Lucene search

HistoryJan 25, 2022 - 12:00 a.m.

Security update for the Linux Kernel (important)






An update that solves 10 vulnerabilities and has 32 fixes
is now available.


The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive
various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-0185: Incorrect param length parsing in legacy_parse_param
    which could have led to a local privilege escalation (bsc#1194517).
  • CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk
  • CVE-2021-4197: Fixed a cgroup issue where lower privileged processes
    could write to fds of lower privileged ones that could lead to privilege
    escalation (bsc#1194302).
  • CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the
    Linux kernel allowed local users to cause a denial of service (NULL
    pointer dereference and general protection fault) because of the missing
    initialization for nft_set_elem_expr_alloc. A local user can set a
    netfilter table expression in their own namespace (bnc#1194518).
  • CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc
    function (bsc#1193927).
  • CVE-2021-4202: Fixed a race condition during NFC device remove which
    could lead to a use-after-free memory corruption (bsc#1194529)
  • CVE-2021-4083: A read-after-free memory flaw was found in the Linux
    kernel’s garbage collection for Unix domain socket file handlers in the
    way users call close() and fget() simultaneously and can potentially
    trigger a race condition. This flaw allowed a local user to crash the
    system or escalate their privileges on the system. (bnc#1193727).
  • CVE-2021-4149: Fixed a locking condition in btrfs which could lead to
    system deadlocks (bsc#1194001).
  • CVE-2021-45485: In the IPv6 implementation net/ipv6/output_core.c has an
    information leak because of certain use of a hash table which, although
    big, doesn’t properly consider that IPv6-based attackers can typically
    choose among many IPv6 source addresses (bnc#1194094).
  • CVE-2021-45486: In the IPv4 implementation net/ipv4/route.c has an
    information leak because the hash table is very small (bnc#1194087).

The following non-security bugs were fixed:

  • ACPI: APD: Check for NULL pointer after calling devm_ioremap()
  • ACPI: Add stubs for wakeup handler functions (git-fixes).
  • ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
  • ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (git-fixes).
  • ALSA: ctl: Fix copy of updated id with element read/write (git-fixes).
  • ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes).
  • ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes).
  • ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
  • ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master
    after reboot from Windows (git-fixes).
  • ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes).
  • ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes).
  • ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes).
  • ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes).
  • ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes).
  • ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers (git-fixes).
  • ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ (git-fixes).
  • ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (git-fixes).
  • ALSA: hda: Make proper use of timecounter (git-fixes).
  • ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (git-fixes).
  • ALSA: jack: Check the return value of kstrdup() (git-fixes).
  • ALSA: oss: fix compile error when OSS_DEBUG is enabled (git-fixes).
  • ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes).
  • ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
  • ALSA: pcm: oss: Limit the period size to 16MB (git-fixes).
  • ALSA: usb-audio: Drop superfluous ‘0’ in Presonus Studio 1810c’s ID
  • ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
  • ASoC: codecs: wcd934x: handle channel mappping list correctly
  • ASoC: codecs: wcd934x: return correct value from mixer put (git-fixes).
  • ASoC: codecs: wcd934x: return error code correctly from hw_params
  • ASoC: codecs: wsa881x: fix return values from kcontrol put (git-fixes).
  • ASoC: cs42l42: Correct configuring of switch inversion from ts-inv
  • ASoC: cs42l42: Disable regulators if probe fails (git-fixes).
  • ASoC: cs42l42: Use device_property API instead of of_property
  • ASoC: fsl_asrc: refine the check of available clock divider (git-fixes).
  • ASoC: fsl_mqs: fix MODULE_ALIAS (git-fixes).
  • ASoC: mediatek: Check for error clk pointer (git-fixes).
  • ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s
  • ASoC: meson: aiu: fifo: Add missing dma_coerce_mask_and_coherent()
  • ASoC: qdsp6: q6routing: Fix return value from
    msm_routing_put_audio_mixer (git-fixes).
  • ASoC: rt5663: Handle device_property_read_u32_array error codes
  • ASoC: samsung: idma: Check of ioremap return value (git-fixes).
  • ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
  • ASoC: sunxi: fix a sound binding broken reference (git-fixes).
  • ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes).
  • ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes).
  • ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes).
  • ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes).
  • ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes).
  • ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes).
  • ASoC: tegra: Fix wrong value type in DMIC (git-fixes).
  • ASoC: tegra: Fix wrong value type in DSPK (git-fixes).
  • ASoC: tegra: Fix wrong value type in I2S (git-fixes).
  • ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA
  • Add cherry-picked IDs for qemu fw_cfg patches
  • Bluetooth: L2CAP: Fix using wrong mode (git-fixes).
  • Bluetooth: bfusb: fix division by zero in send path (git-fixes).
  • Bluetooth: btmtksdio: fix resume failure (git-fixes).
  • Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
  • Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
  • Bluetooth: hci_bcm: Check for error irq (git-fixes).
  • Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes).
  • Bluetooth: stop proccessing malicious adv data (git-fixes).
  • Documentation: ACPI: Fix data node reference documentation (git-fixes).
  • Documentation: dmaengine: Correctly describe dmatest with channel unset
  • Documentation: refer to config RANDOMIZE_BASE for kernel address-space
    randomization (git-fixes).
  • HID: add USB_HID dependancy to hid-chicony (git-fixes).
  • HID: add USB_HID dependancy to hid-prodikeys (git-fixes).
  • HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (git-fixes).
  • HID: bigbenff: prevent null pointer dereference (git-fixes).
  • HID: google: add eel USB id (git-fixes).
  • HID: hid-uclogic-params: Invalid parameter check in
    uclogic_params_frame_init_v1_buttonpad (git-fixes).
  • HID: hid-uclogic-params: Invalid parameter check in
    uclogic_params_get_str_desc (git-fixes).
  • HID: hid-uclogic-params: Invalid parameter check in
    uclogic_params_huion_init (git-fixes).
  • HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
  • HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
  • Input: appletouch - initialize work before device registration
  • Input: atmel_mxt_ts - fix double free in mxt_read_info_block (git-fixes).
  • Input: elantech - fix stack out of bound access in
    elantech_change_report_id() (git-fixes).
  • Input: i8042 - add deferred probe support (bsc#1190256).
  • Input: i8042 - enable deferred probe quirk for ASUS UM325UA
  • Input: max8925_onkey - do not mark comment as kernel-doc (git-fixes).
  • Input: spaceball - fix parsing of movement data packets (git-fixes).
  • Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes).
  • Input: ti_am335x_tsc - set ADCREFM for X configuration (git-fixes).
  • Move upstreamed patches into sorted section
  • NFC: st21nfca: Fix memory leak in device probe and remove (git-fixes).
  • NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).
  • NFSv42: Do not fail clone() unless the OP_CLONE operation failed
  • NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).
  • PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment (git-fixes).
  • PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes).
  • PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() (git-fixes).
  • PCI/MSI: Mask MSI-X vectors only on success (git-fixes).
  • PCI: cadence: Add cdns_plat_pcie_probe() missing return (git-fixes).
  • PCI: dwc: Do not remap invalid res (git-fixes).
  • PCI: mvebu: Check for errors from pci_bridge_emul_init() call
  • PCI: mvebu: Do not modify PCI IO type bits in conf_write (git-fixes).
  • PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2 registers on
    emulated bridge (git-fixes).
  • PCI: mvebu: Fix support for PCI_EXP_DEVCTL on emulated bridge
  • PCI: mvebu: Fix support for PCI_EXP_RTSTA on emulated bridge (git-fixes).
  • PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config
    space (git-fixes).
  • PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
  • PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
  • PCI: xgene: Fix IB window setup (git-fixes).
  • PM: runtime: Defer suspending suppliers (git-fixes).
  • PM: sleep: Do not assume that “mem” is always present (git-fixes).
  • RDMA/hns: Replace kfree() with kvfree() (jsc#SLE-14777).
  • Rename colliding patches before the next SLE15-SP2 -> SLE15-SP3 merge
  • Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
  • Revert “PM: sleep: Do not assume that “mem” is always present”
  • Revert “USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
    quirk set” (git-fixes).
  • Revert “net/mlx5: Add retry mechanism to the command entry index
    allocation” (jsc#SLE-15172).
  • USB: Fix “slab-out-of-bounds Write” bug in usb_hcd_poll_rh_status
  • USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes).
  • USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
  • USB: cdc-acm: fix break reporting (git-fixes).
  • USB: cdc-acm: fix racy tty buffer accesses (git-fixes).
  • USB: chipidea: fix interrupt deadlock (git-fixes).
  • USB: core: Fix bug in resuming hub’s handling of wakeup requests
  • USB: gadget: bRequestType is a bitfield, not a enum (git-fixes).
  • USB: gadget: detect too-big endpoint 0 requests (git-fixes).
  • USB: gadget: zero allocate endpoint 0 buffers (git-fixes).
  • USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes).
  • USB: serial: option: add Telit FN990 compositions (git-fixes).
  • Update
    (git-fixes bsc#1193660 ltc#195634).
  • Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18120)
    Moving this driver into the “supported” package.
  • amd/display: downgrade validation failure log level (git-fixes).
  • ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile (git-fixes).
  • atlantic: Fix buff_ring OOB in aq_ring_rx_clean (git-fixes).
  • ax25: NPD bug when detaching AX25 device (git-fixes).
  • backlight: qcom-wled: Fix off-by-one maximum with default num_strings
  • backlight: qcom-wled: Override default length with qcom,enabled-strings
  • backlight: qcom-wled: Pass number of elements to read to read_u32_array
  • backlight: qcom-wled: Validate enabled string indices in DT (git-fixes).
  • batman-adv: mcast: do not send link-local multicast to mcast routers
  • blk-cgroup: synchronize blkg creation against policy deactivation
  • block/scsi-ioctl: Fix kernel-infoleak in scsi_put_cdrom_generic_arg()
  • block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586).
  • can: gs_usb: fix use of uninitialized variable, detach device on
    reception of invalid USB data (git-fixes).
  • can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
  • can: kvaser_usb: get CAN clock frequency from device (git-fixes).
  • can: sja1000: fix use after free in ems_pcmcia_add_card() (git-fixes).
  • can: softing: softing_startstop(): fix set but not used variable warning
  • can: softing_cs: softingcs_probe(): fix memleak on registration failure
  • can: usb_8dev: remove unused member echo_skb from struct usb_8dev_priv
  • can: xilinx_can: xcan_probe(): check for error irq (git-fixes).
  • char/mwave: Adjust io port register size (git-fixes).
  • clk: Do not parent clks until the parent is fully registered (git-fixes).
  • clk: Gemini: fix struct name in kernel-doc (git-fixes).
  • clk: bcm-2835: Pick the closest clock rate (git-fixes).
  • clk: bcm-2835: Remove rounding up the dividers (git-fixes).
  • clk: imx8mn: Fix imx8mn_clko1_sels (git-fixes).
  • clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1
  • clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk (git-fixes).
  • clk: qcom: regmap-mux: fix parent clock lookup (git-fixes).
  • clk: stm32: Fix ltdc’s clock turn off by clk_disable_unused() after
    system enter shell (git-fixes).
  • crypto: caam - replace this_cpu_ptr with raw_cpu_ptr (git-fixes).
  • crypto: mxs-dcp - Use sg_mapping_iter to copy data (git-fixes).
  • crypto: omap-sham - clear dma flags only after
    omap_sham_update_dma_stop() (git-fixes).
  • crypto: qat - do not ignore errors from enable_vf2pf_comms() (git-fixes).
  • crypto: qat - fix reuse of completion variable (git-fixes).
  • crypto: qat - handle both source of interrupt in VF ISR (git-fixes).
  • crypto: qce - fix uaf on qce_ahash_register_one (git-fixes).
  • crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (git-fixes).
  • crypto: stm32/cryp - fix double pm exit (git-fixes).
  • crypto: stm32/cryp - fix lrw chaining mode (git-fixes).
  • crypto: stm32/cryp - fix xts and race condition in crypto_engine
    requests (git-fixes).
  • debugfs: lockdown: Allow reading debugfs files that are not world
    readable (bsc#1193328 ltc#195566).
  • device property: Fix documentation for FWNODE_GRAPH_DEVICE_DISABLED
  • dm crypt: document encrypted keyring key option (git-fixes).
  • dm writecache: add “cleaner” and “max_age” to Documentation (git-fixes).
  • dm writecache: advance the number of arguments when reporting max_age
  • dm writecache: fix performance degradation in ssd mode (git-fixes).
  • dm writecache: flush origin device when writing and cache is full
  • dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
  • dmaengine: at_xdmac: Do not start transactions at tx_submit level
  • dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (git-fixes).
  • dmaengine: at_xdmac: Fix concurrency over xfers_list (git-fixes).
  • dmaengine: at_xdmac: Fix lld view setting (git-fixes).
  • dmaengine: at_xdmac: Print debug message after realeasing the lock
  • dmaengine: bestcomm: fix system boot lockups (git-fixes).
  • dmaengine: idxd: add module parameter to force disable of SVA
  • dmaengine: idxd: enable SVA feature for IOMMU (bsc#1192931).
  • dmaengine: pxa/mmp: stop referencing config->slave_id (git-fixes).
  • dmaengine: st_fdma: fix MODULE_ALIAS (git-fixes).
  • drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (git-fixes).
  • drm/amd/display: Fix for the no Audio bug with Tiled Displays
  • drm/amd/display: Update bounding box states (v2) (git-fixes).
  • drm/amd/display: Update number of DCN3 clock states (git-fixes).
  • drm/amd/display: add connector type check for CRC source set (git-fixes).
  • drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
  • drm/amd/display: fix incorrect CM/TF programming sequence in dwb
  • drm/amd/display: fix missing writeback disablement if plane is removed
  • drm/amdgpu: Fix a NULL pointer dereference in
    amdgpu_connector_lcd_native_mode() (git-fixes).
  • drm/amdgpu: Fix a printing message (git-fixes).
  • drm/amdgpu: Fix amdgpu_ras_eeprom_init() (git-fixes).
  • drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
  • drm/amdgpu: revert “Add autodump debugfs node for gpu reset v8”
  • drm/amdkfd: Account for SH/SE count when setting up cu masks (git-fixes).
  • drm/amdkfd: Check for null pointer after calling kmemdup (git-fixes).
  • drm/ast: potential dereference of null pointer (git-fixes).
  • drm/atomic: Check new_crtc_state->active to determine if CRTC needs
    disable in self refresh mode (git-fixes).
  • drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes).
  • drm/bridge: display-connector: fix an uninitialized pointer in probe()
  • drm/bridge: nwl-dsi: Avoid potential multiplication overflow on 32-bit
  • drm/bridge: ti-sn65dsi86: Set max register for regmap (git-fixes).
  • drm/display: fix possible null-pointer dereference in dcn10_set_clock()
  • drm/exynos: Always initialize mapping in exynos_drm_register_dma()
  • drm/i915/fb: Fix rounding error in subsampled plane size calculation
  • drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()
  • drm/mediatek: Check plane visibility in atomic_update (git-fixes).
  • drm/msm/dpu: fix safe status debugfs file (git-fixes).
  • drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
  • drm/msm/dsi: set default num_data_lanes (git-fixes).
  • drm/msm/mdp5: fix cursor-related warnings (git-fixes).
  • drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
  • drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
  • drm/panel: innolux-p079zca: Delete panel on attach() failure (git-fixes).
  • drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure
  • drm/radeon/radeon_kms: Fix a NULL pointer dereference in
    radeon_driver_open_kms() (git-fixes).
  • drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes).
  • drm/rockchip: dsi: Fix unbalanced clock on probe error (git-fixes).
  • drm/rockchip: dsi: Hold pm-runtime across bind/unbind (git-fixes).
  • drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes).
  • drm/sun4i: dw-hdmi: Fix missing put_device() call in sun8i_hdmi_phy_get
  • drm/sun4i: fix unmet dependency on RESET_CONTROLLER for
    PHY_SUN6I_MIPI_DPHY (git-fixes).
  • drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence
  • drm/tegra: vic: Fix DMA API misuse (git-fixes).
  • drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes).
  • drm/vc4: hdmi: Make sure the controller is powered up during bind
  • drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET (git-fixes).
  • drm/vc4: hdmi: Set a default HSM rate (git-fixes).
  • drm: fix null-ptr-deref in drm_dev_init_release() (git-fixes).
  • drm: xlnx: zynqmp: release reset to DP controller before accessing DP
    registers (git-fixes).
  • drm: xlnx: zynqmp_dpsub: Call pm_runtime_get_sync before setting pixel
    clock (git-fixes).
  • eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
  • eeprom: idt_89hpesx: Restore printing the unsupported fwnode name
  • ext4: Avoid trim error on fs with small groups (bsc#1191271).
  • ext4: fix lazy initialization next schedule time computation in more
    granular unit (bsc#1194580).
  • fget: clarify and improve __fget_files() implementation (bsc#1193727).
  • firmware: Update Kconfig help text for Google firmware (git-fixes).
  • firmware: arm_scmi: pm: Propagate return value to caller (git-fixes).
  • firmware: arm_scpi: Fix string overflow in SCPI genpd driver (git-fixes).
  • firmware: qcom_scm: Fix error retval in __qcom_scm_is_call_available()
  • firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
  • firmware: qemu_fw_cfg: fix kobject leak in probe error path (git-fixes).
  • firmware: qemu_fw_cfg: fix sysfs information leak (git-fixes).
  • firmware: raspberrypi: Fix a leak in ‘rpi_firmware_get()’ (git-fixes).
  • firmware: smccc: Fix check for ARCH_SOC_ID not implemented (git-fixes).
  • firmware: tegra: Fix error application of sizeof() to pointer
  • firmware: tegra: Reduce stack usage (git-fixes).
  • firmware_loader: fix pre-allocated buf built-in firmware use (git-fixes).
  • floppy: Fix hang in watchdog when disk is ejected (git-fixes).
  • flow_offload: return EOPNOTSUPP for the unsupported mpls action type
  • fuse: Pass correct lend value to filemap_write_and_wait_range()
  • gpiolib: acpi: Make set-debounce-timeout failures non fatal (git-fixes).
  • gpu: host1x: Add back arm_iommu_detach_device() (git-fixes).
  • hwmon: (lm90) Add basic support for TI TMP461 (git-fixes).
  • hwmon: (lm90) Add max6654 support to lm90 driver (git-fixes).
  • hwmon: (lm90) Do not report ‘busy’ status bit as alarm (git-fixes).
  • hwmon: (lm90) Drop critical attribute support for MAX6654 (git-fixes).
  • hwmon: (lm90) Fix usage of CONFIG2 register in detect function
  • hwmon: (lm90) Introduce flag indicating extended temperature support
  • i2c: rk3x: Handle a spurious start completion interrupt flag (git-fixes).
  • i2c: validate user data in compat ioctl (git-fixes).
  • i3c: fix incorrect address slot lookup on 64-bit (git-fixes).
  • i3c: master: dw: check return of dw_i3c_master_get_free_pos()
  • i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc (git-fixes).
  • i40e: Fix for displaying message regarding NVM version (git-fixes).
  • i40e: Fix incorrect netdev’s real number of RX/TX queues (git-fixes).
  • i40e: Fix to not show opcode msg on unsuccessful VF MAC change
  • i40e: fix use-after-free in i40e_sync_filters_subtask() (git-fixes).
  • iavf: Fix limit of total number of queues to active queues of VF
  • iavf: restore MSI state on reset (git-fixes).
  • ieee802154: atusb: fix uninit value in atusb_set_extended_addr
  • ieee802154: fix error return code in ieee802154_llsec_getparams()
  • ieee802154: fix error return code in ieee802154_add_iface() (git-fixes).
  • ieee802154: hwsim: Fix memory leak in hwsim_add_one (git-fixes).
  • ieee802154: hwsim: Fix possible memory leak in
    hwsim_subscribe_all_others (git-fixes).
  • ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
  • ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (git-fixes).
  • igb: Fix removal of unicast MAC filters of VFs (git-fixes).
  • igbvf: fix double free in igbvf_probe (git-fixes).
  • igc: Fix typo in i225 LTR functions (jsc#SLE-13533).
  • iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
  • iio: ad7768-1: Call iio_trigger_notify_done() on error (git-fixes).
  • iio: adc: axp20x_adc: fix charging current reporting on AXP22x
  • iio: at91-sama5d2: Fix incorrect sign extension (git-fixes).
  • iio: dln2-adc: Fix lockdep complaint (git-fixes).
  • iio: dln2: Check return value of devm_iio_trigger_register() (git-fixes).
  • iio: itg3200: Call iio_trigger_notify_done() on error (git-fixes).
  • iio: kxsd9: Do not return error code in trigger handler (git-fixes).
  • iio: ltr501: Do not return error code in trigger handler (git-fixes).
  • iio: mma8452: Fix trigger reference couting (git-fixes).
  • iio: stk3310: Do not return error code in interrupt handler (git-fixes).
  • iio: trigger: Fix reference counting (git-fixes).
  • iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes).
  • ionic: Initialize the ‘lif->dbid_inuse’ bitmap (bsc#1167773).
  • isofs: Fix out of bound access for corrupted isofs image (bsc#1194591).
  • iwlwifi: fw: correctly limit to monitor dump (git-fixes).
  • iwlwifi: mvm: Fix scan channel flags settings (git-fixes).
  • iwlwifi: mvm: Use div_s64 instead of do_div in
    iwl_mvm_ftm_rtt_smoothing() (git-fixes).
  • iwlwifi: mvm: avoid static queue number aliasing (git-fixes).
  • iwlwifi: mvm: disable RX-diversity in powersave (git-fixes).
  • iwlwifi: mvm: fix 32-bit build in FTM (git-fixes).
  • iwlwifi: mvm: fix access to BSS elements (git-fixes).
  • iwlwifi: mvm: test roc running status bits before removing the sta
  • iwlwifi: pcie: free RBs during configure (git-fixes).
  • ixgbe: set X550 MDIO speed before talking to PHY (git-fixes).
  • kmod: make request_module() return an error when autoloading is disabled
  • kobject: Restore old behaviour of kobject_del(NULL) (git-fixes).
  • kobject_uevent: remove warning in init_uevent_argv() (git-fixes).
  • kprobes: Limit max data_size of the kretprobe instances (bsc#1193669).
  • libata: add horkage for ASMedia 1092 (git-fixes).
  • libata: if T_LENGTH is zero, dma direction should be DMA_NONE
  • livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).
  • lockdown: Allow unprivileged users to see lockdown status (git-fixes).
  • mISDN: change function names to avoid conflicts (git-fixes).
  • mac80211: Fix monitor MTU limit so that A-MSDUs get through (git-fixes).
  • mac80211: agg-tx: do not schedule_and_wake_txq() under sta->lock
  • mac80211: do not access the IV when it was stripped (git-fixes).
  • mac80211: fix lookup when adding AddBA extension element (git-fixes).
  • mac80211: fix regression in SSN handling of addba tx (git-fixes).
  • mac80211: initialize variable have_higher_than_11mbit (git-fixes).
  • mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes).
  • mac80211: send ADDBA requests using the tid/queue of the aggregation
    session (git-fixes).
  • mac80211: track only QoS data frames for admission control (git-fixes).
  • mac80211: validate extended element ID is present (git-fixes).
  • mailbox: hi3660: convert struct comments to kernel-doc notation
  • media: Revert “media: uvcvideo: Set unique vdev name based in type”
  • media: aspeed: Update signal status immediately to ensure sane hw state
  • media: aspeed: fix mode-detect always time out at 2nd run (git-fixes).
  • media: cpia2: fix control-message timeouts (git-fixes).
  • media: dib0700: fix undefined behavior in tuner shutdown (git-fixes).
  • media: dib8000: Fix a memleak in dib8000_init() (git-fixes).
  • media: dmxdev: fix UAF when dvb_register_device() fails (git-fixes).
  • media: dw2102: Fix use after free (git-fixes).
  • media: em28xx: fix control-message timeouts (git-fixes).
  • media: em28xx: fix memory leak in em28xx_init_dev (git-fixes).
  • media: flexcop-usb: fix control-message timeouts (git-fixes).
  • media: hantro: Fix probe func error path (git-fixes).
  • media: i2c: imx274: fix trivial typo expsoure/exposure (git-fixes).
  • media: i2c: imx274: fix trivial typo obainted/obtained (git-fixes).
  • media: imx-pxp: Initialize the spinlock prior to using it (git-fixes).
  • media: mceusb: fix control-message timeouts (git-fixes).
  • media: msi001: fix possible null-ptr-deref in msi001_probe() (git-fixes).
  • media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released
  • media: pvrusb2: fix control-message timeouts (git-fixes).
  • media: rcar-csi2: Correct the selection of hsfreqrange (git-fixes).
  • media: rcar-csi2: Optimize the selection PHTW register (git-fixes).
  • media: redrat3: fix control-message timeouts (git-fixes).
  • media: s2255: fix control-message timeouts (git-fixes).
  • media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
  • media: si2157: Fix “warm” tuner state detection (git-fixes).
  • media: si470x-i2c: fix possible memory leak in si470x_i2c_probe()
  • media: stk1160: fix control-message timeouts (git-fixes).
  • media: streamzap: remove unnecessary ir_raw_event_reset and handle
  • media: uvcvideo: fix division by zero at stream start (git-fixes).
  • media: venus: core: Fix a resource leak in the error handling path of
    ‘venus_probe()’ (git-fixes).
  • memblock: ensure there is no overflow in memblock_overlaps_region()
  • memory: emif: Remove bogus debugfs error handling (git-fixes).
  • mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
  • misc: fastrpc: Add missing lock before accessing find_vma() (git-fixes).
  • misc: fastrpc: fix improper packet size calculation (git-fixes).
  • misc: lattice-ecp3-config: Fix task hung when firmware load failed
  • mmc: meson-mx-sdio: add IRQ check (git-fixes).
  • mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard
    tuning circuit (git-fixes).
  • mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes).
  • mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes).
  • mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes).
  • moxart: fix potential use-after-free on remove path (bsc#1194516).
  • mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode
  • mt76: mt7915: fix an off-by-one bound check (git-fixes).
  • mtd: rawnand: fsmc: Fix timing computation (git-fixes).
  • mtd: rawnand: fsmc: Take instruction delay into account (git-fixes).
  • mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip()
  • mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
  • mwifiex: Fix possible ABBA deadlock (git-fixes).
  • mwifiex: Try waking the firmware until we get an interrupt (git-fixes).
  • net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
  • net/mlx5: Set command entry semaphore up once got index free
  • net/mlx5e: Fix wrong features assignment in case of error (git-fixes).
  • net/mlx5e: Wrap the tx reporter dump callback to extract the sq
  • net/sched: fq_pie: prevent dismantle issue (jsc#SLE-15172).
  • net/sched: sch_ets: do not remove idle classes from the round-robin list
  • net: create netdev->dev_addr assignment helpers (git-fixes).
  • net: ena: Fix error handling when calculating max IO queues number
  • net: ena: Fix undefined state when tx request id is out of bounds
  • net: ena: Fix wrong rx request id by resetting device (git-fixes).
  • net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
  • net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes).
  • net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).
  • netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
  • nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
  • nfc: fix segfault in nfc_genl_dump_devices_done (git-fixes).
  • nfsd: Fix nsfd startup race (again) (git-fixes).
  • nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit
    groups (bsc#1176447).
  • nvme-tcp: block BH in sk state_change sk callback (git-fixes).
  • nvme-tcp: can’t set sk_user_data without write_lock (git-fixes).
  • nvme-tcp: check sgl supported by target (git-fixes).
  • nvme-tcp: do not update queue count when failing to set io queues
  • nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (git-fixes).
  • nvme-tcp: fix crash triggered with a dataless request submission
  • nvme-tcp: fix error codes in nvme_tcp_setup_ctrl() (git-fixes).
  • nvme-tcp: fix io_work priority inversion (git-fixes).
  • nvme-tcp: fix possible data corruption with bio merges (git-fixes).
  • nvme-tcp: fix possible req->offset corruption (git-fixes).
  • nvme-tcp: fix wrong setting of request iov_iter (git-fixes).
  • nvme-tcp: get rid of unused helper function (git-fixes).
  • nvme-tcp: pair send_mutex init with destroy (git-fixes).
  • nvme-tcp: pass multipage bvec to request iov_iter (git-fixes).
  • nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME (git-fixes).
  • pcmcia: fix setting of kthread task states (git-fixes).
  • pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
    __nonstatic_find_io_region() (git-fixes).
  • pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
    nonstatic_find_mem_region() (git-fixes).
  • pcnet32: Use pci_resource_len to validate PCI resource (git-fixes).
  • pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes).
  • pinctrl: qcom: spmi-gpio: correct parent irqspec translation (git-fixes).
  • pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines
  • pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
  • pipe: increase minimum default pipe size to 2 pages (bsc#1194587).
  • platform/x86: apple-gmux: use resource_size() with res (git-fixes).
  • platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
    deep (git-fixes).
  • power: reset: ltc2952: Fix use of floating point literals (git-fixes).
  • power: supply: core: Break capacity loop (git-fixes).
  • power: supply: max17042_battery: Clear status bits in interrupt handler
  • powerpc/64s: fix program check interrupt emergency stack path
  • powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with
    panic (bsc#1193901 ltc#194976).
  • powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an
    overflown PMC (bsc#1156395).
  • powerpc/perf: Fix data source encodings for L2.1 and L3.1 accesses
  • powerpc/prom_init: Fix improper check of prom_getprop() (bsc#1065729).
  • powerpc/pseries/cpuhp: cache node corrections (bsc#1065729).
  • powerpc/pseries/cpuhp: delete add/remove_by_count code (bsc#1065729).
  • powerpc/pseries/mobility: ignore ibm, platform-facilities updates
  • powerpc/traps: do not enable irqs in _exception (bsc#1065729).
  • powerpc/xive: Add missing null check after calling kmalloc (bsc#1177437
    ltc#188522 jsc#SLE-13294 git-fixes).
  • powerpc: add interrupt_cond_local_irq_enable helper (bsc#1065729).
  • powerpc: handle kdump appropriately with crash_kexec_post_notifiers
    option (bsc#1193901 ltc#194976).
  • pwm: mxs: Do not modify HW state in .probe() after the PWM chip was
    registered (git-fixes).
  • pwm: tiecap: Drop .free() callback (git-fixes).
  • qlcnic: potential dereference null pointer of rx_queue->page_ring
  • quota: check block number when reading the block in quota file
  • quota: correct error number in free_dqentry() (bsc#1194590).
  • random: fix data race on crng init time (git-fixes).
  • random: fix data race on crng_node_pool (git-fixes).
  • regmap: Call regmap_debugfs_exit() prior to _init() (git-fixes).
  • rndis_host: support Hytera digital radios (git-fixes).
  • rpmsg: core: Clean up resources on announce_create failure (git-fixes).
  • rtl8xxxu: Fix the handling of TX A-MPDU aggregation (git-fixes).
  • rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
    interrupts enabled (git-fixes).
  • rtw88: use read_poll_timeout instead of fixed sleep (git-fixes).
  • rtw88: wow: build wow function only if CONFIG_PM is on (git-fixes).
  • rtw88: wow: fix size access error of probe request (git-fixes).
  • sata: nv: fix debug format string mismatch (git-fixes).
  • select: Fix indefinitely sleeping task in poll_schedule_timeout()
  • selftests: KVM: Explicitly use movq to read xmm registers (git-fixes).
  • selinux: fix potential memleak in selinux_add_opt() (git-fixes).
  • seq_buf: Fix overflow in seq_buf_putmem_hex() (git-fixes).
  • seq_buf: Make trace_seq_putmem_hex() support data longer than 8
  • serial: pl011: Add ACPI SBSA UART match id (git-fixes).
  • serial: tty: uartlite: fix console setup (git-fixes).
  • sfc: Check null pointer of rx_queue->page_ring (git-fixes).
  • sfc: The RX page_ring is optional (git-fixes).
  • sfc: falcon: Check null pointer of rx_queue->page_ring (git-fixes).
  • sfc_ef100: potential dereference of null pointer (jsc#SLE-16683).
  • shmem: shmem_writepage() split unlikely i915 THP (git-fixes).
  • slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew()
  • soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes).
  • soc: fsl: dpaa2-console: free buffer before returning from
    dpaa2_console_read (git-fixes).
  • soc: fsl: dpio: rename the enqueue descriptor variable (git-fixes).
  • soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
  • soc: fsl: dpio: use an explicit NULL instead of 0 (git-fixes).
  • soc: fsl: dpio: use the combined functions to protect critical zone
  • spi: change clk_disable_unprepare to clk_unprepare (git-fixes).
  • spi: spi-meson-spifc: Add missing pm_runtime_disable() in
    meson_spifc_probe (git-fixes).
  • spi: spi-rspi: Drop redeclaring ret variable in qspi_transfer_in()
  • staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
  • staging: fbtft: Do not spam logs when probe is deferred (git-fixes).
  • staging: fbtft: Rectify GPIO handling (git-fixes).
  • staging: fieldbus: anybuss: jump to correct label in an error path
  • staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC (git-fixes).
  • staging: rtl8192e: return error code from rtllib_softmac_init()
  • staging: rtl8192e: rtllib_module: fix error handle case in
    alloc_rtllib() (git-fixes).
  • staging: wlan-ng: Avoid bitwise vs logical OR warning in
    hfa384x_usb_throttlefn() (git-fixes).
  • string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
  • thermal/drivers/imx8mm: Enable ADC when enabling monitor (git-fixes).
  • thermal/drivers/int340x: Do not set a wrong tcc offset on resume
  • thermal: core: Reset previous low and high trip during thermal zone init
  • tpm: add request_locality before write TPM_INT_ENABLE (git-fixes).
  • tpm: fix potential NULL pointer access in tpm_del_char_device
  • tracing/kprobes: ‘nmissed’ not showed correctly for kretprobe
  • tracing/uprobes: Check the return value of kstrdup() for tu->filename
  • tracing: Add test for user space strings when filtering on string
    pointers (git-fixes).
  • tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
  • tty: max310x: fix flexible_array.cocci warnings (git-fixes).
  • tty: serial: atmel: Call dma_async_issue_pending() (git-fixes).
  • tty: serial: atmel: Check return code of dmaengine_submit() (git-fixes).
  • tty: serial: earlycon dependency (git-fixes).
  • tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup
  • tty: serial: uartlite: allow 64 bit address (git-fixes).
  • tty: synclink_gt: rename a conflicting function name (git-fixes).
  • udf: Fix crash after seekdir (bsc#1194592).
  • uio: uio_dmem_genirq: Catch the Exception (git-fixes).
  • usb: core: config: fix validation of wMaxPacketValue entries (git-fixes).
  • usb: core: config: using bit mask instead of individual bits (git-fixes).
  • usb: dwc2: check return value after calling platform_get_resource()
  • usb: dwc3: gadget: Continue to process pending requests (git-fixes).
  • usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
  • usb: dwc3: gadget: Reclaim extra TRBs after request completion
  • usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield
  • usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (git-fixes).
  • usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
  • usb: dwc3: ulpi: fix checkpatch warning (git-fixes).
  • usb: ftdi-elan: fix memory leak on device disconnect (git-fixes).
  • usb: gadget: composite: Allow bMaxPower=0 if self-powered (git-fixes).
  • usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear (git-fixes).
  • usb: gadget: u_ether: fix race in setting MAC address in setup phase
  • usb: mtu3: add memory barrier before set GPD’s HWO (git-fixes).
  • usb: mtu3: fix interval value for intr and isoc (git-fixes).
  • usb: mtu3: fix list_head check warning (git-fixes).
  • usb: mtu3: set interval of FS intr and isoc endpoint (git-fixes).
  • usb: typec: tcpm: handle SRC_STARTUP state if cc changes (git-fixes).
  • usb: xhci: Extend support for runtime power management for AMD’s Yellow
    carp (git-fixes).
  • usermodehelper: reset umask to default before executing user process
  • vfs: check fd has read access in kernel_read_file_from_fd()
  • video: backlight: Drop maximum brightness override for brightness zero
  • watchdog: Fix OMAP watchdog early handling (git-fixes).
  • watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
  • wcn36xx: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
  • wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
  • wcn36xx: Release DMA channel descriptor allocations (git-fixes).
  • wcn36xx: handle connection loss indication (git-fixes).
  • wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
  • x86/platform/uv: Add more to secondary CPU kdump info (bsc#1194493).
  • xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set
  • xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
    suspending (git-fixes).
  • xhci: avoid race between disable slot command and host runtime suspend
  • xhci: fix unsafe memory usage in xhci tracing (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2022-169=1

openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (x86_64):- openSUSE Leap 15.3 (x86_64):.x86_64.rpm
openSUSE Leap15.3noarch< - openSUSE Leap 15.3 (noarch):- openSUSE Leap 15.3 (noarch):.noarch.rpm