fixes).\n - staging: rtl8712: fix use after free bugs (git-fixes).\n - tee: optee: Fix incorrect page free bug (git-fixes).\n - thermal: Fix NULL pointer dereferences in of_thermal_ functions\n (git-fixes).\n - thermal: sysfs: Fix cooling_device_stats_setup() error code path\n (git-fixes).\n - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n - tools/thermal: Fix possible path truncations (git-fixes).\n - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n - tracing/histograms: Fix memory leak problem (git-fixes).\n - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n - tracing: Add ustring operation to filtering string pointers (git-fixes).\n - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n - tty: serial: lpuart: disable flow control while waiting for the transmit\n engine to complete (git-fixes).\n - tty: vt: initialize unicode screen buffer (git-fixes).\n - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n - usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).\n - usb: dwc3: ep0: Fix delay status handling (git-fixes).\n - usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).\n - usb: dwc3: gadget: Fix IN endpoint max packet size allocation\n (git-fixes).\n - usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).\n - usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).\n - usb: dwc3: gadget: Remove unnecessary checks (git-fixes).\n - usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback\n (git-fixes).\n - usb: dwc3: gadget: Store resource index of start cmd (git-fixes).\n - usb: dwc3: qcom: fix missing optional irq warnings.\n - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS\n (git-fixes).\n - usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes).\n - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of\n uvcg_info (git-fixes).\n - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n - usb: renesas: Fix refcount leak bug (git-fixes).\n - usb: typec: altmodes/displayport: correct pin assignment for UFP\n receptacles (git-fixes).\n - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n - vboxguest: Do not use devm for irq (git-fixes).\n - vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n (git-fixes).\n - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n (git-fixes).\n - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n - vmxnet3: Record queue number to incoming packets (bsc#1200431).\n - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n - vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n - vmxnet3: add support for capability registers (bsc#1200431).\n - vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n - vmxnet3: add support for out of order rx completion (bsc#1200431).\n - vmxnet3: disable overlay offloads if UPT device does not support\n (bsc#1200431).\n - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).\n - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n - vmxnet3: prepare for version 7 changes (bsc#1200431).\n - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n - vmxnet3: update to version 7 (bsc#1200431).\n - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n - vsock: Fix memory leak in vsock_connect() (git-fixes).\n - vsock: Set socket state back to SS_UNCONNECTED in\n vsock_connect_timeout() (git-fixes).\n - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in\n armada_37xx_wdt_probe() (git-fixes).\n - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()\n (git-fixes).\n - wifi: mac80211: Do not finalize CSA in IBSS mode if state is\n disconnected (git-fixes).\n - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n - x86/olpc: fix 'logical not is only applied to the left hand side'\n (git-fixes).\n - xfs: Fix assert failure in xfs_setattr_size() (git-fixes).\n - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).\n - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).\n - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n - xfs: mark a data structure sick if there are cross-referencing errors\n (git-fixes).\n - xfs: only reset incore inode health state flags when reclaiming an inode\n (git-fixes).\n - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap Micro 5.2:\n\n zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3264=1\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-3264=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-3264=1\n\n - SUSE Linux Enterprise Workstation Extension 15-SP3:\n\n zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3264=1\n\n - SUSE Linux Enterprise Module for Live Patching 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-3264=1\n\n Please note that this is the initial kernel livepatch without fixes\n itself, this livepatch package is later updated by seperate standalone\n livepatch updates.\n\n - SUSE Linux Enterprise Module for Legacy Software 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-3264=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3264=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3264=1\n\n - SUSE Linux Enterprise Micro 5.2:\n\n zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3264=1\n\n - SUSE Linux Enterprise Micro 5.1:\n\n zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3264=1\n\n - SUSE Linux Enterprise High Availability 15-SP3:\n\n zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3264=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-27784", "CVE-2021-4155", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188", "CVE-2022-39190"], "modified": "2022-09-14T00:00:00", "id": "SUSE-SU-2022:3264-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W2NSEUV5BPJ3W6FQXRSZQH3HYGWUOY6W/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:P"}}, {"lastseen": "2022-10-18T15:38:29", "description": "An update that solves 26 vulnerabilities, contains two\n features and has 89 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive\n various security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2022-39190: Fixed an issue that was discovered in\n net/netfilter/nf_tables_api.c and could cause a denial of service upon\n binding to an already bound chain (bnc#1203117).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke\n descriptors (bsc#1202564, bsc#1202860).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-2639: Fixed an integer coercion error that was found in the\n openvswitch kernel module (bnc#1202154).\n - CVE-2022-26373: Fixed non-transparent sharing of return predictor\n targets between contexts in some Intel Processors (bnc#1201726).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2021-4203: Fixed use-after-free read flaw that was found in\n sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (bnc#1194535).\n - CVE-2021-4155: Fixed a data leak flaw that was found in the way\n XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).\n - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where\n an attacker was able to inject data into or terminate a victim's TCP\n session (bnc#1196616).\n - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()\n printer_ioctl() when accessing a deallocated instance (bnc#1202895).\n - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in\n drivers/acpi/apei/einj.c that allowed users to simulate hardware errors\n and consequently cause a denial of service (bnc#1023051).\n - CVE-2022-3303: Fixed a race condition in the sound subsystem due to\n improper locking (bnc#1203769).\n - CVE-2022-41218: Fixed an use-after-free caused by refcount races in\n drivers/media/dvb-core/dmxdev.c (bnc#1202960).\n - CVE-2022-3239: Fixed an use-after-free in the video4linux driver that\n could lead a local user to able to crash the system or escalate their\n privileges (bnc#1203552).\n - CVE-2022-41848: Fixed a race condition and resultant use-after-free if a\n physically proximate attacker removes a PCMCIA device while calling\n ioctl (bnc#1203987).\n - CVE-2022-41849: Fixed a race condition and resultant use-after-free if a\n physically proximate attacker removes a USB device while calling open\n (bnc#1203992).\n - CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft\n table is deleted (bnc#1202095).\n - CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap\n lock is not held during a PUD move (bnc#1203622).\n - CVE-2022-2503: Fixed a bug in dm-verity, device-mapper table reloads\n allowed users with root privileges to switch out the target with an\n equivalent dm-linear target and bypass verification till reboot. This\n allowed root to bypass LoadPin and can be used to load untrusted and\n unverified kernel modules and firmware, which implies arbitrary kernel\n execution and persistence for peripherals that do not verify firmware\n updates (bnc#1202677).\n - CVE-2020-16119: Fixed a use-after-free vulnerability exploitable by a\n local attacker due to reuse of a DCCP socket. (bnc#1177471)\n\n The following non-security bugs were fixed:\n\n - ACPI: APEI: Better fix to avoid spamming the console with old error logs\n (git-fixes).\n - ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).\n - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks\n (git-fixes).\n - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).\n - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).\n - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool\n (git-fixes).\n - ACPI: video: Force backlight native for some TongFang devices\n (git-fixes).\n - ACPI: video: Shortening quirk list by identifying Clevo by board_name\n only (git-fixes).\n - ALSA: aloop: Fix random zeros in capture data when using jiffies timer\n (git-fixes).\n - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n - ALSA: emu10k1: Fix out of bounds access in\n snd_emu10k1_pcm_channel_alloc() (git-fixes).\n - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).\n - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model\n (git-fixes).\n - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED\n (git-fixes).\n - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n - ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).\n - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n - ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n - ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise\n (git-fixes).\n - ALSA: hda/realtek: Fix deadlock by COEF mutex (git-fixes).\n - ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).\n - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).\n - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n - ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).\n - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine\n (git-fixes).\n - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP\n machines (git-fixes).\n - ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).\n - ALSA: info: Fix llseek return value when using callback (git-fixes).\n - ALSA: seq: Fix data-race at module auto-loading (git-fixes).\n - ALSA: seq: oss: Fix data-race for max_midi_devs access (git-fixes).\n - ALSA: usb-audio: Fix an out-of-bounds bug in\n __snd_usb_parse_audio_interface() (git-fixes).\n - ALSA: usb-audio: fix spelling mistakes (git-fixes).\n - ALSA: usb-audio: Inform the delayed registration more properly\n (git-fixes).\n - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II\n (git-fixes).\n - ALSA: usb-audio: Register card again for iface over delayed_register\n option (git-fixes).\n - ALSA: usb-audio: Split endpoint setups for hw_params and prepare\n (git-fixes).\n - ARM: 9077/1: PLT: Move struct plt_entries definition to header\n (git-fixes).\n - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link()\n (git-fixes).\n - ARM: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).\n - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without\n DYNAMIC_FTRACE (git-fixes).\n - arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1\n (git-fixes)\n - arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes)\n - arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to\n (bsc#1202341)\n - arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id\n (git-fixes)\n - arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes)\n - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma\n (git-fixes)\n - arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes)\n - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes)\n - arm64: kexec_file: use more system keyrings to verify kernel image\n signature (bsc#1196444).\n - arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes)\n - arm64: mm: fix p?d_leaf() (git-fixes)\n - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds\n (git-fixes)\n - arm64: mm: Validate hotplug range before creating linear mapping\n (git-fixes)\n - arm64: signal: nofpsimd: Do not allocate fp/simd context when not\n available (git-fixes).\n - arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes)\n - arm64: tegra: Remove non existent Tegra194 reset (git-fixes)\n - arm64: tlb: fix the TTL value of tlb_get_level (git-fixes)\n - asm-generic: sections: refactor memory_intersects (git-fixes).\n - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).\n - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV\n (git-fixes).\n - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n (git-fixes).\n - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n - ASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n (git-fixes).\n - ASoC: tas2770: Allow mono streams (git-fixes).\n - ata: libata-eh: Add missing command name (git-fixes).\n - ath10k: do not enforce interrupt trigger type (git-fixes).\n - ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).\n - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n - blk-iocost: clamp inuse and skip noops in __propagate_weights()\n (bsc#1202722).\n - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).\n - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).\n - blk-iocost: rename propagate_active_weights() to propagate_weights()\n (bsc#1202722).\n - blktrace: fix blk_rq_merge documentation (git-fixes).\n - Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put\n (git-fixes).\n - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n - bpf: Compile out btf_parse_module() if module BTF is not enabled\n (git-fixes).\n - bus: hisi_lpc: fix missing platform_device_put() in\n hisi_lpc_acpi_probe() (git-fixes).\n - can: Break loopback loop on loopback documentation (git-fixes).\n - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n - can: error: specify the values of data[5..7] of CAN error frames\n (git-fixes).\n - can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).\n - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: m_can: process interrupt only when not runtime suspended\n (git-fixes).\n - can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: pch_can: pch_can_error(): initialize errc before using it\n (git-fixes).\n - can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).\n - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).\n - ceph: do not truncate file in atomic_open (bsc#1202811).\n - cgroup: cgroup_get_from_id() must check the looked-up kn is a directory\n (bsc#1203906).\n - cgroup: Trace event cgroup id fields should be u64 (git-fixes).\n - cgroup: Use separate src/dst nodes when preloading css_sets for\n migration (bsc#1201610).\n - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n - clk: qcom: camcc-sdm845: Fix topology around titan_top power domain\n (git-fixes).\n - clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).\n - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n - clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).\n - clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).\n - clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks\n (git-fixes).\n - clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).\n - clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).\n - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).\n - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).\n - crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)\n - crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes)\n - devlink: Fix use-after-free after a failed reload (git-fixes).\n - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed\n (git-fixes).\n - dpaa2-eth: unregister the netdev before disconnecting from the PHY\n (git-fixes).\n - driver core: Do not probe devices after bus_type.match() probe deferral\n (git-fixes).\n - driver core: fix potential deadlock in __driver_attach (git-fixes).\n - drm: adv7511: override i2c address of cec before accessing it\n (git-fixes).\n - drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).\n - drm: bridge: sii8620: fix possible off-by-one (git-fixes).\n - drm/amd/display: Enable building new display engine with KCOV enabled\n (git-fixes).\n - drm/amdgpu: Check BO's requested pinning domains against its\n preferred_domains (git-fixes).\n - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).\n - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).\n - drm/amdgpu: remove useless condition in\n amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n - drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).\n - drm/doc: Fix comment typo (git-fixes).\n - drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()\n failed (git-fixes).\n - drm/gem: Fix GEM handle release errors (git-fixes).\n - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()\n error (git-fixes).\n - drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).\n - drm/i915/reg: Fix spelling mistake \"Unsupport\" -> \"Unsupported\"\n (git-fixes).\n - drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).\n - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function\n (git-fixes).\n - drm/mediatek: dpi: Only enable dpi after the bridge is enabled\n (git-fixes).\n - drm/mediatek: dpi: Remove output format of YUV (git-fixes).\n - drm/meson: Correct OSD1 global alpha value (git-fixes).\n - drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).\n - drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n (git-fixes).\n - drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).\n - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n - drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n - drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform\n (git-fixes).\n - drm/msm/mdp5: Fix global state lock backoff (git-fixes).\n - drm/msm/rd: Fix FIFO-full deadlock (git-fixes).\n - drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).\n - drm/radeon: add a force flush to delay work when radeon (git-fixes).\n - drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).\n - drm/radeon: fix potential buffer overflow in\n ni_set_mc_special_registers() (git-fixes).\n - drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).\n - drm/rockchip: vop: Do not crash for invalid duplicate_state()\n (git-fixes).\n - drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).\n - drm/sun4i: dsi: Prevent underflow when computing packet sizes\n (git-fixes).\n - drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable\n iteration (git-fixes).\n - drm/vc4: dsi: Correct DSI divider calculations (git-fixes).\n - drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).\n - drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes\n (git-fixes).\n - drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).\n - drm/vc4: plane: Fix margin calculations for the right/bottom edges\n (git-fixes).\n - drm/vc4: plane: Remove subpixel positioning check (git-fixes).\n - efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).\n - ehea: fix error return code in ehea_restart_qps() (git-fixes).\n - enetc: Fix endianness issues for enetc_qos (git-fixes).\n - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()\n (git-fixes).\n - ext4: add reserved GDT blocks check (bsc#1202712).\n - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).\n - ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n - ext4: fix bug_on in ext4_writepages (bsc#1200872).\n - ext4: fix error handling code in add_new_gdb (bsc#1179722).\n - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n - ext4: fix invalid inode checksum (bsc#1179723).\n - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).\n - ext4: fix overhead calculation to account for the reserved gdt blocks\n (bsc#1200869).\n - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).\n - ext4: fix race when reusing xattr blocks (bsc#1198971).\n - ext4: fix symlink file size not match to file content (bsc#1200868).\n - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n - ext4: force overhead calculation if the s_overhead_cluster makes no\n sense (bsc#1200870).\n - ext4: recover csum seed of tmp_inode after migrating to extents\n (bsc#1202713).\n - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()\n (git-fixes).\n - fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).\n - firmware: tegra: bpmp: Do only aligned access to IPC memory area\n (git-fixes).\n - Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - fpga: altera-pr-ip: fix unsigned comparison with less than zero\n (git-fixes).\n - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped\n pages (bsc#1200873).\n - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace\n is dead (git-fixes).\n - fuse: ioctl: translate ENOSYS (bsc#1203136).\n - fuse: limit nsec (bsc#1203135).\n - fuse: Remove the control interface for virtio-fs (bsc#1203137).\n - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n - geneve: fix TOS inheriting for ipv4 (git-fixes).\n - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()\n (git-fixes).\n - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx\n (git-fixes).\n - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n - HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).\n - HID: intel-ish-hid: ishtp: Fix ishtp client sending disordered message\n (git-fixes).\n - HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).\n - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n (git-fixes).\n - HID: wacom: Do not register pad_input for touch switch (git-fixes).\n - HID: wacom: Only report rotation for art pen (git-fixes).\n - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info\n (bsc#1202701).\n - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n - i2c: cadence: Support PEC for SMBus block read (git-fixes).\n - i2c: Fix a potential use after free (git-fixes).\n - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n - i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).\n - ice: report supported and advertised autoneg using PHY capabilities\n (git-fixes).\n - ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).\n - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n - iio: accel: bma220: Fix alignment for DMA safety (git-fixes).\n - iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).\n - iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1027: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max11100: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1118: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp3911: make use of the sign bit (git-fixes).\n - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n - iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).\n - iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).\n - iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large\n (git-fixes).\n - iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).\n - iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).\n - iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).\n - iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).\n - iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).\n - iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).\n - ima: force signature verification when CONFIG_KEXEC_SIG is configured\n (bsc#1203737).\n - Input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).\n - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n (git-fixes).\n - Input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).\n - Input: rk805-pwrkey - fix module autoloading (git-fixes).\n - Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).\n - intel_th: Fix a resource leak in an error handling path (git-fixes).\n - intel_th: msu-sink: Potential dereference of null pointer (git-fixes).\n - intel_th: msu: Fix vmalloced buffers (git-fixes).\n - intel_th: pci: Add Meteor Lake-P support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement\n (git-fixes).\n - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop\n (git-fixes).\n - iommu/exynos: Handle failed IOMMU device registration properly\n (git-fixes).\n - iommu/iova: Improve 32-bit free space estimate (git-fixes).\n - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n - iommu/omap: Fix regression in probe for NULL pointer dereference\n (git-fixes).\n - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n (git-fixes).\n - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n - ipmi: ssif: initialize ssif_info->client early (git-fixes).\n - ixgbevf: add correct exception tracing for XDP (git-fixes).\n - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal\n aborted (bsc#1202716).\n - jbd2: fix outstanding credits assert in\n jbd2_journal_commit_transaction() (bsc#1202715).\n - jfs: fix GPF in diFree (bsc#1203389).\n - JFS: fix memleak in jfs_mount (git-fixes).\n - JFS: more checks for invalid superblock (git-fixes).\n - jfs: prevent NULL deref in diFree (bsc#1203389).\n - kABI: cgroup: Restore KABI of css_set (bsc#1201610).\n - kABI: x86: kexec: hide new include from genksyms (bsc#1196444).\n - kabi/severities: add stmmac driver local sumbols\n - kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).\n - kexec: do not verify the signature without the lockdown or mandatory\n signature (bsc#1203737).\n - kexec: drop weak attribute from arch_kexec_apply_relocations[_add]\n (bsc#1196444).\n - kexec: drop weak attribute from functions (bsc#1196444).\n - kexec: drop weak attribute from functions (bsc#1196444).\n - kexec: KEYS, s390: Make use of built-in and secondary keyring for\n signature verification (bsc#1196444).\n - kexec: KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).\n - kfifo: fix kfifo_to_user() return type (git-fixes).\n - kfifo: fix ternary sign extension bugs (git-fixes).\n - KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2\n (bsc#1201442)\n - KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case\n (git-fixes).\n - KVM: PPC: Book3S HV: Context tracking exit guest context before enabling\n irqs (bsc#1065729).\n - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB\n (bsc#1156395).\n - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()\n (bsc#1156395).\n - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant\n (bsc#1156395).\n - KVM: VMX: Refuse to load kvm_intel if EPT and NX are disabled\n (git-fixes).\n - KVM: x86: accept userspace interrupt only if no event is injected\n (git-fixes).\n - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks\n (git-fixes).\n - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical\n #GP (git-fixes).\n - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()\n (git-fixes).\n - lib/list_debug.c: Detect uninitialized lists (git-fixes).\n - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420\n ZDI-CAN-17325).\n - list: add \"list_del_init_careful()\" to go with \"list_empty_careful()\"\n (bsc#1202745).\n - locking/lockdep: Avoid potential access of invalid memory in lock_class\n (git-fixes).\n - loop: Fix missing discard support when using LOOP_CONFIGURE\n (bsc#1202718).\n - mbcache: add functions to delete entry if unused (bsc#1198971).\n - mbcache: do not reclaim used entries (bsc#1198971).\n - md-raid10: fix KASAN warning (git-fixes).\n - md: call __md_stop_writes in md_stop (git-fixes).\n - md: unlock mddev before reap sync_thread in action_store (bsc#1197659).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - media: hdpvr: fix error value returns in hdpvr_read (git-fixes).\n - media: rc: increase rc-mm tolerance and add debug message (git-fixes).\n - media: rtl28xxu: add missing sleep before probing slave demod\n (git-fixes).\n - media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle\n (git-fixes).\n - media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).\n - media: smipcie: fix interrupt handling and IR timeout (git-fixes).\n - media: tw686x: Register the irq at the end of probe (git-fixes).\n - media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device()\n (git-fixes).\n - media: v4l2-mem2mem: always consider OUTPUT queue during poll\n (git-fixes).\n - media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes).\n - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()\n (git-fixes).\n - memstick/ms_block: Fix a memory leak (git-fixes).\n - memstick/ms_block: Fix some incorrect memory allocation (git-fixes).\n - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).\n - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n - mfd: t7l66xb: Drop platform disable callback (git-fixes).\n - misc: fastrpc: fix memory corruption on open (git-fixes).\n - misc: fastrpc: fix memory corruption on probe (git-fixes).\n - misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).\n - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n - mm: fix page reference leak in soft_offline_page() (git fixes\n (mm/memory-failure)).\n - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n - mm: pagewalk: Fix race between unmap and page walker (git-fixes,\n bsc#1203159).\n - mm: proc: smaps_rollup: do not stall write attempts on mmap_lock\n (bsc#1201990).\n - mm: rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes, bsc#1203098).\n - mm: smaps*: extend smap_gather_stats to support specified beginning\n (bsc#1201990).\n - mmap locking API: add mmap_lock_is_contended() (bsc#1201990).\n - mmc: cavium-octeon: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n - mmc: pxamci: Fix another error handling path in pxamci_probe()\n (git-fixes).\n - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).\n - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n (git-fixes).\n - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols\n (git-fixes).\n - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n (git-fixes).\n - mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle\n (git-fixes).\n - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release\n (git-fixes).\n - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path\n (git-fixes).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).\n - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).\n - net: cpsw: Properly initialise struct page_pool_params (git-fixes).\n - net: davinci_emac: Fix incorrect masking of tx and rx error channel\n (git-fixes).\n - net: dsa: b53: fix an off by one in checking \"vlan->vid\" (git-fixes).\n - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).\n - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).\n - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).\n - net: enetc: Use pci_release_region() to release some resources\n (git-fixes).\n - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).\n - net: ethernet: ezchip: fix error handling (git-fixes).\n - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).\n - net: ethernet: ezchip: remove redundant check (git-fixes).\n - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).\n - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory\n (git-fixes).\n - net: fec_ptp: add clock rate zero check (git-fixes).\n - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).\n - net: ftgmac100: Fix crash when removing driver (git-fixes).\n - net: hdlc_x25: Return meaningful error code in x25_open (git-fixes).\n - net: hns: Fix kernel-doc (git-fixes).\n - net: lantiq: fix memory corruption in RX ring (git-fixes).\n - net: lapbether: Prevent racing when checking whether the netif is\n running (git-fixes).\n - net: mana: Add rmb after checking owner bits (git-fixes).\n - net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).\n - net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).\n - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).\n - net: mscc: ocelot: correctly report the timestamping RX filters in\n ethtool (git-fixes).\n - net: mscc: ocelot: do not downgrade timestamping RX filters in\n SIOCSHWTSTAMP (git-fixes).\n - net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes).\n - net: netcp: Fix an error message (git-fixes).\n - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).\n - net: rose: fix netdev reference changes (git-fixes).\n - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale\n pointer (git-fixes).\n - net: stmicro: handle clk_prepare() failure during init (git-fixes).\n - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).\n - net: stmmac: dwmac1000: Fix extended MAC address registers definition\n (git-fixes).\n - net: stmmac: Modify configuration method of EEE timers (git-fixes).\n - net: stmmac: Use resolved link config in mac_link_up() (git-fixes).\n - net: vmxnet3: fix possible NULL pointer dereference in\n vmxnet3_rq_cleanup() (bsc#1200431).\n - net: vmxnet3: fix possible use-after-free bugs in\n vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c\n (bsc#1200431).\n - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send\n (git-fixes).\n - net:enetc: allocate CBD ring data memory using DMA coherent methods\n (git-fixes).\n - net/mlx5e: Check for needed capability for cvlan matching (git-fixes).\n - net/sonic: Fix a resource leak in an error handling path in\n 'jazz_sonic_probe()' (git-fixes).\n - NFS: Do not decrease the value of seq_nr_highest_sent (git-fixes).\n - NFS: fix nfs_path in case of a rename retry (git-fixes).\n - NFS: Fix races in the legacy idmapper upcall (git-fixes).\n - NFS: Fix second deadlock in nfs4_evict_inode() (git-fixes).\n - NFS: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly (git-fixes).\n - NFS: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error\n (git-fixes).\n - NFS: RECLAIM_COMPLETE must handle EACCES (git-fixes).\n - NFS: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag\n (git-fixes).\n - NFSD: Add missing NFSv2 .pc_func methods (git-fixes).\n - NFSD: Clamp WRITE offsets (git-fixes).\n - NFSD: Fix offset type in I/O trace points (git-fixes).\n - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n - NFSD: fix use-after-free due to delegation race (git-fixes).\n - NFSD: prevent integer overflow on 32 bit systems (git-fixes).\n - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n - nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).\n - nvme-rdma: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).\n - nvme-tcp: Handle number of queue changes (bsc#1201865).\n - nvme: fix RCU hole that allowed for endless looping in multipath round\n robin (bsc#1202636).\n - nvmet: Expose max queues to configfs (bsc#1201865).\n - objtool: Add support for intra-function calls (bsc#1202396).\n - objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n - objtool: Remove INSN_STACK (bsc#1202396).\n - objtool: Rework allocating stack_ops on decode (bsc#1202396).\n - objtool: Support multiple stack_op per instruction (bsc#1202396).\n - ocfs2: drop acl cache for directories too (bsc#1191667).\n - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).\n - octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes).\n - of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).\n - of/device: Fix up of_dma_configure_id() stub (git-fixes).\n - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n - PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()\n (git-fixes).\n - PCI: dwc: Always enable CDM check if \"snps,enable-cdm-check\" exists\n (git-fixes).\n - PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).\n - PCI: dwc: Disable outbound windows only for controllers using iATU\n (git-fixes).\n - PCI: dwc: Stop link on host_init errors and de-initialization\n (git-fixes).\n - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n - PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n - PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n - PCI: hv: Make the code arch neutral by adding arch specific interfaces\n (bsc#1200845).\n - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()\n (bsc#1200845).\n - PCI: qcom: Fix pipe clock imbalance (git-fixes).\n - PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).\n - PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).\n - PCI: tegra194: Fix link up retry sequence (git-fixes).\n - PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()\n (git-fixes).\n - PCI: tegra194: Fix Root Port interrupt handling (git-fixes).\n - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).\n - PCI/portdrv: Do not disable AER reporting in\n get_port_device_capability() (git-fixes).\n - perf bench: Share some global variables to fix build with gcc 10\n (git-fixes).\n - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n (git-fixes).\n - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n - pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes).\n - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n - pinctrl/rockchip: fix gpio device creation (git-fixes).\n - platform/olpc: Fix uninitialized data in debugfs write (git-fixes).\n - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap\n fixes (git-fixes).\n - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n - PM: runtime: Remove link state checks in rpm_get/put_supplier()\n (git-fixes).\n - powerpc: define get_cycles macro for arch-override (bsc#1065729).\n - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n - powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544).\n - powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544).\n - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for\n PMI check in power_pmu_disable (bsc#1156395).\n - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n - powerpc/powernv: delay rng platform device creation until later in boot\n (bsc#1065729).\n - powerpc/powernv: rename remaining rng powernv_ functions to pnv_\n (bsc#1065729).\n - powerpc/powernv: Staticify functions without prototypes (bsc#1065729).\n - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n - ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).\n - profiling: fix shift too large makes kernel panic (git-fixes).\n - profiling: fix shift-out-of-bounds bugs (git fixes).\n - psi: Fix uaf issue when psi trigger is destroyed while being polled\n (bsc#1203909).\n - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).\n - random: fix crash on multiple early calls to add_bootloader_randomness()\n (git-fixes).\n - random: remove useless header comment (git fixes).\n - ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n - regulator: core: Clean up on enable failure (git-fixes).\n - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n (git-fixes).\n - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr\n (bsc#1202714).\n - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config\n (git-fixes).\n - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n - s390/crash: fix incorrect number of bytes to copy to user space\n (git-fixes).\n - s390/crash: make copy_oldmem_page() return number of bytes copied\n (git-fixes).\n - s390/mm: do not trigger write fault when vma does not allow VM_WRITE\n (git-fixes).\n - s390/mm: fix 2KB pgtable release race (git-fixes).\n - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594\n LTC#197522).\n - s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607).\n - s390/qeth: clean up default cases for ethtool link mode (bsc#1202984\n LTC#199607).\n - s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607).\n - s390/qeth: improve selection of ethtool link modes (bsc#1202984\n LTC#199607).\n - s390/qeth: set static link info during initialization (bsc#1202984\n LTC#199607).\n - s390/qeth: tolerate error when querying card info (bsc#1202984\n LTC#199607).\n - s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607).\n - sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)\n - sched/fair: Revise comment about lb decision matrix (git fixes\n (sched/fair)).\n - sched/membarrier: fix missing local execution of ipi_sync_rq_state()\n (git fixes (sched/membarrier)).\n - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n (git-fixes).\n - scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).\n - scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID\n cases (bsc#1203939).\n - scsi: lpfc: Add reporting capability for Link Degrade Signaling\n (bsc#1203939).\n - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE\n (bsc#1203063).\n - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n - scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).\n - scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload\n (bsc#1203939).\n - scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same\n NPort ID (bsc#1203939).\n - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for\n GFT_ID (bsc#1203063).\n - scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).\n - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT\n discovery (bsc#1203063).\n - scsi: lpfc: Fix various issues reported by tools (bsc#1203939).\n - scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed\n phba (bsc#1185032 bsc#1203939).\n - scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n - scsi: lpfc: Remove the unneeded result variable (bsc#1203939).\n - scsi: lpfc: Remove unneeded result variable (bsc#1203939).\n - scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd\n (bsc#1203939).\n - scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE\n (bsc#1203939).\n - scsi: lpfc: Rework FDMI attribute registration for unintential padding\n (bsc#1203939).\n - scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency\n (bsc#1203939).\n - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n - scsi: lpfc: Update congestion mode logging for Emulex SAN Manager\n application (bsc#1203939).\n - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n - scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).\n - scsi: mpt3sas: Fix use-after-free warning (git-fixes).\n - scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).\n - scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status\n (bsc#1203935).\n - scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1()\n (bsc#1203935).\n - scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).\n - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX\n (bsc#1203935).\n - scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).\n - scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).\n - scsi: qla2xxx: Fix response queue handler reading stale packets\n (bsc#1203935).\n - scsi: qla2xxx: Log message \"skipping scsi_scan_host()\" as informational\n (bsc#1203935).\n - scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).\n - scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).\n - scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).\n - scsi: qla2xxx: Revert \"scsi: qla2xxx: Fix response queue handler reading\n stale packets\" (bsc#1203935).\n - scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).\n - scsi: sg: Allow waiting for commands to complete on removed device\n (git-fixes).\n - scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).\n - scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).\n - scsi: smartpqi: Update LUN reset handler (bsc#1200622).\n - selftests: futex: Use variable MAKE instead of make (git-fixes).\n - serial: 8250_dw: Store LSR into lsr_saved_flags in\n dw8250_tx_wait_empty() (git-fixes).\n - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n - serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n - serial: tegra: Change lower tolerance baud rate limit for tegra20 and\n tegra30 (git-fixes).\n - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n (git-fixes).\n - soc: fsl: guts: machine variable might be unset (git-fixes).\n - soundwire: bus_type: fix remove and shutdown support (git-fixes).\n - spi: Fix incorrect cs_setup delay handling (git-fixes).\n - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n (git-fixes).\n - squashfs: fix divide error in calculate_skip() (git-fixes).\n - staging: rtl8192u: Fix sleep in atomic context bug in\n dm_fsync_timer_callback (git-fixes).\n - staging: rtl8712: fix use after free bugs (git-fixes).\n - SUNRPC reverting d03727b248d0 (\"NFSv4 fix CLOSE not waiting for direct\n IO compeletion\") (git-fixes).\n - SUNRPC: Clean up scheduling of autoclose (git-fixes).\n - SUNRPC: Do not call connect() more than once on a TCP socket (git-fixes).\n - SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).\n - SUNRPC: Do not leak sockets in xs_local_connect() (git-fixes).\n - SUNRPC: fix expiry of auth creds (git-fixes).\n - SUNRPC: Fix misplaced barrier in call_decode (git-fixes).\n - SUNRPC: Fix READ_PLUS crasher (git-fixes).\n - SUNRPC: Partial revert of commit 6f9f17287e78 (git-fixes).\n - SUNRPC: Prevent immediate close+reconnect (git-fixes).\n - SUNRPC: Reinitialise the backchannel request buffers before reuse\n (git-fixes).\n - SUNRPC: RPC level errors should set task->tk_rpc_status (git-fixes).\n - svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes).\n - tee: optee: Fix incorrect page free bug (git-fixes).\n - thermal: Fix NULL pointer dereferences in of_thermal_ functions\n (git-fixes).\n - thermal: sysfs: Fix cooling_device_stats_setup() error code path\n (git-fixes).\n - thermal/tools/tmon: Include pthread and time headers in tmon.h\n (git-fixes).\n - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n - tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (git fixes\n (kernel/time)).\n - tools/thermal: Fix possible path truncations (git-fixes).\n - tracing: Add ustring operation to filtering string pointers (git-fixes).\n - tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).\n - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n - tracing/histograms: Fix memory leak problem (git-fixes).\n - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n - tty: serial: lpuart: disable flow control while waiting for the transmit\n engine to complete (git-fixes).\n - tty: vt: initialize unicode screen buffer (git-fixes).\n - USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).\n - USB: core: Fix RST error in hub.c (git-fixes).\n - USB: core: Prevent nested device-reset calls (git-fixes).\n - USB: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n - USB: dwc3: add cancelled reasons for dwc3 requests (git-fixes).\n - USB: dwc3: disable USB core PHY management (git-fixes).\n - USB: dwc3: ep0: Fix delay status handling (git-fixes).\n - USB: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).\n - USB: dwc3: gadget: Fix IN endpoint max packet size allocation\n (git-fixes).\n - USB: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).\n - USB: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).\n - USB: dwc3: gadget: Remove unnecessary checks (git-fixes).\n - USB: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback\n (git-fixes).\n - USB: dwc3: gadget: Store resource index of start cmd (git-fixes).\n - USB: dwc3: qcom: fix missing optional irq warnings.\n - USB: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).\n - USB: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes).\n - USB: Follow-up to SPDX identifiers addition - remove now useless\n comments (git-fixes).\n - USB: gadget: mass_storage: Fix cdrom data transfers on MAC-OS\n (git-fixes).\n - USB: gadget: u_audio: fix race condition on endpoint stop (git-fixes).\n - USB: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n - USB: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).\n - USB: gadget: uvc: call uvc uvcg_warn on completed status instead of\n uvcg_info (git-fixes).\n - USB: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n - USB: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n - USB: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).\n - USB: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n - USB: otg-fsm: Fix hrtimer list corruption (git-fixes).\n - USB: renesas: Fix refcount leak bug (git-fixes).\n - USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n - USB: serial: ch341: fix lost character on LCR updates (git-fixes).\n - USB: serial: ch341: name prescaler, divisor registers (git-fixes).\n - USB: serial: cp210x: add Decagon UCA device id (git-fixes).\n - USB: serial: fix tty-port initialized comments (git-fixes).\n - USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).\n - USB: serial: option: add Quectel EM060K modem (git-fixes).\n - USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode\n (git-fixes).\n - USB: serial: option: add support for OPPO R11 diag port (git-fixes).\n - USB: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes).\n - USB: storage: Add ignore-residue quirk for NXP PN7462AU (git-fixes).\n - USB: struct usb_device: hide new member (git-fixes).\n - USB: typec: altmodes/displayport: correct pin assignment for UFP\n receptacles (git-fixes).\n - USB: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion\n (git-fixes).\n - USB: xhci: tegra: Fix error check (git-fixes).\n - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n - usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).\n - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n - vboxguest: Do not use devm for irq (git-fixes).\n - vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n (git-fixes).\n - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n (git-fixes).\n - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n - virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).\n - virtio-net: fix the race between refill work and close (git-fixes).\n - VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).\n - VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: allocate send and receive buffers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: detect DMA datagram capability (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: whitespace formatting change for vmci register defines\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Fix some error handling paths in vmci_guest_probe_device()\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Release notification_bitmap in error path (bsc#1199291,\n jsc#SLE-24635).\n - vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n - vmxnet3: add support for capability registers (bsc#1200431).\n - vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n - vmxnet3: add support for out of order rx completion (bsc#1200431).\n - vmxnet3: disable overlay offloads if UPT device does not support\n (bsc#1200431).\n - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).\n - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n - vmxnet3: prepare for version 7 changes (bsc#1200431).\n - vmxnet3: Record queue number to incoming packets (bsc#1200431).\n - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n - vmxnet3: update to version 7 (bsc#1200431).\n - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n - vsock: Fix memory leak in vsock_connect() (git-fixes).\n - vsock: Set socket state back to SS_UNCONNECTED in\n vsock_connect_timeout() (git-fixes).\n - vt: Clear selection before changing the font (git-fixes).\n - vt: selection, introduce vc_is_sel (git-fixes).\n - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in\n armada_37xx_wdt_probe() (git-fixes).\n - watchdog: wdat_wdt: Set the min and max timeout values properly\n (bsc#1194023).\n - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()\n (git-fixes).\n - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in\n il4965_rs_fill_link_cmd() (git-fixes).\n - wifi: iwlegacy: 4965: fix potential off-by-one overflow in\n il4965_rs_fill_link_cmd() (git-fixes).\n - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n (git-fixes).\n - wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).\n - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n - wifi: mac80211: Do not finalize CSA in IBSS mode if state is\n disconnected (git-fixes).\n - wifi: p54: add missing parentheses in p54_flush() (git-fixes).\n - wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).\n - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()\n (git-fixes).\n - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n (git-fixes).\n - wifi: wil6210: debugfs: fix uninitialized variable use in\n `wil_write_file_wmi()` (git-fixes).\n - x86/bugs: Reenable retbleed=off While for older kernels the return\n thunks are statically built in and cannot be dynamically patched out,\n retbleed=off should still work so that it can be disabled.\n - x86/kexec: fix memory leak of elf header buffer (bsc#1196444).\n - x86/olpc: fix 'logical not is only applied to the left hand side'\n (git-fixes).\n - x86/xen: Remove undefined behavior in setup_features() (git-fixes).\n - xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).\n - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).\n - xfs: Fix assert failure in xfs_setattr_size() (git-fixes).\n - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n - xfs: mark a data structure sick if there are cross-referencing errors\n (git-fixes).\n - xfs: only reset incore inode health state flags when reclaiming an inode\n (git-fixes).\n - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n - xprtrdma: Fix cwnd update ordering (git-fixes).\n - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-3609=1\n\n - SUSE Linux Enterprise Module for Public Cloud 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-3609=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-18T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-16119", "CVE-2020-27784", "CVE-2020-36516", "CVE-2021-4155", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2503", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-3239", "CVE-2022-3303", "CVE-2022-36879", "CVE-2022-39188", "CVE-2022-39190", "CVE-2022-41218", "CVE-2022-41222", "CVE-2022-41848", "CVE-2022-41849"], "modified": "2022-10-18T00:00:00", "id": "SUSE-SU-2022:3609-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XOMMJ6TOFV2YSSGL2X5AXFLROESPWDQG/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2022-09-16T15:42:49", "description": "An update that solves 25 vulnerabilities, contains four\n features and has 91 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive\n various security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2022-39190: Fixed an issue that was discovered in\n net/netfilter/nf_tables_api.c and could cause a denial of service upon\n binding to an already bound chain (bnc#1203117).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n - CVE-2022-36946: Fixed a denial of service (panic) inside nfqnl_mangle in\n net/netfilter/nfnetlink_queue.c (bnc#1201940).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-3078: Fixed a lack of check after calling vzalloc() and lack of\n free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c\n (bnc#1203041).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-2959: Fixed a race condition that was found inside the watch\n queue due to a missing lock in pipe_resize_ring() (bnc#1202681).\n - CVE-2022-2938: Fixed a flaw that was found inside the Pressure Stall\n Information implementation that could have been used to allow an\n attacker to crash the system or have other memory-corruption side\n effects (bnc#1202623).\n - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke\n descriptors (bsc#1202564, bsc#1202860).\n - CVE-2022-2873: Fixed an out-of-bounds memory access flaw that was found\n in iSMT SMBus host controller driver (bnc#1202558).\n - CVE-2022-28693: Fixed x86/speculation behavior by disabling RRSBA\n (bsc#1201455).\n - CVE-2022-28356: Fixed a refcount leak bug that was found in\n net/llc/af_llc.c (bnc#1197391).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-2639: Fixed an integer coercion error that was found in the\n openvswitch kernel module (bnc#1202154).\n - CVE-2022-26373: Fixed non-transparent sharing of return predictor\n targets between contexts in some Intel Processors that may have allowed\n information disclosure via local access (bnc#1201726).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-2585: Fixed missing cleanup of CPU timers before freeing them\n during exec (bsc#1202094).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2022-1184: Fixed an use-after-free flaw in\n fs/ext4/namei.c:dx_insert_block() in the filesystem sub-component\n (bnc#1198577).\n - CVE-2021-4037: Fixed function logic vulnerability that allowed local\n users to create files for the XFS file-system with an unintended group\n ownership and with group execution and SGID permission bits set\n (bnc#1198702).\n - CVE-2021-33135: Fixed uncontrolled resource consumption inside Intel(R)\n SGX that may have allowed an authenticated user to potentially enable\n denial of service via local access (bnc#1199515).\n - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where\n an attacker was able to inject data into or terminate a victim's TCP\n session (bnc#1196616).\n - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in\n drivers/acpi/apei/einj.c that allowed users to simulate hardware errors\n and consequently cause a denial of service (bnc#1023051).\n\n\n The following non-security bugs were fixed:\n\n - ACPI: APEI: Better fix to avoid spamming the console with old error logs\n (git-fixes).\n - ACPI: APEI: explicit init of HEST and GHES in apci_init() (git-fixes).\n - ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).\n - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk (git-fixes).\n - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks\n (git-fixes).\n - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).\n - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n - ACPI: VIOT: Fix ACS setup (git-fixes).\n - ACPI: processor/idle: Annotate more functions to live in cpuidle section\n (git-fixes).\n - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).\n - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool\n (git-fixes).\n - ACPI: thermal: drop an always true check (git-fixes).\n - ACPI: video: Force backlight native for some TongFang devices\n (git-fixes).\n - ACPI: video: Shortening quirk list by identifying Clevo by board_name\n only (git-fixes).\n - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).\n - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model\n (git-fixes).\n - ALSA: hda/conexant: add a new hda codec SN6140 (git-fixes).\n - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED\n (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n - ALSA: hda/realtek: Add quirk for Lenovo Yoga9 14IAP7 (git-fixes).\n - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298\n (git-fixes).\n - ALSA: hda/sigmatel: Keep power up while beep is enabled (bsc#1200544).\n - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array\n (git-fixes).\n - ALSA: info: Fix llseek return value when using callback (git-fixes).\n - ALSA: seq: Fix data-race at module auto-loading (git-fixes).\n - ALSA: seq: oss: Fix data-race for max_midi_devs access (git-fixes).\n - ALSA: usb-audio: Add endianness annotations (git-fixes).\n - ALSA: usb-audio: Add quirk for Behringer UMC202HD (git-fixes).\n - ALSA: usb-audio: Add quirk for LH Labs Geek Out HD Audio 1V5 (git-fixes).\n - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II\n (git-fixes).\n - ALSA: usb-audio: Support jack detection on Dell dock (git-fixes).\n - ALSA: usb-audio: Turn off 'manual mode' on Dell dock (git-fixes).\n - ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init (git-fixes).\n - ARM: OMAP2+: Fix refcount leak in omapdss_init_of (git-fixes).\n - ARM: OMAP2+: display: Fix refcount leak bug (git-fixes).\n - ARM: OMAP2+: pdata-quirks: Fix refcount leak bug (git-fixes).\n - ARM: bcm: Fix refcount leak in bcm_kona_smc_init (git-fixes).\n - ARM: dts: BCM5301X: Add DT for Meraki MR26 (git-fixes).\n - ARM: dts: ast2500-evb: fix board compatible (git-fixes).\n - ARM: dts: ast2600-evb-a1: fix board compatible (git-fixes).\n - ARM: dts: ast2600-evb: fix board compatible (git-fixes).\n - ARM: dts: at91: sama5d27_wlsom1: do not keep ldo2 enabled all the time\n (git-fixes).\n - ARM: dts: at91: sama5d27_wlsom1: specify proper regulator output ranges\n (git-fixes).\n - ARM: dts: at91: sama5d2_icp: do not keep vdd_other enabled all the time\n (git-fixes).\n - ARM: dts: at91: sama5d2_icp: specify proper regulator output ranges\n (git-fixes).\n - ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node (git-fixes).\n - ARM: dts: imx6ul: add missing properties for sram (git-fixes).\n - ARM: dts: imx6ul: change operating-points to uint32-matrix (git-fixes).\n - ARM: dts: imx6ul: fix csi node compatible (git-fixes).\n - ARM: dts: imx6ul: fix keypad compatible (git-fixes).\n - ARM: dts: imx6ul: fix lcdif node compatible (git-fixes).\n - ARM: dts: imx6ul: fix qspi node compatible (git-fixes).\n - ARM: dts: imx7d-colibri-emmc: add cpu1 supply (git-fixes).\n - ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg (git-fixes).\n - ARM: dts: qcom: pm8841: add required thermal-sensor-cells (git-fixes).\n - ARM: dts: qcom: sdx55: Fix the IRQ trigger type for UART (git-fixes).\n - ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC (git-fixes).\n - ARM: findbit: fix overflowing offset (git-fixes).\n - ARM: shmobile: rcar-gen2: Increase refcount for new reference\n (git-fixes).\n - ASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n (git-fixes).\n - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n - ASoC: codec: tlv320aic32x4: fix mono playback via I2S (git-fixes).\n - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).\n - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV\n (git-fixes).\n - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n - ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe\n (git-fixes).\n - ASoC: fsl-asoc-card: force cast the asrc_format type (git-fixes).\n - ASoC: fsl_asrc: force cast the asrc_format type (git-fixes).\n - ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format (git-fixes).\n - ASoC: imx-audmux: Silence a clang warning (git-fixes).\n - ASoC: imx-card: Fix DSD/PDM mclk frequency (git-fixes).\n - ASoC: imx-card: use snd_pcm_format_t type for asrc_format (git-fixes).\n - ASoC: mchp-spdifrx: disable end of block interrupt on failures\n (git-fixes).\n - ASoC: mt6359: Fix refcount leak bug (git-fixes).\n - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n (git-fixes).\n - ASoC: qcom: Fix missing of_node_put() in\n asoc_qcom_lpass_cpu_platform_probe() (git-fixes).\n - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n - ASoC: rsnd: care default case on rsnd_ssiu_busif_err_irq_ctrl()\n (git-fixes).\n - ASoC: samsung: Fix error handling in aries_audio_probe (git-fixes).\n - ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global\n to static variables (git-fixes).\n - ASoC: samsung: change neo1973_audio from a global to static (git-fixes).\n - ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header\n (git-fixes).\n - ASoC: tas2770: Allow mono streams (git-fixes).\n - ASoC: tas2770: Drop conflicting set_bias_level power setting (git-fixes).\n - ASoC: tas2770: Fix handling of mute/unmute (git-fixes).\n - ASoC: tas2770: Set correct FSYNC polarity (git-fixes).\n - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put\n (git-fixes).\n - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587\n (git-fixes).\n - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 (git-fixes).\n - Bluetooth: hci_bcm: Add BCM4349B1 variant (git-fixes).\n - Bluetooth: hci_bcm: Add DT compatible for CYW55572 (git-fixes).\n - Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n - Documentation: ACPI: EINJ: Fix obsolete example (git-fixes).\n - Documentation: PM: Drop pme_interrupt reference (git-fixes).\n - Documentation: dm writecache: Render status list as list (git-fixes).\n - Documentation: fix sctp_wmem in ip-sysctl.rst (git-fixes).\n - Documentation: siphash: Fix typo in the name of offsetofend macro\n (git-fixes).\n - EDAC/ghes: Set the DIMM label unconditionally (bsc#1201768).\n - HID: AMD_SFH: Add a DMI quirk entry for Chromebooks (git-fixes).\n - HID: add Lenovo Yoga C630 battery quirk (git-fixes).\n - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n - HID: amd_sfh: Add NULL check for hid device (git-fixes).\n - HID: amd_sfh: Handle condition of \"no sensors\" (git-fixes).\n - HID: asus: ROG NKey: Ignore portion of 0x5a report (git-fixes).\n - HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).\n - HID: hid-input: add Surface Go battery quirk (git-fixes).\n - HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() (git-fixes).\n - HID: multitouch: new device class fix Lenovo X12 trackpad sticky\n (git-fixes).\n - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n (git-fies).\n - HID: thrustmaster: Add sparco wheel and fix array length (git-fixes).\n - HID: wacom: Do not register pad_input for touch switch (git-fixes).\n - HID: wacom: Only report rotation for art pen (git-fixes).\n - Input: exc3000 - fix return value check of wait_for_completion_timeout\n (git-fixes).\n - Input: gscps2 - check return value of ioremap() in gscps2_probe()\n (git-fixes).\n - Input: i8042 - add TUXEDO devices to i8042 quirk tables (git-fies).\n - Input: i8042 - add additional TUXEDO devices to i8042 quirk tables\n (git-fies).\n - Input: i8042 - merge quirk tables (git-fies).\n - Input: i8042 - move __initconst to fix code styling warning (git-fies).\n - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n (git-fixes).\n - Input: rk805-pwrkey - fix module autoloading (git-fixes).\n - KABI: cgroup: Restore KABI of css_set (bsc#1201610).\n - KEYS: asymmetric: enforce SM2 signature use pkey algo (git-fixes).\n - KVM: LAPIC: Also cancel preemption timer during SET_LAPIC (git-fixes).\n - KVM: MMU: shadow nested paging does not have PKU (git-fixes).\n - KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init\n (bsc#1194869).\n - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB\n (bsc#1156395).\n - KVM: PPC: Book3S HV: Remove kvmhv_p9_[set,restore]_lpcr declarations\n (bsc#1194869).\n - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()\n (bsc#1156395).\n - KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator\n (bsc#1194869).\n - KVM: PPC: Book3s HV: Remove unused function kvmppc_bad_interrupt\n (bsc#1194869).\n - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant\n (bsc#1156395).\n - KVM: SVM: Do not BUG if userspace injects an interrupt with GIF=0\n (git-fixes).\n - KVM: SVM: Do not intercept #GP for SEV guests (git-fixes).\n - KVM: SVM: Unwind \"speculative\" RIP advancement if INTn injection \"fails\"\n (git-fixes).\n - KVM: SVM: fix panic on out-of-bounds guest IRQ (git-fixes).\n - KVM: VMX: Print VM-instruction error as unsigned (git-fixes).\n - KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled\n (git-fixes).\n - KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock (git-fixes).\n - KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg() (git-fixes).\n - KVM: X86: avoid uninitialized 'fault.async_page_fault' from fixed-up #PF\n (git-fixes).\n - KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2\n (bsc#1201442)\n - KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4\n (git-fixes).\n - KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value\n (git-fixes).\n - KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is required\n (git-fixes).\n - KVM: nVMX: do not use vcpu->arch.efer when checking host state on nested\n state load (git-fixes).\n - KVM: x86/mmu: Do not freak out if pml5_root is NULL on 4-level host\n (git-fixes).\n - KVM: x86/mmu: Move \"invalid\" check out of kvm_tdp_mmu_get_root()\n (git-fixes).\n - KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU\n (git-fixes).\n - KVM: x86/mmu: include EFER.LMA in extended mmu role (git-fixes).\n - KVM: x86/mmu: make apf token non-zero to fix bug (git-fixes).\n - KVM: x86: Avoid theoretical NULL pointer dereference in\n kvm_irq_delivery_to_apic_fast() (git-fixes).\n - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq\n (git-fixes).\n - KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't\n activated (git-fixes).\n - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks\n (git-fixes).\n - KVM: x86: SVM: do not passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG\n case (git-fixes).\n - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical\n #GP (git-fixes).\n - KVM: x86: check PIR even for vCPUs with disabled APICv (git-fixes).\n - KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_flush_tlb()\n (git-fixes).\n - KVM: x86: ignore APICv if LAPIC is not enabled (git-fixes).\n - KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all (git-fixes).\n - KVM: x86: revalidate steal time cache if MSR value changes (git-fixes).\n - NFSD: Clamp WRITE offsets (git-fixes).\n - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes\n (git-fixes).\n - NFSD: Fix ia_size underflow (git-fixes).\n - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n - NFSD: prevent integer overflow on 32 bit systems (git-fixes).\n - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).\n - PCI/AER: Iterate over error counters instead of error strings\n (git-fixes).\n - PCI/portdrv: Do not disable AER reporting in\n get_port_device_capability() (git-fixes).\n - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n - PCI: aardvark: Fix reporting Slot capabilities on emulated bridge\n (git-fixes).\n - PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()\n (git-fixes).\n - PCI: dwc: Always enable CDM check if \"snps,enable-cdm-check\" exists\n (git-fixes).\n - PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).\n - PCI: dwc: Disable outbound windows only for controllers using iATU\n (git-fixes).\n - PCI: dwc: Set INCREASE_REGION_SIZE flag based on limit address\n (git-fixes).\n - PCI: dwc: Stop link on host_init errors and de-initialization\n (git-fixes).\n - PCI: endpoint: Do not stop controller when unbinding endpoint function\n (git-fixes).\n - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n - PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()\n (git-fixes).\n - PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).\n - PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).\n - PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()\n (git-fixes).\n - PCI: tegra194: Fix Root Port interrupt handling (git-fixes).\n - PCI: tegra194: Fix link up retry sequence (git-fixes).\n - PM: domains: Ensure genpd_debugfs_dir exists before remove (git-fixes).\n - PM: hibernate: defer device probing when resuming from hibernation\n (git-fixes).\n - Revert \"clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops\"\n (git-fixes).\n - Revert \"drivers/video/backlight/platform_lcd.c: add support for device\n tree based probe\" (git-fixes).\n - Revert \"drm/i915: Hold reference to intel_context over life of\n i915_request\" (git-fixes).\n - Revert \"drm/udl: Kill pending URBs at suspend and disconnect\"\n (bsc#1195917).\n - Revert \"ipv6: Honor all IPv6 PIO Valid Lifetime values\" (bsc#1202989).\n - Revert \"net: usb: ax88179_178a needs FLAG_SEND_ZLP\" (git-fixes).\n - Revert \"scripts/mod/modpost.c: permit '.cranges' secton for sh64\n architecture.\" (git-fixes).\n - Revert \"usb: gadget: udc-xilinx: replace memcpy with memcpy_toio\"\n (git-fixes).\n - Revert \"x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV\"\n (bsc#1190497).\n - SUNRPC: Fix NFSD's request deferral on RDMA transports (git-fixes).\n - SUNRPC: Fix READ_PLUS crasher (git-fixes).\n - SUNRPC: Prevent immediate close+reconnect (git-fixes).\n - USB: Follow-up to SPDX GPL-2.0+ identifiers addition - remove now\n useless comments (git-fixes).\n - USB: Follow-up to SPDX identifiers addition - remove now useless\n comments (git-fixes).\n - USB: serial: ch314: use usb_control_msg_recv() (git-fixes).\n - USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n - USB: serial: fix tty-port initialized comments (git-fixes).\n - apparmor: Fix failed mount permission check error message (git-fixes).\n - apparmor: Fix memleak in aa_simple_write_to_buffer() (git-fixes).\n - apparmor: fix aa_label_asxprint return check (git-fixes).\n - apparmor: fix absroot causing audited secids to begin with = (git-fixes).\n - apparmor: fix overlapping attachment computation (git-fixes).\n - apparmor: fix quiet_denied for file rules (git-fixes).\n - apparmor: fix reference count leak in aa_pivotroot() (git-fixes).\n - apparmor: fix setting unconfined mode on a loaded profile (git-fixes).\n - arm64: Do not forget syscall when starting a new thread (git-fixes).\n - arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76 (git-fixes).\n - arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1\n (git-fixes).\n - arm64: dts: allwinner: a64: orangepi-win: Fix LED node name (git-fixes).\n - arm64: dts: mt7622: fix BPI-R64 WPS button (git-fixes).\n - arm64: dts: mt8192: Fix idle-states entry-method (git-fixes).\n - arm64: dts: mt8192: Fix idle-states nodes naming scheme (git-fixes).\n - arm64: dts: qcom: ipq8074: fix NAND node name (git-fixes).\n - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node\n (git-fixes).\n - arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment (git-fixes).\n - arm64: dts: qcom: sm8250: add missing PCIe PHY clock-cells (git-fixes).\n - arm64: dts: renesas: Fix thermal-sensors on single-zone sensors\n (git-fixes).\n - arm64: dts: renesas: beacon: Fix regulator node names (git-fixes).\n - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes).\n - arm64: fix oops in concurrently setting insn_emulation sysctls\n (git-fixes).\n - arm64: fix rodata=full (git-fixes).\n - arm64: kasan: Revert \"arm64: mte: reset the page tag in page->flags\"\n (git-fixes).\n - arm64: set UXN on swapper page tables (git-fixes).\n - arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes).\n - arm64: tegra: Fixup SYSRAM references (git-fixes).\n - arm64: tegra: Mark BPMP channels as no-memory-wc (git-fixes).\n - asm-generic: sections: refactor memory_intersects (git-fixes).\n - ata: libata-eh: Add missing command name (git-fixes).\n - ath10k: do not enforce interrupt trigger type (git-fixes).\n - ath11k: Fix incorrect debug_mask mappings (git-fixes).\n - ath11k: fix netdev open race (git-fixes).\n - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n - audit: fix potential double free on error path from\n fsnotify_add_inode_mark (git-fixes).\n - ax25: Fix ax25 session cleanup problems (git-fixes).\n - block: Fix fsync always failed if once failed (bsc#1202779).\n - block: Fix wrong offset in bio_truncate() (bsc#1202780).\n - block: fix rq-qos breakage from skipping rq_qos_done_bio() (bsc#1202781).\n - block: only mark bio as tracked if it really is tracked (bsc#1202782).\n - bnx2x: Invalidate fastpath HSI version for VFs (git-fixes).\n - bnx2x: Utilize firmware 7.13.21.0 (git-fixes).\n - btrfs: properly flag filesystem with BTRFS_FEATURE_INCOMPAT_BIG_METADATA\n (git-fixes).\n - bus: hisi_lpc: fix missing platform_device_put() in\n hisi_lpc_acpi_probe() (git-fixes).\n - can: Break loopback loop on loopback documentation (git-fixes).\n - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n - can: error: specify the values of data[5..7] of CAN error frames\n (git-fixes).\n - can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).\n - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE\n with netdev_warn_once() (git-fixes).\n - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: mcp251x: Fix race condition on receive interrupt (git-fixes).\n - can: mcp251xfd: mcp251xfd_dump(): fix comment (git-fixes).\n - can: netlink: allow configuring of fixed bit rates without need for\n do_set_bittiming callback (git-fixes).\n - can: netlink: allow configuring of fixed data bit rates without need for\n do_set_data_bittiming callback (git-fixes).\n - can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: pch_can: pch_can_error(): initialize errc before using it\n (git-fixes).\n - can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).\n - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202823).\n - ceph: do not truncate file in atomic_open (bsc#1202824).\n - ceph: use correct index when encoding client supported features\n (bsc#1202822).\n - cfg80211/mac80211: assume CHECKSUM_COMPLETE includes SNAP (bsc#1202131).\n - cgroup: Use separate src/dst nodes when preloading css_sets for\n migration (bsc#1201610).\n - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n - clk: mediatek: reset: Fix written reset bit offset (git-fixes).\n - clk: qcom: camcc-sdm845: Fix topology around titan_top power domain\n (git-fixes).\n - clk: qcom: camcc-sm8250: Fix halt on boot by reducing driver's init\n level (git-fixes).\n - clk: qcom: camcc-sm8250: Fix topology around titan_top power domain\n (git-fixes).\n - clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description\n (git-fixes).\n - clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).\n - clk: qcom: clk-rcg2: Fail Duty-Cycle configuration if MND divider is not\n enabled (git-fixes).\n - clk: qcom: clk-rcg2: Make sure to not write d=0 to the NMD register\n (git-fixes).\n - clk: qcom: gcc-msm8939: Add missing SYSTEM_MM_NOC_BFDCD_CLK_SRC\n (git-fixes).\n - clk: qcom: gcc-msm8939: Add missing system_mm_noc_bfdcd_clk_src\n (git-fixes).\n - clk: qcom: gcc-msm8939: Fix bimc_ddr_clk_src rcgr base address\n (git-fixes).\n - clk: qcom: gcc-msm8939: Fix weird field spacing in\n ftbl_gcc_camss_cci_clk (git-fixes).\n - clk: qcom: gcc-msm8939: Point MM peripherals to system_mm_noc clock\n (git-fixes).\n - clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).\n - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n - clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).\n - clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).\n - clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks\n (git-fixes).\n - clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).\n - clk: ti: Stop using legacy clkctrl names for omap4 and 5 (git-fixes).\n - cpufreq: zynq: Fix refcount leak in zynq_get_revision (git-fixes).\n - crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes).\n - crypto: ccp - During shutdown, check SEV data pointer before using\n (git-fixes).\n - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel\n memory leak (git-fixes).\n - crypto: hisilicon - Kunpeng916 crypto driver do not sleep when in\n softirq (git-fixes).\n - crypto: hisilicon/hpre - do not use GFP_KERNEL to alloc mem during\n softirq (git-fixes).\n - crypto: hisilicon/sec - do not sleep when in softirq (git-fixes).\n - crypto: hisilicon/sec - fix auth key size error (git-fixes).\n - crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of\n (git-fixes).\n - crypto: sun8i-ss - do not allocate memory when handling hash requests\n (git-fixes).\n - crypto: sun8i-ss - fix error codes in allocate_flows() (git-fixes).\n - crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs() (git-fixes).\n - devlink: Fix use-after-free after a failed reload (git-fixes).\n - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n - dmaengine: dw-axi-dmac: do not print NULL LLI during error (git-fixes).\n - dmaengine: dw-axi-dmac: ignore interrupt if no descriptor (git-fixes).\n - dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction semantics\n (git-fixes).\n - dmaengine: imx-dma: Cast of_device_get_match_data() with (uintptr_t)\n (git-fixes).\n - dmaengine: sf-pdma: Add multithread support for a DMA channel\n (git-fixes).\n - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed\n (git-fixes).\n - dmaengine: stm32-mdma: Remove dead code in stm32_mdma_irq_handler()\n (git-fixes).\n - docs: i2c: i2c-sysfs: fix hyperlinks (git-fixes).\n - docs: zh_CN: fix a broken reference (git-fixes).\n - dpaa2-eth: fix ethtool statistics (git-fixes).\n - driver core: Do not probe devices after bus_type.match() probe deferral\n (git-fixes).\n - driver core: fix potential deadlock in __driver_attach (git-fixes).\n - drivers/iio: Remove all strcpy() uses (git-fixes).\n - drivers: usb: dwc3-qcom: Add sdm660 compatible (git-fixes).\n - drm/amd/amd_shared.h: Add missing doc for PP_GFX_DCS_MASK (git-fixes).\n - drm/amd/display: Add option to defer works of hpd_rx_irq (git-fixes).\n - drm/amd/display: Avoid MPC infinite loop (git-fixes).\n - drm/amd/display: Check correct bounds for stream encoder instances for\n DCN303 (git-fixes).\n - drm/amd/display: Enable building new display engine with KCOV enabled\n (git-fixes).\n - drm/amd/display: Fix HDMI VSIF V3 incorrect issue (git-fixes).\n - drm/amd/display: Fix pixel clock programming (git-fixes).\n - drm/amd/display: Fix surface optimization regression on Carrizo\n (git-fixes).\n - drm/amd/display: For stereo keep \"FLIP_ANY_FRAME\" (git-fixes).\n - drm/amd/display: Reset DMCUB before HW init (git-fixes).\n - drm/amd/display: Revert \"drm/amd/display: turn DPMS off on connector\n unplug\" (git-fixes).\n - drm/amd/display: avoid doing vm_init multiple time (git-fixes).\n - drm/amd/display: clear optc underflow before turn off odm clock\n (git-fixes).\n - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid\n (git-fixes).\n - drm/amdgpu: Check BO's requested pinning domains against its\n preferred_domains (git-fixes).\n - drm/amdgpu: Increase tlb flush timeout for sriov (git-fixes).\n - drm/amdgpu: Remove one duplicated ef removal (git-fixes).\n - drm/amdgpu: remove useless condition in\n amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n - drm/bridge: lt9611uxc: Cancel only driver's work (git-fixes).\n - drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated\n function (git-fixes).\n - drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).\n - drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into dedicated\n function (git-fixes).\n - drm/doc: Fix comment typo (git-fixes).\n - drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()\n failed (git-fixes).\n - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()\n error (git-fixes).\n - drm/i915/display: avoid warnings when registering dual panel backlight\n (git-fixes).\n - drm/i915/gt: Skip TLB invalidations once wedged (git-fixes).\n - drm/i915/reg: Fix spelling mistake \"Unsupport\" -> \"Unsupported\"\n (git-fixes).\n - drm/i915: fix null pointer dereference (git-fixes).\n - drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).\n - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function\n (git-fixes).\n - drm/mediatek: Allow commands to be sent during video mode (git-fixes).\n - drm/mediatek: Keep dsi as LP00 before dcs cmds transfer (git-fixes).\n - drm/mediatek: Modify dsi funcs to atomic operations (git-fixes).\n - drm/mediatek: Separate poweron/poweroff from enable/disable and define\n new funcs (git-fixes).\n - drm/mediatek: dpi: Only enable dpi after the bridge is enabled\n (git-fixes).\n - drm/mediatek: dpi: Remove output format of YUV (git-fixes).\n - drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n (git-fixes).\n - drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).\n - drm/msm/dpu: Fix for non-visible planes (git-fixes).\n - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n - drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n - drm/msm/hdmi: drop empty 'none' regulator lists (git-fixes).\n - drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform\n (git-fixes).\n - drm/msm/mdp5: Fix global state lock backoff (git-fixes).\n - drm/msm: Avoid dirtyfb stalls on video mode displays (v2) (git-fixes).\n - drm/msm: Fix dirtyfb refcounting (git-fixes).\n - drm/nouveau/acpi: Do not print error when we get -EINPROGRESS from\n pm_runtime (git-fixes).\n - drm/nouveau/kms: Fix failure path for creating DP connectors (git-fixes).\n - drm/nouveau: Do not pm_runtime_put_sync(), only\n pm_runtime_put_autosuspend() (git-fixes).\n - drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).\n - drm/nouveau: recognise GA103 (git-fixes).\n - drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).\n - drm/radeon: fix potential buffer overflow in\n ni_set_mc_special_registers() (git-fixes).\n - drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).\n - drm/rockchip: vop: Do not crash for invalid duplicate_state()\n (git-fixes).\n - drm/shmem-helper: Add missing vunmap on error (git-fixes).\n - drm/simpledrm: Fix return type of\n simpledrm_simple_display_pipe_mode_valid() (git-fixes).\n - drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).\n - drm/sun4i: dsi: Prevent underflow when computing packet sizes\n (git-fixes).\n - drm/ttm: Fix dummy res NULL ptr deref bug (git-fixes).\n - drm/udl: Add parameter to set number of URBs (bsc#1195917).\n - drm/udl: Add reset_resume (bsc#1195917)\n - drm/udl: Do not re-initialize stuff at retrying the URB list allocation\n (bsc#1195917).\n - drm/udl: Drop unneeded alignment (bsc#1195917).\n - drm/udl: Enable damage clipping (bsc#1195917).\n - drm/udl: Fix inconsistent urbs.count value during udl_free_urb_list()\n (bsc#1195917).\n - drm/udl: Fix potential URB leaks (bsc#1195917).\n - drm/udl: Increase the default URB list size to 20 (bsc#1195917).\n - drm/udl: Kill pending URBs at suspend and disconnect (bsc#1195917).\n - drm/udl: Replace BUG_ON() with WARN_ON() (bsc#1195917).\n - drm/udl: Replace semaphore with a simple wait queue (bsc#1195917).\n - drm/udl: Restore display mode on resume (bsc#1195917)\n - drm/udl: Suppress error print for -EPROTO at URB completion\n (bsc#1195917).\n - drm/udl: Sync pending URBs at suspend / disconnect (bsc#1195917).\n - drm/udl: Sync pending URBs at the end of suspend (bsc#1195917).\n - drm/vc4: change vc4_dma_range_matches from a global to static\n (git-fixes).\n - drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component\n (git-fixes).\n - drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable\n iteration (git-fixes).\n - drm/vc4: dsi: Correct DSI divider calculations (git-fixes).\n - drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).\n - drm/vc4: dsi: Fix dsi0 interrupt support (git-fixes).\n - drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type (git-fixes).\n - drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes\n (git-fixes).\n - drm/vc4: hdmi: Disable audio if dmas property is present but empty\n (git-fixes).\n - drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).\n - drm/vc4: hdmi: Reset HDMI MISC_CONTROL register (git-fixes).\n - drm/vc4: plane: Fix margin calculations for the right/bottom edges\n (git-fixes).\n - drm/vc4: plane: Remove subpixel positioning check (git-fixes).\n - drm: adv7511: override i2c address of cec before accessing it\n (git-fixes).\n - drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).\n - drm: bridge: sii8620: fix possible off-by-one (git-fixes).\n - dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED (git-fixes).\n - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles (git-fixes).\n - dt-bindings: arm: qcom: fix MSM8994 boards compatibles (git-fixes).\n - dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding (git-fixes).\n - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources\n (git-fixes).\n - dt-bindings: gpio: zynq: Add missing compatible strings (git-fixes).\n - dt-bindings: iio: accel: Add DT binding doc for ADXL355 (git-fixes).\n - dt-bindings: usb: mtk-xhci: Allow wakeup interrupt-names to be optional\n (git-fixes).\n - dtb: Do not include sources in src.rpm - refer to kernel-source Same as\n other kernel binary packages there is no need to carry duplicate sources\n in dtb packages.\n - eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()\n (git-fixes).\n - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler\n (git-fies).\n - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n - ext4: add new helper interface ext4_try_to_trim_range() (bsc#1202783).\n - ext4: add reserved GDT blocks check (bsc#1202712).\n - ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n - ext4: fast commit may miss tracking unwritten range during ftruncate\n (bsc#1202759).\n - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state\n (bsc#1202771).\n - ext4: fix a possible ABBA deadlock due to busy PA (bsc#1202762).\n - ext4: fix bug_on in ext4_writepages (bsc#1200872).\n - ext4: fix error handling in ext4_fc_record_modified_inode()\n (bsc#1202767).\n - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n - ext4: fix fallocate to use file_modified to update permissions\n consistently (bsc#1202769).\n - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE\n (bsc#1202757).\n - ext4: fix fs corruption when tring to remove a non-empty directory with\n IO error (bsc#1202768).\n - ext4: fix incorrect type issue during replay_del_range (bsc#1202867).\n - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'\n (bsc#1202764).\n - ext4: fix overhead calculation to account for the reserved gdt blocks\n (bsc#1200869).\n - ext4: fix race when reusing xattr blocks (bsc#1198971).\n - ext4: fix super block checksum incorrect after mount (bsc#1202773).\n - ext4: fix symlink file size not match to file content (bsc#1200868).\n - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n - ext4: force overhead calculation if the s_overhead_cluster makes no\n sense (bsc#1200870).\n - ext4: initialize err_blk before calling __ext4_get_inode_loc\n (bsc#1202763).\n - ext4: make sure quota gets properly shutdown on error (bsc#1195480).\n - ext4: make sure to reset inode lockdep class when quota enabling fails\n (bsc#1202761).\n - ext4: mark group as trimmed only if it was fully scanned (bsc#1202770).\n - ext4: modify the logic of ext4_mb_new_blocks_simple (bsc#1202766).\n - ext4: prevent used blocks from being allocated during fast commit replay\n (bsc#1202765).\n - ext4: recover csum seed of tmp_inode after migrating to extents\n (bsc#1202713).\n - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n - ext4: use ext4_ext_remove_space() for fast commit replay delete range\n (bsc#1202758).\n - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n - fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).\n - fbdev: fbcon: Properly revert changes when vc_resize() failed (git-fies).\n - filemap: Handle sibling entries in filemap_get_read_batch()\n (bsc#1202774).\n - firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n (git-fixes).\n - firmware: tegra: Fix error check return value of debugfs_create_file()\n (git-fixes).\n - firmware: tegra: bpmp: Do only aligned access to IPC memory area\n (git-fixes).\n - fix race between exit_itimers() and /proc/pid/timers (git-fixes).\n - fpga: altera-pr-ip: fix unsigned comparison with less than zero\n (git-fixes).\n - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped\n pages (bsc#1200873).\n - ftrace/x86: Add back ftrace_expected assignment (git-fixes).\n - fuse: ioctl: translate ENOSYS (bsc#1203139).\n - fuse: limit nsec (bsc#1203138).\n - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n - geneve: fix TOS inheriting for ipv4 (git-fixes).\n - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()\n (git-fixes).\n - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n - grub: Fix symbol `grub_disk_get_size' not found (bsc#1201361\n bsc#1192968).\n - habanalabs/gaudi: fix shift out of bounds (git-fixes).\n - habanalabs/gaudi: mask constant value before cast (git-fixes).\n - hwmon: (dell-smm) Add Dell XPS 13 7390 to fan control whitelist\n (git-fixes).\n - hwmon: (drivetemp) Add module alias (git-fixes).\n - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n - hwmon: (sht15) Fix wrong assumptions in device remove callback\n (git-fixes).\n - i2c: Fix a potential use after free (git-fixes).\n - i2c: cadence: Support PEC for SMBus block read (git-fixes).\n - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n - i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).\n - i2c: mxs: Silence a clang warning (git-fixes).\n - i2c: npcm: Capitalize the one-line comment (git-fixes).\n - i2c: npcm: Correct slave role behavior (git-fixes).\n - i2c: npcm: Remove own slave addresses 2:10 (git-fixes).\n - ice: fix 'scheduling while atomic' on aux critical err interrupt\n (git-fixes).\n - ieee80211: add EHT 1K aggregation definitions (bsc#1202131).\n - ieee80211: change HE nominal packet padding value defines (bsc#1202131).\n - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n - iio: accel: bma220: Fix alignment for DMA safety (git-fixes).\n - iio: accel: bma400: Fix the scale min and max macro values (git-fixes).\n - iio: accel: bma400: Reordering of header files (git-fixes).\n - iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).\n - iio: accel: sca3300: Fix alignment for DMA safety (git-fixes).\n - iio: ad7292: Prevent regulator double disable (git-fixes).\n - iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7292: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7923: Fix alignment for DMA safety (git-fixes).\n - iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ltc2496: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1027: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max11100: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1118: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1241: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp3911: make use of the sign bit (git-fixes).\n - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n - iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc108s102: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads131e08: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).\n - iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).\n - iio: common: ssp: Fix alignment for DMA safety (git-fixes).\n - iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large\n (git-fixes).\n - iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5766: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5770r: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).\n - iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).\n - iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).\n - iio: fix iio_format_avail_range() printing for none IIO_VAL_INT\n (git-fixes).\n - iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).\n - iio: imu: fxos8700: Fix alignment for DMA safety (git-fixes).\n - iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).\n - iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).\n - iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).\n - iio: temp: ltc2983: Fix alignment for DMA safety (git-fixes).\n - iio: temp: maxim_thermocouple: Fix alignment for DMA safety (git-fixes).\n - intel_th: Fix a resource leak in an error handling path (git-fixes).\n - intel_th: msu-sink: Potential dereference of null pointer (git-fixes).\n - intel_th: msu: Fix vmalloced buffers (git-fixes).\n - intel_th: pci: Add Meteor Lake-P support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n - interconnect: imx: fix max_node_id (git-fixes).\n - io_uring: add a schedule point in io_add_buffers() (git-fixes).\n - io_uring: terminate manual loop iterator loop correctly for non-vecs\n (git-fixes).\n - iommu/amd: Clarify AMD IOMMUv2 initialization messages (git-fixes).\n - iommu/amd: Enable swiotlb in all cases (git-fixes).\n - iommu/amd: Fix I/O page table memory leak (git-fixes).\n - iommu/amd: Recover from event log overflow (git-fixes).\n - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement\n (git-fixes).\n - iommu/arm-smmu-v3-sva: Fix mm use-after-free (git-fixes).\n - iommu/arm-smmu-v3: Fix size calculation in\n arm_smmu_mm_invalidate_range() (git-fixes).\n - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop\n (git-fixes).\n - iommu/dart: Add missing module owner to ops structure (git-fixes).\n - iommu/dart: check return value after calling platform_get_resource()\n (git-fixes).\n - iommu/exynos: Handle failed IOMMU device registration properly\n (git-fixes).\n - iommu/iova: Improve 32-bit free space estimate (git-fixes).\n - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n - iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (git-fixes).\n - iommu/mediatek: Fix 2 HW sharing pgtable issue (git-fixes).\n - iommu/mediatek: Fix NULL pointer dereference when printing dev_name\n (git-fixes).\n - iommu/mediatek: Remove clk_disable in mtk_iommu_remove (git-fixes).\n - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n - iommu/omap: Fix regression in probe for NULL pointer dereference\n (git-fixes).\n - iommu/tegra-smmu: Fix missing put_device() call in tegra_smmu_find\n (git-fixes).\n - iommu/vt-d: Acquiring lock in domain ID allocation helpers (bsc#1200301).\n - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n - iommu/vt-d: Drop stop marker messages (git-fixes).\n - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n - iommu/vt-d: Make DMAR_UNITS_SUPPORTED default 1024 (bsc#1200301).\n - iommu/vt-d: Refactor iommu information of each domain (bsc#1200301).\n - iommu/vt-d: Remove global g_iommus array (bsc#1200301).\n - iommu/vt-d: Remove intel_iommu::domains (bsc#1200301).\n - iommu/vt-d: Remove unnecessary check in intel_iommu_add() (bsc#1200301).\n - iommu/vt-d: Use IDA interface to manage iommu sequence id (bsc#1200301).\n - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n (git-fixes).\n - iommu: Fix potential use-after-free during probe (git-fixes).\n - ipmi: fix initialization when workqueue allocation fails (git-fixes).\n - irqchip/tegra: Fix overflow implicit truncation warnings (git-fixes).\n - iwlwifi/fw: use struct_size over open coded arithmetic (bsc#1202131).\n - iwlwifi: ACPI: support revision 3 WGDS tables (bsc#1202131).\n - iwlwifi: Add support for getting rf id with blank otp (bsc#1202131).\n - iwlwifi: Add support for more BZ HWs (bsc#1202131).\n - iwlwifi: BZ Family BUS_MASTER_DISABLE_REQ code duplication (bsc#1202131).\n - iwlwifi: BZ Family SW reset support (bsc#1202131).\n - iwlwifi: Configure FW debug preset via module param (bsc#1202131).\n - iwlwifi: Fix FW name for gl (bsc#1202131).\n - iwlwifi: Fix missing error code in iwl_pci_probe() (bsc#1202131).\n - iwlwifi: Fix syntax errors in comments (bsc#1202131).\n - iwlwifi: Make use of the helper macro LIST_HEAD() (bsc#1202131).\n - iwlwifi: Read the correct addresses when getting the crf id\n (bsc#1202131).\n - iwlwifi: Start scratch debug register for Bz family (bsc#1202131).\n - iwlwifi: acpi: fix wgds rev 3 size (bsc#1202131).\n - iwlwifi: acpi: move ppag code from mvm to fw/acpi (bsc#1202131).\n - iwlwifi: add missing entries for Gf4 with So and SoF (bsc#1202131).\n - iwlwifi: add new Qu-Hr device (bsc#1202131).\n - iwlwifi: add new ax1650 killer device (bsc#1202131).\n - iwlwifi: add new device id 7F70 (bsc#1202131).\n - iwlwifi: add new pci SoF with JF (bsc#1202131).\n - iwlwifi: add some missing kernel-doc in struct iwl_fw (bsc#1202131).\n - iwlwifi: add support for BNJ HW (bsc#1202131).\n - iwlwifi: add support for BZ-U and BZ-L HW (bsc#1202131).\n - iwlwifi: add support for Bz-Z HW (bsc#1202131).\n - iwlwifi: add vendor specific capabilities for some RFs (bsc#1202131).\n - iwlwifi: advertise support for HE - DCM BPSK RX/TX (bsc#1202131).\n - iwlwifi: allow rate-limited error messages (bsc#1202131).\n - iwlwifi: api: fix struct iwl_wowlan_status_v7 kernel-doc (bsc#1202131).\n - iwlwifi: api: remove ttl field from TX command (bsc#1202131).\n - iwlwifi: api: remove unused RX status bits (bsc#1202131).\n - iwlwifi: avoid variable shadowing (bsc#1202131).\n - iwlwifi: avoid void pointer arithmetic (bsc#1202131).\n - iwlwifi: bump FW API to 67 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 68 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 69 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 70 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 71 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 72 for AX devices (bsc#1202131).\n - iwlwifi: cfg: add support for 1K BA queue (bsc#1202131).\n - iwlwifi: dbg-tlv: clean up iwl_dbg_tlv_update_drams() (bsc#1202131).\n - iwlwifi: dbg: add infra for tracking free buffer size (bsc#1202131).\n - iwlwifi: dbg: check trigger data before access (bsc#1202131).\n - iwlwifi: dbg: disable ini debug in 8000 family and below (bsc#1202131).\n - iwlwifi: dbg: in sync mode do not call schedule (bsc#1202131).\n - iwlwifi: dbg: treat dbgc allocation failure when tlv is missing\n (bsc#1202131).\n - iwlwifi: dbg: treat non active regions as unsupported regions\n (bsc#1202131).\n - iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write\n (bsc#1202131).\n - iwlwifi: de-const properly where needed (bsc#1202131).\n - iwlwifi: debugfs: remove useless double condition (bsc#1202131).\n - iwlwifi: do not dump_stack() when we get an unexpected interrupt\n (bsc#1202131).\n - iwlwifi: do not use __unused as variable name (bsc#1202131).\n - iwlwifi: drv: load tlv debug data earlier (bsc#1202131).\n - iwlwifi: dump CSR scratch from outer function (bsc#1202131).\n - iwlwifi: dump RCM error tables (bsc#1202131).\n - iwlwifi: dump both TCM error tables if present (bsc#1202131).\n - iwlwifi: dump host monitor data when NIC does not init (bsc#1202131).\n - iwlwifi: dvm: use struct_size over open coded arithmetic (bsc#1202131).\n - iwlwifi: eeprom: clean up macros (bsc#1202131).\n - iwlwifi: fix LED dependencies (bsc#1202131).\n - iwlwifi: fix debug TLV parsing (bsc#1202131).\n - iwlwifi: fix fw/img.c license statement (bsc#1202131).\n - iwlwifi: fix iwl_legacy_rate_to_fw_idx (bsc#1202131).\n - iwlwifi: fix small doc mistake for iwl_fw_ini_addr_val (bsc#1202131).\n - iwlwifi: fix various more -Wcast-qual warnings (bsc#1202131).\n - iwlwifi: fw dump: add infrastructure for dump scrubbing (bsc#1202131).\n - iwlwifi: fw: add support for splitting region type bits (bsc#1202131).\n - iwlwifi: fw: api: add link to PHY context command struct v1\n (bsc#1202131).\n - iwlwifi: fw: correctly detect HW-SMEM region subtype (bsc#1202131).\n - iwlwifi: fw: fix some scan kernel-doc (bsc#1202131).\n - iwlwifi: fw: init SAR GEO table only if data is present (bsc#1202131).\n - iwlwifi: fw: make dump_start callback void (bsc#1202131).\n - iwlwifi: fw: remove dead error log code (bsc#1202131).\n - iwlwifi: implement reset flow for Bz devices (bsc#1202131).\n - iwlwifi: iwl-eeprom-parse: mostly dvm only (bsc#1202131).\n - iwlwifi: make iwl_fw_lookup_cmd_ver() take a cmd_id (bsc#1202131).\n - iwlwifi: make iwl_txq_dyn_alloc_dma() return the txq (bsc#1202131).\n - iwlwifi: make some functions friendly to sparse (bsc#1202131).\n - iwlwifi: move symbols into a separate namespace (bsc#1202131).\n - iwlwifi: mvm/api: define system control command (bsc#1202131).\n - iwlwifi: mvm: Add RTS and CTS flags to iwl_tx_cmd_flags (bsc#1202131).\n - iwlwifi: mvm: Add list of OEMs allowed to use TAS (bsc#1202131).\n - iwlwifi: mvm: Add support for a new version of scan request command\n (bsc#1202131).\n - iwlwifi: mvm: Add support for new rate_n_flags in tx_cmd (bsc#1202131).\n - iwlwifi: mvm: Consider P2P GO operation during scan (bsc#1202131).\n - iwlwifi: mvm: Disable WiFi bands selectively with BIOS (bsc#1202131).\n - iwlwifi: mvm: Do not fail if PPAG isn't supported (bsc#1202131).\n - iwlwifi: mvm: Fix wrong documentation for scan request command\n (bsc#1202131).\n - iwlwifi: mvm: Passively scan non PSC channels only when requested so\n (bsc#1202131).\n - iwlwifi: mvm: Read acpi dsm to get channel activation bitmap\n (bsc#1202131).\n - iwlwifi: mvm: Remove antenna c references (bsc#1202131).\n - iwlwifi: mvm: Support new TX_RSP and COMPRESSED_BA_RES versions\n (bsc#1202131).\n - iwlwifi: mvm: Support new rate_n_flags for REPLY_RX_MPDU_CMD and\n RX_NO_DATA_NOTIF (bsc#1202131).\n - iwlwifi: mvm: Support new version of BEACON_TEMPLATE_CMD (bsc#1202131).\n - iwlwifi: mvm: Support new version of ranging response notification\n (bsc#1202131).\n - iwlwifi: mvm: Support version 3 of tlc_update_notif (bsc#1202131).\n - iwlwifi: mvm: Unify the scan iteration functions (bsc#1202131).\n - iwlwifi: mvm: Use all Rx chains for roaming scan (bsc#1202131).\n - iwlwifi: mvm: add US/CA to TAS block list if OEM isn't allowed\n (bsc#1202131).\n - iwlwifi: mvm: add a flag to reduce power command (bsc#1202131).\n - iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).\n - iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).\n - iwlwifi: mvm: add dbg_time_point to debugfs (bsc#1202131).\n - iwlwifi: mvm: add definitions for new rate & flags (bsc#1202131).\n - iwlwifi: mvm: add lmac/umac PC info in case of error (bsc#1202131).\n - iwlwifi: mvm: add missing min_size to kernel-doc (bsc#1202131).\n - iwlwifi: mvm: add some missing command strings (bsc#1202131).\n - iwlwifi: mvm: add support for 160Mhz in ranging measurements\n (bsc#1202131).\n - iwlwifi: mvm: add support for CT-KILL notification version 2\n (bsc#1202131).\n - iwlwifi: mvm: add support for IMR based on platform (bsc#1202131).\n - iwlwifi: mvm: add support for OCE scan (bsc#1202131).\n - iwlwifi: mvm: add support for PHY context command v4 (bsc#1202131).\n - iwlwifi: mvm: add support for statistics update version 15 (bsc#1202131).\n - iwlwifi: mvm: allow enabling UHB TAS in the USA via ACPI setting\n (bsc#1202131).\n - iwlwifi: mvm: always remove the session protection after association\n (bsc#1202131).\n - iwlwifi: mvm: always store the PPAG table as the latest version\n (bsc#1202131).\n - iwlwifi: mvm: always use 4K RB size by default (bsc#1202131).\n - iwlwifi: mvm: change old-SN drop threshold (bsc#1202131).\n - iwlwifi: mvm: clean up indenting in iwl_mvm_tlc_update_notif()\n (bsc#1202131).\n - iwlwifi: mvm: convert old rate & flags to the new format (bsc#1202131).\n - iwlwifi: mvm: correct sta-state logic for TDLS (bsc#1202131).\n - iwlwifi: mvm: correctly set channel flags (bsc#1202131).\n - iwlwifi: mvm: correctly set schedule scan profiles (bsc#1202131).\n - iwlwifi: mvm: d3: move GTK rekeys condition (bsc#1202131).\n - iwlwifi: mvm: d3: support v12 wowlan status (bsc#1202131).\n - iwlwifi: mvm: d3: use internal data representation (bsc#1202131).\n - iwlwifi: mvm: demote non-compliant kernel-doc header (bsc#1202131).\n - iwlwifi: mvm: do not get address of mvm->fwrt just to dereference as a\n pointer (bsc#1202131).\n - iwlwifi: mvm: do not send BAID removal to the FW during hw_restart\n (bsc#1202131).\n - iwlwifi: mvm: do not trust hardware queue number (bsc#1202131).\n - iwlwifi: mvm: drop too short packets silently (bsc#1202131).\n - iwlwifi: mvm: extend session protection on association (bsc#1202131).\n - iwlwifi: mvm: fix WGDS table print in iwl_mvm_chub_update_mcc()\n (bsc#1202131).\n - iwlwifi: mvm: fix a stray tab (bsc#1202131).\n - iwlwifi: mvm: fix condition which checks the version of rate_n_flags\n (bsc#1202131).\n - iwlwifi: mvm: fix delBA vs. NSSN queue sync race (bsc#1202131).\n - iwlwifi: mvm: fix ieee80211_get_he_iftype_cap() iftype (bsc#1202131).\n - iwlwifi: mvm: fix off by one in iwl_mvm_stat_iterator_all_macs()\n (bsc#1202131).\n - iwlwifi: mvm: fw: clean up hcmd struct creation (bsc#1202131).\n - iwlwifi: mvm: handle RX checksum on Bz devices (bsc#1202131).\n - iwlwifi: mvm: improve log when processing CSA (bsc#1202131).\n - iwlwifi: mvm: isolate offload assist (checksum) calculation\n (bsc#1202131).\n - iwlwifi: mvm: make iwl_mvm_reconfig_scd() static (bsc#1202131).\n - iwlwifi: mvm: offload channel switch timing to FW (bsc#1202131).\n - iwlwifi: mvm: only enable HE DCM if we also support TX (bsc#1202131).\n - iwlwifi: mvm: optionally suppress assert log (bsc#1202131).\n - iwlwifi: mvm: parse firmware alive message version 6 (bsc#1202131).\n - iwlwifi: mvm: read 6E enablement flags from DSM and pass to FW\n (bsc#1202131).\n - iwlwifi: mvm: reduce WARN_ON() in TX status path (bsc#1202131).\n - iwlwifi: mvm: refactor iwl_mvm_sta_rx_agg() (bsc#1202131).\n - iwlwifi: mvm: refactor setting PPE thresholds in STA_HE_CTXT_CMD\n (bsc#1202131).\n - iwlwifi: mvm: remove card state notification code (bsc#1202131).\n - iwlwifi: mvm: remove cipher scheme support (bsc#1202131).\n - iwlwifi: mvm: remove csi from iwl_mvm_pass_packet_to_mac80211()\n (bsc#1202131).\n - iwlwifi: mvm: remove iwl_mvm_disable_txq() flags argument (bsc#1202131).\n - iwlwifi: mvm: remove session protection after auth/assoc (bsc#1202131).\n - iwlwifi: mvm: remove session protection on disassoc (bsc#1202131).\n - iwlwifi: mvm: remove session protection upon station removal\n (bsc#1202131).\n - iwlwifi: mvm: rfi: handle deactivation notification (bsc#1202131).\n - iwlwifi: mvm: rfi: update rfi table (bsc#1202131).\n - iwlwifi: mvm: rfi: use kmemdup() to replace kzalloc + memcpy\n (bsc#1202131).\n - iwlwifi: mvm: scrub key material in firmware dumps (bsc#1202131).\n - iwlwifi: mvm: set BT-coex high priority for 802.1X/4-way-HS\n (bsc#1202131).\n - iwlwifi: mvm: set inactivity timeouts also for PS-poll (bsc#1202131).\n - iwlwifi: mvm: starting from 22000 we have 32 Rx AMPDU sessions\n (bsc#1202131).\n - iwlwifi: mvm: support Bz TX checksum offload (bsc#1202131).\n - iwlwifi: mvm: support RLC configuration command (bsc#1202131).\n - iwlwifi: mvm: support new BAID allocation command (bsc#1202131).\n - iwlwifi: mvm: support revision 1 of WTAS table (bsc#1202131).\n - iwlwifi: mvm: support v3 of station HE context command (bsc#1202131).\n - iwlwifi: mvm: update BAID allocation command again (bsc#1202131).\n - iwlwifi: mvm: update RFI TLV (bsc#1202131).\n - iwlwifi: mvm: update definitions due to new rate & flags (bsc#1202131).\n - iwlwifi: mvm: update rate scale in moving back to assoc state\n (bsc#1202131).\n - iwlwifi: mvm: use a define for checksum flags mask (bsc#1202131).\n - iwlwifi: mvm: use debug print instead of WARN_ON() (bsc#1202131).\n - iwlwifi: nvm: Correct HE capability (bsc#1202131).\n - iwlwifi: parse debug exclude data from firmware file (bsc#1202131).\n - iwlwifi: parse error tables from debug TLVs (bsc#1202131).\n - iwlwifi: pcie: Adapt rx queue write pointer for Bz family (bsc#1202131).\n - iwlwifi: pcie: add jacket bit to device configuration parsing\n (bsc#1202131).\n - iwlwifi: pcie: add support for MS devices (bsc#1202131).\n - iwlwifi: pcie: adjust to Bz completion descriptor (bsc#1202131).\n - iwlwifi: pcie: fix SW error MSI-X mapping (bsc#1202131).\n - iwlwifi: pcie: fix constant-conversion warning (bsc#1202131).\n - iwlwifi: pcie: fix killer name matching for AX200 (bsc#1202131).\n - iwlwifi: pcie: iwlwifi: fix device id 7F70 struct (bsc#1202131).\n - iwlwifi: pcie: make sure iwl_rx_packet_payload_len() will not underflow\n (bsc#1202131).\n - iwlwifi: pcie: refactor dev_info lookup (bsc#1202131).\n - iwlwifi: pcie: remove duplicate entry (bsc#1202131).\n - iwlwifi: pcie: remove two duplicate PNJ device entries (bsc#1202131).\n - iwlwifi: pcie: retake ownership after reset (bsc#1202131).\n - iwlwifi: pcie: simplify iwl_pci_find_dev_info() (bsc#1202131).\n - iwlwifi: pcie: support Bz suspend/resume trigger (bsc#1202131).\n - iwlwifi: pcie: try to grab NIC access early (bsc#1202131).\n - iwlwifi: pcie: update sw error interrupt for BZ family (bsc#1202131).\n - iwlwifi: pnvm: print out the version properly (bsc#1202131).\n - iwlwifi: prefer WIDE_ID() over iwl_cmd_id() (bsc#1202131).\n - iwlwifi: propagate (const) type qualifier (bsc#1202131).\n - iwlwifi: recognize missing PNVM data and then log filename (bsc#1202131).\n - iwlwifi: remove MODULE_AUTHOR() statements (bsc#1202131).\n - iwlwifi: remove command ID argument from queue allocation (bsc#1202131).\n - iwlwifi: remove contact information (bsc#1202131).\n - iwlwifi: remove deprecated broadcast filtering feature (bsc#1202131).\n - iwlwifi: remove redundant iwl_finish_nic_init() argument (bsc#1202131).\n - iwlwifi: remove unused DC2DC_CONFIG_CMD definitions (bsc#1202131).\n - iwlwifi: remove unused iwlax210_2ax_cfg_so_hr_a0 structure (bsc#1202131).\n - iwlwifi: remove unused macros (bsc#1202131).\n - iwlwifi: rename CHANNEL_SWITCH_NOA_NOTIF to CHANNEL_SWITCH_START_NOTIF\n (bsc#1202131).\n - iwlwifi: rename GEO_TX_POWER_LIMIT to PER_CHAIN_LIMIT_OFFSET_CMD\n (bsc#1202131).\n - iwlwifi: rs: add support for TLC config command ver 4 (bsc#1202131).\n - iwlwifi: scan: Modify return value of a function (bsc#1202131).\n - iwlwifi: support 4-bits in MAC step value (bsc#1202131).\n - iwlwifi: support SAR GEO Offset Mapping override via BIOS (bsc#1202131).\n - iwlwifi: support new queue allocation command (bsc#1202131).\n - iwlwifi: swap 1650i and 1650s killer struct names (bsc#1202131).\n - iwlwifi: tlc: Add logs in rs_fw_rate_init func to print TLC\n configuration (bsc#1202131).\n - iwlwifi: use 4k queue size for Bz A-step (bsc#1202131).\n - iwlwifi: yoyo: Avoid using dram data if allocation failed (bsc#1202131).\n - iwlwifi: yoyo: add IMR DRAM dump support (bsc#1202131).\n - iwlwifi: yoyo: disable IMR DRAM region if IMR is disabled (bsc#1202131).\n - iwlwifi: yoyo: dump IMR DRAM only for HW and FW error (bsc#1202131).\n - iwlwifi: yoyo: fix DBGC allocation flow (bsc#1202131).\n - iwlwifi: yoyo: fix DBGI_SRAM ini dump header (bsc#1202131).\n - iwlwifi: yoyo: fix issue with new DBGI_SRAM region read (bsc#1202131).\n - iwlwifi: yoyo: fw debug config from context info and preset\n (bsc#1202131).\n - iwlwifi: yoyo: send hcmd to fw after dump collection completes\n (bsc#1202131).\n - iwlwifi: yoyo: support TLV-based firmware reset (bsc#1202131).\n - iwlwifi: yoyo: support dump policy for the dump size (bsc#1202131).\n - iwlwifi: yoyo: support for DBGC4 for dram (bsc#1202131).\n - iwlwifi: yoyo: support for ROM usniffer (bsc#1202131).\n - jbd2: export jbd2_journal_[grab|put]_journal_head (bsc#1202775).\n - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal\n aborted (bsc#1202716).\n - jbd2: fix outstanding credits assert in\n jbd2_journal_commit_transaction() (bsc#1202715).\n - kABI: scsi: libiscsi: fix removal of iscsi_create_conn (bsc#1198410).\n - kabi/severities: add Qlogic qed symbols\n - kabi/severities: add drivers/scsi/hisi_sas for bsc#1202471\n - kabi/severities: add hisilicon hns3 symbols\n - kabi/severities: add microchip dsa drivers\n - kabi/severities: ignore kABI changes in mwifiex drivers Those symbols\n are used only locally in mwifiex (sub-)modules.\n - kabi/severities: octeontx2 driver (jsc#SLE-24682)\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).\n - kbuild: fix the modules order between drivers and libs (git-fixes).\n - kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd\n attempt) (git-fixes).\n - kcm: fix strp_init() order and cleanup (git-fies).\n - kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages\n - kernel-source: include the kernel signature file We assume that the\n upstream tarball is used for released kernels. Then we can also include\n the signature file and keyring in the kernel-source src.rpm. Because of\n mkspec code limitation exclude the signature and keyring from binary\n packages always - mkspec does not parse spec conditionals.\n - kfifo: fix kfifo_to_user() return type (git-fixes).\n - lib/list_debug.c: Detect uninitialized lists (git-fixes).\n - lib/raid6/test: fix multiple definition linking error (git-fixes).\n - lib/smp_processor_id: fix imbalanced instrumentation_end() call\n (git-fixes).\n - lkdtm: Disable return thunks in rodata.c (bsc#1190497).\n - locking/lockdep: Fix lockdep_init_map_*() confusion (git-fixes).\n - loop: Check for overflow while configuring loop (git-fies).\n - mac80211: fix a memory leak where sta_info is not freed (git-fixes).\n - mac80211: introduce channel switch disconnect function (bsc#1202131).\n - marvell: octeontx2: build error: unknown type name 'u64' (jsc#SLE-24682).\n - mbcache: add functions to delete entry if unused (bsc#1198971).\n - mbcache: do not reclaim used entries (bsc#1198971).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - md/raid0: Ignore RAID0 layout if the second zone has only one device\n (git-fixes).\n - md/raid1: fix missing bitmap update w/o WriteMostly devices\n (bsc#1203036).\n - media: [PATCH] pci: atomisp_cmd: fix three missing checks on list\n iterator (git-fixes).\n - media: atmel: atmel-sama7g5-isc: fix warning in configs without OF\n (git-fixes).\n - media: cedrus: h265: Fix flag name (git-fixes).\n - media: cedrus: hevc: Add check for invalid timestamp (git-fixes).\n - media: driver/nxp/imx-jpeg: fix a unexpected return value problem\n (git-fixes).\n - media: hantro: postproc: Fix motion vector space size (git-fixes).\n - media: hdpvr: fix error value returns in hdpvr_read (git-fixes).\n - media: hevc: Embedded indexes in RPS (git-fixes).\n - media: imx-jpeg: Add pm-runtime support for imx-jpeg (git-fixes).\n - media: imx-jpeg: use NV12M to represent non contiguous NV12 (git-fixes).\n - media: pvrusb2: fix memory leak in pvr_probe (git-fixes).\n - media: tw686x: Fix memory leak in tw686x_video_init (git-fixes).\n - media: tw686x: Register the irq at the end of probe (git-fixes).\n - media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set\n (git-fixes).\n - mediatek: mt76: eeprom: fix missing of_node_put() in\n mt76_find_power_limits_node() (git-fixes).\n - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()\n (git-fixes).\n - memstick/ms_block: Fix a memory leak (git-fixes).\n - memstick/ms_block: Fix some incorrect memory allocation (git-fixes).\n - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).\n - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n - mfd: t7l66xb: Drop platform disable callback (git-fixes).\n - misc: fastrpc: fix memory corruption on open (git-fixes).\n - misc: fastrpc: fix memory corruption on probe (git-fixes).\n - misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).\n - mkspec: eliminate @NOSOURCE@ macro This should be alsways used with\n @SOURCES@, just include the content there.\n - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes). kABI: Fix kABI after \"mm/rmap: Fix anon_vma->degree\n ambiguity leading to double-reuse\" (git-fixes).\n - mm/rmap: Fix anon_vma-degree ambiguity leading to double-reuse\n (git-fixes, bsc#1203098).\n - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n - mm: pagewalk: Fix race between unmap and page walker (git-fixes,\n bsc#1203159).\n - mmc: block: Add single read for 4k sector cards (git-fixes).\n - mmc: cavium-octeon: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: core: Fix UHS-I SD 1.8V workaround branch (git-fixes).\n - mmc: meson-gx: Fix an error handling path in meson_mmc_probe()\n (git-fixes).\n - mmc: mxcmmc: Silence a clang warning (git-fixes).\n - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n - mmc: pxamci: Fix another error handling path in pxamci_probe()\n (git-fixes).\n - mmc: renesas_sdhi: Get the reset handle early in the probe (git-fixes).\n - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).\n - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n (git-fixes).\n - mmc: tmio: avoid glitches when resetting (git-fixes).\n - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n (git-fixes).\n - mt76: mt7921: enlarge maximum VHT MPDU length to 11454 (git-fixes).\n - mt76: mt7921: fix aggregation subframes setting to HE max (git-fixes).\n - mtd: dataflash: Add SPI ID table (git-fixes).\n - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n - mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset\n (git-fixes).\n - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n - mtd: rawnand: arasan: Fix clock rate in NV-DDR (git-fixes).\n - mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase\n times (git-fixes).\n - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release\n (git-fixes).\n - mtd: spi-nor: fix spi_nor_spimem_setup_op() call in\n spi_nor_erase_{sector,chip}() (git-fixes).\n - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path\n (git-fixes).\n - musb: fix USB_MUSB_TUSB6010 dependency (git-fixes).\n - mwifiex: Ignore BTCOEX events from the 88W8897 firmware (git-fixes).\n - n_gsm: remove unused parameters from gsm_error() (git-fixes).\n - net: asix: fix \"can't send until first packet is send\" issue (git-fixes).\n - net: bcmgenet: Use stronger register read/writes to assure ordering\n (git-fixes).\n - net: dsa: b53: Add SPI ID table (git-fixes).\n - net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering\n (git-fixes).\n - net: dsa: felix: purge skb from TX timestamping queue if it cannot be\n sent (git-fies).\n - net: dsa: hellcreek: Add STP forwarding rule (git-fixes).\n - net: dsa: hellcreek: Add missing PTP via UDP rules (git-fixes).\n - net: dsa: hellcreek: Allow PTP P2P measurements on blocked ports\n (git-fixes).\n - net: dsa: hellcreek: Fix insertion of static FDB entries (git-fixes).\n - net: dsa: microchip: implement multi-bridge support (git-fixes).\n - net: dsa: mv88e6xxx: Add fix for erratum 5.2 of 88E6393X family\n (git-fixes).\n - net: dsa: mv88e6xxx: Drop unnecessary check in\n mv88e6393x_serdes_erratum_4_6() (git-fixes).\n - net: dsa: mv88e6xxx: Enable port policy support on 6097 (git-fixes).\n - net: dsa: mv88e6xxx: Fix application of erratum 4.8 for 88E6393X\n (git-fixes).\n - net: dsa: mv88e6xxx: Fix inband AN for 2500base-x on 88E6393X family\n (git-fixes).\n - net: dsa: mv88e6xxx: Link in pcs_get_state() if AN is bypassed\n (git-fixes).\n - net: dsa: mv88e6xxx: Save power by disabling SerDes trasmitter and\n receiver (git-fixes).\n - net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()\n (git-fixes).\n - net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports (git-fixes).\n - net: dsa: mv88e6xxx: error handling for serdes_power functions\n (git-fixes).\n - net: dsa: mv88e6xxx: fix \"do not use PHY_DETECT on internal PHY's\"\n (git-fixes).\n - net: dsa: ocelot: seville: utilize of_mdiobus_register (git-fixes).\n - net: dsa: qca8k: fix MTU calculation (git-fixes).\n - net: dsa: seville: register the mdiobus under devres (git-fixes).\n - net: dsa: tag_ocelot_8021q: break circular dependency with ocelot switch\n lib (git-fies).\n - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n - net: hns3: clean residual vf config after disable sriov (git-fixes).\n - net: macsec: fix potential resource leak in macsec_add_rxsa() and\n macsec_add_txsa() (git-fixes).\n - net: marvell: prestera: fix incorrect structure access (git-fixes).\n - net: mscc: ocelot: correctly report the timestamping RX filters in\n ethtool (git-fixes).\n - net: mscc: ocelot: create a function that replaces an existing VCAP\n filter (git-fixes).\n - net: mscc: ocelot: do not dereference NULL pointers with shared tc\n filters (git-fixes).\n - net: mscc: ocelot: do not downgrade timestamping RX filters in\n SIOCSHWTSTAMP (git-fixes).\n - net: mscc: ocelot: fix incorrect balancing with down LAG ports\n (git-fixes).\n - net: mscc: ocelot: set up traps for PTP packets (git-fixes).\n - net: openvswitch: do not send internal clone attribute to the userspace\n (git-fixes).\n - net: openvswitch: fix leak of nested actions (git-fixes).\n - net: openvswitch: fix misuse of the cached connection on tuple changes\n (git-fixes).\n - net: openvswitch: fix parsing of nw_proto for IPv6 fragments (git-fixes).\n - net: phy: Do not WARN for PHY_READY state in mdio_bus_phy_resume()\n (git-fixes).\n - net: phy: Warn about incorrect mdio_bus_phy_resume() state (git-fixes).\n - net: phy: smsc: Disable Energy Detect Power-Down in interrupt mode\n (git-fixes).\n - net: ptp: add a definition for the UDP port for IEEE 1588 general\n messages (git-fixes).\n - net: rose: fix netdev reference changes (git-fixes).\n - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale\n pointer (git-fixes).\n - net: stmmac: clean up impossible condition (git-fixes).\n - net: stmmac: disable Split Header (SPH) for Intel platforms\n (bsc#1194904).\n - net: stmmac: dwc-qos: Disable split header for Tegra194 (bsc#1194904).\n - net: stmmac: fix off-by-one error in sanity check (git-fixes).\n - net: usb: ax88179_178a needs FLAG_SEND_ZLP (git-fixes).\n - net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).\n - net: usb: make USB_RTL8153_ECM non user configurable (git-fixes).\n - net: vmxnet3: fix possible NULL pointer dereference in\n vmxnet3_rq_cleanup() (bsc#1200431).\n - net: vmxnet3: fix possible use-after-free bugs in\n vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c\n (bsc#1200431).\n - net:enetc: allocate CBD ring data memory using DMA coherent methods\n (git-fixes).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout\n (git-fixes).\n - nfsd: fix use-after-free due to delegation race (git-fixes).\n - nmi: Extend NMI watchdog's timer during LPM (bsc#1202872 ltc#197920).\n - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()\n (bnc#1189999 (Scheduler functional and performance backports)).\n - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf (git-fies).\n - ntb_hw_amd: Add NTB PCI ID for new gen CPU (bsc#1202113).\n - nvme-auth: align to pre-upstream FFDHE implementation (bsc#1202265).\n - nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).\n - nvme-rdma: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).\n - nvme: fix RCU hole that allowed for endless looping in multipath round\n robin (bsc#1202636).\n - nvmet: Expose max queues to configfs (bsc#1201865).\n - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (bsc#1202778).\n - ocfs2: fix a deadlock when commit trans (bsc#1202776).\n - octeontx2-af: Add KPU changes to parse NGIO as separate layer\n (jsc#SLE-24682).\n - octeontx2-af: Add PTP device id for CN10K and 95O silcons\n (jsc#SLE-24682).\n - octeontx2-af: Add SDP interface support (jsc#SLE-24682).\n - octeontx2-af: Add debug messages for failures (jsc#SLE-24682).\n - octeontx2-af: Add external ptp input clock (jsc#SLE-24682).\n - octeontx2-af: Add free rsrc count mbox msg (jsc#SLE-24682).\n - octeontx2-af: Add mbox to retrieve bandwidth profile free count\n (jsc#SLE-24682).\n - octeontx2-af: Add support to flush full CPT CTX cache (jsc#SLE-24682).\n - octeontx2-af: Adjust LA pointer for cpt parse header (jsc#SLE-24682).\n - octeontx2-af: Allocate low priority entries for PF (jsc#SLE-24682).\n - octeontx2-af: Allow to configure flow tag LSB byte as RSS adder\n (jsc#SLE-24682).\n - octeontx2-af: Change the order of queue work and interrupt disable\n (jsc#SLE-24682).\n - octeontx2-af: Do not enable Pause frames by default (jsc#SLE-24682).\n - octeontx2-af: Enable CPT HW interrupts (jsc#SLE-24682).\n - octeontx2-af: Enhance mailbox trace entry (jsc#SLE-24682).\n - octeontx2-af: Fix LBK backpressure id count (jsc#SLE-24682).\n - octeontx2-af: Fix inconsistent license text (jsc#SLE-24682).\n - octeontx2-af: Fix interrupt name strings (jsc#SLE-24682).\n - octeontx2-af: Fix spelling mistake \"Makesure\" -> \"Make sure\"\n (jsc#SLE-24682).\n - octeontx2-af: Fix uninitialized variable val (jsc#SLE-24682).\n - octeontx2-af: Flow control resource management (jsc#SLE-24682).\n - octeontx2-af: Handle return value in block reset (jsc#SLE-24682).\n - octeontx2-af: Hardware configuration for inline IPsec (jsc#SLE-24682).\n - octeontx2-af: Increase link credit restore polling timeout\n (jsc#SLE-24682).\n - octeontx2-af: Increase number of reserved entries in KPU (jsc#SLE-24682).\n - octeontx2-af: Increment ptp refcount before use (jsc#SLE-24682).\n - octeontx2-af: Limit KPU parsing for GTPU packets (jsc#SLE-24682).\n - octeontx2-af: Modify install flow error codes (jsc#SLE-24682).\n - octeontx2-af: Optimize KPU1 processing for variable-length headers\n (jsc#SLE-24682).\n - octeontx2-af: Perform cpt lf teardown in non FLR path (jsc#SLE-24682).\n - octeontx2-af: Priority flow control configuration support\n (jsc#SLE-24682).\n - octeontx2-af: Remove channel verification while installing MCAM rules\n (jsc#SLE-24682).\n - octeontx2-af: Remove redundant initialization of variable blkaddr\n (jsc#SLE-24682).\n - octeontx2-af: Remove redundant initialization of variable pin\n (jsc#SLE-24682).\n - octeontx2-af: Reset PTP config in FLR handler (jsc#SLE-24682).\n - octeontx2-af: Retry until RVU block reset complete (jsc#SLE-24682).\n - octeontx2-af: Use DMA_ATTR_FORCE_CONTIGUOUS attribute in DMA alloc\n (jsc#SLE-24682).\n - octeontx2-af: Use NDC TX for transmit packet data (jsc#SLE-24682).\n - octeontx2-af: Use ptp input clock info from firmware data\n (jsc#SLE-24682).\n - octeontx2-af: Wait for TX link idle for credits change (jsc#SLE-24682).\n - octeontx2-af: add proper return codes for AF mailbox handlers\n (jsc#SLE-24682).\n - octeontx2-af: cn10K: Get NPC counters value (jsc#SLE-24682).\n - octeontx2-af: cn10K: support for sched lmtst and other features\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: DWRR MTU configuration (jsc#SLE-24682).\n - octeontx2-af: cn10k: RPM hardware timestamp configuration\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: Set cache lines for NPA batch alloc (jsc#SLE-24682).\n - octeontx2-af: cn10k: Use appropriate register for LMAC enable\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: add workaround for ptp errata (jsc#SLE-24682).\n - octeontx2-af: cn10k: debugfs for dumping LMTST map table (jsc#SLE-24682).\n - octeontx2-af: configure npc for cn10k to allow packets from cpt\n (jsc#SLE-24682).\n - octeontx2-af: debugfs: Add channel and channel mask (jsc#SLE-24682).\n - octeontx2-af: debugfs: Minor changes (jsc#SLE-24682).\n - octeontx2-af: debugfs: do not corrupt user memory (jsc#SLE-24682).\n - octeontx2-af: debugfs: fix error return of allocations (jsc#SLE-24682).\n - octeontx2-af: enable tx shaping feature for 96xx C0 (jsc#SLE-24682).\n - octeontx2-af: fix array bound error (jsc#SLE-24682).\n - octeontx2-af: fix error code in is_valid_offset() (jsc#SLE-24682).\n - octeontx2-af: initialize action variable (jsc#SLE-24682).\n - octeontx2-af: nix and lbk in loop mode in 98xx (jsc#SLE-24682).\n - octeontx2-af: remove redudant second error check on variable err\n (jsc#SLE-24682).\n - octeontx2-af: use swap() to make code cleaner (jsc#SLE-24682).\n - octeontx2-af: verify CQ context updates (jsc#SLE-24682).\n - octeontx2-nic: fix mixed module build (jsc#SLE-24682).\n - octeontx2-nicvf: Add PTP hardware clock support to NIX VF\n (jsc#SLE-24682).\n - octeontx2-nicvf: Free VF PTP resources (jsc#SLE-24682).\n - octeontx2-pf: Add TC feature for VFs (jsc#SLE-24682).\n - octeontx2-pf: Add XDP support to netdev PF (jsc#SLE-24682).\n - octeontx2-pf: Add check for non zero mcam flows (jsc#SLE-24682).\n - octeontx2-pf: Add support for adaptive interrupt coalescing\n (jsc#SLE-24682).\n - octeontx2-pf: Add vlan-etype to ntuple filters (jsc#SLE-24682).\n - octeontx2-pf: Allow VLAN priority also in ntuple filters (jsc#SLE-24682).\n - octeontx2-pf: CN10K: Hide RPM stats over ethtool (jsc#SLE-24682).\n - octeontx2-pf: Do not mask out supported link modes (jsc#SLE-24682).\n - octeontx2-pf: Enable NETIF_F_RXALL support for VF driver (jsc#SLE-24682).\n - octeontx2-pf: Fix inconsistent license text (jsc#SLE-24682).\n - octeontx2-pf: Ntuple filters support for VF netdev (jsc#SLE-24682).\n - octeontx2-pf: PFC config support with DCBx (jsc#SLE-24682).\n - octeontx2-pf: Remove unnecessary synchronize_irq() before free_irq()\n (jsc#SLE-24682).\n - octeontx2-pf: Simplify the receive buffer size calculation\n (jsc#SLE-24682).\n - octeontx2-pf: Sort the allocated MCAM entry indices (jsc#SLE-24682).\n - octeontx2-pf: Unify flow management variables (jsc#SLE-24682).\n - octeontx2-pf: Use hardware register for CQE count (jsc#SLE-24682).\n - octeontx2-pf: cn10K: Reserve LMTST lines per core (jsc#SLE-24682).\n - octeontx2-pf: cn10k: Config DWRR weight based on MTU (jsc#SLE-24682).\n - octeontx2-pf: cn10k: Ensure valid pointers are freed to aura\n (jsc#SLE-24682).\n - octeontx2-pf: cn10k: add support for new ptp timestamp format\n (jsc#SLE-24682).\n - octeontx2-pf: devlink params support to set mcam entry count\n (jsc#SLE-24682).\n - octeontx2-pf: replace bitmap_weight with bitmap_empty where appropriate\n (jsc#SLE-24682).\n - octeontx2-pf: select CONFIG_NET_DEVLINK (jsc#SLE-24682).\n - octeontx2-vf: Add support for adaptive interrupt coalescing\n (jsc#SLE-24682).\n - octeontx2: Move devlink registration to be last devlink command\n (jsc#SLE-24682).\n - openvswitch: Fix setting ipv6 fields causing hw csum failure (git-fixes).\n - openvswitch: Fixed nd target mask field in the flow dump (git-fixes).\n - pci: Add support for ACPI RST reset method (jsc#SLE-19359 jsc#SLE-24572).\n - perf bench futex: Fix memory leak of perf_cpu_map__new() (git-fixes).\n - phy: samsung: phy-exynos-pcie: sanitize init/power_on callbacks\n (git-fixes).\n - phy: stm32: fix error return in stm32_usbphyc_phy_init (git-fixes).\n - pinctrl: amd: Do not save/restore interrupt status and wake status bits\n (git-fixes).\n - pinctrl: intel: Check against matching data instead of ACPI companion\n (git-fixes).\n - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n (git-fixes).\n - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n - pinctrl: qcom: sm8250: Fix PDC map (git-fixes).\n - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n - platform/chrome: cros_ec: Always expose last resume result (git-fixes).\n - platform/chrome: cros_ec_proto: do not show MKBP version if unsupported\n (git-fixes).\n - platform/olpc: Fix uninitialized data in debugfs write (git-fixes).\n - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n - platform/x86: pmc_atom: Match all Lex BayTrail boards with\n critclk_systems DMI table (git-fixes).\n - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for\n PMI check in power_pmu_disable (bsc#1156395).\n - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n - powerpc/powernv: delay rng platform device creation until later in boot\n (bsc#1065729).\n - powerpc/powernv: rename remaining rng powernv_ functions to pnv_\n (bsc#1065729).\n - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n - powerpc: Avoid discarding flags in system_call_exception() (bsc#1194869).\n - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n - proc: fix a dentry lock race between release_task and lookup (git-fixes).\n - proc: fix dentry/inode overinstantiating under /proc/${pid}/net\n (git-fixes).\n - profiling: fix shift too large makes kernel panic (git-fixes).\n - pwm: lpc18xx-sct: Reduce number of devm memory allocations (git-fixes).\n - pwm: lpc18xx-sct: Simplify driver by not using pwm_[gs]et_chip_data()\n (git-fixes).\n - pwm: lpc18xx: Fix period handling (git-fixes).\n - qed: validate and restrict untrusted VFs vlan promisc mode (git-fixes).\n - r8152: fix the RX FIFO settings when suspending (git-fixes).\n - r8152: fix the units of some registers for RTL8156A (git-fixes).\n - random: remove useless header comment (git-fixes).\n - ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n (git-fixes).\n - regulator: pca9450: Remove restrictions for regulator-name (git-fixes).\n - regulator: qcom_smd: Fix pm8916_pldo range (git-fixes).\n - remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init\n (git-fixes).\n - remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init\n (git-fixes).\n - remoteproc: qcom: pas: Check if coredump is enabled (git-fixes).\n - remoteproc: qcom: pas: Mark devices as wakeup capable (git-fixes).\n - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config\n (git-fixes).\n - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n - remoteproc: sysmon: Wait for SSCTL service to come up (git-fixes).\n - rose: check NULL rose_loopback_neigh->loopback (git-fixes).\n - rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)\n We do the move only on 15.5+.\n - rpm/kernel-binary.spec.in: simplify find for usrmerged The type test and\n print line are the same for both cases. The usrmerged case only ignores\n more, so refactor it to make it more obvious.\n - rpm/kernel-source.spec.in: simplify finding of broken symlinks \"find\n -xtype l\" will report them, so use that to make the search a bit faster\n (without using shell).\n - rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - rpmsg: char: Add mutex protection for rpmsg_eptdev_open() (git-fixes).\n - rpmsg: mtk_rpmsg: Fix circular locking dependency (git-fixes).\n - rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge (git-fixes).\n - s390/cpumf: Handle events cycles and instructions identical (git-fixes).\n - s390/crash: fix incorrect number of bytes to copy to user space\n (git-fixes).\n - s390/crash: make copy_oldmem_page() return number of bytes copied\n (git-fixes).\n - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages\n (git-fixes).\n - s390/hypfs: avoid error message under KVM (bsc#1032323).\n - s390/kexec: handle R_390_PLT32DBL rela in\n arch_kexec_apply_relocations_add() (git-fixes).\n - s390/mm: do not trigger write fault when vma does not allow VM_WRITE\n (git-fixes).\n - s390/mm: use non-quiescing sske for KVM switch to keyed guest\n (git-fixes).\n - s390/qeth: cache link_info for ethtool (bsc#1202262 LTC#199322).\n - s390/stp: clock_delta should be signed (git-fixes).\n - s390/zcore: fix race when reading from hardware system area (git-fixes).\n - sched/core: Always flush pending blk_plug (bnc#1189999 (Scheduler\n functional and performance backports)).\n - sched/core: Do not requeue task on CPU excluded from cpus_mask\n (bnc#1199356).\n - sched/deadline: Fix BUG_ON condition for deboosted tasks (git-fixes)\n - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq -kabi (git\n fixes (sched/fair)).\n - sched/fair: Remove redundant word \" *\" (bnc#1189999 (Scheduler\n functional and performance backports)).\n - sched/uclamp: Fix iowait boost escaping uclamp restriction (git-fixes)\n - sched/uclamp: Fix rq->uclamp_max not set on first enqueue (git-fixes)\n - sched: Allow newidle balancing to bail out of load_balance (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched: Fix the check of nr_running at queue wakelist (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched: Remove the limitation of WF_ON_CPU on wakelist if wakee cpu is\n idle (bnc#1189999 (Scheduler functional and performance backports)).\n Refresh\n - sched: Remove unused function group_first_cpu() (bnc#1189999).\n - scripts/faddr2line: Fix vmlinux detection on arm64 (git-fixes).\n - scsi: hisi_sas: Keep controller active between ISR of phyup and the\n event being processed (bsc#1202471).\n - scsi: hisi_sas: Use autosuspend for the host controller (bsc#1202471).\n - scsi: libiscsi: Add iscsi_cls_conn to sysfs after initialization\n (bsc#1198410).\n - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE\n (bsc#1203063).\n - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n - scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).\n - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n - scsi: lpfc: Fix attempted FA-PWWN usage after feature disable\n (bsc#1201956).\n - scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test\n (bsc#1201956).\n - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for\n GFT_ID (bsc#1203063).\n - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE\n (bsc#1201956).\n - scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb()\n (bsc#1201956).\n - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT\n discovery (bsc#1203063).\n - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed\n user input (bsc#1201956).\n - scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into\n lpfc_sli_prep_abort_xri() (bsc#1201956).\n - scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).\n - scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n - scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after\n VMID (bsc#1201956).\n - scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration\n (bsc#1201956).\n - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n - scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb\n (bsc#1201956).\n - scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).\n - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n - scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown\n (git-fixes).\n - scsi: sg: Allow waiting for commands to complete on removed device\n (git-fixes).\n - scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).\n - scsi: ufs: core: Fix another task management completion race (git-fixes).\n - scsi: ufs: core: Fix task management completion timeout race (git-fixes).\n - scsi: zfcp: Fix missing auto port scan and thus missing target ports\n (git-fixes).\n - selftests/seccomp: Fix compile warning when CC=clang (git-fixes).\n - selftests: kvm: set rax before vmcall (git-fixes).\n - selftests: timers: clocksource-switch: fix passing errors from child\n (git-fixes).\n - selftests: timers: valid-adjtimex: build fix for newer toolchains\n (git-fixes).\n - selinux: Add boundary check in put_entry() (git-fixes).\n - selinux: access superblock_security_struct in LSM blob way (git-fixes).\n - selinux: check return value of sel_make_avc_files (git-fixes).\n - selinux: fix bad cleanup on error in hashtab_duplicate() (git-fixes).\n - selinux: fix double free of cond_list on error paths (git-fixes).\n - selinux: fix memleak in security_read_state_kernel() (git-fixes).\n - selinux: fix misuse of mutex_is_locked() (git-fixes).\n - selinux: use correct type for context length (git-fixes).\n - serial: 8250: Add proper clock handling for OxSemi PCIe devices\n (git-fixes).\n - serial: 8250: Export ICR access helpers for internal use (git-fixes).\n - serial: 8250: Fold EndRun device support into OxSemi Tornado code\n (git-fixes).\n - serial: 8250_bcm7271: Save/restore RTS in suspend/resume (git-fixes).\n - serial: 8250_dw: Store LSR into lsr_saved_flags in\n dw8250_tx_wait_empty() (git-fixes).\n - serial: 8250_fsl: Do not report FE, PE and OE twice (git-fixes).\n - serial: 8250_pci: Refactor the loop in pci_ite887x_init() (git-fixes).\n - serial: 8250_pci: Replace dev_*() by pci_*() macros (git-fixes).\n - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n - serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n - soc: amlogic: Fix refcount leak in meson-secure-pwrc.c (git-fixes).\n - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n (git-fixes).\n - soc: fsl: guts: machine variable might be unset (git-fixes).\n - soc: fsl: select FSL_GUTS driver for DPIO (git-fixes).\n - soc: imx: gpcv2: Assert reset before ungating clock (git-fixes).\n - soc: qcom: Make QCOM_RPMPD depend on PM (git-fixes).\n - soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register\n (git-fixes).\n - soc: qcom: ocmem: Fix refcount leak in of_get_ocmem (git-fixes).\n - soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values\n (git-fixes).\n - soundwire: bus_type: fix remove and shutdown support (git-fixes).\n - soundwire: qcom: Check device status before reading devid (git-fixes).\n - soundwire: qcom: fix device status array range (git-fixes).\n - spi: Fix incorrect cs_setup delay handling (git-fixes).\n - spi: Fix simplification of devm_spi_register_controller (git-fixes).\n - spi: dt-bindings: cadence: add missing 'required' (git-fixes).\n - spi: dt-bindings: zynqmp-qspi: add missing 'required' (git-fixes).\n - spi: meson-spicc: add local pow2 clock ops to preserve rate between\n messages (git-fixes).\n - spi: spi-altera-dfl: Fix an error handling path (git-fixes).\n - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n - spi: tegra20-slink: fix UAF in tegra_slink_remove() (git-fixes).\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n (git-fixes).\n - staging: rtl8192u: Fix sleep in atomic context bug in\n dm_fsync_timer_callback (git-fixes).\n - staging: rtl8712: fix use after free bugs (git-fixes).\n - supported.conf: added\n drivers/net/ethernet/marvell/octeontx2/nic/otx2_ptp and changed all\n octeontx2 modules as supported (jsc#SLE-24682)\n - supported.conf: mark lib/objagg supported as dependency of mlxsw\n - supported.conf: mark mlxsw modules supported (jsc#SLE-23766)\n - thermal/int340x_thermal: handle data_vault when the value is\n ZERO_SIZE_PTR (bsc#1201308).\n - thermal/tools/tmon: Include pthread and time headers in tmon.h\n (git-fixes).\n - thermal: sysfs: Fix cooling_device_stats_setup() error code path\n (git-fixes).\n - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n - tools/thermal: Fix possible path truncations (git-fixes).\n - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH\n (git-fixes).\n - trace/osnoise: Add migrate-disabled field to the osnoise header\n (git-fixes).\n - trace/timerlat: Add migrate-disabled field to the timerlat header\n (git-fixes).\n - tracing/histograms: Fix memory leak problem (git-fixes).\n - tracing/kprobes: Check whether get_kretprobe() returns NULL in\n kretprobe_dispatcher() (git-fixes).\n - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n - tracing: Add ustring operation to filtering string pointers (git-fixes).\n - tracing: Fix sleeping while atomic in kdb ftdump (git-fixes).\n - tracing: Have filter accept \"common_cpu\" to be consistent (git-fixes).\n - tracing: Use a struct alignof to determine trace event field alignment\n (git-fixes).\n - tty: 8250: Add support for Brainboxes PX cards (git-fixes).\n - tty: n_gsm: Modify CR,PF bit printk info when config requester\n (git-fixes).\n - tty: n_gsm: Modify cr bit value when config requester (git-fixes).\n - tty: n_gsm: Modify gsmtty driver register method when config requester\n (git-fixes).\n - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()\n (git-fixes).\n - tty: n_gsm: avoid call of sleeping functions from atomic context\n (git-fixes).\n - tty: n_gsm: clean up dead code in gsm_queue() (git-fixes).\n - tty: n_gsm: clean up implicit CR bit encoding in address field\n (git-fixes).\n - tty: n_gsm: clean up indenting in gsm_queue() (git-fixes).\n - tty: n_gsm: fix DM command (git-fixes).\n - tty: n_gsm: fix broken virtual tty handling (git-fixes).\n - tty: n_gsm: fix deadlock and link starvation in outgoing data path\n (git-fixes).\n - tty: n_gsm: fix flow control handling in tx path (git-fixes).\n - tty: n_gsm: fix missing corner cases in gsmld_poll() (git-fixes).\n - tty: n_gsm: fix missing mux reset on config change at responder\n (git-fixes).\n - tty: n_gsm: fix missing timer to handle stalled links (git-fixes).\n - tty: n_gsm: fix non flow control frames during mux flow off (git-fixes).\n - tty: n_gsm: fix packet re-transmission without open control channel\n (git-fixes).\n - tty: n_gsm: fix race condition in gsmld_write() (git-fixes).\n - tty: n_gsm: fix resource allocation order in gsm_activate_mux()\n (git-fixes).\n - tty: n_gsm: fix tty registration before control channel open (git-fixes).\n - tty: n_gsm: fix user open not possible at responder until initiator open\n (git-fixes).\n - tty: n_gsm: fix wrong T1 retry count handling (git-fixes).\n - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()\n (git-fixes).\n - tty: n_gsm: initialize more members at gsm_alloc_mux() (git-fixes).\n - tty: n_gsm: replace kicktimer with delayed_work (git-fixes).\n - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n - tty: serial: fsl_lpuart: correct the count of break characters\n (git-fixes).\n - tty: serial: lpuart: disable flow control while waiting for the transmit\n engine to complete (git-fixes).\n - tty: vt: initialize unicode screen buffer (git-fixes).\n - udf: Fix crash after seekdir (bsc#1194592).\n - udmabuf: Set the DMA mask for the udmabuf device (v2) (git-fixes).\n - usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()\n (git-fixes).\n - usb: cdns3 fix use-after-free at workaround 2 (git-fixes).\n - usb: cdns3: Do not use priv_dev uninitialized in\n cdns3_gadget_ep_enable() (git-fixes).\n - usb: cdns3: change place of 'priv_ep' assignment in\n cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() (git-fixes).\n - usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC transfer\n (git-fixes).\n - usb: cdns3: fix issue with rearming ISO OUT endpoint (git-fixes).\n - usb: cdns3: fix random warning message when driver load (git-fixes).\n - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n - usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch\n (git-fixes).\n - usb: dwc3: core: Deprecate GCTL.CORESOFTRESET (git-fixes).\n - usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup\n (git-fixes).\n - usb: dwc3: dwc3-qcom: Add missing platform_device_put() in\n dwc3_qcom_acpi_register_core (git-fixes).\n - usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API (git-fixes).\n - usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop\n (git-fixes).\n - usb: dwc3: gadget: fix high speed multiplier setting (git-fixes).\n - usb: dwc3: gadget: refactor dwc3_repare_one_trb (git-fixes).\n - usb: dwc3: qcom: Add helper functions to enable,disable wake irqs\n (git-fixes).\n - usb: dwc3: qcom: fix missing optional irq warnings (git-fixes).\n - usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup (git-fixes).\n - usb: gadget: f_uac2: clean up some inconsistent indenting (git-fixes).\n - usb: gadget: f_uac2: fix superspeed transfer (git-fixes).\n - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS\n (git-fixes).\n - usb: gadget: tegra-xudc: Fix error check in\n tegra_xudc_powerdomain_init() (git-fixes).\n - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n - usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).\n - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of\n uvcg_info (git-fixes).\n - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n - usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).\n - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n - usb: renesas: Fix refcount leak bug (git-fixes).\n - usb: typec: altmodes/displayport: correct pin assignment for UFP\n receptacles (git-fixes).\n - usb: typec: tcpm: Return ENOTSUPP for power supply prop writes\n (git-fixes).\n - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion\n (git-fixes).\n - usb: xhci: tegra: Fix error check (git-fixes).\n - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n - usbnet: smsc95xx: Avoid link settings race on interrupt reception\n (git-fixes).\n - usbnet: smsc95xx: Do not clear read-only PHY interrupt (git-fixes).\n - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n - usbnet: smsc95xx: Forward PHY interrupts to PHY driver to avoid polling\n (git-fixes).\n - vboxguest: Do not use devm for irq (git-fixes).\n - vdpa_sim: avoid putting an uninitialized iova_domain (git-fixes).\n - venus: pm_helpers: Fix warning in OPP during probe (git-fixes).\n - vfio/ccw: Do not change FSM state in subchannel event (git-fixes).\n - vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n - vfio: Clear the caps->buf to NULL after free (git-fixes).\n - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n (git-fixes).\n - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n (git-fixes).\n - virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).\n - virtio-net: fix the race between refill work and close (git-fixes).\n - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n - vmxnet3: Record queue number to incoming packets (bsc#1200431).\n - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n - vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n - vmxnet3: add support for capability registers (bsc#1200431).\n - vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n - vmxnet3: add support for out of order rx completion (bsc#1200431).\n - vmxnet3: disable overlay offloads if UPT device does not support\n (bsc#1200431).\n - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n - vmxnet3: prepare for version 7 changes (bsc#1200431).\n - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n - vmxnet3: update to version 7 (bsc#1200431).\n - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n - vrf: do not run conntrack on vrf with !dflt qdisc (git-fixes).\n - vsock: Fix memory leak in vsock_connect() (git-fixes).\n - vsock: Set socket state back to SS_UNCONNECTED in\n vsock_connect_timeout() (git-fixes).\n - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in\n armada_37xx_wdt_probe() (git-fixes).\n - watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource\n (git-fixes).\n - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()\n (git-fixes).\n - wifi: iwlegacy: 4965: fix potential off-by-one overflow in\n il4965_rs_fill_link_cmd() (git-fixes).\n - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n (git-fixes).\n - wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).\n - wifi: mac80211: Do not finalize CSA in IBSS mode if state is\n disconnected (git-fixes).\n - wifi: mac80211: limit A-MSDU subframes for client too (git-fixes).\n - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n - wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).\n - wifi: p54: add missing parentheses in p54_flush() (git-fixes).\n - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()\n (git-fixes).\n - wifi: rtlwifi: remove always-true condition pointed out by GCC 12\n (git-fies).\n - wifi: rtw88: check the return value of alloc_workqueue() (git-fixes).\n - wifi: rtw89: 8852a: rfk: fix div 0 exception (git-fixes).\n - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n (git-fixes).\n - wifi: wil6210: debugfs: fix uninitialized variable use in\n `wil_write_file_wmi()` (git-fixes).\n - wireless: Remove redundant 'flush_workqueue()' calls (bsc#1202131).\n - x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM\n (bsc#1190497).\n - x86/olpc: fix 'logical not is only applied to the left hand side'\n (git-fixes).\n - x86/retbleed: Add fine grained Kconfig knobs (bsc#1190497).\n - x86/sev: Define the Linux-specific guest termination reasons\n (bsc#1190497).\n - x86/sev: Save the negotiated GHCB version (bsc#1190497).\n - xen/gntdev: fix unmap notification order (git-fixes).\n - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() (git-fixes).\n - xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n - xen: detect uninitialized xenbus in xenbus_init (git-fixes).\n - xen: do not continue xenstore initialization in case of errors\n (git-fixes).\n - xfs: Fix the free logic of state in xfs_attr_node_hasname (git-fixes).\n - xfs: check sb_meta_uuid for dabuf buffer recovery (git-fixes).\n - xfs: fix soft lockup via spinning in filestream ag selection loop\n (git-fixes).\n - xfs: fix use-after-free in xattr node block inactivation (git-fixes).\n - xfs: fold perag loop iteration logic into helper function (git-fixes).\n - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n - xfs: only bother with sync_filesystem during readonly remount\n (git-fixes).\n - xfs: prevent UAF in xfs_log_item_in_current_chkpt (git-fixes).\n - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n - xfs: remove incorrect ASSERT in xfs_rename (git-fixes).\n - xfs: rename the next_agno perag iteration variable (git-fixes).\n - xfs: reorder iunlink remove operation in xfs_ifree (git-fixes).\n - xfs: revert \"xfs: actually bump warning counts when we send warnings\"\n (git-fixes).\n - xfs: terminate perag iteration reliably on agcount (git-fixes).\n - xfs: use invalidate_lock to check the state of mmap_lock (git-fixes).\n - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n - xfs: use setattr_copy to set vfs inode attributes (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-3288=1\n\n - SUSE Linux Enterprise Module for Public Cloud 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-3288=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-36516", "CVE-2021-33135", "CVE-2021-4037", "CVE-2022-1184", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2585", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-28356", "CVE-2022-28693", "CVE-2022-2873", "CVE-2022-2905", "CVE-2022-2938", "CVE-2022-2959", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-3078", "CVE-2022-36879", "CVE-2022-36946", "CVE-2022-39188", "CVE-2022-39190"], "modified": "2022-09-16T00:00:00", "id": "SUSE-SU-2022:3288-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7ANQ5K64BNLAAZMGACUGMYBV7Z2ZD5QC/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2022-11-06T12:08:13", "description": "An update that solves 23 vulnerabilities, contains 5\n features and has 88 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various\n security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2022-39190: Fixed an issue that was discovered in\n net/netfilter/nf_tables_api.c and could cause a denial of service upon\n binding to an already bound chain (bnc#1203117).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-3078: Fixed a lack of check after calling vzalloc() and lack of\n free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c\n (bnc#1203041).\n - CVE-2022-28356: Fixed a refcount leak bug that was found in\n net/llc/af_llc.c (bnc#1197391).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke\n descriptors (bsc#1202564, bsc#1202860).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-2938: Fixed a flaw that was found inside the Pressure Stall\n Information implementation that could have been used to allow an\n attacker to crash the system or have other memory-corruption side\n effects (bnc#1202623).\n - CVE-2022-28693: Fixed x86/speculation behavior by disabling RRSBA\n (bsc#1201455).\n - CVE-2021-33135: Fixed uncontrolled resource consumption inside Intel(R)\n SGX that may have allowed an authenticated user to potentially enable\n denial of service via local access (bnc#1199515).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-2959: Fixed a race condition that was found inside the watch\n queue due to a missing lock in pipe_resize_ring() (bnc#1202681\n bnc#1202685).\n - CVE-2022-36946: Fixed a denial of service (panic) inside nfqnl_mangle in\n net/netfilter/nfnetlink_queue.c (bnc#1201940 bnc#1201941 bnc#1202312\n bnc#1202874).\n - CVE-2021-4037: Fixed function logic vulnerability that allowed local\n users to create files for the XFS file-system with an unintended group\n ownership and with group execution and SGID permission bits set\n (bnc#1198702).\n - CVE-2022-2873: Fixed an out-of-bounds memory access flaw that was found\n in iSMT SMBus host controller driver (bnc#1202558).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in\n drivers/acpi/apei/einj.c that allowed users to simulate hardware errors\n and consequently cause a denial of service (bnc#1023051).\n - CVE-2022-2639: Fixed an integer coercion error that was found in the\n openvswitch kernel module (bnc#1202154).\n - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where\n an attacker was able to inject data into or terminate a victim's TCP\n session (bnc#1196616).\n - CVE-2022-32250: Fixed a privilege escalation issue in\n net/netfilter/nf_tables_api.c that allowed a local user to became root\n (bnc#1200015).\n\n\n The following non-security bugs were fixed:\n\n - 9p: Fix refcounting during full path walks for fid lookups (git-fixes).\n - 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (git-fixes).\n - 9p: fix fid refcount leak in v9fs_vfs_get_link (git-fixes).\n - ACPI: APEI: Better fix to avoid spamming the console with old error logs\n (git-fixes).\n - ACPI: APEI: explicit init of HEST and GHES in apci_init() (git-fixes).\n - ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).\n - ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk (git-fixes).\n - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks\n (git-fixes).\n - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).\n - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n - ACPI: VIOT: Fix ACS setup (git-fixes).\n - ACPI: processor/idle: Annotate more functions to live in cpuidle section\n (git-fixes).\n - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).\n - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool\n (git-fixes).\n - ACPI: thermal: drop an always true check (git-fixes).\n - ACPI: video: Force backlight native for some TongFang devices\n (git-fixes).\n - ACPI: video: Shortening quirk list by identifying Clevo by board_name\n only (git-fixes).\n - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).\n - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model\n (git-fixes).\n - ALSA: hda/conexant: add a new hda codec SN6140 (git-fixes).\n - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED\n (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n - ALSA: hda/realtek: Add quirk for Lenovo Yoga9 14IAP7 (git-fixes).\n - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n - ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298\n (git-fixes).\n - ALSA: hda/sigmatel: Keep power up while beep is enabled (bsc#1200544).\n - ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array\n (git-fixes).\n - ALSA: info: Fix llseek return value when using callback (git-fixes).\n - ALSA: seq: Fix data-race at module auto-loading (git-fixes).\n - ALSA: seq: oss: Fix data-race for max_midi_devs access (git-fixes).\n - ALSA: usb-audio: Add endianness annotations (git-fixes).\n - ALSA: usb-audio: Add quirk for Behringer UMC202HD (git-fixes).\n - ALSA: usb-audio: Add quirk for LH Labs Geek Out HD Audio 1V5 (git-fixes).\n - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II\n (git-fixes).\n - ALSA: usb-audio: Support jack detection on Dell dock (git-fixes).\n - ALSA: usb-audio: Turn off 'manual mode' on Dell dock (git-fixes).\n - ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow (git-fixes).\n - ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init (git-fixes).\n - ARM: OMAP2+: Fix refcount leak in omapdss_init_of (git-fixes).\n - ARM: OMAP2+: display: Fix refcount leak bug (git-fixes).\n - ARM: OMAP2+: pdata-quirks: Fix refcount leak bug (git-fixes).\n - ARM: bcm: Fix refcount leak in bcm_kona_smc_init (git-fixes).\n - ARM: dts: BCM5301X: Add DT for Meraki MR26 (git-fixes).\n - ARM: dts: ast2500-evb: fix board compatible (git-fixes).\n - ARM: dts: ast2600-evb-a1: fix board compatible (git-fixes).\n - ARM: dts: ast2600-evb: fix board compatible (git-fixes).\n - ARM: dts: at91: sama5d27_wlsom1: do not keep ldo2 enabled all the time\n (git-fixes).\n - ARM: dts: at91: sama5d27_wlsom1: specify proper regulator output ranges\n (git-fixes).\n - ARM: dts: at91: sama5d2_icp: do not keep vdd_other enabled all the time\n (git-fixes).\n - ARM: dts: at91: sama5d2_icp: specify proper regulator output ranges\n (git-fixes).\n - ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node (git-fixes).\n - ARM: dts: imx6ul: add missing properties for sram (git-fixes).\n - ARM: dts: imx6ul: change operating-points to uint32-matrix (git-fixes).\n - ARM: dts: imx6ul: fix csi node compatible (git-fixes).\n - ARM: dts: imx6ul: fix keypad compatible (git-fixes).\n - ARM: dts: imx6ul: fix lcdif node compatible (git-fixes).\n - ARM: dts: imx6ul: fix qspi node compatible (git-fixes).\n - ARM: dts: imx7d-colibri-emmc: add cpu1 supply (git-fixes).\n - ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg (git-fixes).\n - ARM: dts: qcom: pm8841: add required thermal-sensor-cells (git-fixes).\n - ARM: dts: qcom: sdx55: Fix the IRQ trigger type for UART (git-fixes).\n - ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC (git-fixes).\n - ARM: findbit: fix overflowing offset (git-fixes).\n - ARM: shmobile: rcar-gen2: Increase refcount for new reference\n (git-fixes).\n - ASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n (git-fixes).\n - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n - ASoC: codec: tlv320aic32x4: fix mono playback via I2S (git-fixes).\n - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).\n - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV\n (git-fixes).\n - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n - ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe\n (git-fixes).\n - ASoC: fsl-asoc-card: force cast the asrc_format type (git-fixes).\n - ASoC: fsl_asrc: force cast the asrc_format type (git-fixes).\n - ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format (git-fixes).\n - ASoC: imx-audmux: Silence a clang warning (git-fixes).\n - ASoC: imx-card: Fix DSD/PDM mclk frequency (git-fixes).\n - ASoC: imx-card: use snd_pcm_format_t type for asrc_format (git-fixes).\n - ASoC: mchp-spdifrx: disable end of block interrupt on failures\n (git-fixes).\n - ASoC: mt6359: Fix refcount leak bug (git-fixes).\n - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n (git-fixes).\n - ASoC: qcom: Fix missing of_node_put() in\n asoc_qcom_lpass_cpu_platform_probe() (git-fixes).\n - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n - ASoC: rsnd: care default case on rsnd_ssiu_busif_err_irq_ctrl()\n (git-fixes).\n - ASoC: samsung: Fix error handling in aries_audio_probe (git-fixes).\n - ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global\n to static variables (git-fixes).\n - ASoC: samsung: change neo1973_audio from a global to static (git-fixes).\n - ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header\n (git-fixes).\n - ASoC: tas2770: Allow mono streams (git-fixes).\n - ASoC: tas2770: Drop conflicting set_bias_level power setting (git-fixes).\n - ASoC: tas2770: Fix handling of mute/unmute (git-fixes).\n - ASoC: tas2770: Set correct FSYNC polarity (git-fixes).\n - Bluetooth: Add bt_skb_sendmmsg helper (git-fixes).\n - Bluetooth: Add bt_skb_sendmsg helper (git-fixes).\n - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks (git-fixes).\n - Bluetooth: Fix passing NULL to PTR_ERR (git-fixes).\n - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put\n (git-fixes).\n - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg\n (git-fixes).\n - Bluetooth: SCO: Fix sco_send_frame returning skb->len (git-fixes).\n - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586\n (git-fixes).\n - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587\n (git-fixes).\n - Bluetooth: btusb: Add support of IMC Networks PID 0x3568 (git-fixes).\n - Bluetooth: hci_bcm: Add BCM4349B1 variant (git-fixes).\n - Bluetooth: hci_bcm: Add DT compatible for CYW55572 (git-fixes).\n - Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).\n - EDAC/ghes: Set the DIMM label unconditionally (bsc#1201768).\n - rpm: Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - HID: AMD_SFH: Add a DMI quirk entry for Chromebooks (git-fixes).\n - HID: add Lenovo Yoga C630 battery quirk (git-fixes).\n - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n - HID: amd_sfh: Add NULL check for hid device (git-fixes).\n - HID: amd_sfh: Handle condition of \"no sensors\" (git-fixes).\n - HID: asus: ROG NKey: Ignore portion of 0x5a report (git-fixes).\n - HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).\n - HID: hid-input: add Surface Go battery quirk (git-fixes).\n - HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() (git-fixes).\n - HID: multitouch: new device class fix Lenovo X12 trackpad sticky\n (git-fixes).\n - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n (git-fies).\n - HID: thrustmaster: Add sparco wheel and fix array length (git-fixes).\n - HID: wacom: Do not register pad_input for touch switch (git-fixes).\n - HID: wacom: Only report rotation for art pen (git-fixes).\n - Input: exc3000 - fix return value check of wait_for_completion_timeout\n (git-fixes).\n - Input: gscps2 - check return value of ioremap() in gscps2_probe()\n (git-fixes).\n - Input: i8042 - add TUXEDO devices to i8042 quirk tables (git-fies).\n - Input: i8042 - add additional TUXEDO devices to i8042 quirk tables\n (git-fies).\n - Input: i8042 - merge quirk tables (git-fies).\n - Input: i8042 - move __initconst to fix code styling warning (git-fies).\n - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n (git-fixes).\n - Input: rk805-pwrkey - fix module autoloading (git-fixes).\n - KABI: cgroup: Restore KABI of css_set (bsc#1201610).\n - KEYS: asymmetric: enforce SM2 signature use pkey algo (git-fixes).\n - KVM: LAPIC: Also cancel preemption timer during SET_LAPIC (git-fixes).\n - KVM: MMU: shadow nested paging does not have PKU (git-fixes).\n - KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init\n (bsc#1194869).\n - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB\n (bsc#1156395).\n - KVM: PPC: Book3S HV: Remove kvmhv_p9_[set,restore]_lpcr declarations\n (bsc#1194869).\n - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()\n (bsc#1156395).\n - KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator\n (bsc#1194869).\n - KVM: PPC: Book3s HV: Remove unused function kvmppc_bad_interrupt\n (bsc#1194869).\n - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant\n (bsc#1156395).\n - KVM: SVM: Do not BUG if userspace injects an interrupt with GIF=0\n (git-fixes).\n - KVM: SVM: Do not intercept #GP for SEV guests (git-fixes).\n - KVM: SVM: Unwind \"speculative\" RIP advancement if INTn injection \"fails\"\n (git-fixes).\n - KVM: SVM: fix panic on out-of-bounds guest IRQ (git-fixes).\n - KVM: VMX: Print VM-instruction error as unsigned (git-fixes).\n - KVM: VMX: prepare sync_pir_to_irr for running with APICv disabled\n (git-fixes).\n - KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock (git-fixes).\n - KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg() (git-fixes).\n - KVM: X86: avoid uninitialized 'fault.async_page_fault' from fixed-up #PF\n (git-fixes).\n - KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2\n (bsc#1201442)\n - KVM: nVMX: Defer APICv updates while L2 is active until L1 is active\n (git-fixes).\n - KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4\n (git-fixes).\n - KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value\n (git-fixes).\n - KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case\n (git-fixes).\n - KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is required\n (git-fixes).\n - KVM: nVMX: do not use vcpu->arch.efer when checking host state on nested\n state load (git-fixes).\n - KVM: selftests: Make sure kvm_create_max_vcpus test won't hit\n RLIMIT_NOFILE (git-fixes).\n - KVM: selftests: Silence compiler warning in the kvm_page_table_test\n (git-fixes).\n - KVM: x86/mmu: Do not freak out if pml5_root is NULL on 4-level host\n (git-fixes).\n - KVM: x86/mmu: Move \"invalid\" check out of kvm_tdp_mmu_get_root()\n (git-fixes).\n - KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU\n (git-fixes).\n - KVM: x86/mmu: include EFER.LMA in extended mmu role (git-fixes).\n - KVM: x86/mmu: make apf token non-zero to fix bug (git-fixes).\n - KVM: x86: Avoid theoretical NULL pointer dereference in\n kvm_irq_delivery_to_apic_fast() (git-fixes).\n - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq\n (git-fixes).\n - KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't\n activated (git-fixes).\n - KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks\n (git-fixes).\n - KVM: x86: SVM: do not passthrough SMAP/SMEP/PKE bits in !NPT && !gCR0.PG\n case (git-fixes).\n - KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical\n #GP (git-fixes).\n - KVM: x86: check PIR even for vCPUs with disabled APICv (git-fixes).\n - KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_flush_tlb()\n (git-fixes).\n - KVM: x86: ignore APICv if LAPIC is not enabled (git-fixes).\n - KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all (git-fixes).\n - KVM: x86: revalidate steal time cache if MSR value changes (git-fixes).\n - NFSD: Clamp WRITE offsets (git-fixes).\n - NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes\n (git-fixes).\n - NFSD: Fix ia_size underflow (git-fixes).\n - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n - NFSD: prevent integer overflow on 32 bit systems (git-fixes).\n - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).\n - PCI/AER: Iterate over error counters instead of error strings\n (git-fixes).\n - PCI/portdrv: Do not disable AER reporting in\n get_port_device_capability() (git-fixes).\n - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n - PCI: aardvark: Fix reporting Slot capabilities on emulated bridge\n (git-fixes).\n - PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()\n (git-fixes).\n - PCI: dwc: Always enable CDM check if \"snps,enable-cdm-check\" exists\n (git-fixes).\n - PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).\n - PCI: dwc: Disable outbound windows only for controllers using iATU\n (git-fixes).\n - PCI: dwc: Set INCREASE_REGION_SIZE flag based on limit address\n (git-fixes).\n - PCI: dwc: Stop link on host_init errors and de-initialization\n (git-fixes).\n - PCI: endpoint: Do not stop controller when unbinding endpoint function\n (git-fixes).\n - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n - PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()\n (git-fixes).\n - PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).\n - PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).\n - PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()\n (git-fixes).\n - PCI: tegra194: Fix Root Port interrupt handling (git-fixes).\n - PCI: tegra194: Fix link up retry sequence (git-fixes).\n - PM: domains: Ensure genpd_debugfs_dir exists before remove (git-fixes).\n - PM: hibernate: defer device probing when resuming from hibernation\n (git-fixes).\n - SUNRPC: Fix NFSD's request deferral on RDMA transports (git-fixes).\n - SUNRPC: Fix READ_PLUS crasher (git-fixes).\n - SUNRPC: Prevent immediate close+reconnect (git-fixes).\n - USB: Follow-up to SPDX GPL-2.0+ identifiers addition - remove now\n useless comments (git-fixes).\n - USB: Follow-up to SPDX identifiers addition - remove now useless\n comments (git-fixes).\n - USB: serial: ch314: use usb_control_msg_recv() (git-fixes).\n - USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n - USB: serial: ch341: fix lost character on LCR updates (git-fixes).\n - USB: serial: fix tty-port initialized comments (git-fixes).\n - XArray: Update the LRU list in xas_split() (git-fixes).\n - apparmor: Fix failed mount permission check error message (git-fixes).\n - apparmor: Fix memleak in aa_simple_write_to_buffer() (git-fixes).\n - apparmor: fix aa_label_asxprint return check (git-fixes).\n - apparmor: fix absroot causing audited secids to begin with = (git-fixes).\n - apparmor: fix overlapping attachment computation (git-fixes).\n - apparmor: fix quiet_denied for file rules (git-fixes).\n - apparmor: fix reference count leak in aa_pivotroot() (git-fixes).\n - apparmor: fix setting unconfined mode on a loaded profile (git-fixes).\n - arm64: Do not forget syscall when starting a new thread (git-fixes).\n - arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76 (git-fixes).\n - arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1\n (git-fixes).\n - arm64: dts: allwinner: a64: orangepi-win: Fix LED node name (git-fixes).\n - arm64: dts: mt7622: fix BPI-R64 WPS button (git-fixes).\n - arm64: dts: mt8192: Fix idle-states entry-method (git-fixes).\n - arm64: dts: mt8192: Fix idle-states nodes naming scheme (git-fixes).\n - arm64: dts: qcom: ipq8074: fix NAND node name (git-fixes).\n - arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node\n (git-fixes).\n - arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment (git-fixes).\n - arm64: dts: qcom: sm8250: add missing PCIe PHY clock-cells (git-fixes).\n - arm64: dts: renesas: Fix thermal-sensors on single-zone sensors\n (git-fixes).\n - arm64: dts: renesas: beacon: Fix regulator node names (git-fixes).\n - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes).\n - arm64: fix oops in concurrently setting insn_emulation sysctls\n (git-fixes).\n - arm64: fix rodata=full (git-fixes).\n - arm64: kasan: Revert \"arm64: mte: reset the page tag in page->flags\"\n (git-fixes).\n - arm64: set UXN on swapper page tables (git-fixes).\n - arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes).\n - arm64: tegra: Fixup SYSRAM references (git-fixes).\n - arm64: tegra: Mark BPMP channels as no-memory-wc (git-fixes).\n - arm64: tegra: Update Tegra234 BPMP channel addresses (git-fixes).\n - arm_pmu: Validate single/group leader events (git-fixes).\n - asm-generic: remove a broken and needless ifdef conditional (git-fixes).\n - asm-generic: sections: refactor memory_intersects (git-fixes).\n - ata: libata-eh: Add missing command name (git-fixes).\n - ath10k: do not enforce interrupt trigger type (git-fixes).\n - ath11k: Fix incorrect debug_mask mappings (git-fixes).\n - ath11k: fix netdev open race (git-fixes).\n - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n - audit: fix potential double free on error path from\n fsnotify_add_inode_mark (git-fixes).\n - ax25: Fix ax25 session cleanup problems (git-fixes).\n - bitfield.h: Fix \"type of reg too small for mask\" test (git-fixes).\n - block: Fix fsync always failed if once failed (bsc#1202779).\n - block: Fix wrong offset in bio_truncate() (bsc#1202780).\n - block: fix rq-qos breakage from skipping rq_qos_done_bio() (bsc#1202781).\n - block: only mark bio as tracked if it really is tracked (bsc#1202782).\n - bnx2x: Invalidate fastpath HSI version for VFs (git-fixes).\n - bnx2x: Utilize firmware 7.13.21.0 (git-fixes).\n - btrfs: properly flag filesystem with BTRFS_FEATURE_INCOMPAT_BIG_METADATA\n (git-fixes).\n - bus: hisi_lpc: fix missing platform_device_put() in\n hisi_lpc_acpi_probe() (git-fixes).\n - can: Break loopback loop on loopback documentation (git-fixes).\n - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n - can: error: specify the values of data[5..7] of CAN error frames\n (git-fixes).\n - can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).\n - can: j1939: j1939_sk_queue_activate_next_locked(): replace WARN_ON_ONCE\n with netdev_warn_once() (git-fixes).\n - can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off\n (git-fixes).\n - can: mcp251x: Fix race condition on receive interrupt (git-fixes).\n - can: mcp251xfd: mcp251xfd_dump(): fix comment (git-fixes).\n - can: netlink: allow configuring of fixed bit rates without need for\n do_set_bittiming callback (git-fixes).\n - can: netlink: allow configuring of fixed data bit rates without need for\n do_set_data_bittiming callback (git-fixes).\n - can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: pch_can: pch_can_error(): initialize errc before using it\n (git-fixes).\n - can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).\n - can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).\n - can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).\n - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202823).\n - ceph: do not truncate file in atomic_open (bsc#1202824).\n - ceph: use correct index when encoding client supported features\n (bsc#1202822).\n - cfg80211/mac80211: assume CHECKSUM_COMPLETE includes SNAP (bsc#1202131).\n - cgroup: Use separate src/dst nodes when preloading css_sets for\n migration (bsc#1201610).\n - cifs: fix reconnect on smb3 mount types (bsc#1201427).\n - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n - clk: mediatek: reset: Fix written reset bit offset (git-fixes).\n - clk: qcom: camcc-sdm845: Fix topology around titan_top power domain\n (git-fixes).\n - clk: qcom: camcc-sm8250: Fix halt on boot by reducing driver's init\n level (git-fixes).\n - clk: qcom: camcc-sm8250: Fix topology around titan_top power domain\n (git-fixes).\n - clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure description\n (git-fixes).\n - clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).\n - clk: qcom: clk-rcg2: Fail Duty-Cycle configuration if MND divider is not\n enabled (git-fixes).\n - clk: qcom: clk-rcg2: Make sure to not write d=0 to the NMD register\n (git-fixes).\n - clk: qcom: gcc-msm8939: Add missing SYSTEM_MM_NOC_BFDCD_CLK_SRC\n (git-fixes).\n - clk: qcom: gcc-msm8939: Add missing system_mm_noc_bfdcd_clk_src\n (git-fixes).\n - clk: qcom: gcc-msm8939: Fix bimc_ddr_clk_src rcgr base address\n (git-fixes).\n - clk: qcom: gcc-msm8939: Fix weird field spacing in\n ftbl_gcc_camss_cci_clk (git-fixes).\n - clk: qcom: gcc-msm8939: Point MM peripherals to system_mm_noc clock\n (git-fixes).\n - clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).\n - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n - clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).\n - clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).\n - clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks\n (git-fixes).\n - clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).\n - clk: ti: Stop using legacy clkctrl names for omap4 and 5 (git-fixes).\n - configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).\n - cpufreq: zynq: Fix refcount leak in zynq_get_revision (git-fixes).\n - crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes).\n - crypto: ccp - During shutdown, check SEV data pointer before using\n (git-fixes).\n - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel\n memory leak (git-fixes).\n - crypto: hisilicon - Kunpeng916 crypto driver do not sleep when in\n softirq (git-fixes).\n - crypto: hisilicon/hpre - do not use GFP_KERNEL to alloc mem during\n softirq (git-fixes).\n - crypto: hisilicon/sec - do not sleep when in softirq (git-fixes).\n - crypto: hisilicon/sec - fix auth key size error (git-fixes).\n - crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of\n (git-fixes).\n - crypto: sun8i-ss - do not allocate memory when handling hash requests\n (git-fixes).\n - crypto: sun8i-ss - fix error codes in allocate_flows() (git-fixes).\n - crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs() (git-fixes).\n - device property: Check fwnode->secondary when finding properties\n (git-fixes).\n - devlink: Fix use-after-free after a failed reload (git-fixes).\n - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n - dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC\n (git-fixes).\n - dma-debug: make things less spammy under memory pressure (git-fixes).\n - dmaengine: dw-axi-dmac: do not print NULL LLI during error (git-fixes).\n - dmaengine: dw-axi-dmac: ignore interrupt if no descriptor (git-fixes).\n - dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction semantics\n (git-fixes).\n - dmaengine: imx-dma: Cast of_device_get_match_data() with (uintptr_t)\n (git-fixes).\n - dmaengine: sf-pdma: Add multithread support for a DMA channel\n (git-fixes).\n - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed\n (git-fixes).\n - dmaengine: stm32-mdma: Remove dead code in stm32_mdma_irq_handler()\n (git-fixes).\n - docs/kernel-parameters: Update descriptions for \"mitigations=\" param\n with retbleed (git-fixes).\n - docs: i2c: i2c-sysfs: fix hyperlinks (git-fixes).\n - docs: zh_CN: fix a broken reference (git-fixes).\n - dpaa2-eth: fix ethtool statistics (git-fixes).\n - driver core: Do not probe devices after bus_type.match() probe deferral\n (git-fixes).\n - driver core: fix potential deadlock in __driver_attach (git-fixes).\n - drivers/iio: Remove all strcpy() uses (git-fixes).\n - drivers: usb: dwc3-qcom: Add sdm660 compatible (git-fixes).\n - drm/amd/amd_shared.h: Add missing doc for PP_GFX_DCS_MASK (git-fixes).\n - drm/amd/display: Add option to defer works of hpd_rx_irq (git-fixes).\n - drm/amd/display: Avoid MPC infinite loop (git-fixes).\n - drm/amd/display: Check correct bounds for stream encoder instances for\n DCN303 (git-fixes).\n - drm/amd/display: Enable building new display engine with KCOV enabled\n (git-fixes).\n - drm/amd/display: Fix HDMI VSIF V3 incorrect issue (git-fixes).\n - drm/amd/display: Fix pixel clock programming (git-fixes).\n - drm/amd/display: Fix surface optimization regression on Carrizo\n (git-fixes).\n - drm/amd/display: For stereo keep \"FLIP_ANY_FRAME\" (git-fixes).\n - drm/amd/display: Ignore First MST Sideband Message Return Error\n (git-fixes).\n - drm/amd/display: Optimize bandwidth on following fast update (git-fixes).\n - drm/amd/display: Reset DMCUB before HW init (git-fixes).\n - drm/amd/display: Revert \"drm/amd/display: turn DPMS off on connector\n unplug\" (git-fixes).\n - drm/amd/display: avoid doing vm_init multiple time (git-fixes).\n - drm/amd/display: clear optc underflow before turn off odm clock\n (git-fixes).\n - drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid\n (git-fixes).\n - drm/amdgpu: Check BO's requested pinning domains against its\n preferred_domains (git-fixes).\n - drm/amdgpu: Increase tlb flush timeout for sriov (git-fixes).\n - drm/amdgpu: Remove one duplicated ef removal (git-fixes).\n - drm/amdgpu: remove useless condition in\n amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n - drm/bridge: lt9611uxc: Cancel only driver's work (git-fixes).\n - drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated\n function (git-fixes).\n - drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).\n - drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into dedicated\n function (git-fixes).\n - drm/doc: Fix comment typo (git-fixes).\n - drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()\n failed (git-fixes).\n - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()\n error (git-fixes).\n - drm/i915/display: avoid warnings when registering dual panel backlight\n (git-fixes).\n - drm/i915/gt: Skip TLB invalidations once wedged (git-fixes).\n - drm/i915/reg: Fix spelling mistake \"Unsupport\" -> \"Unsupported\"\n (git-fixes).\n - drm/i915: fix null pointer dereference (git-fixes).\n - drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).\n - drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function\n (git-fixes).\n - drm/mediatek: Allow commands to be sent during video mode (git-fixes).\n - drm/mediatek: Keep dsi as LP00 before dcs cmds transfer (git-fixes).\n - drm/mediatek: Modify dsi funcs to atomic operations (git-fixes).\n - drm/mediatek: Separate poweron/poweroff from enable/disable and define\n new funcs (git-fixes).\n - drm/mediatek: dpi: Only enable dpi after the bridge is enabled\n (git-fixes).\n - drm/mediatek: dpi: Remove output format of YUV (git-fixes).\n - drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n (git-fixes).\n - drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).\n - drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 (git-fixes).\n - drm/msm/dpu: Fix for non-visible planes (git-fixes).\n - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n - drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n - drm/msm/hdmi: drop empty 'none' regulator lists (git-fixes).\n - drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform\n (git-fixes).\n - drm/msm/mdp5: Fix global state lock backoff (git-fixes).\n - drm/msm: Avoid dirtyfb stalls on video mode displays (v2) (git-fixes).\n - drm/msm: Fix dirtyfb refcounting (git-fixes).\n - drm/nouveau/acpi: Do not print error when we get -EINPROGRESS from\n pm_runtime (git-fixes).\n - drm/nouveau/kms: Fix failure path for creating DP connectors (git-fixes).\n - drm/nouveau: Do not pm_runtime_put_sync(), only\n pm_runtime_put_autosuspend() (git-fixes).\n - drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).\n - drm/nouveau: recognise GA103 (git-fixes).\n - drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).\n - drm/radeon: fix potential buffer overflow in\n ni_set_mc_special_registers() (git-fixes).\n - drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).\n - drm/rockchip: vop: Do not crash for invalid duplicate_state()\n (git-fixes).\n - drm/shmem-helper: Add missing vunmap on error (git-fixes).\n - drm/simpledrm: Fix return type of\n simpledrm_simple_display_pipe_mode_valid() (git-fixes).\n - drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).\n - drm/sun4i: dsi: Prevent underflow when computing packet sizes\n (git-fixes).\n - drm/ttm: Fix dummy res NULL ptr deref bug (git-fixes).\n - drm/udl: Add parameter to set number of URBs (bsc#1195917).\n - drm/udl: Add reset_resume (bsc#1195917)\n - drm/udl: Do not re-initialize stuff at retrying the URB list allocation\n (bsc#1195917).\n - drm/udl: Drop unneeded alignment (bsc#1195917).\n - drm/udl: Enable damage clipping (bsc#1195917).\n - drm/udl: Fix inconsistent urbs.count value during udl_free_urb_list()\n (bsc#1195917).\n - drm/udl: Fix potential URB leaks (bsc#1195917).\n - drm/udl: Increase the default URB list size to 20 (bsc#1195917).\n - drm/udl: Kill pending URBs at suspend and disconnect (bsc#1195917).\n - drm/udl: Replace BUG_ON() with WARN_ON() (bsc#1195917).\n - drm/udl: Replace semaphore with a simple wait queue (bsc#1195917).\n - drm/udl: Restore display mode on resume (bsc#1195917)\n - drm/udl: Suppress error print for -EPROTO at URB completion\n (bsc#1195917).\n - drm/udl: Sync pending URBs at suspend / disconnect (bsc#1195917).\n - drm/udl: Sync pending URBs at the end of suspend (bsc#1195917).\n - drm/vc4: change vc4_dma_range_matches from a global to static\n (git-fixes).\n - drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component\n (git-fixes).\n - drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable\n iteration (git-fixes).\n - drm/vc4: dsi: Correct DSI divider calculations (git-fixes).\n - drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).\n - drm/vc4: dsi: Fix dsi0 interrupt support (git-fixes).\n - drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type (git-fixes).\n - drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes\n (git-fixes).\n - drm/vc4: hdmi: Disable audio if dmas property is present but empty\n (git-fixes).\n - drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).\n - drm/vc4: hdmi: Reset HDMI MISC_CONTROL register (git-fixes).\n - drm/vc4: plane: Fix margin calculations for the right/bottom edges\n (git-fixes).\n - drm/vc4: plane: Remove subpixel positioning check (git-fixes).\n - drm: adv7511: override i2c address of cec before accessing it\n (git-fixes).\n - drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).\n - drm: bridge: sii8620: fix possible off-by-one (git-fixes).\n - dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED (git-fixes).\n - dt-bindings: arm: qcom: fix MSM8916 MTP compatibles (git-fixes).\n - dt-bindings: arm: qcom: fix MSM8994 boards compatibles (git-fixes).\n - dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding (git-fixes).\n - dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources\n (git-fixes).\n - dt-bindings: gpio: zynq: Add missing compatible strings (git-fixes).\n - dt-bindings: iio: accel: Add DT binding doc for ADXL355 (git-fixes).\n - dt-bindings: usb: mtk-xhci: Allow wakeup interrupt-names to be optional\n (git-fixes).\n - eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()\n (git-fixes).\n - erofs: fix deadlock when shrink erofs slab (git-fixes).\n - ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler\n (git-fies).\n - exfat: Define NLS_NAME_* as bit flags explicitly (bsc#1201725).\n - exfat: Downgrade ENAMETOOLONG error message to debug messages\n (bsc#1201725).\n - exfat: Drop superfluous new line for error messages (bsc#1201725).\n - exfat: Expand exfat_err() and co directly to pr_*() macro (bsc#1201725).\n - exfat: Return ENAMETOOLONG consistently for oversized paths\n (bsc#1201725).\n - exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).\n - exfat: fix referencing wrong parent directory information after renaming\n (git-fixes).\n - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()\n (git-fixes).\n - exfat: use updated exfat_chain directly during renaming (git-fixes).\n - export: fix string handling of namespace in EXPORT_SYMBOL_NS (git-fixes).\n - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n - ext4: add new helper interface ext4_try_to_trim_range() (bsc#1202783).\n - ext4: add reserved GDT blocks check (bsc#1202712).\n - ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n - ext4: fast commit may miss tracking unwritten range during ftruncate\n (bsc#1202759).\n - ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state\n (bsc#1202771).\n - ext4: fix a possible ABBA deadlock due to busy PA (bsc#1202762).\n - ext4: fix bug_on in ext4_writepages (bsc#1200872).\n - ext4: fix error handling in ext4_fc_record_modified_inode()\n (bsc#1202767).\n - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n - ext4: fix fallocate to use file_modified to update permissions\n consistently (bsc#1202769).\n - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE\n (bsc#1202757).\n - ext4: fix fs corruption when tring to remove a non-empty directory with\n IO error (bsc#1202768).\n - ext4: fix incorrect type issue during replay_del_range (bsc#1202867).\n - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'\n (bsc#1202764).\n - ext4: fix overhead calculation to account for the reserved gdt blocks\n (bsc#1200869).\n - ext4: fix race when reusing xattr blocks (bsc#1198971).\n - ext4: fix super block checksum incorrect after mount (bsc#1202773).\n - ext4: fix symlink file size not match to file content (bsc#1200868).\n - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n - ext4: force overhead calculation if the s_overhead_cluster makes no\n sense (bsc#1200870).\n - ext4: initialize err_blk before calling __ext4_get_inode_loc\n (bsc#1202763).\n - ext4: make sure quota gets properly shutdown on error (bsc#1195480).\n - ext4: make sure to reset inode lockdep class when quota enabling fails\n (bsc#1202761).\n - ext4: mark group as trimmed only if it was fully scanned (bsc#1202770).\n - ext4: modify the logic of ext4_mb_new_blocks_simple (bsc#1202766).\n - ext4: prevent used blocks from being allocated during fast commit replay\n (bsc#1202765).\n - ext4: recover csum seed of tmp_inode after migrating to extents\n (bsc#1202713).\n - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n - ext4: use ext4_ext_remove_space() for fast commit replay delete range\n (bsc#1202758).\n - fat: add ratelimit to fat*_ent_bread() (git-fixes).\n - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n - fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).\n - fbdev: fbcon: Properly revert changes when vc_resize() failed (git-fies).\n - filemap: Handle sibling entries in filemap_get_read_batch()\n (bsc#1202774).\n - firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n (git-fixes).\n - firmware: tegra: Fix error check return value of debugfs_create_file()\n (git-fixes).\n - firmware: tegra: bpmp: Do only aligned access to IPC memory area\n (git-fixes).\n - fix race between exit_itimers() and /proc/pid/timers (git-fixes).\n - fpga: altera-pr-ip: fix unsigned comparison with less than zero\n (git-fixes).\n - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped\n pages (bsc#1200873).\n - ftrace/x86: Add back ftrace_expected assignment (git-fixes).\n - fuse: ioctl: translate ENOSYS (bsc#1203139).\n - fuse: limit nsec (bsc#1203138).\n - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n - geneve: fix TOS inheriting for ipv4 (git-fixes).\n - gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()\n (git-fixes).\n - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n - habanalabs/gaudi: fix shift out of bounds (git-fixes).\n - habanalabs/gaudi: mask constant value before cast (git-fixes).\n - hwmon: (dell-smm) Add Dell XPS 13 7390 to fan control whitelist\n (git-fixes).\n - hwmon: (drivetemp) Add module alias (git-fixes).\n - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n - hwmon: (sht15) Fix wrong assumptions in device remove callback\n (git-fixes).\n - i2c: Fix a potential use after free (git-fixes).\n - i2c: cadence: Support PEC for SMBus block read (git-fixes).\n - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n - i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).\n - i2c: mxs: Silence a clang warning (git-fixes).\n - i2c: npcm: Capitalize the one-line comment (git-fixes).\n - i2c: npcm: Correct slave role behavior (git-fixes).\n - i2c: npcm: Remove own slave addresses 2:10 (git-fixes).\n - ice: fix 'scheduling while atomic' on aux critical err interrupt\n (git-fixes).\n - ieee80211: add EHT 1K aggregation definitions (bsc#1202131).\n - ieee80211: change HE nominal packet padding value defines (bsc#1202131).\n - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n - iio: accel: bma220: Fix alignment for DMA safety (git-fixes).\n - iio: accel: bma400: Fix the scale min and max macro values (git-fixes).\n - iio: accel: bma400: Reordering of header files (git-fixes).\n - iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).\n - iio: accel: sca3300: Fix alignment for DMA safety (git-fixes).\n - iio: ad7292: Prevent regulator double disable (git-fixes).\n - iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7292: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ad7923: Fix alignment for DMA safety (git-fixes).\n - iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ltc2496: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1027: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max11100: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1118: Fix alignment for DMA safety (git-fixes).\n - iio: adc: max1241: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).\n - iio: adc: mcp3911: make use of the sign bit (git-fixes).\n - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n - iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc108s102: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads131e08: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).\n - iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).\n - iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).\n - iio: common: ssp: Fix alignment for DMA safety (git-fixes).\n - iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large\n (git-fixes).\n - iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5766: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5770r: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).\n - iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).\n - iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).\n - iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).\n - iio: fix iio_format_avail_range() printing for none IIO_VAL_INT\n (git-fixes).\n - iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).\n - iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).\n - iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).\n - iio: imu: fxos8700: Fix alignment for DMA safety (git-fixes).\n - iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).\n - iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).\n - iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).\n - iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).\n - iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).\n - iio: temp: ltc2983: Fix alignment for DMA safety (git-fixes).\n - iio: temp: maxim_thermocouple: Fix alignment for DMA safety (git-fixes).\n - inet_diag: fix kernel-infoleak for UDP sockets (git-fixes).\n - intel_th: Fix a resource leak in an error handling path (git-fixes).\n - intel_th: msu-sink: Potential dereference of null pointer (git-fixes).\n - intel_th: msu: Fix vmalloced buffers (git-fixes).\n - intel_th: pci: Add Meteor Lake-P support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n - interconnect: imx: fix max_node_id (git-fixes).\n - io_uring: add a schedule point in io_add_buffers() (git-fixes).\n - io_uring: terminate manual loop iterator loop correctly for non-vecs\n (git-fixes).\n - iommu/amd: Clarify AMD IOMMUv2 initialization messages (git-fixes).\n - iommu/amd: Enable swiotlb in all cases (git-fixes).\n - iommu/amd: Fix I/O page table memory leak (git-fixes).\n - iommu/amd: Recover from event log overflow (git-fixes).\n - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement\n (git-fixes).\n - iommu/arm-smmu-v3-sva: Fix mm use-after-free (git-fixes).\n - iommu/arm-smmu-v3: Fix size calculation in\n arm_smmu_mm_invalidate_range() (git-fixes).\n - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop\n (git-fixes).\n - iommu/dart: Add missing module owner to ops structure (git-fixes).\n - iommu/dart: check return value after calling platform_get_resource()\n (git-fixes).\n - iommu/exynos: Handle failed IOMMU device registration properly\n (git-fixes).\n - iommu/iova: Improve 32-bit free space estimate (git-fixes).\n - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n - iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (git-fixes).\n - iommu/mediatek: Fix 2 HW sharing pgtable issue (git-fixes).\n - iommu/mediatek: Fix NULL pointer dereference when printing dev_name\n (git-fixes).\n - iommu/mediatek: Remove clk_disable in mtk_iommu_remove (git-fixes).\n - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n - iommu/omap: Fix regression in probe for NULL pointer dereference\n (git-fixes).\n - iommu/tegra-smmu: Fix missing put_device() call in tegra_smmu_find\n (git-fixes).\n - iommu/vt-d: Acquiring lock in domain ID allocation helpers (bsc#1200301).\n - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n - iommu/vt-d: Drop stop marker messages (git-fixes).\n - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n - iommu/vt-d: Make DMAR_UNITS_SUPPORTED default 1024 (bsc#1200301).\n - iommu/vt-d: Refactor iommu information of each domain (bsc#1200301).\n - iommu/vt-d: Remove global g_iommus array (bsc#1200301).\n - iommu/vt-d: Remove intel_iommu::domains (bsc#1200301).\n - iommu/vt-d: Remove unnecessary check in intel_iommu_add() (bsc#1200301).\n - iommu/vt-d: Use IDA interface to manage iommu sequence id (bsc#1200301).\n - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n (git-fixes).\n - iommu: Fix potential use-after-free during probe (git-fixes).\n - iov_iter: Fix iter_xarray_get_pages{,_alloc}() (git-fixes).\n - iov_iter: fix build issue due to possible type mis-match (git-fixes).\n - ipmi: fix initialization when workqueue allocation fails (git-fixes).\n - irqchip/sifive-plic: Add missing thead,c900-plic match string\n (git-fixes).\n - irqchip/tegra: Fix overflow implicit truncation warnings (git-fixes).\n - iwlwifi/fw: use struct_size over open coded arithmetic (bsc#1202131).\n - iwlwifi: ACPI: support revision 3 WGDS tables (bsc#1202131).\n - iwlwifi: Add support for getting rf id with blank otp (bsc#1202131).\n - iwlwifi: Add support for more BZ HWs (bsc#1202131).\n - iwlwifi: BZ Family BUS_MASTER_DISABLE_REQ code duplication (bsc#1202131).\n - iwlwifi: BZ Family SW reset support (bsc#1202131).\n - iwlwifi: Configure FW debug preset via module param (bsc#1202131).\n - iwlwifi: Fix FW name for gl (bsc#1202131).\n - iwlwifi: Fix missing error code in iwl_pci_probe() (bsc#1202131).\n - iwlwifi: Fix syntax errors in comments (bsc#1202131).\n - iwlwifi: Make use of the helper macro LIST_HEAD() (bsc#1202131).\n - iwlwifi: Read the correct addresses when getting the crf id\n (bsc#1202131).\n - iwlwifi: Start scratch debug register for Bz family (bsc#1202131).\n - iwlwifi: acpi: fix wgds rev 3 size (bsc#1202131).\n - iwlwifi: acpi: move ppag code from mvm to fw/acpi (bsc#1202131).\n - iwlwifi: add missing entries for Gf4 with So and SoF (bsc#1202131).\n - iwlwifi: add new Qu-Hr device (bsc#1202131).\n - iwlwifi: add new ax1650 killer device (bsc#1202131).\n - iwlwifi: add new device id 7F70 (bsc#1202131).\n - iwlwifi: add new pci SoF with JF (bsc#1202131).\n - iwlwifi: add some missing kernel-doc in struct iwl_fw (bsc#1202131).\n - iwlwifi: add support for BNJ HW (bsc#1202131).\n - iwlwifi: add support for BZ-U and BZ-L HW (bsc#1202131).\n - iwlwifi: add support for Bz-Z HW (bsc#1202131).\n - iwlwifi: add vendor specific capabilities for some RFs (bsc#1202131).\n - iwlwifi: advertise support for HE - DCM BPSK RX/TX (bsc#1202131).\n - iwlwifi: allow rate-limited error messages (bsc#1202131).\n - iwlwifi: api: fix struct iwl_wowlan_status_v7 kernel-doc (bsc#1202131).\n - iwlwifi: api: remove ttl field from TX command (bsc#1202131).\n - iwlwifi: api: remove unused RX status bits (bsc#1202131).\n - iwlwifi: avoid variable shadowing (bsc#1202131).\n - iwlwifi: avoid void pointer arithmetic (bsc#1202131).\n - iwlwifi: bump FW API to 67 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 68 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 69 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 70 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 71 for AX devices (bsc#1202131).\n - iwlwifi: bump FW API to 72 for AX devices (bsc#1202131).\n - iwlwifi: cfg: add support for 1K BA queue (bsc#1202131).\n - iwlwifi: dbg-tlv: clean up iwl_dbg_tlv_update_drams() (bsc#1202131).\n - iwlwifi: dbg: add infra for tracking free buffer size (bsc#1202131).\n - iwlwifi: dbg: check trigger data before access (bsc#1202131).\n - iwlwifi: dbg: disable ini debug in 8000 family and below (bsc#1202131).\n - iwlwifi: dbg: in sync mode do not call schedule (bsc#1202131).\n - iwlwifi: dbg: treat dbgc allocation failure when tlv is missing\n (bsc#1202131).\n - iwlwifi: dbg: treat non active regions as unsupported regions\n (bsc#1202131).\n - iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write\n (bsc#1202131).\n - iwlwifi: de-const properly where needed (bsc#1202131).\n - iwlwifi: debugfs: remove useless double condition (bsc#1202131).\n - iwlwifi: do not dump_stack() when we get an unexpected interrupt\n (bsc#1202131).\n - iwlwifi: do not use __unused as variable name (bsc#1202131).\n - iwlwifi: drv: load tlv debug data earlier (bsc#1202131).\n - iwlwifi: dump CSR scratch from outer function (bsc#1202131).\n - iwlwifi: dump RCM error tables (bsc#1202131).\n - iwlwifi: dump both TCM error tables if present (bsc#1202131).\n - iwlwifi: dump host monitor data when NIC does not init (bsc#1202131).\n - iwlwifi: dvm: use struct_size over open coded arithmetic (bsc#1202131).\n - iwlwifi: eeprom: clean up macros (bsc#1202131).\n - iwlwifi: fix LED dependencies (bsc#1202131).\n - iwlwifi: fix debug TLV parsing (bsc#1202131).\n - iwlwifi: fix fw/img.c license statement (bsc#1202131).\n - iwlwifi: fix iwl_legacy_rate_to_fw_idx (bsc#1202131).\n - iwlwifi: fix small doc mistake for iwl_fw_ini_addr_val (bsc#1202131).\n - iwlwifi: fix various more -Wcast-qual warnings (bsc#1202131).\n - iwlwifi: fw dump: add infrastructure for dump scrubbing (bsc#1202131).\n - iwlwifi: fw: add support for splitting region type bits (bsc#1202131).\n - iwlwifi: fw: api: add link to PHY context command struct v1\n (bsc#1202131).\n - iwlwifi: fw: correctly detect HW-SMEM region subtype (bsc#1202131).\n - iwlwifi: fw: fix some scan kernel-doc (bsc#1202131).\n - iwlwifi: fw: init SAR GEO table only if data is present (bsc#1202131).\n - iwlwifi: fw: make dump_start callback void (bsc#1202131).\n - iwlwifi: fw: remove dead error log code (bsc#1202131).\n - iwlwifi: implement reset flow for Bz devices (bsc#1202131).\n - iwlwifi: iwl-eeprom-parse: mostly dvm only (bsc#1202131).\n - iwlwifi: make iwl_fw_lookup_cmd_ver() take a cmd_id (bsc#1202131).\n - iwlwifi: make iwl_txq_dyn_alloc_dma() return the txq (bsc#1202131).\n - iwlwifi: make some functions friendly to sparse (bsc#1202131).\n - iwlwifi: move symbols into a separate namespace (bsc#1202131).\n - iwlwifi: mvm/api: define system control command (bsc#1202131).\n - iwlwifi: mvm: Add RTS and CTS flags to iwl_tx_cmd_flags (bsc#1202131).\n - iwlwifi: mvm: Add list of OEMs allowed to use TAS (bsc#1202131).\n - iwlwifi: mvm: Add support for a new version of scan request command\n (bsc#1202131).\n - iwlwifi: mvm: Add support for new rate_n_flags in tx_cmd (bsc#1202131).\n - iwlwifi: mvm: Consider P2P GO operation during scan (bsc#1202131).\n - iwlwifi: mvm: Disable WiFi bands selectively with BIOS (bsc#1202131).\n - iwlwifi: mvm: Do not fail if PPAG isn't supported (bsc#1202131).\n - iwlwifi: mvm: Fix wrong documentation for scan request command\n (bsc#1202131).\n - iwlwifi: mvm: Passively scan non PSC channels only when requested so\n (bsc#1202131).\n - iwlwifi: mvm: Read acpi dsm to get channel activation bitmap\n (bsc#1202131).\n - iwlwifi: mvm: Remove antenna c references (bsc#1202131).\n - iwlwifi: mvm: Support new TX_RSP and COMPRESSED_BA_RES versions\n (bsc#1202131).\n - iwlwifi: mvm: Support new rate_n_flags for REPLY_RX_MPDU_CMD and\n RX_NO_DATA_NOTIF (bsc#1202131).\n - iwlwifi: mvm: Support new version of BEACON_TEMPLATE_CMD (bsc#1202131).\n - iwlwifi: mvm: Support new version of ranging response notification\n (bsc#1202131).\n - iwlwifi: mvm: Support version 3 of tlc_update_notif (bsc#1202131).\n - iwlwifi: mvm: Unify the scan iteration functions (bsc#1202131).\n - iwlwifi: mvm: Use all Rx chains for roaming scan (bsc#1202131).\n - iwlwifi: mvm: add US/CA to TAS block list if OEM isn't allowed\n (bsc#1202131).\n - iwlwifi: mvm: add a flag to reduce power command (bsc#1202131).\n - iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).\n - iwlwifi: mvm: add additional info for boot info failures (bsc#1202131).\n - iwlwifi: mvm: add dbg_time_point to debugfs (bsc#1202131).\n - iwlwifi: mvm: add definitions for new rate & flags (bsc#1202131).\n - iwlwifi: mvm: add lmac/umac PC info in case of error (bsc#1202131).\n - iwlwifi: mvm: add missing min_size to kernel-doc (bsc#1202131).\n - iwlwifi: mvm: add some missing command strings (bsc#1202131).\n - iwlwifi: mvm: add support for 160Mhz in ranging measurements\n (bsc#1202131).\n - iwlwifi: mvm: add support for CT-KILL notification version 2\n (bsc#1202131).\n - iwlwifi: mvm: add support for IMR based on platform (bsc#1202131).\n - iwlwifi: mvm: add support for OCE scan (bsc#1202131).\n - iwlwifi: mvm: add support for PHY context command v4 (bsc#1202131).\n - iwlwifi: mvm: add support for statistics update version 15 (bsc#1202131).\n - iwlwifi: mvm: allow enabling UHB TAS in the USA via ACPI setting\n (bsc#1202131).\n - iwlwifi: mvm: always remove the session protection after association\n (bsc#1202131).\n - iwlwifi: mvm: always store the PPAG table as the latest version\n (bsc#1202131).\n - iwlwifi: mvm: always use 4K RB size by default (bsc#1202131).\n - iwlwifi: mvm: change old-SN drop threshold (bsc#1202131).\n - iwlwifi: mvm: clean up indenting in iwl_mvm_tlc_update_notif()\n (bsc#1202131).\n - iwlwifi: mvm: convert old rate & flags to the new format (bsc#1202131).\n - iwlwifi: mvm: correct sta-state logic for TDLS (bsc#1202131).\n - iwlwifi: mvm: correctly set channel flags (bsc#1202131).\n - iwlwifi: mvm: correctly set schedule scan profiles (bsc#1202131).\n - iwlwifi: mvm: d3: move GTK rekeys condition (bsc#1202131).\n - iwlwifi: mvm: d3: support v12 wowlan status (bsc#1202131).\n - iwlwifi: mvm: d3: use internal data representation (bsc#1202131).\n - iwlwifi: mvm: demote non-compliant kernel-doc header (bsc#1202131).\n - iwlwifi: mvm: do not get address of mvm->fwrt just to dereference as a\n pointer (bsc#1202131).\n - iwlwifi: mvm: do not send BAID removal to the FW during hw_restart\n (bsc#1202131).\n - iwlwifi: mvm: do not trust hardware queue number (bsc#1202131).\n - iwlwifi: mvm: drop too short packets silently (bsc#1202131).\n - iwlwifi: mvm: extend session protection on association (bsc#1202131).\n - iwlwifi: mvm: fix WGDS table print in iwl_mvm_chub_update_mcc()\n (bsc#1202131).\n - iwlwifi: mvm: fix a stray tab (bsc#1202131).\n - iwlwifi: mvm: fix condition which checks the version of rate_n_flags\n (bsc#1202131).\n - iwlwifi: mvm: fix delBA vs. NSSN queue sync race (bsc#1202131).\n - iwlwifi: mvm: fix ieee80211_get_he_iftype_cap() iftype (bsc#1202131).\n - iwlwifi: mvm: fix off by one in iwl_mvm_stat_iterator_all_macs()\n (bsc#1202131).\n - iwlwifi: mvm: fw: clean up hcmd struct creation (bsc#1202131).\n - iwlwifi: mvm: handle RX checksum on Bz devices (bsc#1202131).\n - iwlwifi: mvm: improve log when processing CSA (bsc#1202131).\n - iwlwifi: mvm: isolate offload assist (checksum) calculation\n (bsc#1202131).\n - iwlwifi: mvm: make iwl_mvm_reconfig_scd() static (bsc#1202131).\n - iwlwifi: mvm: offload channel switch timing to FW (bsc#1202131).\n - iwlwifi: mvm: only enable HE DCM if we also support TX (bsc#1202131).\n - iwlwifi: mvm: optionally suppress assert log (bsc#1202131).\n - iwlwifi: mvm: parse firmware alive message version 6 (bsc#1202131).\n - iwlwifi: mvm: read 6E enablement flags from DSM and pass to FW\n (bsc#1202131).\n - iwlwifi: mvm: reduce WARN_ON() in TX status path (bsc#1202131).\n - iwlwifi: mvm: refactor iwl_mvm_sta_rx_agg() (bsc#1202131).\n - iwlwifi: mvm: refactor setting PPE thresholds in STA_HE_CTXT_CMD\n (bsc#1202131).\n - iwlwifi: mvm: remove card state notification code (bsc#1202131).\n - iwlwifi: mvm: remove cipher scheme support (bsc#1202131).\n - iwlwifi: mvm: remove csi from iwl_mvm_pass_packet_to_mac80211()\n (bsc#1202131).\n - iwlwifi: mvm: remove iwl_mvm_disable_txq() flags argument (bsc#1202131).\n - iwlwifi: mvm: remove session protection after auth/assoc (bsc#1202131).\n - iwlwifi: mvm: remove session protection on disassoc (bsc#1202131).\n - iwlwifi: mvm: remove session protection upon station removal\n (bsc#1202131).\n - iwlwifi: mvm: rfi: handle deactivation notification (bsc#1202131).\n - iwlwifi: mvm: rfi: update rfi table (bsc#1202131).\n - iwlwifi: mvm: rfi: use kmemdup() to replace kzalloc + memcpy\n (bsc#1202131).\n - iwlwifi: mvm: scrub key material in firmware dumps (bsc#1202131).\n - iwlwifi: mvm: set BT-coex high priority for 802.1X/4-way-HS\n (bsc#1202131).\n - iwlwifi: mvm: set inactivity timeouts also for PS-poll (bsc#1202131).\n - iwlwifi: mvm: starting from 22000 we have 32 Rx AMPDU sessions\n (bsc#1202131).\n - iwlwifi: mvm: support Bz TX checksum offload (bsc#1202131).\n - iwlwifi: mvm: support RLC configuration command (bsc#1202131).\n - iwlwifi: mvm: support new BAID allocation command (bsc#1202131).\n - iwlwifi: mvm: support revision 1 of WTAS table (bsc#1202131).\n - iwlwifi: mvm: support v3 of station HE context command (bsc#1202131).\n - iwlwifi: mvm: update BAID allocation command again (bsc#1202131).\n - iwlwifi: mvm: update RFI TLV (bsc#1202131).\n - iwlwifi: mvm: update definitions due to new rate & flags (bsc#1202131).\n - iwlwifi: mvm: update rate scale in moving back to assoc state\n (bsc#1202131).\n - iwlwifi: mvm: use a define for checksum flags mask (bsc#1202131).\n - iwlwifi: mvm: use debug print instead of WARN_ON() (bsc#1202131).\n - iwlwifi: nvm: Correct HE capability (bsc#1202131).\n - iwlwifi: parse debug exclude data from firmware file (bsc#1202131).\n - iwlwifi: parse error tables from debug TLVs (bsc#1202131).\n - iwlwifi: pcie: Adapt rx queue write pointer for Bz family (bsc#1202131).\n - iwlwifi: pcie: add jacket bit to device configuration parsing\n (bsc#1202131).\n - iwlwifi: pcie: add support for MS devices (bsc#1202131).\n - iwlwifi: pcie: adjust to Bz completion descriptor (bsc#1202131).\n - iwlwifi: pcie: fix SW error MSI-X mapping (bsc#1202131).\n - iwlwifi: pcie: fix constant-conversion warning (bsc#1202131).\n - iwlwifi: pcie: fix killer name matching for AX200 (bsc#1202131).\n - iwlwifi: pcie: iwlwifi: fix device id 7F70 struct (bsc#1202131).\n - iwlwifi: pcie: make sure iwl_rx_packet_payload_len() will not underflow\n (bsc#1202131).\n - iwlwifi: pcie: refactor dev_info lookup (bsc#1202131).\n - iwlwifi: pcie: remove duplicate entry (bsc#1202131).\n - iwlwifi: pcie: remove two duplicate PNJ device entries (bsc#1202131).\n - iwlwifi: pcie: retake ownership after reset (bsc#1202131).\n - iwlwifi: pcie: simplify iwl_pci_find_dev_info() (bsc#1202131).\n - iwlwifi: pcie: support Bz suspend/resume trigger (bsc#1202131).\n - iwlwifi: pcie: try to grab NIC access early (bsc#1202131).\n - iwlwifi: pcie: update sw error interrupt for BZ family (bsc#1202131).\n - iwlwifi: pnvm: print out the version properly (bsc#1202131).\n - iwlwifi: prefer WIDE_ID() over iwl_cmd_id() (bsc#1202131).\n - iwlwifi: propagate (const) type qualifier (bsc#1202131).\n - iwlwifi: recognize missing PNVM data and then log filename (bsc#1202131).\n - iwlwifi: remove MODULE_AUTHOR() statements (bsc#1202131).\n - iwlwifi: remove command ID argument from queue allocation (bsc#1202131).\n - iwlwifi: remove contact information (bsc#1202131).\n - iwlwifi: remove deprecated broadcast filtering feature (bsc#1202131).\n - iwlwifi: remove redundant iwl_finish_nic_init() argument (bsc#1202131).\n - iwlwifi: remove unused DC2DC_CONFIG_CMD definitions (bsc#1202131).\n - iwlwifi: remove unused iwlax210_2ax_cfg_so_hr_a0 structure (bsc#1202131).\n - iwlwifi: remove unused macros (bsc#1202131).\n - iwlwifi: rename CHANNEL_SWITCH_NOA_NOTIF to CHANNEL_SWITCH_START_NOTIF\n (bsc#1202131).\n - iwlwifi: rename GEO_TX_POWER_LIMIT to PER_CHAIN_LIMIT_OFFSET_CMD\n (bsc#1202131).\n - iwlwifi: rs: add support for TLC config command ver 4 (bsc#1202131).\n - iwlwifi: scan: Modify return value of a function (bsc#1202131).\n - iwlwifi: support 4-bits in MAC step value (bsc#1202131).\n - iwlwifi: support SAR GEO Offset Mapping override via BIOS (bsc#1202131).\n - iwlwifi: support new queue allocation command (bsc#1202131).\n - iwlwifi: swap 1650i and 1650s killer struct names (bsc#1202131).\n - iwlwifi: tlc: Add logs in rs_fw_rate_init func to print TLC\n configuration (bsc#1202131).\n - iwlwifi: use 4k queue size for Bz A-step (bsc#1202131).\n - iwlwifi: yoyo: Avoid using dram data if allocation failed (bsc#1202131).\n - iwlwifi: yoyo: add IMR DRAM dump support (bsc#1202131).\n - iwlwifi: yoyo: disable IMR DRAM region if IMR is disabled (bsc#1202131).\n - iwlwifi: yoyo: dump IMR DRAM only for HW and FW error (bsc#1202131).\n - iwlwifi: yoyo: fix DBGC allocation flow (bsc#1202131).\n - iwlwifi: yoyo: fix DBGI_SRAM ini dump header (bsc#1202131).\n - iwlwifi: yoyo: fix issue with new DBGI_SRAM region read (bsc#1202131).\n - iwlwifi: yoyo: fw debug config from context info and preset\n (bsc#1202131).\n - iwlwifi: yoyo: send hcmd to fw after dump collection completes\n (bsc#1202131).\n - iwlwifi: yoyo: support TLV-based firmware reset (bsc#1202131).\n - iwlwifi: yoyo: support dump policy for the dump size (bsc#1202131).\n - iwlwifi: yoyo: support for DBGC4 for dram (bsc#1202131).\n - iwlwifi: yoyo: support for ROM usniffer (bsc#1202131).\n - jbd2: export jbd2_journal_[grab|put]_journal_head (bsc#1202775).\n - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal\n aborted (bsc#1202716).\n - jbd2: fix outstanding credits assert in\n jbd2_journal_commit_transaction() (bsc#1202715).\n - kABI: scsi: libiscsi: fix removal of iscsi_create_conn (bsc#1198410).\n - kabi/severities: Exclude ppc kvm\n - kabi/severities: add Qlogic qed symbols\n - kabi/severities: add drivers/scsi/hisi_sas for bsc#1202471\n - kabi/severities: add hisilicon hns3 symbols\n - kabi/severities: add microchip dsa drivers\n - kabi/severities: ignore kABI changes in mwifiex drivers Those symbols\n are used only locally in mwifiex (sub-)modules.\n - kabi/severities: octeontx2 driver (jsc#SLE-24682)\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).\n - kbuild: fix the modules order between drivers and libs (git-fixes).\n - kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd\n attempt) (git-fixes).\n - kcm: fix strp_init() order and cleanup (git-fies).\n - kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages\n - kfifo: fix kfifo_to_user() return type (git-fixes).\n - kselftest/cgroup: fix test_stress.sh to use OUTPUT dir (git-fixes).\n - kselftest/vm: fix tests build with old libc (git-fixes).\n - kselftest: Fix vdso_test_abi return status (git-fixes).\n - kselftest: signal all child processes (git-fixes).\n - kvm: selftests: do not use bitfields larger than 32-bits for PTEs\n (git-fixes).\n - l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using\n netdev_master_upper_dev_get_rcu (git-fixes).\n - landlock: Add clang-format exceptions (git-fixes).\n - landlock: Change landlock_add_rule(2) argument check ordering\n (git-fixes).\n - landlock: Change landlock_restrict_self(2) check ordering (git-fixes).\n - landlock: Create find_rule() from unmask_layers() (git-fixes).\n - landlock: Define access_mask_t to enforce a consistent access mask size\n (git-fixes).\n - landlock: Fix landlock_add_rule(2) documentation (git-fixes).\n - landlock: Fix same-layer rule unions (git-fixes).\n - landlock: Format with clang-format (git-fixes).\n - landlock: Reduce the maximum number of layers to 16 (git-fixes).\n - landlock: Use square brackets around \"landlock-ruleset\" (git-fixes).\n - lib/list_debug.c: Detect uninitialized lists (git-fixes).\n - lib/raid6/test: fix multiple definition linking error (git-fixes).\n - lib/smp_processor_id: fix imbalanced instrumentation_end() call\n (git-fixes).\n - lkdtm: Disable return thunks in rodata.c (bsc#1190497).\n - lockdep: Correct lock_classes index mapping (git-fixes).\n - locking/lockdep: Avoid potential access of invalid memory in lock_class\n (git-fixes).\n - locking/lockdep: Fix lockdep_init_map_*() confusion (git-fixes).\n - locking/lockdep: Iterate lock_classes directly when reading lockdep\n files (git-fixes).\n - loop: Check for overflow while configuring loop (git-fies).\n - loop: Use pr_warn_once() for loop_control_remove() warning (git-fixes).\n - loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).\n - mac80211: fix a memory leak where sta_info is not freed (git-fixes).\n - mac80211: introduce channel switch disconnect function (bsc#1202131).\n - macsec: always read MACSEC_SA_ATTR_PN as a u64 (git-fixes).\n - macsec: fix NULL deref in macsec_add_rxsa (git-fixes).\n - macsec: fix error message in macsec_add_rxsa and _txsa (git-fixes).\n - macsec: limit replay window size with XPN (git-fixes).\n - marvell: octeontx2: build error: unknown type name 'u64' (jsc#SLE-24682).\n - mbcache: add functions to delete entry if unused (bsc#1198971).\n - mbcache: do not reclaim used entries (bsc#1198971).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - md/raid0: Ignore RAID0 layout if the second zone has only one device\n (git-fixes).\n - md/raid1: fix missing bitmap update w/o WriteMostly devices\n (bsc#1203036).\n - media: [PATCH] pci: atomisp_cmd: fix three missing checks on list\n iterator (git-fixes).\n - media: atmel: atmel-sama7g5-isc: fix warning in configs without OF\n (git-fixes).\n - media: cedrus: h265: Fix flag name (git-fixes).\n - media: cedrus: hevc: Add check for invalid timestamp (git-fixes).\n - media: driver/nxp/imx-jpeg: fix a unexpected return value problem\n (git-fixes).\n - media: hantro: postproc: Fix motion vector space size (git-fixes).\n - media: hdpvr: fix error value returns in hdpvr_read (git-fixes).\n - media: hevc: Embedded indexes in RPS (git-fixes).\n - media: imx-jpeg: Add pm-runtime support for imx-jpeg (git-fixes).\n - media: imx-jpeg: use NV12M to represent non contiguous NV12 (git-fixes).\n - media: pvrusb2: fix memory leak in pvr_probe (git-fixes).\n - media: tw686x: Fix memory leak in tw686x_video_init (git-fixes).\n - media: tw686x: Register the irq at the end of probe (git-fixes).\n - media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set\n (git-fixes).\n - mediatek: mt76: eeprom: fix missing of_node_put() in\n mt76_find_power_limits_node() (git-fixes).\n - mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()\n (git-fixes).\n - memstick/ms_block: Fix a memory leak (git-fixes).\n - memstick/ms_block: Fix some incorrect memory allocation (git-fixes).\n - meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).\n - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n - mfd: t7l66xb: Drop platform disable callback (git-fixes).\n - minix: fix bug when opening a file with O_DIRECT (git-fixes).\n - misc: fastrpc: fix memory corruption on open (git-fixes).\n - misc: fastrpc: fix memory corruption on probe (git-fixes).\n - misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).\n - mkspec: eliminate @NOSOURCE@ macro This should be alsways used with\n @SOURCES@, just include the content there.\n - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes).\n - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n - mm: pagewalk: Fix race between unmap and page walker (git-fixes,\n bsc#1203159).\n - mmc: block: Add single read for 4k sector cards (git-fixes).\n - mmc: cavium-octeon: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: cavium-thunderx: Add of_node_put() when breaking out of loop\n (git-fixes).\n - mmc: core: Fix UHS-I SD 1.8V workaround branch (git-fixes).\n - mmc: meson-gx: Fix an error handling path in meson_mmc_probe()\n (git-fixes).\n - mmc: mxcmmc: Silence a clang warning (git-fixes).\n - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n - mmc: pxamci: Fix another error handling path in pxamci_probe()\n (git-fixes).\n - mmc: renesas_sdhi: Get the reset handle early in the probe (git-fixes).\n - mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).\n - mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n (git-fixes).\n - mmc: tmio: avoid glitches when resetting (git-fixes).\n - msft-hv-2570-hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).\n - mt76: mt7615: do not update pm stats in case of error (git-fixes).\n - mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n (git-fixes).\n - mt76: mt7921: enlarge maximum VHT MPDU length to 11454 (git-fixes).\n - mt76: mt7921: fix aggregation subframes setting to HE max (git-fixes).\n - mtd: dataflash: Add SPI ID table (git-fixes).\n - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n - mtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset\n (git-fixes).\n - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n - mtd: rawnand: arasan: Fix clock rate in NV-DDR (git-fixes).\n - mtd: rawnand: arasan: Update NAND bus clock instead of system clock\n (git-fixes).\n - mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase\n times (git-fixes).\n - mtd: rawnand: gpmi: validate controller clock rate (git-fixes).\n - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release\n (git-fixes).\n - mtd: spi-nor: fix spi_nor_spimem_setup_op() call in\n spi_nor_erase_{sector,chip}() (git-fixes).\n - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path\n (git-fixes).\n - musb: fix USB_MUSB_TUSB6010 dependency (git-fixes).\n - mwifiex: Ignore BTCOEX events from the 88W8897 firmware (git-fixes).\n - n_gsm: remove unused parameters from gsm_error() (git-fixes).\n - net: asix: fix \"can't send until first packet is send\" issue (git-fixes).\n - net: bcmgenet: Use stronger register read/writes to assure ordering\n (git-fixes).\n - net: dsa: b53: Add SPI ID table (git-fixes).\n - net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering\n (git-fixes).\n - net: dsa: felix: purge skb from TX timestamping queue if it cannot be\n sent (git-fies).\n - net: dsa: hellcreek: Add STP forwarding rule (git-fixes).\n - net: dsa: hellcreek: Add missing PTP via UDP rules (git-fixes).\n - net: dsa: hellcreek: Allow PTP P2P measurements on blocked ports\n (git-fixes).\n - net: dsa: hellcreek: Fix insertion of static FDB entries (git-fixes).\n - net: dsa: microchip: implement multi-bridge support (git-fixes).\n - net: dsa: mv88e6xxx: Add fix for erratum 5.2 of 88E6393X family\n (git-fixes).\n - net: dsa: mv88e6xxx: Drop unnecessary check in\n mv88e6393x_serdes_erratum_4_6() (git-fixes).\n - net: dsa: mv88e6xxx: Enable port policy support on 6097 (git-fixes).\n - net: dsa: mv88e6xxx: Fix application of erratum 4.8 for 88E6393X\n (git-fixes).\n - net: dsa: mv88e6xxx: Fix inband AN for 2500base-x on 88E6393X family\n (git-fixes).\n - net: dsa: mv88e6xxx: Link in pcs_get_state() if AN is bypassed\n (git-fixes).\n - net: dsa: mv88e6xxx: Save power by disabling SerDes trasmitter and\n receiver (git-fixes).\n - net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()\n (git-fixes).\n - net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports (git-fixes).\n - net: dsa: mv88e6xxx: error handling for serdes_power functions\n (git-fixes).\n - net: dsa: mv88e6xxx: fix \"do not use PHY_DETECT on internal PHY's\"\n (git-fixes).\n - net: dsa: ocelot: seville: utilize of_mdiobus_register (git-fixes).\n - net: dsa: qca8k: fix MTU calculation (git-fixes).\n - net: dsa: seville: register the mdiobus under devres (git-fixes).\n - net: dsa: tag_ocelot_8021q: break circular dependency with ocelot switch\n lib (git-fies).\n - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n - net: hns3: clean residual vf config after disable sriov (git-fixes).\n - net: macsec: fix potential resource leak in macsec_add_rxsa() and\n macsec_add_txsa() (git-fixes).\n - net: marvell: prestera: fix incorrect structure access (git-fixes).\n - net: mscc: ocelot: correctly report the timestamping RX filters in\n ethtool (git-fixes).\n - net: mscc: ocelot: create a function that replaces an existing VCAP\n filter (git-fixes).\n - net: mscc: ocelot: do not dereference NULL pointers with shared tc\n filters (git-fixes).\n - net: mscc: ocelot: do not downgrade timestamping RX filters in\n SIOCSHWTSTAMP (git-fixes).\n - net: mscc: ocelot: fix incorrect balancing with down LAG ports\n (git-fixes).\n - net: mscc: ocelot: set up traps for PTP packets (git-fixes).\n - net: openvswitch: do not send internal clone attribute to the userspace\n (git-fixes).\n - net: openvswitch: fix leak of nested actions (git-fixes).\n - net: openvswitch: fix misuse of the cached connection on tuple changes\n (git-fixes).\n - net: openvswitch: fix parsing of nw_proto for IPv6 fragments (git-fixes).\n - net: phy: Do not WARN for PHY_READY state in mdio_bus_phy_resume()\n (git-fixes).\n - net: phy: Warn about incorrect mdio_bus_phy_resume() state (git-fixes).\n - net: phy: smsc: Disable Energy Detect Power-Down in interrupt mode\n (git-fixes).\n - net: ptp: add a definition for the UDP port for IEEE 1588 general\n messages (git-fixes).\n - net: rose: fix netdev reference changes (git-fixes).\n - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale\n pointer (git-fixes).\n - net: stmmac: clean up impossible condition (git-fixes).\n - net: stmmac: disable Split Header (SPH) for Intel platforms\n (bsc#1194904).\n - net: stmmac: dwc-qos: Disable split header for Tegra194 (bsc#1194904).\n - net: stmmac: fix off-by-one error in sanity check (git-fixes).\n - net: usb: Correct PHY handling of smsc95xx (git-fixes).\n - net: usb: Correct reset handling of smsc95xx (git-fixes).\n - net: usb: ax88179_178a needs FLAG_SEND_ZLP (git-fixes).\n - net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).\n - net: usb: make USB_RTL8153_ECM non user configurable (git-fixes).\n - net: vmxnet3: fix possible NULL pointer dereference in\n vmxnet3_rq_cleanup() (bsc#1200431).\n - net: vmxnet3: fix possible use-after-free bugs in\n vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c\n (bsc#1200431).\n - net:enetc: allocate CBD ring data memory using DMA coherent methods\n (git-fixes).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout\n (git-fixes).\n - nfsd: fix use-after-free due to delegation race (git-fixes).\n - nilfs2: fix incorrect masking of permission flags for symlinks\n (git-fixes).\n - nilfs2: fix lockdep warnings during disk space reclamation (git-fixes).\n - nilfs2: fix lockdep warnings in page operations for btree nodes\n (git-fixes).\n - nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt()\n (bnc#1189999 (Scheduler functional and performance backports)).\n - nouveau/svm: Fix to migrate all requested pages (git-fixes).\n - nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf (git-fies).\n - ntb_hw_amd: Add NTB PCI ID for new gen CPU (bsc#1202113).\n - nvme-auth: align to pre-upstream FFDHE implementation (bsc#1202265).\n - nvme-auth: retry command if DNR bit is not set (bsc#1201675).\n - nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).\n - nvme-rdma: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).\n - nvme: consider also host_iface when checking ip options (bsc#1199670).\n - nvme: fix RCU hole that allowed for endless looping in multipath round\n robin (bsc#1202636).\n - nvme: implement In-Band authentication (jsc#SLE-20183).\n - nvme: kabi fixes for in-band authentication (bsc#1199086).\n - nvmet-auth: expire authentication sessions (jsc#SLE-20183).\n - nvmet: Expose max queues to configfs (bsc#1201865).\n - nvmet: implement basic In-Band Authentication (jsc#SLE-20183).\n - ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (bsc#1202778).\n - ocfs2: fix a deadlock when commit trans (bsc#1202776).\n - octeontx2-af: Add KPU changes to parse NGIO as separate layer\n (jsc#SLE-24682).\n - octeontx2-af: Add PTP device id for CN10K and 95O silcons\n (jsc#SLE-24682).\n - octeontx2-af: Add SDP interface support (jsc#SLE-24682).\n - octeontx2-af: Add debug messages for failures (jsc#SLE-24682).\n - octeontx2-af: Add external ptp input clock (jsc#SLE-24682).\n - octeontx2-af: Add free rsrc count mbox msg (jsc#SLE-24682).\n - octeontx2-af: Add mbox to retrieve bandwidth profile free count\n (jsc#SLE-24682).\n - octeontx2-af: Add support to flush full CPT CTX cache (jsc#SLE-24682).\n - octeontx2-af: Adjust LA pointer for cpt parse header (jsc#SLE-24682).\n - octeontx2-af: Allocate low priority entries for PF (jsc#SLE-24682).\n - octeontx2-af: Allow to configure flow tag LSB byte as RSS adder\n (jsc#SLE-24682).\n - octeontx2-af: Change the order of queue work and interrupt disable\n (jsc#SLE-24682).\n - octeontx2-af: Do not enable Pause frames by default (jsc#SLE-24682).\n - octeontx2-af: Enable CPT HW interrupts (jsc#SLE-24682).\n - octeontx2-af: Enhance mailbox trace entry (jsc#SLE-24682).\n - octeontx2-af: Fix LBK backpressure id count (jsc#SLE-24682).\n - octeontx2-af: Fix inconsistent license text (jsc#SLE-24682).\n - octeontx2-af: Fix interrupt name strings (jsc#SLE-24682).\n - octeontx2-af: Fix spelling mistake \"Makesure\" -> \"Make sure\"\n (jsc#SLE-24682).\n - octeontx2-af: Fix uninitialized variable val (jsc#SLE-24682).\n - octeontx2-af: Flow control resource management (jsc#SLE-24682).\n - octeontx2-af: Handle return value in block reset (jsc#SLE-24682).\n - octeontx2-af: Hardware configuration for inline IPsec (jsc#SLE-24682).\n - octeontx2-af: Increase link credit restore polling timeout\n (jsc#SLE-24682).\n - octeontx2-af: Increase number of reserved entries in KPU (jsc#SLE-24682).\n - octeontx2-af: Increment ptp refcount before use (jsc#SLE-24682).\n - octeontx2-af: Limit KPU parsing for GTPU packets (jsc#SLE-24682).\n - octeontx2-af: Modify install flow error codes (jsc#SLE-24682).\n - octeontx2-af: Optimize KPU1 processing for variable-length headers\n (jsc#SLE-24682).\n - octeontx2-af: Perform cpt lf teardown in non FLR path (jsc#SLE-24682).\n - octeontx2-af: Priority flow control configuration support\n (jsc#SLE-24682).\n - octeontx2-af: Remove channel verification while installing MCAM rules\n (jsc#SLE-24682).\n - octeontx2-af: Remove redundant initialization of variable blkaddr\n (jsc#SLE-24682).\n - octeontx2-af: Remove redundant initialization of variable pin\n (jsc#SLE-24682).\n - octeontx2-af: Reset PTP config in FLR handler (jsc#SLE-24682).\n - octeontx2-af: Retry until RVU block reset complete (jsc#SLE-24682).\n - octeontx2-af: Use DMA_ATTR_FORCE_CONTIGUOUS attribute in DMA alloc\n (jsc#SLE-24682).\n - octeontx2-af: Use NDC TX for transmit packet data (jsc#SLE-24682).\n - octeontx2-af: Use ptp input clock info from firmware data\n (jsc#SLE-24682).\n - octeontx2-af: Wait for TX link idle for credits change (jsc#SLE-24682).\n - octeontx2-af: add proper return codes for AF mailbox handlers\n (jsc#SLE-24682).\n - octeontx2-af: cn10K: Get NPC counters value (jsc#SLE-24682).\n - octeontx2-af: cn10K: support for sched lmtst and other features\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: DWRR MTU configuration (jsc#SLE-24682).\n - octeontx2-af: cn10k: RPM hardware timestamp configuration\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: Set cache lines for NPA batch alloc (jsc#SLE-24682).\n - octeontx2-af: cn10k: Use appropriate register for LMAC enable\n (jsc#SLE-24682).\n - octeontx2-af: cn10k: add workaround for ptp errata (jsc#SLE-24682).\n - octeontx2-af: cn10k: debugfs for dumping LMTST map table (jsc#SLE-24682).\n - octeontx2-af: configure npc for cn10k to allow packets from cpt\n (jsc#SLE-24682).\n - octeontx2-af: debugfs: Add channel and channel mask (jsc#SLE-24682).\n - octeontx2-af: debugfs: Minor changes (jsc#SLE-24682).\n - octeontx2-af: debugfs: do not corrupt user memory (jsc#SLE-24682).\n - octeontx2-af: debugfs: fix error return of allocations (jsc#SLE-24682).\n - octeontx2-af: enable tx shaping feature for 96xx C0 (jsc#SLE-24682).\n - octeontx2-af: fix array bound error (jsc#SLE-24682).\n - octeontx2-af: fix error code in is_valid_offset() (jsc#SLE-24682).\n - octeontx2-af: initialize action variable (jsc#SLE-24682).\n - octeontx2-af: nix and lbk in loop mode in 98xx (jsc#SLE-24682).\n - octeontx2-af: remove redudant second error check on variable err\n (jsc#SLE-24682).\n - octeontx2-af: use swap() to make code cleaner (jsc#SLE-24682).\n - octeontx2-af: verify CQ context updates (jsc#SLE-24682).\n - octeontx2-nic: fix mixed module build (jsc#SLE-24682).\n - octeontx2-nicvf: Add PTP hardware clock support to NIX VF\n (jsc#SLE-24682).\n - octeontx2-nicvf: Free VF PTP resources (jsc#SLE-24682).\n - octeontx2-pf: Add TC feature for VFs (jsc#SLE-24682).\n - octeontx2-pf: Add XDP support to netdev PF (jsc#SLE-24682).\n - octeontx2-pf: Add check for non zero mcam flows (jsc#SLE-24682).\n - octeontx2-pf: Add support for adaptive interrupt coalescing\n (jsc#SLE-24682).\n - octeontx2-pf: Add vlan-etype to ntuple filters (jsc#SLE-24682).\n - octeontx2-pf: Allow VLAN priority also in ntuple filters (jsc#SLE-24682).\n - octeontx2-pf: CN10K: Hide RPM stats over ethtool (jsc#SLE-24682).\n - octeontx2-pf: Do not mask out supported link modes (jsc#SLE-24682).\n - octeontx2-pf: Enable NETIF_F_RXALL support for VF driver (jsc#SLE-24682).\n - octeontx2-pf: Fix inconsistent license text (jsc#SLE-24682).\n - octeontx2-pf: Ntuple filters support for VF netdev (jsc#SLE-24682).\n - octeontx2-pf: PFC config support with DCBx (jsc#SLE-24682).\n - octeontx2-pf: Remove unnecessary synchronize_irq() before free_irq()\n (jsc#SLE-24682).\n - octeontx2-pf: Simplify the receive buffer size calculation\n (jsc#SLE-24682).\n - octeontx2-pf: Sort the allocated MCAM entry indices (jsc#SLE-24682).\n - octeontx2-pf: Unify flow management variables (jsc#SLE-24682).\n - octeontx2-pf: Use hardware register for CQE count (jsc#SLE-24682).\n - octeontx2-pf: cn10K: Reserve LMTST lines per core (jsc#SLE-24682).\n - octeontx2-pf: cn10k: Config DWRR weight based on MTU (jsc#SLE-24682).\n - octeontx2-pf: cn10k: Ensure valid pointers are freed to aura\n (jsc#SLE-24682).\n - octeontx2-pf: cn10k: add support for new ptp timestamp format\n (jsc#SLE-24682).\n - octeontx2-pf: devlink params support to set mcam entry count\n (jsc#SLE-24682).\n - octeontx2-pf: replace bitmap_weight with bitmap_empty where appropriate\n (jsc#SLE-24682).\n - octeontx2-pf: select CONFIG_NET_DEVLINK (jsc#SLE-24682).\n - octeontx2-vf: Add support for adaptive interrupt coalescing\n (jsc#SLE-24682).\n - octeontx2: Move devlink registration to be last devlink command\n (jsc#SLE-24682).\n - openvswitch: Fix setting ipv6 fields causing hw csum failure (git-fixes).\n - openvswitch: Fixed nd target mask field in the flow dump (git-fixes).\n - openvswitch: always update flow key after nat (git-fixes).\n - optee: add error checks in optee_ffa_do_call_with_arg() (git-fixes).\n - perf bench futex: Fix memory leak of perf_cpu_map__new() (git-fixes).\n - phy: samsung: phy-exynos-pcie: sanitize init/power_on callbacks\n (git-fixes).\n - phy: stm32: fix error return in stm32_usbphyc_phy_init (git-fixes).\n - pinctrl: amd: Do not save/restore interrupt status and wake status bits\n (git-fixes).\n - pinctrl: armada-37xx: Convert to use dev_err_probe() (git-fixes).\n - pinctrl: armada-37xx: Make use of the devm_platform_ioremap_resource()\n (git-fixes).\n - pinctrl: armada-37xx: Use temporary variable for struct device\n (git-fixes).\n - pinctrl: intel: Check against matching data instead of ACPI companion\n (git-fixes).\n - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n (git-fixes).\n - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n - pinctrl: qcom: sm8250: Fix PDC map (git-fixes).\n - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n - platform/chrome: cros_ec: Always expose last resume result (git-fixes).\n - platform/chrome: cros_ec_proto: do not show MKBP version if unsupported\n (git-fixes).\n - platform/olpc: Fix uninitialized data in debugfs write (git-fixes).\n - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n - platform/x86: pmc_atom: Match all Lex BayTrail boards with\n critclk_systems DMI table (git-fixes).\n - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for\n PMI check in power_pmu_disable (bsc#1156395).\n - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n - powerpc/powernv: delay rng platform device creation until later in boot\n (bsc#1065729).\n - powerpc/powernv: rename remaining rng powernv_ functions to pnv_\n (bsc#1065729).\n - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n - powerpc/pseries: Interface to represent PAPR firmware attributes\n (bsc#1200465 ltc#197256 jsc#SLE-18130).\n - powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1200465\n ltc#197256 jsc#SLE-18130).\n - powerpc/pseries: rename min_common_depth to primary_domain_index\n (bsc#1200465 ltc#197256 jsc#SLE-18130).\n - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n - powerpc: Avoid discarding flags in system_call_exception() (bsc#1194869).\n - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n - proc: fix a dentry lock race between release_task and lookup (git-fixes).\n - proc: fix dentry/inode overinstantiating under /proc/${pid}/net\n (git-fixes).\n - profiling: fix shift too large makes kernel panic (git-fixes).\n - pwm: lpc18xx-sct: Reduce number of devm memory allocations (git-fixes).\n - pwm: lpc18xx-sct: Simplify driver by not using pwm_[gs]et_chip_data()\n (git-fixes).\n - pwm: lpc18xx: Fix period handling (git-fixes).\n - qed: validate and restrict untrusted VFs vlan promisc mode (git-fixes).\n - r8152: fix the RX FIFO settings when suspending (git-fixes).\n - r8152: fix the units of some registers for RTL8156A (git-fixes).\n - random: remove useless header comment (git-fixes).\n - ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n - regulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n (git-fixes).\n - regulator: pca9450: Remove restrictions for regulator-name (git-fixes).\n - regulator: qcom_smd: Fix pm8916_pldo range (git-fixes).\n - remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init\n (git-fixes).\n - remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init\n (git-fixes).\n - remoteproc: qcom: pas: Check if coredump is enabled (git-fixes).\n - remoteproc: qcom: pas: Mark devices as wakeup capable (git-fixes).\n - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config\n (git-fixes).\n - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n - remoteproc: sysmon: Wait for SSCTL service to come up (git-fixes).\n - rose: check NULL rose_loopback_neigh->loopback (git-fixes).\n - rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)\n - rpmsg: char: Add mutex protection for rpmsg_eptdev_open() (git-fixes).\n - rpmsg: mtk_rpmsg: Fix circular locking dependency (git-fixes).\n - rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge (git-fixes).\n - s390/cpumf: Handle events cycles and instructions identical (git-fixes).\n - s390/crash: fix incorrect number of bytes to copy to user space\n (git-fixes).\n - s390/crash: make copy_oldmem_page() return number of bytes copied\n (git-fixes).\n - s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages\n (git-fixes).\n - s390/hypfs: avoid error message under KVM (bsc#1032323).\n - s390/kexec: handle R_390_PLT32DBL rela in\n arch_kexec_apply_relocations_add() (git-fixes).\n - s390/mm: do not trigger write fault when vma does not allow VM_WRITE\n (git-fixes).\n - s390/mm: use non-quiescing sske for KVM switch to keyed guest\n (git-fixes).\n - s390/qeth: cache link_info for ethtool (bsc#1202262 LTC#199322).\n - s390/stp: clock_delta should be signed (git-fixes).\n - s390/zcore: fix race when reading from hardware system area (git-fixes).\n - samples/landlock: Add clang-format exceptions (git-fixes).\n - samples/landlock: Fix path_list memory leak (git-fixes).\n - samples/landlock: Format with clang-format (git-fixes).\n - sched/core: Always flush pending blk_plug (bnc#1189999 (Scheduler\n functional and performance backports)).\n - sched/deadline: Fix BUG_ON condition for deboosted tasks (git-fixes)\n - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq -kabi (git\n fixes (sched/fair)).\n - sched/fair: Remove redundant word \" *\" (bnc#1189999 (Scheduler\n functional and performance backports)).\n - sched/uclamp: Fix iowait boost escaping uclamp restriction (git-fixes)\n - sched/uclamp: Fix rq->uclamp_max not set on first enqueue (git-fixes)\n - sched: Allow newidle balancing to bail out of load_balance (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched: Fix the check of nr_running at queue wakelist (bnc#1189999\n (Scheduler functional and performance backports)).\n - sched: Remove the limitation of WF_ON_CPU on wakelist if wakee cpu is\n idle (bnc#1189999 (Scheduler functional and performance backports)).\n Refresh\n - sched: Remove unused function group_first_cpu() (bnc#1189999 (Scheduler\n functional and performance backports)).\n - scripts/dtc: Call pkg-config POSIXly correct (git-fixes).\n - scripts/faddr2line: Fix vmlinux detection on arm64 (git-fixes).\n - scripts/gdb: change kernel config dumping method (git-fixes).\n - scripts: sphinx-pre-install: Fix ctex support on Debian (git-fixes).\n - scripts: sphinx-pre-install: add required ctex dependency (git-fixes).\n - scsi: hisi_sas: Keep controller active between ISR of phyup and the\n event being processed (bsc#1202471).\n - scsi: hisi_sas: Use autosuspend for the host controller (bsc#1202471).\n - scsi: libiscsi: Add iscsi_cls_conn to sysfs after initialization\n (bsc#1198410).\n - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE\n (bsc#1203063).\n - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n - scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).\n - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n - scsi: lpfc: Fix attempted FA-PWWN usage after feature disable\n (bsc#1201956).\n - scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test\n (bsc#1201956).\n - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for\n GFT_ID (bsc#1203063).\n - scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE\n (bsc#1201956).\n - scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb()\n (bsc#1201956).\n - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT\n discovery (bsc#1203063).\n - scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed\n user input (bsc#1201956).\n - scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into\n lpfc_sli_prep_abort_xri() (bsc#1201956).\n - scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).\n - scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n - scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after\n VMID (bsc#1201956).\n - scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration\n (bsc#1201956).\n - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n - scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb\n (bsc#1201956).\n - scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).\n - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n - scsi: megaraid: Clear READ queue map's nr_queues (git-fixes).\n - scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown\n (git-fixes).\n - scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()\n (bsc#1201958).\n - scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).\n - scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).\n - scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).\n - scsi: qla2xxx: Fix response queue handler reading stale packets\n (bsc#1201958).\n - scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).\n - scsi: qla2xxx: Update manufacturer details (bsc#1201958).\n - scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).\n - scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).\n - scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).\n - scsi: sg: Allow waiting for commands to complete on removed device\n (git-fixes).\n - scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).\n - scsi: ufs: core: Fix another task management completion race (git-fixes).\n - scsi: ufs: core: Fix task management completion timeout race (git-fixes).\n - scsi: zfcp: Fix missing auto port scan and thus missing target ports\n (git-fixes).\n - seccomp: Invalidate seccomp mode to catch death failures (git-fixes).\n - selftest/net/forwarding: declare NETIFS p9 p10 (git-fixes).\n - selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465\n ltc#197256 jsc#SLE-18130).\n - selftest/vm: fix map_fixed_noreplace test failure (git-fixes).\n - selftest/vm: verify mmap addr in mremap_test (git-fixes).\n - selftest/vm: verify remap destination address in mremap_test (git-fixes).\n - selftests, x86: fix how check_cc.sh is being invoked (git-fixes).\n - selftests/exec: Add non-regular to TEST_GEN_PROGS (git-fixes).\n - selftests/exec: Remove pipe from TEST_GEN_FILES (git-fixes).\n - selftests/fib_tests: Rework fib_rp_filter_test() (git-fixes).\n - selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT\n (git-fixes).\n - selftests/ftrace: make kprobe profile testcase description unique\n (git-fixes).\n - selftests/landlock: Add clang-format exceptions (git-fixes).\n - selftests/landlock: Add tests for O_PATH (git-fixes).\n - selftests/landlock: Add tests for unknown access rights (git-fixes).\n - selftests/landlock: Extend access right tests to directories (git-fixes).\n - selftests/landlock: Extend tests for minimal valid attribute size\n (git-fixes).\n - selftests/landlock: Format with clang-format (git-fixes).\n - selftests/landlock: Fully test file rename with \"remove\" access\n (git-fixes).\n - selftests/landlock: Make tests build with old libc (git-fixes).\n - selftests/landlock: Normalize array assignment (git-fixes).\n - selftests/landlock: Test landlock_create_ruleset(2) argument check\n ordering (git-fixes).\n - selftests/memfd: clean up mapping in mfd_fail_write (git-fixes).\n - selftests/memfd: remove unused variable (git-fixes).\n - selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test\n (git-fixes).\n - selftests/net: so_txtime: fix parsing of start time stamp on 32 bit\n systems (git-fixes).\n - selftests/net: so_txtime: usage(): fix documentation of default clock\n (git-fixes).\n - selftests/net: timestamping: Fix bind_phc check (git-fixes).\n - selftests/net: udpgso_bench_tx: fix dst ip argument (git-fixes).\n - selftests/powerpc/spectre_v2: Return skip code when miss_percent is high\n (git-fixes).\n - selftests/powerpc: Add a test of sigreturning to the kernel (git-fixes).\n - selftests/resctrl: Fix null pointer dereference on open failed\n (git-fixes).\n - selftests/rseq: Change type of rseq_offset to ptrdiff_t (git-fixes).\n - selftests/rseq: Fix ppc32 missing instruction selection \"u\" and \"x\" for\n load/store (git-fixes).\n - selftests/rseq: Fix ppc32 offsets by using long rather than off_t\n (git-fixes).\n - selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big\n endian (git-fixes).\n - selftests/rseq: Fix warnings about #if checks of undefined tokens\n (git-fixes).\n - selftests/rseq: Fix: work-around asm goto compiler bugs (git-fixes).\n - selftests/rseq: Introduce rseq_get_abi() helper (git-fixes).\n - selftests/rseq: Introduce thread pointer getters (git-fixes).\n - selftests/rseq: Remove arm/mips asm goto compiler work-around\n (git-fixes).\n - selftests/rseq: Remove useless assignment to cpu variable (git-fixes).\n - selftests/rseq: Remove volatile from __rseq_abi (git-fixes).\n - selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35\n (git-fixes).\n - selftests/rseq: introduce own copy of rseq uapi header (git-fixes).\n - selftests/rseq: remove ARRAY_SIZE define from individual tests\n (git-fixes).\n - selftests/rseq: x86-32: use %gs segment selector for accessing rseq\n thread area (git-fixes).\n - selftests/rseq: x86-64: use %fs segment selector for accessing rseq\n thread area (git-fixes).\n - selftests/seccomp: Do not call read() on TTY from background pgrp\n (git-fixes).\n - selftests/seccomp: Fix compile warning when CC=clang (git-fixes).\n - selftests/seccomp: Fix seccomp failure by adding missing headers\n (git-fixes).\n - selftests/sgx: Treat CC as one argument (git-fixes).\n - selftests/vm/transhuge-stress: fix ram size thinko (git-fixes).\n - selftests/vm: make charge_reserved_hugetlb.sh work with existing cgroup\n setting (git-fixes).\n - selftests/x86: Add validity check and allow field splitting (git-fixes).\n - selftests/zram01.sh: Fix compression ratio calculation (git-fixes).\n - selftests/zram: Adapt the situation that /dev/zram0 is being used\n (git-fixes).\n - selftests/zram: Skip max_comp_streams interface on newer kernel\n (git-fixes).\n - selftests: Add duplicate config only for MD5 VRF tests (git-fixes).\n - selftests: Fix IPv6 address bind tests (git-fixes).\n - selftests: Fix raw socket bind tests with VRF (git-fixes).\n - selftests: add ping test with ping_group_range tuned (git-fixes).\n - selftests: cgroup: Make cg_create() use 0755 for permission instead of\n 0644 (git-fixes).\n - selftests: cgroup: Test open-time cgroup namespace usage for migration\n checks (git-fixes).\n - selftests: cgroup: Test open-time credential usage for migration checks\n (git-fixes).\n - selftests: clone3: clone3: add case CLONE3_ARGS_NO_TEST (git-fixes).\n - selftests: fixup build warnings in pidfd / clone3 tests (git-fixes).\n - selftests: forwarding: fix error message in learning_test (git-fixes).\n - selftests: forwarding: fix flood_unicast_test when h2 supports\n IFF_UNICAST_FLT (git-fixes).\n - selftests: forwarding: fix learning_test when h1 supports\n IFF_UNICAST_FLT (git-fixes).\n - selftests: futex: Use variable MAKE instead of make (git-fixes).\n - selftests: gpio: fix gpio compiling error (git-fixes).\n - selftests: harness: avoid false negatives if test has no ASSERTs\n (git-fixes).\n - selftests: icmp_redirect: pass xfail=0 to log_test() (git-fixes).\n - selftests: kvm: set rax before vmcall (git-fixes).\n - selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is\n operational (git-fixes).\n - selftests: mlxsw: resource_scale: Fix return value (git-fixes).\n - selftests: mlxsw: tc_police_scale: Make test more robust (git-fixes).\n - selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets\n (git-fixes).\n - selftests: mptcp: add csum mib check for mptcp_connect (git-fixes).\n - selftests: mptcp: fix diag instability (git-fixes).\n - selftests: mptcp: fix ipv6 routing setup (git-fixes).\n - selftests: mptcp: more stable diag tests (git-fixes).\n - selftests: net: Correct case name (git-fixes).\n - selftests: net: Correct ping6 expected rc from 2 to 1 (git-fixes).\n - selftests: net: Fix a typo in udpgro_fwd.sh (git-fixes).\n - selftests: net: tls: remove unused variable and code (git-fixes).\n - selftests: net: udpgro_fwd.sh: explicitly checking the available ping\n feature (git-fixes).\n - selftests: net: using ping6 for IPv6 in udpgro_fwd.sh (git-fixes).\n - selftests: netfilter: add a vrf+conntrack testcase (git-fixes).\n - selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh\n (git-fixes).\n - selftests: netfilter: disable rp_filter on router (git-fixes).\n - selftests: netfilter: fix exit value for nft_concat_range (git-fixes).\n - selftests: nft_concat_range: add test for reload with no element add/del\n (git-fixes).\n - selftests: ocelot: tc_flower_chains: specify conform-exceed action for\n policer (git-fixes).\n - selftests: openat2: Add missing dependency in Makefile (git-fixes).\n - selftests: openat2: Print also errno in failure messages (git-fixes).\n - selftests: openat2: Skip testcases that fail with EOPNOTSUPP (git-fixes).\n - selftests: pmtu.sh: Kill nettest processes launched in subshell\n (git-fixes).\n - selftests: pmtu.sh: Kill tcpdump processes launched by subshell\n (git-fixes).\n - selftests: rtc: Increase test timeout so that all tests run (git-fixes).\n - selftests: skip mincore.check_file_mmap when fs lacks needed support\n (git-fixes).\n - selftests: test_vxlan_under_vrf: Fix broken test case (git-fixes).\n - selftests: timers: clocksource-switch: fix passing errors from child\n (git-fixes).\n - selftests: timers: valid-adjtimex: build fix for newer toolchains\n (git-fixes).\n - selftests: vm: Makefile: rename TARGETS to VMTARGETS (git-fixes).\n - selftests: vm: fix clang build error multiple output files (git-fixes).\n - selftests: x86: fix [-Wstringop-overread] warn in\n test_process_vm_readv() (git-fixes).\n - selinux: Add boundary check in put_entry() (git-fixes).\n - selinux: access superblock_security_struct in LSM blob way (git-fixes).\n - selinux: check return value of sel_make_avc_files (git-fixes).\n - selinux: fix bad cleanup on error in hashtab_duplicate() (git-fixes).\n - selinux: fix double free of cond_list on error paths (git-fixes).\n - selinux: fix memleak in security_read_state_kernel() (git-fixes).\n - selinux: fix misuse of mutex_is_locked() (git-fixes).\n - selinux: use correct type for context length (git-fixes).\n - serial: 8250: Add proper clock handling for OxSemi PCIe devices\n (git-fixes).\n - serial: 8250: Export ICR access helpers for internal use (git-fixes).\n - serial: 8250: Fold EndRun device support into OxSemi Tornado code\n (git-fixes).\n - serial: 8250_bcm7271: Save/restore RTS in suspend/resume (git-fixes).\n - serial: 8250_dw: Store LSR into lsr_saved_flags in\n dw8250_tx_wait_empty() (git-fixes).\n - serial: 8250_fsl: Do not report FE, PE and OE twice (git-fixes).\n - serial: 8250_pci: Refactor the loop in pci_ite887x_init() (git-fixes).\n - serial: 8250_pci: Replace dev_*() by pci_*() macros (git-fixes).\n - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n - serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n - smsc95xx: Ignore -ENODEV errors when device is unplugged (git-fixes).\n - soc: amlogic: Fix refcount leak in meson-secure-pwrc.c (git-fixes).\n - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n (git-fixes).\n - soc: fsl: guts: machine variable might be unset (git-fixes).\n - soc: fsl: select FSL_GUTS driver for DPIO (git-fixes).\n - soc: imx: gpcv2: Assert reset before ungating clock (git-fixes).\n - soc: qcom: Make QCOM_RPMPD depend on PM (git-fixes).\n - soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register\n (git-fixes).\n - soc: qcom: ocmem: Fix refcount leak in of_get_ocmem (git-fixes).\n - soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values\n (git-fixes).\n - soundwire: bus_type: fix remove and shutdown support (git-fixes).\n - soundwire: qcom: Check device status before reading devid (git-fixes).\n - soundwire: qcom: fix device status array range (git-fixes).\n - spi: Fix incorrect cs_setup delay handling (git-fixes).\n - spi: Fix simplification of devm_spi_register_controller (git-fixes).\n - spi: dt-bindings: cadence: add missing 'required' (git-fixes).\n - spi: dt-bindings: zynqmp-qspi: add missing 'required' (git-fixes).\n - spi: meson-spicc: add local pow2 clock ops to preserve rate between\n messages (git-fixes).\n - spi: spi-altera-dfl: Fix an error handling path (git-fixes).\n - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n - spi: tegra20-slink: fix UAF in tegra_slink_remove() (git-fixes).\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n (git-fixes).\n - staging: rtl8192u: Fix sleep in atomic context bug in\n dm_fsync_timer_callback (git-fixes).\n - staging: rtl8712: fix use after free bugs (git-fixes).\n - tee: optee: do not check memref size on return from Secure World\n (git-fixes).\n - tee: tee_get_drvdata(): fix description of return value (git-fixes).\n - testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu\n set (git-fixes).\n - testing: nvdimm: asm/mce.h is not needed in nfit.c (git-fixes).\n - testing: nvdimm: iomap: make __nfit_test_ioremap a macro (git-fixes).\n - tests: fix idmapped mount_setattr test (git-fixes).\n - thermal/int340x_thermal: handle data_vault when the value is\n ZERO_SIZE_PTR (bsc#1201308).\n - thermal/tools/tmon: Include pthread and time headers in tmon.h\n (git-fixes).\n - thermal: sysfs: Fix cooling_device_stats_setup() error code path\n (git-fixes).\n - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n - tools include UAPI: Sync sound/asound.h copy with the kernel sources\n (git-fixes).\n - tools/nolibc: fix incorrect truncation of exit code (git-fixes).\n - tools/nolibc: i386: fix initial stack alignment (git-fixes).\n - tools/nolibc: x86-64: Fix startup code bug (git-fixes).\n - tools/testing/scatterlist: add missing defines (git-fixes).\n - tools/thermal: Fix possible path truncations (git-fixes).\n - tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH\n (git-fixes).\n - trace/osnoise: Add migrate-disabled field to the osnoise header\n (git-fixes).\n - trace/timerlat: Add migrate-disabled field to the timerlat header\n (git-fixes).\n - tracing/histograms: Fix memory leak problem (git-fixes).\n - tracing/kprobes: Check whether get_kretprobe() returns NULL in\n kretprobe_dispatcher() (git-fixes).\n - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n - tracing: Add ustring operation to filtering string pointers (git-fixes).\n - tracing: Fix sleeping while atomic in kdb ftdump (git-fixes).\n - tracing: Have filter accept \"common_cpu\" to be consistent (git-fixes).\n - tracing: Use a struct alignof to determine trace event field alignment\n (git-fixes).\n - tty: 8250: Add support for Brainboxes PX cards (git-fixes).\n - tty: n_gsm: Delete gsm_disconnect when config requester (git-fixes).\n - tty: n_gsm: Delete gsmtty open SABM frame when config requester\n (git-fixes).\n - tty: n_gsm: Modify CR,PF bit printk info when config requester\n (git-fixes).\n - tty: n_gsm: Modify CR,PF bit when config requester (git-fixes).\n - tty: n_gsm: Modify cr bit value when config requester (git-fixes).\n - tty: n_gsm: Modify gsmtty driver register method when config requester\n (git-fixes).\n - tty: n_gsm: Save dlci address open status when config requester\n (git-fixes).\n - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()\n (git-fixes).\n - tty: n_gsm: avoid call of sleeping functions from atomic context\n (git-fixes).\n - tty: n_gsm: clean up dead code in gsm_queue() (git-fixes).\n - tty: n_gsm: clean up implicit CR bit encoding in address field\n (git-fixes).\n - tty: n_gsm: clean up indenting in gsm_queue() (git-fixes).\n - tty: n_gsm: fix DM command (git-fixes).\n - tty: n_gsm: fix broken virtual tty handling (git-fixes).\n - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (git-fixes).\n - tty: n_gsm: fix deadlock and link starvation in outgoing data path\n (git-fixes).\n - tty: n_gsm: fix decoupled mux resource (git-fixes).\n - tty: n_gsm: fix encoding of command/response bit (git-fixes).\n - tty: n_gsm: fix flow control handling in tx path (git-fixes).\n - tty: n_gsm: fix frame reception handling (git-fixes).\n - tty: n_gsm: fix incorrect UA handling (git-fixes).\n - tty: n_gsm: fix insufficient txframe size (git-fixes).\n - tty: n_gsm: fix invalid gsmtty_write_room() result (git-fixes).\n - tty: n_gsm: fix invalid use of MSC in advanced option (git-fixes).\n - tty: n_gsm: fix malformed counter for out of frame data (git-fixes).\n - tty: n_gsm: fix missing corner cases in gsmld_poll() (git-fixes).\n - tty: n_gsm: fix missing explicit ldisc flush (git-fixes).\n - tty: n_gsm: fix missing mux reset on config change at responder\n (git-fixes).\n - tty: n_gsm: fix missing timer to handle stalled links (git-fixes).\n - tty: n_gsm: fix missing tty wakeup in convergence layer type 2\n (git-fixes).\n - tty: n_gsm: fix missing update of modem controls after DLCI open\n (git-fixes).\n - tty: n_gsm: fix mux activation issues in gsm_config() (git-fixes).\n - tty: n_gsm: fix mux cleanup after unregister tty device (git-fixes).\n - tty: n_gsm: fix non flow control frames during mux flow off (git-fixes).\n - tty: n_gsm: fix packet re-transmission without open control channel\n (git-fixes).\n - tty: n_gsm: fix race condition in gsmld_write() (git-fixes).\n - tty: n_gsm: fix reset fifo race condition (git-fixes).\n - tty: n_gsm: fix resource allocation order in gsm_activate_mux()\n (git-fixes).\n - tty: n_gsm: fix restart handling via CLD command (git-fixes).\n - tty: n_gsm: fix software flow control handling (git-fixes).\n - tty: n_gsm: fix sometimes uninitialized warning in\n gsm_dlci_modem_output() (git-fixes).\n - tty: n_gsm: fix tty registration before control channel open (git-fixes).\n - tty: n_gsm: fix user open not possible at responder until initiator open\n (git-fixes).\n - tty: n_gsm: fix wrong DLCI release order (git-fixes).\n - tty: n_gsm: fix wrong T1 retry count handling (git-fixes).\n - tty: n_gsm: fix wrong command frame length field encoding (git-fixes).\n - tty: n_gsm: fix wrong command retry handling (git-fixes).\n - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()\n (git-fixes).\n - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2\n (git-fixes).\n - tty: n_gsm: fix wrong signal octets encoding in MSC (git-fixes).\n - tty: n_gsm: initialize more members at gsm_alloc_mux() (git-fixes).\n - tty: n_gsm: replace kicktimer with delayed_work (git-fixes).\n - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n - tty: serial: fsl_lpuart: correct the count of break characters\n (git-fixes).\n - tty: serial: lpuart: disable flow control while waiting for the transmit\n engine to complete (git-fixes).\n - tty: vt: initialize unicode screen buffer (git-fixes).\n - tun: avoid double free in tun_free_netdev (git-fixes).\n - tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()\n (git-fixes).\n - tuntap: add sanity checks about msg_controllen in sendmsg (git-fixes).\n - uaccess: fix type mismatch warnings from access_ok() (git-fixes).\n - ucounts: Base set_cred_ucounts changes on the real user (git-fixes).\n - ucounts: Fix rlimit max values check (git-fixes).\n - ucounts: Fix systemd LimitNPROC with private users regression\n (git-fixes).\n - ucounts: Handle wrapping in is_ucounts_overlimit (git-fixes).\n - ucounts: In set_cred_ucounts assume new->ucounts is non-NULL (git-fixes).\n - udf: Fix crash after seekdir (bsc#1194592).\n - udmabuf: Set the DMA mask for the udmabuf device (v2) (git-fixes).\n - udmabuf: add back sanity check (git-fixes).\n - usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()\n (git-fixes).\n - usb: cdns3 fix use-after-free at workaround 2 (git-fixes).\n - usb: cdns3: Do not use priv_dev uninitialized in\n cdns3_gadget_ep_enable() (git-fixes).\n - usb: cdns3: change place of 'priv_ep' assignment in\n cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() (git-fixes).\n - usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC transfer\n (git-fixes).\n - usb: cdns3: fix issue with rearming ISO OUT endpoint (git-fixes).\n - usb: cdns3: fix random warning message when driver load (git-fixes).\n - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n - usb: dwc2: gadget: remove D+ pull-up while no vbus with usb-role-switch\n (git-fixes).\n - usb: dwc3: core: Deprecate GCTL.CORESOFTRESET (git-fixes).\n - usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup\n (git-fixes).\n - usb: dwc3: dwc3-qcom: Add missing platform_device_put() in\n dwc3_qcom_acpi_register_core (git-fixes).\n - usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API (git-fixes).\n - usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop\n (git-fixes).\n - usb: dwc3: gadget: fix high speed multiplier setting (git-fixes).\n - usb: dwc3: gadget: refactor dwc3_repare_one_trb (git-fixes).\n - usb: dwc3: qcom: Add helper functions to enable,disable wake irqs\n (git-fixes).\n - usb: dwc3: qcom: fix missing optional irq warnings (git-fixes).\n - usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup (git-fixes).\n - usb: gadget: f_uac2: clean up some inconsistent indenting (git-fixes).\n - usb: gadget: f_uac2: fix superspeed transfer (git-fixes).\n - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS\n (git-fixes).\n - usb: gadget: tegra-xudc: Fix error check in\n tegra_xudc_powerdomain_init() (git-fixes).\n - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n - usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).\n - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of\n uvcg_info (git-fixes).\n - usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).\n - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n - usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).\n - usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).\n - usb: renesas: Fix refcount leak bug (git-fixes).\n - usb: typec: altmodes/displayport: correct pin assignment for UFP\n receptacles (git-fixes).\n - usb: typec: tcpm: Return ENOTSUPP for power supply prop writes\n (git-fixes).\n - usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion\n (git-fixes).\n - usb: xhci: tegra: Fix error check (git-fixes).\n - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n - usbnet: Run unregister_netdev() before unbind() again (git-fixes).\n - usbnet: smsc95xx: Avoid link settings race on interrupt reception\n (git-fixes).\n - usbnet: smsc95xx: Do not clear read-only PHY interrupt (git-fixes).\n - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n - usbnet: smsc95xx: Forward PHY interrupts to PHY driver to avoid polling\n (git-fixes).\n - userfaultfd/selftests: fix hugetlb area allocations (git-fixes).\n - vboxguest: Do not use devm for irq (git-fixes).\n - vdpa_sim: avoid putting an uninitialized iova_domain (git-fixes).\n - venus: pm_helpers: Fix warning in OPP during probe (git-fixes).\n - vfio/ccw: Do not change FSM state in subchannel event (git-fixes).\n - vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n - vfio: Clear the caps->buf to NULL after free (git-fixes).\n - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n (git-fixes).\n - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n (git-fixes).\n - virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).\n - virtio-net: fix the race between refill work and close (git-fixes).\n - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n - vmxnet3: Record queue number to incoming packets (bsc#1200431).\n - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n - vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n - vmxnet3: add support for capability registers (bsc#1200431).\n - vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n - vmxnet3: add support for out of order rx completion (bsc#1200431).\n - vmxnet3: disable overlay offloads if UPT device does not support\n (bsc#1200431).\n - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n - vmxnet3: prepare for version 7 changes (bsc#1200431).\n - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n - vmxnet3: update to version 7 (bsc#1200431).\n - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n - vrf: do not run conntrack on vrf with !dflt qdisc (git-fixes).\n - vsock/virtio: enable VQs early on probe (git-fixes).\n - vsock/virtio: initialize vdev->priv before using VQs (git-fixes).\n - vsock/virtio: read the negotiated features before using VQs (git-fixes).\n - vsock: Fix memory leak in vsock_connect() (git-fixes).\n - vsock: Set socket state back to SS_UNCONNECTED in\n vsock_connect_timeout() (git-fixes).\n - vsock: remove vsock from connected table when connect is interrupted by\n a signal (git-fixes).\n - watch-queue: remove spurious double semicolon (git-fixes).\n - watch_queue: Fix missing locking in add_watch_to_object() (git-fixes).\n - watch_queue: Fix missing rcu annotation (git-fixes).\n - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in\n armada_37xx_wdt_probe() (git-fixes).\n - watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource\n (git-fixes).\n - watchqueue: make sure to serialize 'wqueue->defunct' properly\n (git-fixes).\n - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()\n (git-fixes).\n - wifi: iwlegacy: 4965: fix potential off-by-one overflow in\n il4965_rs_fill_link_cmd() (git-fixes).\n - wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n (git-fixes).\n - wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).\n - wifi: mac80211: Do not finalize CSA in IBSS mode if state is\n disconnected (git-fixes).\n - wifi: mac80211: limit A-MSDU subframes for client too (git-fixes).\n - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n - wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).\n - wifi: p54: add missing parentheses in p54_flush() (git-fixes).\n - wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()\n (git-fixes).\n - wifi: rtlwifi: remove always-true condition pointed out by GCC 12\n (git-fies).\n - wifi: rtw88: check the return value of alloc_workqueue() (git-fixes).\n - wifi: rtw89: 8852a: rfk: fix div 0 exception (git-fixes).\n - wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n (git-fixes).\n - wifi: wil6210: debugfs: fix uninitialized variable use in\n `wil_write_file_wmi()` (git-fixes).\n - wireguard: device: check for metadata_dst with skb_valid_dst()\n (git-fixes).\n - wireless: Remove redundant 'flush_workqueue()' calls (bsc#1202131).\n - x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM\n (bsc#1190497).\n - x86/olpc: fix 'logical not is only applied to the left hand side'\n (git-fixes).\n - x86/retbleed: Add fine grained Kconfig knobs (bsc#1190497).\n - x86/sev: Define the Linux-specific guest termination reasons\n (bsc#1190497).\n - x86/sev: Save the negotiated GHCB version (bsc#1190497).\n - xen/gntdev: fix unmap notification order (git-fixes).\n - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() (git-fixes).\n - xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n - xen: detect uninitialized xenbus in xenbus_init (git-fixes).\n - xen: do not continue xenstore initialization in case of errors\n (git-fixes).\n - xfs: Fix the free logic of state in xfs_attr_node_hasname (git-fixes).\n - xfs: check sb_meta_uuid for dabuf buffer recovery (git-fixes).\n - xfs: fix soft lockup via spinning in filestream ag selection loop\n (git-fixes).\n - xfs: fix use-after-free in xattr node block inactivation (git-fixes).\n - xfs: fold perag loop iteration logic into helper function (git-fixes).\n - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n - xfs: only bother with sync_filesystem during readonly remount\n (git-fixes).\n - xfs: prevent UAF in xfs_log_item_in_current_chkpt (git-fixes).\n - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n - xfs: remove incorrect ASSERT in xfs_rename (git-fixes).\n - xfs: rename the next_agno perag iteration variable (git-fixes).\n - xfs: reorder iunlink remove operation in xfs_ifree (git-fixes).\n - xfs: revert \"xfs: actually bump warning counts when we send warnings\"\n (git-fixes).\n - xfs: terminate perag iteration reliably on agcount (git-fixes).\n - xfs: use invalidate_lock to check the state of mmap_lock (git-fixes).\n - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n - xfs: use setattr_copy to set vfs inode attributes (git-fixes).\n - xhci: Set HCD flag to defer primary roothub registration (git-fixes).\n - xhci: dbc: Rename xhci_dbc_init and xhci_dbc_exit (git-fixes).\n - xhci: dbc: create and remove dbc structure in dbgtty driver (git-fixes).\n - xhci: dbc: refactor xhci_dbc_init() (git-fixes).\n - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create\n (git-fixes).\n - xprtrdma: treat all calls not a bcall when bc_serv is NULL (git-fixes).\n - zonefs: Clear inode information flags on inode creation (git-fixes).\n - zonefs: Fix management of open zones (git-fixes).\n - zonefs: add MODULE_ALIAS_FS (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-3293=1\n\n - SUSE Linux Enterprise Workstation Extension 15-SP4:\n\n zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-3293=1\n\n - SUSE Linux Enterprise Module for Live Patching 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-3293=1\n\n Please note that this is the initial kernel livepatch without fixes\n itself, this livepatch package is later updated by seperate standalone\n livepatch updates.\n\n - SUSE Linux Enterprise Module for Legacy Software 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-3293=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3293=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3293=1\n\n - SUSE Linux Enterprise High Availability 15-SP4:\n\n zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-3293=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-16T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-36516", "CVE-2021-33135", "CVE-2021-4037", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2588", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-28356", "CVE-2022-28693", "CVE-2022-2873", "CVE-2022-2905", "CVE-2022-2938", "CVE-2022-2959", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-3078", "CVE-2022-32250", "CVE-2022-36879", "CVE-2022-36946", "CVE-2022-39188", "CVE-2022-39190"], "modified": "2022-09-16T00:00:00", "id": "SUSE-SU-2022:3293-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QYATGYQHPPFG5MGV2D7MYJCLCSSV6M3R/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-10-31T15:46:23", "description": "An update that solves 32 vulnerabilities, contains two\n features and has 84 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various\n security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in\n drivers/acpi/apei/einj.c that allowed users to simulate hardware errors\n and consequently cause a denial of service (bnc#1023051).\n - CVE-2020-16119: Fixed a use-after-free due to reuse of a DCCP socket\n with an attached dccps_hc_tx_ccid object as a listener after being\n released (bnc#1177471).\n - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()\n printer_ioctl() when accessing a deallocated instance (bnc#1202895).\n - CVE-2021-4155: Fixed a data leak flaw that was found in the way\n XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).\n - CVE-2021-4203: Fixed use-after-free read flaw that was found in\n sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (bnc#1194535).\n - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()\n (bsc#1202346).\n - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of\n v4l2-mem2mem.c (bnc#1202347).\n - CVE-2022-2503: Fixed a LoadPin bypass in Dm-verity (bnc#1202677).\n - CVE-2022-2586: Fixed issue in netfilter that allowed CHAIN_ID to refer\n to another table (bsc#1202095).\n - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).\n - CVE-2022-26373: Fixed non-transparent sharing of return predictor\n targets between contexts in some Intel Processors (bnc#1201726).\n - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where\n the message handling could be confused and incorrectly matches the\n message (bnc#1202097).\n - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke\n descriptors (bsc#1202564, bsc#1202860).\n - CVE-2022-2977: Fixed reference counting for struct tpm_chip\n (bsc#1202672).\n - CVE-2022-3028: Fixed race condition that was found in the IP framework\n for transforming packets (XFRM subsystem) (bnc#1202898).\n - CVE-2022-3169: Fixed a denial of service that resulted in a PCIe link\n disconnect (bnc#1203290).\n - CVE-2022-32296: Fixed issue where TCP servers were able to identify\n clients by observing what source ports are used (bnc#1200288).\n - CVE-2022-3239: Fixed a use-after-free in the video4linux driver\n (bnc#1203552).\n - CVE-2022-3303: Fixed a race at SNDCTL_DSP_SYNC (bsc#1203769).\n - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in\n net/xfrm/xfrm_policy.c where a refcount could be dropped twice\n (bnc#1201948).\n - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where\n a device driver can free a page while it still has stale TLB entries\n (bnc#1203107).\n - CVE-2022-39190: Fixed an issue that was discovered in\n net/netfilter/nf_tables_api.c and could cause a denial of service upon\n binding to an already bound chain (bnc#1203117).\n - CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c due to\n stex_queuecommand_lck lack a memset for the PASSTHRU_CMD case\n (bnc#1203514).\n - CVE-2022-41218: Fixed a use-after-free due to refcount races at\n releasing (bsc#1202960).\n - CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap\n lock is not held during a PUD move (bnc#1203622).\n - CVE-2022-41674: Fixed a DoS issue where kernel can crash on the\n reception of specific WiFi Frames (bsc#1203770).\n - CVE-2022-41848: Fixed a use-after-free in mgslpc_ops (bsc#1203987).\n - CVE-2022-41849: Fixed a use-after-free in ufx_ops_open() (bsc#1203992).\n - CVE-2022-42719: Fixed MBSSID parsing use-after-free (bsc#1204051).\n - CVE-2022-42720: Fixed BSS refcounting bugs (bsc#1204059).\n - CVE-2022-42721: Avoid nontransmitted BSS list corruption (bsc#1204060).\n - CVE-2022-42722: Fixed crash in beacon protection for P2P-device\n (bsc#1204125).\n\n The following non-security bugs were fixed:\n\n - Fixed parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).\n - acpi: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks\n (git-fixes).\n - acpi: LPSS: Fix missing check in register_device_clock() (git-fixes).\n - acpi: PM: save NVS memory for Lenovo G40-45 (git-fixes).\n - acpi: processor idle: Practically limit \"Dummy wait\" workaround to old\n Intel systems (bnc#1203802).\n - acpi: processor: Remove freq Qos request for all CPUs (git-fixes).\n - acpi: property: Return type of acpi_add_nondev_subnodes() should be bool\n (git-fixes).\n - acpi: video: Force backlight native for some TongFang devices\n (git-fixes).\n - alsa: aloop: Fix random zeros in capture data when using jiffies timer\n (git-fixes).\n - alsa: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).\n - alsa: emu10k1: Fix out of bounds access in\n snd_emu10k1_pcm_channel_alloc() (git-fixes).\n - alsa: hda/cirrus - support for iMac 12,1 model (git-fixes).\n - alsa: hda/conexant: Add quirk for LENOVO 20149 Notebook model\n (git-fixes).\n - alsa: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED\n (git-fixes).\n - alsa: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).\n - alsa: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).\n - alsa: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).\n - alsa: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).\n - alsa: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo L140PU (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).\n - alsa: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).\n - alsa: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).\n - alsa: hda/realtek: Add quirk for HP Dev One (git-fixes).\n - alsa: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).\n - alsa: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).\n - alsa: hda/realtek: Add quirk for TongFang devices with pop noise\n (git-fixes).\n - alsa: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).\n - alsa: hda/realtek: Add quirk for the Framework Laptop (git-fixes).\n - alsa: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop\n (git-fixes).\n - alsa: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).\n - alsa: hda/realtek: Fix deadlock by COEF mutex (git-fixes).\n - alsa: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).\n - alsa: hda/realtek: Re-arrange quirk table entries (git-fixes).\n - alsa: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).\n - alsa: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).\n - alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine\n (git-fixes).\n - alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP\n machines (git-fixes).\n - alsa: hda/sigmatel: Fix unused variable warning for beep power change\n (git-fixes).\n - alsa: hda/sigmatel: Keep power up while beep is enabled (git-fixes).\n - alsa: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).\n - alsa: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).\n - alsa: info: Fix llseek return value when using callback (git-fixes).\n - alsa: seq: Fix data-race at module auto-loading (git-fixes).\n - alsa: seq: oss: Fix data-race for max_midi_devs access (git-fixes).\n - alsa: usb-audio: Fix an out-of-bounds bug in\n __snd_usb_parse_audio_interface() (git-fixes).\n - alsa: usb-audio: Inform the delayed registration more properly\n (git-fixes).\n - alsa: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II\n (git-fixes).\n - alsa: usb-audio: Register card again for iface over delayed_register\n option (git-fixes).\n - alsa: usb-audio: Split endpoint setups for hw_params and prepare\n (git-fixes).\n - alsa: usb-audio: fix spelling mistakes (git-fixes).\n - arm64/mm: Validate hotplug range before creating linear mapping\n (git-fixes)\n - arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1\n (git-fixes)\n - arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes)\n - arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id\n (git-fixes)\n - arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to\n (bsc#1202341)\n - arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes)\n - arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma\n (git-fixes)\n - arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes)\n - arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes)\n - arm64: kexec_file: use more system keyrings to verify kernel image\n signature (bsc#1196444).\n - arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes)\n - arm64: mm: fix p?d_leaf() (git-fixes)\n - arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds\n (git-fixes)\n - arm64: signal: nofpsimd: Do not allocate fp/simd context when not\n available (git-fixes).\n - arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes)\n - arm64: tegra: Remove non existent Tegra194 reset (git-fixes)\n - arm64: tlb: fix the TTL value of tlb_get_level (git-fixes)\n - arm: 9077/1: PLT: Move struct plt_entries definition to header\n (git-fixes).\n - arm: 9078/1: Add warn suppress parameter to arm_gen_branch_link()\n (git-fixes).\n - arm: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).\n - arm: 9098/1: ftrace: MODULE_PLT: Fix build problem without\n DYNAMIC_FTRACE (git-fixes).\n - asm-generic: sections: refactor memory_intersects (git-fixes).\n - asoc: SOF: debug: Fix potential buffer overflow by snprintf()\n (git-fixes).\n - asoc: audio-graph-card: Add of_node_put() in fail path (git-fixes).\n - asoc: codecs: da7210: add check for i2c_add_driver (git-fixes).\n - asoc: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV\n (git-fixes).\n - asoc: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).\n - asoc: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n (git-fixes).\n - asoc: nau8824: Fix semaphore unbalance at error paths (git-fixes).\n - asoc: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).\n - asoc: tas2770: Allow mono streams (git-fixes).\n - asoc: tas2770: Reinit regcache on reset (git-fixes).\n - ata: libata-eh: Add missing command name (git-fixes).\n - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).\n - blk-iocost: clamp inuse and skip noops in __propagate_weights()\n (bsc#1202722).\n - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).\n - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).\n - blk-iocost: rename propagate_active_weights() to propagate_weights()\n (bsc#1202722).\n - blktrace: fix blk_rq_merge documentation (git-fixes).\n - bluetooth: L2CAP: Fix build errors in some archs (git-fixes).\n - bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).\n - bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).\n - bpf: Compile out btf_parse_module() if module BTF is not enabled\n (git-fixes).\n - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).\n - can: gs_usb: gs_can_open(): fix race dev->can.state condition\n (git-fixes).\n - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).\n - ceph: do not truncate file in atomic_open (bsc#1202811).\n - cgroup: Trace event cgroup id fields should be u64 (git-fixes).\n - cgroup: Use separate src/dst nodes when preloading css_sets for\n migration (bsc#1201610).\n - cgroup: cgroup_get_from_id() must check the looked-up kn is a directory\n (bsc#1203906).\n - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).\n - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).\n - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).\n - clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks\n (git-fixes).\n - clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).\n - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).\n - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).\n - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).\n - crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)\n - crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes)\n - devlink: Fix use-after-free after a failed reload (git-fixes).\n - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).\n - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed\n (git-fixes).\n - dpaa2-eth: unregister the netdev before disconnecting from the PHY\n (git-fixes).\n - driver core: Do not probe devices after bus_type.match() probe deferral\n (git-fixes).\n - drm/amd/display: Limit user regamma to a valid value (git-fixes).\n - drm/amdgpu: Check BO's requested pinning domains against its\n preferred_domains (git-fixes).\n - drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).\n - drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).\n - drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).\n - drm/amdgpu: remove useless condition in\n amdgpu_job_stop_all_jobs_on_sched() (git-fixes).\n - drm/amdgpu: use dirty framebuffer helper (git-fixes).\n - drm/gem: Fix GEM handle release errors (git-fixes).\n - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()\n error (git-fixes).\n - drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).\n - drm/i915/reg: Fix spelling mistake \"Unsupport\" -> \"Unsupported\"\n (git-fixes).\n - drm/meson: Correct OSD1 global alpha value (git-fixes).\n - drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).\n - drm/meson: Fix overflow implicit truncation warnings (git-fixes).\n - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n (git-fixes).\n - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).\n - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).\n - drm/msm/dsi: fix the inconsistent indenting (git-fixes).\n - drm/msm/rd: Fix FIFO-full deadlock (git-fixes).\n - drm/radeon: add a force flush to delay work when radeon (git-fixes).\n - drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).\n - drm/sun4i: dsi: Prevent underflow when computing packet sizes\n (git-fixes).\n - dtb: Do not include sources in src.rpm - refer to kernel-source Same as\n other kernel binary packages there is no need to carry duplicate sources\n in dtb packages.\n - efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).\n - ehea: fix error return code in ehea_restart_qps() (git-fixes).\n - enetc: Fix endianness issues for enetc_qos (git-fixes).\n - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()\n (git-fixes).\n - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).\n - ext4: add reserved GDT blocks check (bsc#1202712).\n - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).\n - ext4: do not use the orphan list when migrating an inode (bsc#1197756).\n - ext4: fix bug_on in ext4_writepages (bsc#1200872).\n - ext4: fix error handling code in add_new_gdb (bsc#1179722).\n - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).\n - ext4: fix invalid inode checksum (bsc#1179723).\n - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).\n - ext4: fix overhead calculation to account for the reserved gdt blocks\n (bsc#1200869).\n - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).\n - ext4: fix race when reusing xattr blocks (bsc#1198971).\n - ext4: fix symlink file size not match to file content (bsc#1200868).\n - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).\n - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).\n - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).\n - ext4: force overhead calculation if the s_overhead_cluster makes no\n sense (bsc#1200870).\n - ext4: recover csum seed of tmp_inode after migrating to extents\n (bsc#1202713).\n - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).\n - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).\n - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).\n - fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()\n (git-fixes).\n - fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).\n - firmware: tegra: bpmp: Do only aligned access to IPC memory area\n (git-fixes).\n - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped\n pages (bsc#1200873).\n - ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace\n is dead (git-fixes).\n - fuse: Remove the control interface for virtio-fs (bsc#1203137).\n - fuse: ioctl: translate ENOSYS (bsc#1203136).\n - fuse: limit nsec (bsc#1203135).\n - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).\n - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).\n - geneve: fix TOS inheriting for ipv4 (git-fixes).\n - gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx\n (git-fixes).\n - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).\n - hid: alps: Declare U1_UNICORN_LEGACY support (git-fixes).\n - hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message\n (git-fixes).\n - hid: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).\n - hid: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n (git-fixes).\n - hid: wacom: Do not register pad_input for touch switch (git-fixes).\n - hid: wacom: Only report rotation for art pen (git-fixes).\n - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info\n (bsc#1202701).\n - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).\n - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).\n - ice: report supported and advertised autoneg using PHY capabilities\n (git-fixes).\n - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).\n - ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).\n - iio: adc: mcp3911: make use of the sign bit (git-fixes).\n - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).\n - ima: force signature verification when CONFIG_KEXEC_SIG is configured\n (bsc#1203737).\n - input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).\n - input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n (git-fixes).\n - input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).\n - input: rk805-pwrkey - fix module autoloading (git-fixes).\n - input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).\n - intel_th: pci: Add Meteor Lake-P support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).\n - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).\n - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement\n (git-fixes).\n - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop\n (git-fixes).\n - iommu/exynos: Handle failed IOMMU device registration properly\n (git-fixes).\n - iommu/iova: Improve 32-bit free space estimate (git-fixes).\n - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).\n - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).\n - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).\n - iommu/omap: Fix regression in probe for NULL pointer dereference\n (git-fixes).\n - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).\n - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).\n - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).\n - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n (git-fixes).\n - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).\n - ipmi: ssif: initialize ssif_info->client early (git-fixes).\n - ixgbevf: add correct exception tracing for XDP (git-fixes).\n - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal\n aborted (bsc#1202716).\n - jbd2: fix outstanding credits assert in\n jbd2_journal_commit_transaction() (bsc#1202715).\n - jfs: fix GPF in diFree (bsc#1203389).\n - jfs: fix memleak in jfs_mount (git-fixes).\n - jfs: more checks for invalid superblock (git-fixes).\n - jfs: prevent NULL deref in diFree (bsc#1203389).\n - kABI: x86: kexec: hide new include from genksyms (bsc#1196444).\n - kabi: cgroup: Restore KABI of css_set (bsc#1201610).\n - kbuild: do not create built-in objects for external module builds\n (jsc#SLE-24559 bsc#1202756).\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862\n git-fixes).\n - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).\n - kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages\n - kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n - kernel-source: include the kernel signature file We assume that the\n upstream tarball is used for released kernels. Then we can also include\n the signature file and keyring in the kernel-source src.rpm. Because of\n mkspec code limitation exclude the signature and keyring from binary\n packages always - mkspec does not parse spec conditionals.\n - kexec, KEYS, s390: Make use of built-in and secondary keyring for\n signature verification (bsc#1196444).\n - kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).\n - kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).\n - kexec: do not verify the signature without the lockdown or mandatory\n signature (bsc#1203737).\n - kexec: drop weak attribute from functions (bsc#1196444).\n - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]\n (bsc#1196444).\n - kexec_file: drop weak attribute from functions (bsc#1196444).\n - kfifo: fix kfifo_to_user() return type (git-fixes).\n - kfifo: fix ternary sign extension bugs (git-fixes).\n - kvm: PPC: Book3S HV: Context tracking exit guest context before enabling\n irqs (bsc#1065729).\n - kvm: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB\n (bsc#1156395).\n - kvm: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()\n (bsc#1156395).\n - kvm: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).\n - kvm: PPC: Use arch_get_random_seed_long instead of powernv variant\n (bsc#1156395).\n - kvm: VMX: Refuse to load kvm_intel if EPT and NX are disabled\n (git-fixes).\n - kvm: nVMX: Let userspace set nVMX MSR to any _host_ supported value\n (git-fixes).\n - kvm: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case\n (git-fixes).\n - kvm: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case\n (git-fixes).\n - kvm: x86: Mark TSS busy during LTR emulation _after_ all fault checks\n (git-fixes).\n - kvm: x86: Set error code to segment selector on LLDT/LTR non-canonical\n #GP (git-fixes).\n - kvm: x86: accept userspace interrupt only if no event is injected\n (git-fixes).\n - lib/list_debug.c: Detect uninitialized lists (git-fixes).\n - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()\n (git-fixes).\n - libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205\n (git-fixes).\n - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420\n ZDI-CAN-17325).\n - list: add \"list_del_init_careful()\" to go with \"list_empty_careful()\"\n (bsc#1202745).\n - locking/lockdep: Avoid potential access of invalid memory in lock_class\n (git-fixes).\n - loop: Fix missing discard support when using LOOP_CONFIGURE\n (bsc#1202718).\n - mbcache: add functions to delete entry if unused (bsc#1198971).\n - mbcache: do not reclaim used entries (bsc#1198971).\n - md-raid10: fix KASAN warning (git-fixes).\n - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).\n - md: call __md_stop_writes in md_stop (git-fixes).\n - md: unlock mddev before reap sync_thread in action_store (bsc#1197659).\n - media: aspeed-video: ignore interrupts that are not enabled (git-fixes).\n - media: coda: Add more H264 levels for CODA960 (git-fixes).\n - media: coda: Fix reported H264 profile (git-fixes).\n - media: dvb_vb2: fix possible out of bound access (git-fixes).\n - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).\n - mfd: t7l66xb: Drop platform disable callback (git-fixes).\n - misc: fastrpc: fix memory corruption on open (git-fixes).\n - misc: fastrpc: fix memory corruption on probe (git-fixes).\n - mkspec: eliminate @NOSOURCE@ macro This should be alsways used with\n @SOURCES@, just include the content there.\n - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse\n (git-fixes, bsc#1203098).\n - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).\n - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).\n - mm: pagewalk: Fix race between unmap and page walker (git-fixes,\n bsc#1203159).\n - mm: proc: smaps_rollup: do not stall write attempts on mmap_lock\n (bsc#1201990).\n - mm: smaps*: extend smap_gather_stats to support specified beginning\n (bsc#1201990).\n - mmap locking API: add mmap_lock_is_contended() (bsc#1201990).\n - mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).\n - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).\n - mmc: pxamci: Fix another error handling path in pxamci_probe()\n (git-fixes).\n - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols\n (git-fixes).\n - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).\n - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).\n - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).\n - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).\n - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release\n (git-fixes).\n - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path\n (git-fixes).\n - net/mlx5e: Check for needed capability for cvlan matching (git-fixes).\n - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).\n - net: cpsw: Properly initialise struct page_pool_params (git-fixes).\n - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).\n - net: davinci_emac: Fix incorrect masking of tx and rx error channel\n (git-fixes).\n - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).\n - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).\n - net: enetc: Use pci_release_region() to release some resources\n (git-fixes).\n - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).\n - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).\n - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).\n - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).\n - net: ethernet: ezchip: fix error handling (git-fixes).\n - net: ethernet: ezchip: remove redundant check (git-fixes).\n - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).\n - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory\n (git-fixes).\n - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).\n - net: fec_ptp: add clock rate zero check (git-fixes).\n - net: hns: Fix kernel-doc (git-fixes).\n - net: lantiq: fix memory corruption in RX ring (git-fixes).\n - net: mana: Add rmb after checking owner bits (git-fixes).\n - net: mana: Add support of XDP_REDIRECT action (bsc#1201310, jsc#PED-529).\n - net: mana: Add the Linux MANA PF driver (bsc#1201309, jsc#PED-529).\n - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).\n - net: mscc: ocelot: correctly report the timestamping RX filters in\n ethtool (git-fixes).\n - net: mscc: ocelot: do not downgrade timestamping RX filters in\n SIOCSHWTSTAMP (git-fixes).\n - net: netcp: Fix an error message (git-fixes).\n - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).\n - net: rose: fix netdev reference changes (git-fixes).\n - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale\n pointer (git-fixes).\n - net: stmicro: handle clk_prepare() failure during init (git-fixes).\n - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).\n - net: stmmac: dwmac1000: Fix extended MAC address registers definition\n (git-fixes).\n - net: usb: qmi_wwan: add Quectel RM520N (git-fixes).\n - net: vmxnet3: fix possible NULL pointer dereference in\n vmxnet3_rq_cleanup() (bsc#1200431).\n - net: vmxnet3: fix possible use-after-free bugs in\n vmxnet3_rq_alloc_rx_buf() (bsc#1200431).\n - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c\n (bsc#1200431).\n - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send\n (git-fixes).\n - net:enetc: allocate CBD ring data memory using DMA coherent methods\n (git-fixes).\n - net_sched: cls_route: disallow handle of 0 (bsc#1202393).\n - nfs: fix nfs_path in case of a rename retry (git-fixes).\n - nfsd: Add missing NFSv2 .pc_func methods (git-fixes).\n - nfsd: Clamp WRITE offsets (git-fixes).\n - nfsd: Fix offset type in I/O trace points (git-fixes).\n - nfsd: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).\n - nfsd: fix use-after-free due to delegation race (git-fixes).\n - nfsd: prevent integer overflow on 32 bit systems (git-fixes).\n - nfsd: prevent underflow in nfssvc_decode_writeargs() (git-fixes).\n - nfsv4.1: Do not decrease the value of seq_nr_highest_sent (git-fixes).\n - nfsv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly\n (git-fixes).\n - nfsv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).\n - nfsv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag\n (git-fixes).\n - nfsv4: Fix races in the legacy idmapper upcall (git-fixes).\n - nfsv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).\n - nfsv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error\n (git-fixes).\n - ntb: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).\n - nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).\n - nvme-rdma: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: Handle number of queue changes (bsc#1201865).\n - nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).\n - nvme: fix RCU hole that allowed for endless looping in multipath round\n robin (bsc#1202636).\n - nvmet: Expose max queues to configfs (bsc#1201865).\n - objtool: Add support for intra-function calls (bsc#1202396).\n - objtool: Make handle_insn_ops() unconditional (bsc#1202396).\n - objtool: Remove INSN_STACK (bsc#1202396).\n - objtool: Rework allocating stack_ops on decode (bsc#1202396).\n - objtool: Support multiple stack_op per instruction (bsc#1202396).\n - ocfs2: drop acl cache for directories too (bsc#1191667).\n - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).\n - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).\n - of/device: Fix up of_dma_configure_id() stub (git-fixes).\n - of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).\n - padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).\n - padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).\n - parisc/sticon: fix reverse colors (bsc#1152489).\n - parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)\n - pci/acpi: Guard ARM64-specific mcfg_quirks (git-fixes).\n - pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).\n - pci: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).\n - pci: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).\n - pci: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).\n - pci: hv: Make the code arch neutral by adding arch specific interfaces\n (bsc#1200845).\n - pci: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).\n - pci: hv: Reuse existing IRTE allocation in compose_msi_msg()\n (bsc#1200845).\n - pci: qcom: Fix pipe clock imbalance (git-fixes).\n - perf bench: Share some global variables to fix build with gcc 10\n (git-fixes).\n - pinctrl/rockchip: fix gpio device creation (git-fixes).\n - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n (git-fixes).\n - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).\n - pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes).\n - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).\n - platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap\n fixes (git-fixes).\n - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).\n - powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544).\n - powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544).\n - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for\n PMI check in power_pmu_disable (bsc#1156395).\n - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).\n - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).\n - powerpc/powernv: Staticify functions without prototypes (bsc#1065729).\n - powerpc/powernv: delay rng platform device creation until later in boot\n (bsc#1065729).\n - powerpc/powernv: rename remaining rng powernv_ functions to pnv_\n (bsc#1065729).\n - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).\n - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).\n - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).\n - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).\n - powerpc: define get_cycles macro for arch-override (bsc#1065729).\n - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).\n - ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).\n - profiling: fix shift too large makes kernel panic (git-fixes).\n - psi: Fix uaf issue when psi trigger is destroyed while being polled\n (bsc#1203909).\n - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).\n - random: fix crash on multiple early calls to add_bootloader_randomness()\n (git-fixes).\n - ratelimit: Fix data-races in ___ratelimit() (git-fixes).\n - regulator: core: Clean up on enable failure (git-fixes).\n - regulator: pfuze100: Fix the global-out-of-bounds access in\n pfuze100_regulator_probe() (git-fixes).\n - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr\n (bsc#1202714).\n - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config\n (git-fixes).\n - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).\n - reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).\n - rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)\n We do the move only on 15.5+.\n - rpm/kernel-binary.spec.in: simplify find for usrmerged The type test and\n print line are the same for both cases. The usrmerged case only ignores\n more, so refactor it to make it more obvious.\n - rpm/kernel-source.spec.in: simplify finding of broken symlinks \"find\n -xtype l\" will report them, so use that to make the search a bit faster\n (without using shell).\n - s390/crash: fix incorrect number of bytes to copy to user space\n (git-fixes).\n - s390/crash: make copy_oldmem_page() return number of bytes copied\n (git-fixes).\n - s390/mm: do not trigger write fault when vma does not allow VM_WRITE\n (git-fixes).\n - s390/mm: fix 2KB pgtable release race (git-fixes).\n - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594\n LTC#197522).\n - s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607).\n - s390/qeth: clean up default cases for ethtool link mode (bsc#1202984\n LTC#199607).\n - s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607).\n - s390/qeth: improve selection of ethtool link modes (bsc#1202984\n LTC#199607).\n - s390/qeth: set static link info during initialization (bsc#1202984\n LTC#199607).\n - s390/qeth: tolerate error when querying card info (bsc#1202984\n LTC#199607).\n - s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607).\n - scsi: core: Fix bad pointer dereference when ehandler kthread is invalid\n (git-fixes).\n - scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).\n - scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID\n cases (bsc#1203939).\n - scsi: lpfc: Add reporting capability for Link Degrade Signaling\n (bsc#1203939).\n - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE\n (bsc#1203063).\n - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).\n - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).\n - scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).\n - scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload\n (bsc#1203939).\n - scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same\n NPort ID (bsc#1203939).\n - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for\n GFT_ID (bsc#1203063).\n - scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).\n - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT\n discovery (bsc#1203063).\n - scsi: lpfc: Fix various issues reported by tools (bsc#1203939).\n - scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed\n phba (bsc#1185032 bsc#1203939).\n - scsi: lpfc: Remove SANDiags related code (bsc#1203063).\n - scsi: lpfc: Remove the unneeded result variable (bsc#1203939).\n - scsi: lpfc: Remove unneeded result variable (bsc#1203939).\n - scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd\n (bsc#1203939).\n - scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE\n (bsc#1203939).\n - scsi: lpfc: Rework FDMI attribute registration for unintential padding\n (bsc#1203939).\n - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).\n - scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency\n (bsc#1203939).\n - scsi: lpfc: Update congestion mode logging for Emulex SAN Manager\n application (bsc#1203939).\n - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).\n - scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).\n - scsi: mpt3sas: Fix use-after-free warning (git-fixes).\n - scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status\n (bsc#1203935).\n - scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).\n - scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1()\n (bsc#1203935).\n - scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).\n - scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX\n (bsc#1203935).\n - scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).\n - scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).\n - scsi: qla2xxx: Fix response queue handler reading stale packets\n (bsc#1203935).\n - scsi: qla2xxx: Log message \"skipping scsi_scan_host()\" as informational\n (bsc#1203935).\n - scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).\n - scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).\n - scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).\n - scsi: qla2xxx: Revert \"scsi: qla2xxx: Fix response queue handler reading\n stale packets\" (bsc#1203935).\n - scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).\n - scsi: sg: Allow waiting for commands to complete on removed device\n (git-fixes).\n - scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).\n - scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).\n - scsi: smartpqi: Update LUN reset handler (bsc#1200622).\n - selftests: futex: Use variable MAKE instead of make (git-fixes).\n - serial: 8250_dw: Store LSR into lsr_saved_flags in\n dw8250_tx_wait_empty() (git-fixes).\n - serial: Create uart_xmit_advance() (git-fixes).\n - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).\n - serial: mvebu-uart: uart2 error bits clearing (git-fixes).\n - serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting\n (git-fixes).\n - serial: tegra: Change lower tolerance baud rate limit for tegra20 and\n tegra30 (git-fixes).\n - serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting\n (git-fixes).\n - silence nfscache allocation warnings with kvzalloc (git-fixes).\n - soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n (git-fixes).\n - soc: sunxi: sram: Actually claim SRAM regions (git-fixes).\n - soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).\n - soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).\n - spi: Fix incorrect cs_setup delay handling (git-fixes).\n - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).\n - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n (git-fixes).\n - squashfs: fix divide error in calculate_skip() (git-fixes).\n - staging: rtl8712: fix use after free bugs (git-fixes).\n - struct ehci_hcd: hide new member (git-fixes).\n - struct otg_fsm: hide new boolean member in gap (git-fixes).\n - sunrpc: Clean up scheduling of autoclose (git-fixes).\n - sunrpc: Do not call connect() more than once on a TCP socket (git-fixes).\n - sunrpc: Do not dereference xprt->snd_task if it's a cookie (git-fixes).\n - sunrpc: Do not leak sockets in xs_local_connect() (git-fixes).\n - sunrpc: Fix READ_PLUS crasher (git-fixes).\n - sunrpc: Fix misplaced barrier in call_decode (git-fixes).\n - sunrpc: Prevent immediate close+reconnect (git-fixes).\n - sunrpc: RPC level errors should set task->tk_rpc_status (git-fixes).\n - sunrpc: Reinitialise the backchannel request buffers before reuse\n (git-fixes).\n - sunrpc: fix expiry of auth creds (git-fixes).\n - svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes).\n - tee: optee: Fix incorrect page free bug (git-fixes).\n - thermal: Fix NULL pointer dereferences in of_thermal_ functions\n (git-fixes).\n - thermal: sysfs: Fix cooling_device_stats_setup() error code path\n (git-fixes).\n - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).\n - tools/thermal: Fix possible path truncations (git-fixes).\n - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).\n - tracing/histograms: Fix memory leak problem (git-fixes).\n - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).\n - tracing: Add ustring operation to filtering string pointers (git-fixes).\n - tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).\n - tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data\n (git-fixes).\n - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).\n - tty: serial: lpuart: disable flow control while waiting for the transmit\n engine to complete (git-fixes).\n - tty: vt: initialize unicode screen buffer (git-fixes).\n - usb-storage: Add ignore-residue quirk for NXP PN7462AU (git-fixes).\n - usb.h: struct usb_device: hide new member (git-fixes).\n - usb: add quirks for Lenovo OneLink+ Dock (git-fixes).\n - usb: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).\n - usb: core: Fix RST error in hub.c (git-fixes).\n - usb: core: Prevent nested device-reset calls (git-fixes).\n - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).\n - usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).\n - usb: dwc3: disable USB core PHY management (git-fixes).\n - usb: dwc3: ep0: Fix delay status handling (git-fixes).\n - usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind\n (git-fixes).\n - usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).\n - usb: dwc3: gadget: Fix IN endpoint max packet size allocation\n (git-fixes).\n - usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).\n - usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).\n - usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).\n - usb: dwc3: gadget: Remove unnecessary checks (git-fixes).\n - usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback\n (git-fixes).\n - usb: dwc3: gadget: Store resource index of start cmd (git-fixes).\n - usb: dwc3: qcom: fix missing optional irq warnings.\n - usb: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes).\n - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS\n (git-fixes).\n - usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes).\n - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).\n - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of\n uvcg_info (git-fixes).\n - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).\n - usb: otg-fsm: Fix hrtimer list corruption (git-fixes).\n - usb: renesas: Fix refcount leak bug (git-fixes).\n - usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).\n - usb: serial: ch341: fix lost character on LCR updates (git-fixes).\n - usb: serial: ch341: name prescaler, divisor registers (git-fixes).\n - usb: serial: cp210x: add Decagon UCA device id (git-fixes).\n - usb: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).\n - usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).\n - usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).\n - usb: serial: option: add Quectel EM060K modem (git-fixes).\n - usb: serial: option: add Quectel RM520N (git-fixes).\n - usb: serial: option: add Quectel RM520N (git-fixes).\n - usb: serial: option: add support for Cinterion MV32-WA/WB RmNet mode\n (git-fixes).\n - usb: serial: option: add support for OPPO R11 diag port (git-fixes).\n - usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes).\n - usb: typec: altmodes/displayport: correct pin assignment for UFP\n receptacles (git-fixes).\n - usb: typec: ucsi: Remove incorrect warning (git-fixes).\n - usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).\n - usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).\n - usb: xhci-mtk: add some schedule error number (git-fixes).\n - usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).\n - usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).\n - usb: xhci-mtk: use @sch_tt to check whether need do TT schedule\n (git-fixes).\n - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).\n - usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).\n - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).\n - vboxguest: Do not use devm for irq (git-fixes).\n - vfio/ccw: Remove UUID from s390 debug log (git-fixes).\n - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n (git-fixes).\n - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).\n - video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write\n (git-fixes).\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n (git-fixes).\n - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n (git-fixes).\n - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).\n - vmci: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).\n - vmci: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,\n jsc#SLE-24635).\n - vmci: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC\n (bsc#1199291, jsc#SLE-24635).\n - vmci: Fix some error handling paths in vmci_guest_probe_device()\n (bsc#1199291, jsc#SLE-24635).\n - vmci: Release notification_bitmap in error path (bsc#1199291,\n jsc#SLE-24635).\n - vmci: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).\n - vmci: dma dg: add support for DMA datagrams receive (bsc#1199291,\n jsc#SLE-24635).\n - vmci: dma dg: add support for DMA datagrams sends (bsc#1199291,\n jsc#SLE-24635).\n - vmci: dma dg: allocate send and receive buffers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - vmci: dma dg: detect DMA datagram capability (bsc#1199291,\n jsc#SLE-24635).\n - vmci: dma dg: register dummy IRQ handlers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - vmci: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).\n - vmci: dma dg: whitespace formatting change for vmci register defines\n (bsc#1199291, jsc#SLE-24635).\n - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).\n - vmxnet3: Record queue number to incoming packets (bsc#1200431).\n - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).\n - vmxnet3: add command to set ring buffer sizes (bsc#1200431).\n - vmxnet3: add support for capability registers (bsc#1200431).\n - vmxnet3: add support for large passthrough BAR register (bsc#1200431).\n - vmxnet3: add support for out of order rx completion (bsc#1200431).\n - vmxnet3: disable overlay offloads if UPT device does not support\n (bsc#1200431).\n - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).\n - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).\n - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).\n - vmxnet3: prepare for version 7 changes (bsc#1200431).\n - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).\n - vmxnet3: update to version 7 (bsc#1200431).\n - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).\n - vsock: Fix memory leak in vsock_connect() (git-fixes).\n - vsock: Set socket state back to SS_UNCONNECTED in\n vsock_connect_timeout() (git-fixes).\n - vt: Clear selection before changing the font (git-fixes).\n - vt: selection, introduce vc_is_sel (git-fixes).\n - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in\n armada_37xx_wdt_probe() (git-fixes).\n - watchdog: wdat_wdt: Set the min and max timeout values properly\n (bsc#1194023).\n - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()\n (git-fixes).\n - wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in\n il4965_rs_fill_link_cmd() (git-fixes).\n - wifi: mac80211: Do not finalize CSA in IBSS mode if state is\n disconnected (git-fixes).\n - wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).\n - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).\n - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).\n - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).\n - x86/bugs: Reenable retbleed=off While for older kernels the return\n thunks are statically built in and cannot be dynamically patched out,\n retbleed=off should still work so that it can be disabled.\n - x86/kexec: fix memory leak of elf header buffer (bsc#1196444).\n - x86/olpc: fix 'logical not is only applied to the left hand side'\n (git-fixes).\n - x86/xen: Remove undefined behavior in setup_features() (git-fixes).\n - xen/xenbus: fix return type in xenbus_file_read() (git-fixes).\n - xfs: Fix assert failure in xfs_setattr_size() (git-fixes).\n - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).\n - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).\n - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).\n - xfs: mark a data structure sick if there are cross-referencing errors\n (git-fixes).\n - xfs: only reset incore inode health state flags when reclaiming an inode\n (git-fixes).\n - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).\n - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).\n - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).\n - xprtrdma: Fix cwnd update ordering (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap Micro 5.2:\n\n zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3809=1\n\n - SUSE Linux Enterprise Module for Realtime 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-3809=1\n\n - SUSE Linux Enterprise Micro 5.2:\n\n zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3809=1\n\n - SUSE Linux Enterprise Micro 5.1:\n\n zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3809=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-31T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-16119", "CVE-2020-27784", "CVE-2021-4155", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2503", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-3169", "CVE-2022-32296", "CVE-2022-3239", "CVE-2022-3303", "CVE-2022-36879", "CVE-2022-39188", "CVE-2022-39190", "CVE-2022-40768", "CVE-2022-41218", "CVE-2022-41222", "CVE-2022-41674", "CVE-2022-41848", "CVE-2022-41849", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2022-10-31T00:00:00", "id": "SUSE-SU-2022:3809-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3LJICZKVJDVME5I426RHINRC4LIKDKOF/", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:P"}}, {"lastseen": "2022-11-08T06:09:37", "description": "An update that solves 5 vulnerabilities, contains 7\n features and has 16 fixes is now available.\n\nDescription:\n\n\n The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO\n (bnc#1201635).\n - CVE-2022-2585: Fixed use-after-free in POSIX CPU timer (bnc#1202094).\n - CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy\n (bsc#1201458).\n - CVE-2022-26373: Fixed CPU info leak via post-barrier RSB predictions\n (bsc#1201726).\n - CVE-2022-29581: Fixed improper update of Reference Count in net/sched\n that could cause root privilege escalation (bnc#1199665).\n\n The following non-security bugs were fixed:\n\n - ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (git-fixes).\n - ACPI: video: Fix acpi_video_handles_brightness_key_presses() (git-fixes).\n - ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).\n - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model\n (git-fixes).\n - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop\n (git-fixes).\n - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221\n (git-fixes).\n - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671\n (git-fixes).\n - ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).\n - ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).\n - ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).\n - ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0) (git-fixes).\n - ALSA: usb-audio: Add quirk for Fiero SC-01 (git-fixes).\n - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices\n (git-fixes).\n - ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD (git-fixes).\n - ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of\n idle (git-fixes).\n - ARM: 9210/1: Mark the FDT_FIXED sections as shareable (git-fixes).\n - ARM: 9213/1: Print message about disabled Spectre workarounds only once\n (git-fixes).\n - ARM: 9214/1: alignment: advance IT state after emulating Thumb\n instruction (git-fixes).\n - ARM: dts: at91: sama5d2: Fix typo in i2s1 node (git-fixes).\n - ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count (git-fixes).\n - ARM: dts: stm32: use the correct clock source for CEC on stm32mp151\n (git-fixes).\n - ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero (git-fixes).\n - ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array\n (git-fixes).\n - ASoC: Intel: Skylake: Correct the ssp rate discovery in\n skl_get_ssp_clks() (git-fixes).\n - ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering problem\n (git-fixes).\n - ASoC: Intel: sof_sdw: handle errors on card registration (git-fixes).\n - ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on remove\n (git-fixes).\n - ASoC: Remove unused hw_write_t type (git-fixes).\n - ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow (git-fixes).\n - ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues in probe\n (git-fixes).\n - ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in\n .set_jack_detect (git-fixes).\n - ASoC: cs47l15: Fix event generation for low power mux control\n (git-fixes).\n - ASoC: dapm: Initialise kcontrol data for mux/demux controls (git-fixes).\n - ASoC: madera: Fix event generation for OUT1 demux (git-fixes).\n - ASoC: madera: Fix event generation for rate controls (git-fixes).\n - ASoC: ops: Fix off by one in range control validation (git-fixes).\n - ASoC: rt5682: Avoid the unexpected IRQ event during going to suspend\n (git-fixes).\n - ASoC: rt5682: Fix deadlock on resume (git-fixes).\n - ASoC: rt5682: Re-detect the combo jack after resuming (git-fixes).\n - ASoC: rt5682: fix an incorrect NULL check on list iterator (git-fixes).\n - ASoC: rt5682: move clk related code to rt5682_i2c_probe (git-fixes).\n - ASoC: rt7*-sdw: harden jack_detect_handler (git-fixes).\n - ASoC: rt711-sdca-sdw: fix calibrate mutex initialization (git-fixes).\n - ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver\n (git-fixes).\n - ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error\n (git-fixes).\n - ASoC: rt711: Add endianness flag in snd_soc_component_driver (git-fixes).\n - ASoC: rt711: fix calibrate mutex initialization (git-fixes).\n - ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).\n - ASoC: tas2764: Add post reset delays (git-fixes).\n - ASoC: tas2764: Correct playback volume range (git-fixes).\n - ASoC: tas2764: Fix amp gain register offset & default (git-fixes).\n - ASoC: tas2764: Fix and extend FSYNC polarity handling (git-fixes).\n - ASoC: wcd938x: Fix event generation for some controls (git-fixes).\n - ASoC: wm5110: Fix DRE control (git-fixes).\n - Bluetooth: btusb: Add the new support IDs for WCN6855 (git-fixxes).\n - Input: cpcap-pwrbutton - handle errors from platform_get_irq()\n (git-fixes).\n - Input: i8042 - Apply probe defer to more ASUS ZenBook models\n (bsc#1190256).\n - NFC: nxp-nci: do not print header length mismatch on i2c error\n (git-fixes).\n - VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).\n - VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: Fix some error handling paths in vmci_guest_probe_device()\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: Release notification_bitmap in error path (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: allocate send and receive buffers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: detect DMA datagram capability (bsc#1199291,\n jsc#SLE-24635).\n - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams\n (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).\n - VMCI: dma dg: whitespace formatting change for vmci register defines\n (bsc#1199291, jsc#SLE-24635).\n - arm64: Add HWCAP for self-synchronising virtual counter (git-fixes)\n - arm64: Add cavium_erratum_23154_cpus missing sentinel (jsc#SLE-24682).\n - arm64: cpufeature: add HWCAP for FEAT_AFP (git-fixes)\n - arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot (git-fixes).\n - arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes)\n - arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC\n (git-fixes).\n - arm64: dts: rockchip: Assign RK3399 VDU clock rate (git-fixes).\n - arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA\n transfer (git-fixes)\n - batman-adv: Use netif_rx() (git-fixes).\n - bcmgenet: add WOL IRQ check (git-fixes).\n - be2net: Fix buffer overflow in be_get_module_eeprom (bsc#1201323).\n - blk-mq: add one API for waiting until quiesce is done (bsc#1201651).\n - blk-mq: fix kabi support concurrent queue quiesce unquiesce\n (bsc#1201651).\n - blk-mq: support concurrent queue quiesce/unquiesce (bsc#1201651).\n - can: bcm: use call_rcu() instead of costly synchronize_rcu() (git-fixes).\n - can: grcan: grcan_probe(): remove extra of_node_get() (git-fixes).\n - can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).\n - can: m_can: m_can_chip_config(): actually enable internal timestamping\n (git-fixes).\n - can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling\n for mcp2517fd (git-fixes).\n - can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken\n CRC on TBC register (git-fixes).\n - ceph: fix up non-directory creation in SGID directories (bsc#1201595).\n - cpufreq: mediatek: Unregister platform device on exit (git-fixes).\n - cpufreq: mediatek: Use module_init and add module_exit (git-fixes).\n - cpufreq: pmac32-cpufreq: Fix refcount leak bug (git-fixes).\n - cpuidle: PSCI: Move the `has_lpi` check to the beginning of the\n (git-fixes)\n - crypto: hisilicon/qm - modify the uacce mode check (bsc#1201391).\n - crypto: octeontx2 - Avoid stack variable overflow (jsc#SLE-24682).\n - crypto: octeontx2 - CN10K CPT to RNM workaround (jsc#SLE-24682).\n - crypto: octeontx2 - Use swap() instead of swap_engines() (jsc#SLE-24682).\n - crypto: octeontx2 - add apis for custom engine groups (jsc#SLE-24682).\n - crypto: octeontx2 - add synchronization between mailbox accesses\n (jsc#SLE-24682).\n - crypto: octeontx2 - fix missing unlock (jsc#SLE-24682).\n - crypto: octeontx2 - increase CPT HW instruction queue length\n (jsc#SLE-24682).\n - crypto: octeontx2 - out of bounds access in\n otx2_cpt_dl_custom_egrp_delete() (jsc#SLE-24682).\n - crypto: octeontx2 - parameters for custom engine groups (jsc#SLE-24682).\n - crypto: octeontx2 - select CONFIG_NET_DEVLINK (jsc#SLE-24682).\n - crypto: octeontx2 - use swap() to make code cleaner (jsc#SLE-24682).\n - crypto: qat - fix memory leak in RSA (git-fixes).\n - crypto: qat - remove dma_free_coherent() for DH (git-fixes).\n - crypto: qat - remove dma_free_coherent() for RSA (git-fixes).\n - crypto: qat - set CIPHER capability for DH895XCC (git-fixes).\n - crypto: qat - set to zero DH parameters before free (git-fixes).\n - crypto: testmgr - allow ecdsa-nist in FIPS mode\n (jsc#SLE-21132,bsc#1201258).\n - device property: Add fwnode_irq_get_byname (jsc#SLE-24569)\n - dm: do not stop request queue after the dm device is suspended\n (bsc#1201651).\n - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly\n (git-fixes).\n - dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).\n - dmaengine: lgm: Fix an error handling path in intel_ldma_probe()\n (git-fixes).\n - dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).\n - dmaengine: qcom: bam_dma: fix runtime PM underflow (git-fixes).\n - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate\n (git-fixes).\n - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate\n (git-fixes).\n - docs: firmware-guide: ACPI: Add named interrupt doc (jsc#SLE-24569)\n - docs: net: dsa: add more info about the other arguments to\n get_tag_protocol (git-fixes).\n - docs: net: dsa: delete port_mdb_dump (git-fixes).\n - docs: net: dsa: document change_tag_protocol (git-fixes).\n - docs: net: dsa: document port_fast_age (git-fixes).\n - docs: net: dsa: document port_setup and port_teardown (git-fixes).\n - docs: net: dsa: document the shutdown behavior (git-fixes).\n - docs: net: dsa: document the teardown method (git-fixes).\n - docs: net: dsa: re-explain what port_fdb_dump actually does (git-fixes).\n - docs: net: dsa: remove port_vlan_dump (git-fixes).\n - docs: net: dsa: rename tag_protocol to get_tag_protocol (git-fixes).\n - docs: net: dsa: update probing documentation (git-fixes).\n - dpaa2-eth: Initialize mutex used in one step timestamping path\n (git-fixes).\n - dpaa2-eth: destroy workqueue at the end of remove function (git-fixes).\n - dpaa2-eth: unregister the netdev before disconnecting from the PHY\n (git-fixes).\n - drbd: fix potential silent data corruption (git-fixes).\n - drivers: net: smc911x: Check for error irq (git-fixes).\n - drm/amd/display: Fix by adding FPU protection for\n dcn30_internal_validate_bw (git-fixes).\n - drm/amd/display: Only use depth 36 bpp linebuffers on DCN display\n engines (git-fixes).\n - drm/amd/display: Set min dcfclk if pipe count is 0 (git-fixes).\n - drm/amd/vcn: fix an error msg on vcn 3.0 (git-fixes).\n - drm/amdgpu: To flush tlb for MMHUB of RAVEN series (git-fixes).\n - drm/i915/dg2: Add Wa_22011100796 (git-fixes).\n - drm/i915/gt: Serialize GRDOM access between multiple engine resets\n (git-fixes).\n - drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).\n - drm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist()\n (git-fixes).\n - drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).\n - drm/i915/uc: correctly track uc_fw init failure (git-fixes).\n - drm/i915: Fix a race between vma / object destruction and unbinding\n (git-fixes).\n - drm/i915: Require the vm mutex for i915_vma_bind() (git-fixes).\n - drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()\n (git-fixes).\n - drm/imx/dcss: Add missing of_node_put() in fail path (git-fixes).\n - drm/mediatek: Detect CMDQ execution timeout (git-fixes).\n - drm/mediatek: Remove the pointer of struct cmdq_client (git-fixes).\n - drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb\n (git-fixes).\n - drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).\n - drm/panfrost: Put mapping instead of shmem obj on\n panfrost_mmu_map_fault_addr() error (git-fixes).\n - drm/ttm: fix locking in vmap/vunmap TTM GEM helpers (git-fixes).\n - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo (git-fixes).\n - dt-bindings: gpio: Add Tegra241 support (jsc#SLE-24571)\n - dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC\n (git-fixes).\n - dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible\n (git-fixes).\n - e1000e: Enable GPT clock before sending message to CSME (git-fixes).\n - efi/x86: use naked RET on mixed mode call wrapper (git-fixes).\n - ethernet: Fix error handling in xemaclite_of_probe (git-fixes).\n - ethtool: Fix get module eeprom fallback (bsc#1201323).\n - fbcon: Disallow setting font bigger than screen size (git-fixes).\n - fbcon: Prevent that screen size is smaller than font size (git-fixes).\n - fbdev: fbmem: Fix logo center image dx issue (git-fixes).\n - fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).\n - fjes: Check for error irq (git-fixes).\n - fsl/fman: Check for null pointer after calling devm_ioremap (git-fixes).\n - fsl/fman: Fix missing put_device() call in fman_port_probe (git-fixes).\n - fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201593).\n - fuse: make sure reclaim does not write the inode (bsc#1201592).\n - gpio: gpio-xilinx: Fix integer overflow (git-fixes).\n - gpio: pca953x: only use single read/write for No AI mode (git-fixes).\n - gpio: pca953x: use the correct range when do regmap sync (git-fixes).\n - gpio: pca953x: use the correct register address when regcache sync\n during init (git-fixes).\n - gpio: tegra186: Add IRQ per bank for Tegra241 (jsc#SLE-24571)\n - gpio: tegra186: Add support for Tegra241 (jsc#SLE-24571)\n - gve: Recording rx queue before sending to napi (git-fixes).\n - hwmon: (occ) Prevent power cap command overwriting poll response\n (git-fixes).\n - hwmon: (occ) Remove sequence numbering and checksum calculation\n (git-fixes).\n - hwrng: cavium - fix NULL but dereferenced coccicheck error\n (jsc#SLE-24682).\n - i2c: cadence: Change large transfer count reset logic to be\n unconditional (git-fixes).\n - i2c: cadence: Unregister the clk notifier in error path (git-fixes).\n - i2c: mlxcpld: Fix register setting for 400KHz frequency (git-fixes).\n - i2c: piix4: Fix a memory leak in the EFCH MMIO support (git-fixes).\n - i2c: smbus: Check for parent device before dereference (git-fixes).\n - i2c: smbus: Use device_*() functions instead of of_*() (jsc#SLE-24569)\n - i2c: tegra: Add SMBus block read function (jsc#SLE-24569)\n - i2c: tegra: Add the ACPI support (jsc#SLE-24569)\n - i2c: tegra: use i2c_timings for bus clock freq (jsc#SLE-24569)\n - ice: Avoid RTNL lock when re-creating auxiliary device (git-fixes).\n - ice: Fix error with handling of bonding MTU (git-fixes).\n - ice: Fix race condition during interface enslave (git-fixes).\n - ice: stop disabling VFs due to PF error responses (git-fixes).\n - ida: do not use BUG_ON() for debugging (git-fixes).\n - ima: Fix a potential integer overflow in ima_appraise_measurement\n (git-fixes).\n - ima: Fix potential memory leak in ima_init_crypto() (git-fixes).\n - ima: force signature verification when CONFIG_KEXEC_SIG is configured\n (git-fixes).\n - irqchip/gic-v3: Workaround Marvell erratum 38545 when reading IAR\n (jsc#SLE-24682).\n - irqchip: or1k-pic: Undefine mask_ack for level triggered hardware\n (git-fixes).\n - ixgbevf: Require large buffers for build_skb on 82599VF (git-fixes).\n - kABI workaround for phy_device changes (git-fixes).\n - kABI workaround for rtsx_usb (git-fixes).\n - kABI workaround for snd-soc-rt5682-* (git-fixes).\n - kABI: fix adding field to scsi_device (git-fixes).\n - kABI: fix adding field to ufs_hba (git-fixes).\n - kABI: i2c: smbus: restore of_ alert variant (jsc#SLE-24569). kABI fix\n for \"i2c: smbus: Use device_*() functions instead of of_*()\"\n - kabi/severities: add intel ice\n - kabi/severities: add stmmac network driver local symbols\n - kabi/severities: ignore dropped symbol rt5682_headset_detect\n - kasan: fix tag for large allocations when using CONFIG_SLAB (git fixes\n (mm/kasan)).\n - kernel-obs-build: include qemu_fw_cfg (boo#1201705)\n - kvm: emulate: do not adjust size of fastop and setcc subroutines\n (bsc#1201930).\n - kvm: emulate: Fix SETcc emulation function offsets with SLS\n (bsc#1201930).\n - libceph: fix potential use-after-free on linger ping and resends\n (bsc#1201596).\n - md: bcache: check the return value of kzalloc() in\n detached_dev_do_request() (git-fixes).\n - memcg: page_alloc: skip bulk allocator for __GFP_ACCOUNT (git fixes\n (mm/pgalloc)).\n - memregion: Fix memregion_free() fallback definition (git-fixes).\n - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer\n (git-fixes).\n - misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).\n - misc: rtsx_usb: use separate command and response buffers (git-fixes).\n - mm/large system hash: avoid possible NULL deref in\n alloc_large_system_hash (git fixes (mm/pgalloc)).\n - mm/secretmem: avoid letting secretmem_users drop to zero (git fixes\n (mm/secretmem)).\n - mm/vmalloc: fix numa spreading for large hash tables (git fixes\n (mm/vmalloc)).\n - mm/vmalloc: make sure to dump unpurged areas in /proc/vmallocinfo (git\n fixes (mm/vmalloc)).\n - mm/vmalloc: repair warn_alloc()s in __vmalloc_area_node() (git fixes\n (mm/vmalloc)).\n - mm: do not try to NUMA-migrate COW pages that have other uses (git fixes\n (mm/numa)).\n - mm: swap: get rid of livelock in swapin readahead (git fixes (mm/swap)).\n - mt76: mt7921: get rid of mt7921_mac_set_beacon_filter (git-fixes).\n - natsemi: xtensa: fix section mismatch warnings (git-fixes).\n - nbd: fix possible overflow on 'first_minor' in nbd_dev_add() (git-fixes).\n - net/fsl: xgmac_mdio: Add workaround for erratum A-009885 (git-fixes).\n - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module\n (git-fixes).\n - net/qla3xxx: fix an error code in ql_adapter_up() (git-fixes).\n - net: ag71xx: Fix a potential double free in error handling paths\n (git-fixes).\n - net: altera: set a couple error code in probe() (git-fixes).\n - net: amd-xgbe: Fix skb data length underflow (git-fixes).\n - net: amd-xgbe: disable interrupts during pci removal (git-fixes).\n - net: amd-xgbe: ensure to reset the tx_timer_active flag (git-fixes).\n - net: annotate data-races on txq->xmit_lock_owner (git-fixes).\n - net: axienet: Fix TX ring slot available check (git-fixes).\n - net: axienet: Wait for PhyRstCmplt after core reset (git-fixes).\n - net: axienet: add missing memory barriers (git-fixes).\n - net: axienet: fix for TX busy handling (git-fixes).\n - net: axienet: fix number of TX ring slots for available check\n (git-fixes).\n - net: axienet: increase default TX ring size to 128 (git-fixes).\n - net: axienet: increase reset timeout (git-fixes).\n - net: axienet: limit minimum TX ring size (git-fixes).\n - net: bcm4908: Handle dma_set_coherent_mask error codes (git-fixes).\n - net: bcmgenet: Do not claim WOL when its not available (git-fixes).\n - net: bcmgenet: skip invalid partial checksums (git-fixes).\n - net: chelsio: cxgb3: check the return value of pci_find_capability()\n (git-fixes).\n - net: cpsw: Properly initialise struct page_pool_params (git-fixes).\n - net: cpsw: avoid alignment faults by taking NET_IP_ALIGN into account\n (git-fixes).\n - net: dsa: ar9331: register the mdiobus under devres (git-fixes).\n - net: dsa: bcm_sf2: do not use devres for mdiobus (git-fixes).\n - net: dsa: felix: do not use devres for mdiobus (git-fixes).\n - net: dsa: lan9303: add VLAN IDs to master device (git-fixes).\n - net: dsa: lan9303: fix reset on probe (git-fixes).\n - net: dsa: lantiq_gswip: do not use devres for mdiobus (git-fixes).\n - net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate()\n (git-fixes).\n - net: dsa: mt7530: fix kernel bug in mdiobus_free() when unbinding\n (git-fixes).\n - net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY (git-fixes).\n - net: dsa: mv88e6xxx: do not use devres for mdiobus (git-fixes).\n - net: dsa: mv88e6xxx: fix use-after-free in mv88e6xxx_mdios_unregister\n (git-fixes).\n - net: dsa: mv88e6xxx: flush switchdev FDB workqueue before removing VLAN\n (git-fixes).\n - net: ethernet: lpc_eth: Handle error for clk_enable (git-fixes).\n - net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config()\n (git-fixes).\n - net: ethernet: mtk_eth_soc: fix return values and refactor MDIO ops\n (git-fixes).\n - net: ethernet: ti: cpts: Handle error for clk_enable (git-fixes).\n - net: fec: only clear interrupt of handling queue in fec_enet_rx_queue()\n (git-fixes).\n - net: ieee802154: ca8210: Fix lifs/sifs periods (git-fixes).\n - net: ieee802154: ca8210: Stop leaking skb's (git-fixes).\n - net: ieee802154: hwsim: Ensure proper channel selection at probe time\n (git-fixes).\n - net: ieee802154: mcr20a: Fix lifs/sifs periods (git-fixes).\n - net: ipa: add an interconnect dependency (git-fixes).\n - net: ipa: fix atomic update in ipa_endpoint_replenish() (git-fixes).\n - net: ipa: prevent concurrent replenish (git-fixes).\n - net: ipa: use a bitmap for endpoint replenish_enabled (git-fixes).\n - net: ks8851: Check for error irq (git-fixes).\n - net: lantiq_xrx200: fix statistics of received bytes (git-fixes).\n - net: ll_temac: check the return value of devm_kmalloc() (git-fixes).\n - net: macb: Fix lost RX packet wakeup race in NAPI receive (git-fixes).\n - net: macsec: Fix offload support for NETDEV_UNREGISTER event (git-fixes).\n - net: macsec: Verify that send_sci is on when setting Tx sci explicitly\n (git-fixes).\n - net: marvell: mvpp2: Fix the computation of shared CPUs (git-fixes).\n - net: marvell: prestera: Add missing of_node_put() in\n prestera_switch_set_base_mac_addr (git-fixes).\n - net: marvell: prestera: fix incorrect return of port_find (git-fixes).\n - net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (git-fixes).\n - net: mscc: ocelot: fix backwards compatibility with single-chain\n tc-flower offload (git-fixes).\n - net: mscc: ocelot: fix mutex lock error during ethtool stats read\n (git-fixes).\n - net: mscc: ocelot: fix using match before it is set (git-fixes).\n - net: mv643xx_eth: process retval from of_get_mac_address (git-fixes).\n - net: mvpp2: fix XDP rx queues registering (git-fixes).\n - net: phy: Do not trigger state machine while in suspend (git-fixes).\n - net: phylink: Force link down and retrigger resolve on interface change\n (git-fixes).\n - net: phylink: Force retrigger in case of latched link-fail indicator\n (git-fixes).\n - net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).\n - net: sfp: fix high power modules without diagnostic monitoring\n (git-fixes).\n - net: sfp: ignore disabled SFP node (git-fixes).\n - net: sparx5: Fix add vlan when invalid operation (git-fixes).\n - net: sparx5: Fix get_stat64 crash in tcpdump (git-fixes).\n - net: stmmac: Add platform level debug register dump feature (git-fixes).\n - net: stmmac: Avoid DMA_CHAN_CONTROL write if no Split Header support\n (git-fixes).\n - net: stmmac: configure PTP clock source prior to PTP initialization\n (git-fixes).\n - net: stmmac: dump gmac4 DMA registers correctly (git-fixes).\n - net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup (git-fixes).\n - net: stmmac: dwmac-visconti: Fix bit definitions for ETHER_CLK_SEL\n (git-fixes).\n - net: stmmac: dwmac-visconti: Fix clock configuration for RMII mode\n (git-fixes).\n - net: stmmac: dwmac-visconti: Fix value of ETHER_CLK_SEL_FREQ_SEL_2P5M\n (git-fixes).\n - net: stmmac: dwmac-visconti: No change to ETHER_CLOCK_SEL for unexpected\n speed request (git-fixes).\n - net: stmmac: ensure PTP time register reads are consistent (git-fixes).\n - net: stmmac: fix return value of __setup handler (git-fixes).\n - net: stmmac: fix tc flower deletion for VLAN priority Rx steering\n (git-fixes).\n - net: stmmac: properly handle with runtime pm in stmmac_dvr_remove()\n (git-fixes).\n - net: stmmac: ptp: fix potentially overflowing expression (git-fixes).\n - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls\n (git-fixes).\n - net: stmmac: skip only stmmac_ptp_register when resume from suspend\n (git-fixes).\n - net: sxgbe: fix return value of __setup handler (git-fixes).\n - net: systemport: Add global locking for descriptor lifecycle (git-fixes).\n - net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).\n - net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).\n - netdevsim: do not overwrite read only ethtool parms (git-fixes).\n - nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).\n - nvme: add APIs for stopping/starting admin queue (bsc#1201651).\n - nvme: apply nvme API to quiesce/unquiesce admin queue (bsc#1201651).\n - nvme: loop: clear NVME_CTRL_ADMIN_Q_STOPPED after admin queue is\n reallocated (bsc#1201651).\n - nvme: paring quiesce/unquiesce (bsc#1201651).\n - nvme: prepare for pairing quiescing and unquiescing (bsc#1201651).\n - nvme: wait until quiesce is done (bsc#1201651).\n - octeontx2-af: Do not fixup all VF action entries (git-fixes).\n - octeontx2-af: Fix a memleak bug in rvu_mbox_init() (git-fixes).\n - octeontx2-af: cn10k: Do not enable RPM loopback for LPC interfaces\n (git-fixes).\n - octeontx2-pf: Forward error codes to VF (git-fixes).\n - page_alloc: fix invalid watemark check on a negative value (git fixes\n (mm/pgalloc)).\n - perf/amd/ibs: Add support for L3 miss filtering (jsc#SLE-24578).\n - perf/amd/ibs: Advertise zen4_ibs_extensions as pmu capability attribute\n (jsc#SLE-24578).\n - perf/amd/ibs: Cascade pmu init functions' return value (jsc#SLE-24578).\n - perf/amd/ibs: Use ->is_visible callback for dynamic attributes\n (jsc#SLE-24578).\n - pinctrl: aspeed: Fix potential NULL dereference in\n aspeed_pinmux_set_mux() (git-fixes).\n - pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).\n - pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).\n - platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).\n - posix_cpu_timers: fix race between exit_itimers() and /proc/pid/timers\n (git-fixes).\n - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe\n (git-fixes).\n - powerpc/mobility: wait for memory transfer to complete (bsc#1201846\n ltc#198761).\n - powerpc/pseries/mobility: set NMI watchdog factor during an LPM\n (bsc#1201846 ltc#198761).\n - powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846\n ltc#198761).\n - ppp: ensure minimum packet size in ppp_write() (git-fixes).\n - qede: validate non LSO skb length (git-fixes).\n - r8152: fix a WOL issue (git-fixes).\n - r8169: fix accessing unset transport header (git-fixes).\n - random: document add_hwgenerator_randomness() with other input functions\n (git-fixes).\n - random: fix typo in comments (git-fixes).\n - raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).\n - reset: Fix devm bulk optional exclusive control getter (git-fixes).\n - rocker: fix a sleeping in atomic bug (git-fixes).\n - rpm/modules.fips: add ecdsa_generic (jsc#SLE-21132,bsc#1201258).\n - sched/core: Do not requeue task on CPU excluded from cpus_mask\n (bnc#1199356).\n - scsi: avoid to quiesce sdev->request_queue two times (bsc#1201651).\n - scsi: core: sd: Add silence_suspend flag to suppress some PM messages\n (git-fixes).\n - scsi: iscsi: Exclude zero from the endpoint ID range (git-fixes).\n - scsi: lpfc: Fix mailbox command failure during driver initialization\n (git-fixes).\n - scsi: make sure that request queue queiesce and unquiesce balanced\n (bsc#1201651).\n - scsi: scsi_debug: Do not call kcalloc() if size arg is zero (git-fixes).\n - scsi: scsi_debug: Fix type in min_t to avoid stack OOB (git-fixes).\n - scsi: scsi_debug: Fix zone transition to full condition (git-fixes).\n - scsi: scsi_debug: Sanity check block descriptor length in\n resp_mode_select() (git-fixes).\n - scsi: sd: Fix potential NULL pointer dereference (git-fixes).\n - scsi: sd: Fix sd_do_mode_sense() buffer length handling (git-fixes).\n - scsi: ufs: Fix a deadlock in the error handler (git-fixes).\n - scsi: ufs: Fix runtime PM messages never-ending cycle (git-fixes).\n - scsi: ufs: Remove dead code (git-fixes).\n - scsi: ufs: core: scsi_get_lba() error fix (git-fixes).\n - serial: 8250: Fix PM usage_count for console handover (git-fixes).\n - serial: 8250: fix return error code in serial8250_request_std_resource()\n (git-fixes).\n - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).\n - serial: sc16is7xx: Clear RS485 bits in the shutdown (git-fixes).\n - serial: stm32: Clear prev values before setting RTS delays (git-fixes).\n - soc: ixp4xx/npe: Fix unused match warning (git-fixes).\n - spi: Add Tegra234 QUAD SPI compatible (jsc#SLE-24570)\n - spi: amd: Limit max transfer and message size (git-fixes).\n - spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non\n DMA transfers (git-fixes).\n - spi: tegra210-quad: add acpi support (jsc#SLE-24570)\n - spi: tegra210-quad: add new chips to compatible (jsc#SLE-24570)\n - spi: tegra210-quad: combined sequence mode (jsc#SLE-24570)\n - spi: tegra210-quad: use device_reset method (jsc#SLE-24570)\n - spi: tegra210-quad: use devm call for cdata memory (jsc#SLE-24570)\n - supported.conf: mark marvell octeontx2 crypto driver as supported\n (jsc#SLE-24682) Mark rvu_cptpf.ko and rvu_cptvf.ko as supported.\n - supported.conf: rvu_mbox as supported (jsc#SLE-24682)\n - sysctl: Fix data races in proc_dointvec() (git-fixes).\n - sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).\n - sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).\n - sysctl: Fix data races in proc_douintvec() (git-fixes).\n - sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).\n - sysctl: Fix data races in proc_doulongvec_minmax() (git-fixes).\n - sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).\n - sysctl: Fix data-races in proc_dou8vec_minmax() (git-fixes).\n - tee: fix put order in teedev_close_context() (git-fixes).\n - tty: serial: samsung_tty: set dma burst_size to 1 (git-fixes).\n - tun: fix bonding active backup with arp monitoring (git-fixes).\n - usb: dwc3: gadget: Fix event pending check (git-fixes).\n - usb: serial: ftdi_sio: add Belimo device ids (git-fixes).\n - usb: typec: add missing uevent when partner support PD (git-fixes).\n - usbnet: fix memory leak in error case (git-fixes).\n - veth: Do not record rx queue hint in veth_xmit (git-fixes).\n - veth: ensure skb entering GRO are not cloned (git-fixes).\n - video: of_display_timing.h: include errno.h (git-fixes).\n - virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).\n - virtio_mmio: Restore guest page size on resume (git-fixes).\n - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit\n (git-fixes).\n - vt: fix memory overlapping when deleting chars in the buffer (git-fixes).\n - watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).\n - wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).\n - wifi: mac80211_hwsim: set virtio device ready in probe() (git-fixes).\n - x86/bugs: Remove apostrophe typo (bsc#1190497).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2803=1\n\n - SUSE Linux Enterprise Workstation Extension 15-SP4:\n\n zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-2803=1\n\n - SUSE Linux Enterprise Module for Live Patching 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-2803=1\n\n Please note that this is the initial kernel livepatch without fixes\n itself, this livepatch package is later updated by seperate standalone\n livepatch updates.\n\n - SUSE Linux Enterprise Module for Legacy Software 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-2803=1\n\n - SUSE Linux Enterprise Module for Development Tools 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2803=1\n\n - SUSE Linux Enterprise Module for Basesystem 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2803=1\n\n - SUSE Linux Enterprise High Availability 15-SP4:\n\n zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-2803=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-12T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33655", "CVE-2022-21505", "CVE-2022-2585", "CVE-2022-26373", "CVE-2022-29581"], "modified": "2022-08-12T00:00:00", "id": "SUSE-SU-2022:2803-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RL6ELATFX5F7B3PUD6LZBIRHK4PSJPPX/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-03-15T04:32:45", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3291-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-17T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3291-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:15:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-man:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-obs-build:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:reiserfs-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-vanilla-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-livepatch:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:cluster-md-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:dlm-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:gfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-macros:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:ocfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-livepatch-4_12_14-150000_150_101-default:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3291-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165234", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3291-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165234);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2020-36516\",\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2663\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3291-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3291-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3291-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1169514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012271.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?541192dc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4203\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150000_150_101-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-devel-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-devel-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-macros-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-obs-build-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-source-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-syms-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-vanilla-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'reiserfs-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15']},\n {'reference':'kernel-default-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-devel-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-devel-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-default-devel-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-devel-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'kernel-macros-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'kernel-obs-build-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-obs-build-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-obs-build-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-source-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'kernel-syms-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-syms-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-syms-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-vanilla-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-vanilla-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'kernel-vanilla-base-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'cluster-md-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15']},\n {'reference':'dlm-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15']},\n {'reference':'gfs2-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15']},\n {'reference':'ocfs2-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15']},\n {'reference':'kernel-default-livepatch-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15']},\n {'reference':'kernel-livepatch-4_12_14-150000_150_101-default-1-150000.1.3.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15']},\n {'reference':'kernel-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-default-base-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-default-devel-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-default-man-4.12.14-150000.150.101.1', 'sp':'0', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-obs-build-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-syms-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'kernel-vanilla-base-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'reiserfs-kmp-default-4.12.14-150000.150.101.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-03-15T06:33:06", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3282-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3282-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-azure:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-azure-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-azure-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms-azure:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel-azure:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source-azure:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3282-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165228", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3282-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165228);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2020-36516\",\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-29581\",\n \"CVE-2022-36879\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3282-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3282-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3282-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to\n cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14\n and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1054914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1120716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201442\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203126\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012250.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5e679c09\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29581\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-azure-4.12.14-16.109.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-azure-base-4.12.14-16.109.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-azure-devel-4.12.14-16.109.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-devel-azure-4.12.14-16.109.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-source-azure-4.12.14-16.109.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-syms-azure-4.12.14-16.109.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-azure / kernel-azure-base / kernel-azure-devel / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-15T02:39:19", "description": "The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3265-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:3265-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-extra:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-man:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-obs-build:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-kgraft:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:cluster-md-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:dlm-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:gfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-kgraft-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-macros:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:ocfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kgraft-patch-4_12_14-122_133-default:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3265-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165196", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3265-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165196);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2020-36516\",\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-29581\",\n \"CVE-2022-36879\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3265-1\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2022:3265-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:3265-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to\n cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14\n and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1054914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1078216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1093777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1094120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1107937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1120716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1181862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201442\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203126\");\n # https://lists.suse.com/pipermail/sle-updates/2022-September/025152.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3c402de3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29581\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-kgraft\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_133-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-default-base-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-default-devel-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-default-extra-4.12.14-122.133.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-we-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-default-extra-4.12.14-122.133.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-we-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-default-man-4.12.14-122.133.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-devel-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-macros-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-obs-build-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-source-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'kernel-syms-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'cluster-md-kmp-default-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},\n {'reference':'dlm-kmp-default-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},\n {'reference':'gfs2-kmp-default-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},\n {'reference':'ocfs2-kmp-default-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},\n {'reference':'kernel-default-kgraft-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},\n {'reference':'kernel-default-kgraft-devel-4.12.14-122.133.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},\n {'reference':'kgraft-patch-4_12_14-122_133-default-1-8.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-10T19:23:38", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3422-1 advisory.\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-29T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3422-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2663", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:kernel-devel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt-base", "p-cpe:/a:novell:suse_linux:kernel-rt-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel", "p-cpe:/a:novell:suse_linux:kernel-source-rt", "p-cpe:/a:novell:suse_linux:kernel-syms-rt", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-3422-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165562", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3422-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165562);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2663\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3422-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3422-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3422-1 advisory.\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1054914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1120716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190397\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201442\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203126\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012397.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?91355af3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4203\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'cluster-md-kmp-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'dlm-kmp-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'gfs2-kmp-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-devel-rt-4.12.14-10.100.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-rt-base-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-rt-devel-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-rt_debug-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-rt_debug-devel-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-source-rt-4.12.14-10.100.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'kernel-syms-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']},\n {'reference':'ocfs2-kmp-rt-4.12.14-10.100.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SUSE-Linux-Enterprise-RT-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc');\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:N/A:P"}}, {"lastseen": "2023-03-15T06:31:58", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3263-1 advisory.\n\n - An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. (CVE-2019-3900)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. (CVE-2022-2991)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3263-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.8, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3900", "CVE-2020-36516", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2991", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-macros:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3263-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165193", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3263-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165193);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2019-3900\",\n \"CVE-2020-36516\",\n \"CVE-2022-2588\",\n \"CVE-2022-2991\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3263-1\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3263-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3263-1 advisory.\n\n - An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including\n v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster\n than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the\n vhost_net kernel thread, resulting in a DoS scenario. (CVE-2019-3900)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from\n the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length\n heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary\n code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged\n code on the target system to exploit this vulnerability. (CVE-2022-2991)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1133374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012222.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b887bf85\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-36516\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-20368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.4.180-94.174.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-default-base-4.4.180-94.174.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-default-devel-4.4.180-94.174.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-devel-4.4.180-94.174.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-macros-4.4.180-94.174.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-source-4.4.180-94.174.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'kernel-syms-4.4.180-94.174.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-03-14T22:30:06", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3294-1 advisory.\n\n - An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. (CVE-2019-3900)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability. (CVE-2022-2991)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3294-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 6.8, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3900", "CVE-2020-36516", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2991", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-macros:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3294-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165232", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3294-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165232);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2019-3900\",\n \"CVE-2020-36516\",\n \"CVE-2022-2588\",\n \"CVE-2022-2991\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3294-1\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3294-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3294-1 advisory.\n\n - An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including\n v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster\n than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the\n vhost_net kernel thread, resulting in a DoS scenario. (CVE-2019-3900)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from\n the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length\n heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary\n code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged\n code on the target system to exploit this vulnerability. (CVE-2022-2991)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1133374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012274.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1cc40e1a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-36516\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-20368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.4.121-92.188.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-default-base-4.4.121-92.188.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-default-devel-4.4.121-92.188.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-devel-4.4.121-92.188.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-macros-4.4.121-92.188.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-source-4.4.121-92.188.1', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'kernel-syms-4.4.121-92.188.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2023-03-15T14:26:38", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3274-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. (CVE-2020-36557)\n\n - A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. (CVE-2020-36558)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-182388481References: Upstream kernel (CVE-2022-20166)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. (CVE-2022-36946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3274-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2020-36557", "CVE-2020-36558", "CVE-2021-4203", "CVE-2022-20166", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-21385", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-36946"], "modified": "2023-03-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:12:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-source:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-syms:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-man:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-kgraft:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:cluster-md-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:dlm-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:gfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-default-kgraft-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kernel-macros:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:ocfs2-kmp-default:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kgraft-patch-4_12_14-95_108-default:*:*:*:*:*:*:*"], "id": "SUSE_SU-2022-3274-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165189", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3274-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165189);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2020-36516\",\n \"CVE-2020-36557\",\n \"CVE-2020-36558\",\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20166\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-21385\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-36946\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3274-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2022:3274-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3274-1 advisory.\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of\n ttys could lead to a use-after-free. (CVE-2020-36557)\n\n - A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer\n dereference and general protection fault. (CVE-2020-36558)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer\n overflow. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-182388481References: Upstream kernel (CVE-2022-20166)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the\n machine. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector\n (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) (CVE-2022-21385)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote\n attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte\n nfta_payload attribute, an skb_pull can encounter a negative skb->len. (CVE-2022-36946)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200910\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201429\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201940\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012234.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c588e473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36558\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36946\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4203\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-kgraft\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_108-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-4.12.14-95.108.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-default-base-4.12.14-95.108.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-default-devel-4.12.14-95.108.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-devel-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-macros-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-source-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'kernel-syms-4.12.14-95.108.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'cluster-md-kmp-default-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.4']},\n {'reference':'dlm-kmp-default-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.4']},\n {'reference':'gfs2-kmp-default-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.4']},\n {'reference':'ocfs2-kmp-default-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.4']},\n {'reference':'kernel-default-kgraft-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.4']},\n {'reference':'kernel-default-kgraft-devel-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.4']},\n {'reference':'kgraft-patch-4_12_14-95_108-default-1-6.3.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.4']},\n {'reference':'kernel-default-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-default-base-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-default-devel-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-default-man-4.12.14-95.108.1', 'sp':'4', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-devel-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-macros-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-source-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'kernel-syms-4.12.14-95.108.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-03-10T19:23:53", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3450-1 advisory.\n\n - The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. (CVE-2016-3695)\n\n - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free(). (CVE-2020-27784)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session. (CVE-2020-36516)\n\n - A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. (CVE-2021-4155)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. (CVE-2022-1012)\n\n - In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-182388481References: Upstream kernel (CVE-2022-20166)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. (CVE-2022-2905)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-29T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3450-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-27784", "CVE-2020-36516", "CVE-2021-4155", "CVE-2021-4203", "CVE-2022-1012", "CVE-2022-20166", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2639", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-29581", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-32250", "CVE-2022-36879", "CVE-2022-39188"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-default", "p-cpe:/a:novell:suse_linux:dlm-kmp-default", "p-cpe:/a:novell:suse_linux:gfs2-kmp-default", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-devel", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_129-default", "p-cpe:/a:novell:suse_linux:kernel-macros", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-preempt", "p-cpe:/a:novell:suse_linux:kernel-preempt-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-3450-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165564", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3450-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165564);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2016-3695\",\n \"CVE-2020-27784\",\n \"CVE-2020-36516\",\n \"CVE-2021-4155\",\n \"CVE-2021-4203\",\n \"CVE-2022-1012\",\n \"CVE-2022-2588\",\n \"CVE-2022-2639\",\n \"CVE-2022-2663\",\n \"CVE-2022-2905\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20166\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-26373\",\n \"CVE-2022-29581\",\n \"CVE-2022-32250\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3450-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3450-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3450-1 advisory.\n\n - The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to\n simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI\n error injection through EINJ when securelevel is set. (CVE-2016-3695)\n\n - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl()\n printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had\n been freed by gprinter_free(). (CVE-2020-27784)\n\n - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the\n hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session\n or terminate that session. (CVE-2020-36516)\n\n - A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size\n increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS\n filesystem otherwise not accessible to them. (CVE-2021-4155)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the\n small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of\n service problem. (CVE-2022-1012)\n\n - In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer\n overflow. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-182388481References: Upstream kernel (CVE-2022-20166)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of\n actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()\n function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This\n flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the\n bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to\n gain unauthorized access to data. (CVE-2022-2905)\n\n - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to\n cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14\n and later versions. (CVE-2022-29581)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1023051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1188944\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199482\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203159\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012439.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c7e241dd\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-3695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27784\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-36516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_129-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-default-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-default-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-devel-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-macros-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-obs-build-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-preempt-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-preempt-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-source-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-syms-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'reiserfs-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'kernel-default-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-default-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-obs-build-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-preempt-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-preempt-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-syms-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'kernel-default-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-default-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-default-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-default-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-devel-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-macros-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-obs-build-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-obs-build-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-preempt-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-preempt-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-preempt-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-preempt-devel-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-source-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'kernel-syms-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'kernel-syms-5.3.18-150200.24.129.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'cluster-md-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']},\n {'reference':'dlm-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']},\n {'reference':'gfs2-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']},\n {'reference':'ocfs2-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']},\n {'reference':'kernel-default-livepatch-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']},\n {'reference':'kernel-default-livepatch-devel-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']},\n {'reference':'kernel-livepatch-5_3_18-150200_24_129-default-1-150200.5.3.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']},\n {'reference':'kernel-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'kernel-default-devel-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'kernel-obs-build-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'kernel-syms-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'reiserfs-kmp-default-5.3.18-150200.24.129.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-10T19:24:26", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3264-1 advisory.\n\n - The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set. (CVE-2016-3695)\n\n - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free(). (CVE-2020-27784)\n\n - A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. (CVE-2021-4155)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. (CVE-2022-2905)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after- free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3264-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3695", "CVE-2020-27784", "CVE-2021-4155", "CVE-2021-4203", "CVE-2022-20368", "CVE-2022-20369", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2977", "CVE-2022-3028", "CVE-2022-36879", "CVE-2022-39188", "CVE-2022-39190"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-default", "p-cpe:/a:novell:suse_linux:dlm-kmp-default", "p-cpe:/a:novell:suse_linux:gfs2-kmp-default", "p-cpe:/a:novell:suse_linux:kernel-64kb", "p-cpe:/a:novell:suse_linux:kernel-64kb-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-devel", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_93-default", "p-cpe:/a:novell:suse_linux:kernel-macros", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-preempt", "p-cpe:/a:novell:suse_linux:kernel-preempt-devel", "p-cpe:/a:novell:suse_linux:kernel-preempt-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-3264-1.NASL", "href": "https://www.tenable.com/plugins/nessus/165201", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3264-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165201);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2016-3695\",\n \"CVE-2020-27784\",\n \"CVE-2021-4155\",\n \"CVE-2021-4203\",\n \"CVE-2022-2588\",\n \"CVE-2022-2663\",\n \"CVE-2022-2905\",\n \"CVE-2022-2977\",\n \"CVE-2022-3028\",\n \"CVE-2022-20368\",\n \"CVE-2022-20369\",\n \"CVE-2022-26373\",\n \"CVE-2022-36879\",\n \"CVE-2022-39188\",\n \"CVE-2022-39190\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3264-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3264-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:3264-1 advisory.\n\n - The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to\n simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI\n error injection through EINJ when securelevel is set. (CVE-2016-3695)\n\n - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl()\n printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had\n been freed by gprinter_free(). (CVE-2020-27784)\n\n - A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size\n increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS\n filesystem otherwise not accessible to them. (CVE-2021-4155)\n\n - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and\n SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a\n user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel\n (CVE-2022-20368)\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the\n bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to\n gain unauthorized access to data. (CVE-2022-2905)\n\n - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where\n virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-\n free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in\n net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of\n service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1023051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1156395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1181862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200431\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200869\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201420\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202097\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202346\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202393\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202636\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202672\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202701\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202708\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202711\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202714\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203135\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203137\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-September/012229.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2b554749\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2016-3695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-27784\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2977\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-36879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39190\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4203\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-64kb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-64kb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_93-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.3|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-64kb-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.93.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'reiserfs-kmp-default-5.3.18-150300.59.93.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-legacy-release-15.3', 'sles-release-15.3']},\n {'reference':'cluster-md-kmp-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'cluster-md-kmp-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'cluster-md-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'cluster-md-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dlm-kmp-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dlm-kmp-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dlm-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dlm-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-al-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-allwinner-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-altera-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-amd-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-amlogic-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-apm-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-arm-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-broadcom-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-cavium-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-exynos-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-freescale-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-hisilicon-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-lg-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-marvell-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-mediatek-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-nvidia-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-qcom-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-renesas-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-rockchip-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-socionext-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-sprd-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-xilinx-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dtb-zte-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'gfs2-kmp-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'gfs2-kmp-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'gfs2-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'gfs2-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-64kb-extra-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-64kb-livepatch-devel-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-64kb-optional-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-debug-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-debug-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-debug-livepatch-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-base-rebuild-5.3.18-150300.59.93.1.150300.18.54.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-livepatch-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-livepatch-devel-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-default-optional-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-kvmsmall-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-kvmsmall-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-obs-qa-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-livepatch-devel-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-livepatch-devel-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-optional-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-preempt-optional-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-source-vanilla-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.93.1', 'cpu':'s390x', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kselftests-kmp-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kselftests-kmp-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kselftests-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kselftests-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'ocfs2-kmp-64kb-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'ocfs2-kmp-default-5.3.18-150300.59.93.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'ocfs2-kmp-preempt-5.3.18-150300.59.93.1', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'ocfs2-kmp-preempt-5.3.18-150300.59.

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3408-1)

Description

Related