Basic search

K
suseSuseSUSE-SU-2022:2722-1
HistoryAug 09, 2022 - 12:00 a.m.

Security update for the Linux Kernel (important)

2022-08-0900:00:00
lists.opensuse.org
159

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

An update that solves 5 vulnerabilities, contains 9
features and has 31 fixes is now available.

Description:

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive
various security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO
    (bnc#1201635).
  • CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe
    subsystem (bnc#1198829).
  • CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy
    (bsc#1201458).
  • CVE-2022-29581: Fixed improper update of Reference Count in net/sched
    that could cause root privilege escalation (bnc#1199665).
  • CVE-2022-32250: Fixed an use-after-free bug in the netfilter subsystem.
    This flaw allowed a local attacker with user access to cause a privilege
    escalation issue (bnc#1200015, bnc#1200494).

The following non-security bugs were fixed:

  • 9p: Fix refcounting during full path walks for fid lookups (git-fixes).
  • 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (git-fixes).
  • 9p: fix fid refcount leak in v9fs_vfs_get_link (git-fixes).
  • ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (git-fixes).
  • ACPI: video: Fix acpi_video_handles_brightness_key_presses() (git-fixes).
  • ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
  • ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
    (git-fixes).
  • ALSA: hda/realtek - Enable the headset-mic on a Xiaomi’s laptop
    (git-fixes).
  • ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
    (git-fixes).
  • ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
    (git-fixes).
  • ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
  • ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).
  • ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0) (git-fixes).
  • ALSA: usb-audio: Add quirk for Fiero SC-01 (git-fixes).
  • ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
    (git-fixes).
  • ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD (git-fixes).
  • ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of
    idle (git-fixes).
  • ARM: 9210/1: Mark the FDT_FIXED sections as shareable (git-fixes).
  • ARM: 9213/1: Print message about disabled Spectre workarounds only once
    (git-fixes).
  • ARM: 9214/1: alignment: advance IT state after emulating Thumb
    instruction (git-fixes).
  • ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow (git-fixes).
  • ARM: dts: at91: sama5d2: Fix typo in i2s1 node (git-fixes).
  • ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count (git-fixes).
  • ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
    (git-fixes).
  • ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero (git-fixes).
  • ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
    (git-fixes).
  • ASoC: Intel: Skylake: Correct the ssp rate discovery in
    skl_get_ssp_clks() (git-fixes).
  • ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering problem
    (git-fixes).
  • ASoC: Intel: sof_sdw: handle errors on card registration (git-fixes).
  • ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on remove
    (git-fixes).
  • ASoC: Remove unused hw_write_t type (git-fixes).
  • ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow (git-fixes).
  • ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues in probe
    (git-fixes).
  • ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in
    .set_jack_detect (git-fixes).
  • ASoC: cs47l15: Fix event generation for low power mux control
    (git-fixes).
  • ASoC: dapm: Initialise kcontrol data for mux/demux controls (git-fixes).
  • ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
  • ASoC: madera: Fix event generation for rate controls (git-fixes).
  • ASoC: ops: Fix off by one in range control validation (git-fixes).
  • ASoC: rt5682: Avoid the unexpected IRQ event during going to suspend
    (git-fixes).
  • ASoC: rt5682: Fix deadlock on resume (git-fixes).
  • ASoC: rt5682: Re-detect the combo jack after resuming (git-fixes).
  • ASoC: rt5682: fix an incorrect NULL check on list iterator (git-fixes).
  • ASoC: rt5682: move clk related code to rt5682_i2c_probe (git-fixes).
  • ASoC: rt7*-sdw: harden jack_detect_handler (git-fixes).
  • ASoC: rt711-sdca-sdw: fix calibrate mutex initialization (git-fixes).
  • ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver
    (git-fixes).
  • ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
    (git-fixes).
  • ASoC: rt711: Add endianness flag in snd_soc_component_driver (git-fixes).
  • ASoC: rt711: fix calibrate mutex initialization (git-fixes).
  • ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
  • ASoC: tas2764: Add post reset delays (git-fixes).
  • ASoC: tas2764: Correct playback volume range (git-fixes).
  • ASoC: tas2764: Fix amp gain register offset & default (git-fixes).
  • ASoC: tas2764: Fix and extend FSYNC polarity handling (git-fixes).
  • ASoC: wcd938x: Fix event generation for some controls (git-fixes).
  • ASoC: wm5110: Fix DRE control (git-fixes).
  • Bluetooth: Add bt_skb_sendmmsg helper (git-fixes).
  • Bluetooth: Add bt_skb_sendmsg helper (git-fixes).
  • Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks (git-fixes).
  • Bluetooth: Fix passing NULL to PTR_ERR (git-fixes).
  • Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
    (git-fixes).
  • Bluetooth: SCO: Fix sco_send_frame returning skb->len (git-fixes).
  • Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
    (git-fixes).
  • Bluetooth: btusb: Add the new support IDs for WCN6855 (git-fixxes).
  • Documentation: add description for net.core.gro_normal_batch (git-fixes).
  • Documentation: add description for net.sctp.ecn_enable (git-fixes).
  • Documentation: add description for net.sctp.intl_enable (git-fixes).
  • Documentation: add description for net.sctp.reconf_enable (git-fixes).
  • Documentation: fix udp_wmem_min in ip-sysctl.rst (git-fixes).
  • Documentation: move watch_queue to core-api (git-fixes).
  • Input: cpcap-pwrbutton - handle errors from platform_get_irq()
    (git-fixes).
  • Input: i8042 - Apply probe defer to more ASUS ZenBook models
    (bsc#1190256).
  • KVM: emulate: do not adjust size of fastop and setcc subroutines
    (bsc#1201930).
  • KVM: selftests: Make sure kvm_create_max_vcpus test won’t hit
    RLIMIT_NOFILE (git-fixes).
  • KVM: selftests: Silence compiler warning in the kvm_page_table_test
    (git-fixes).
  • NFC: nxp-nci: do not print header length mismatch on i2c error
    (git-fixes).
  • VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
  • VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,
    jsc#SLE-24635).
  • VMCI: Fix some error handling paths in vmci_guest_probe_device()
    (bsc#1199291, jsc#SLE-24635).
  • VMCI: Release notification_bitmap in error path (bsc#1199291,
    jsc#SLE-24635).
  • VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).
  • VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291,
    jsc#SLE-24635).
  • VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,
    jsc#SLE-24635).
  • VMCI: dma dg: allocate send and receive buffers for DMA datagrams
    (bsc#1199291, jsc#SLE-24635).
  • VMCI: dma dg: detect DMA datagram capability (bsc#1199291,
    jsc#SLE-24635).
  • VMCI: dma dg: register dummy IRQ handlers for DMA datagrams
    (bsc#1199291, jsc#SLE-24635).
  • VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
  • VMCI: dma dg: whitespace formatting change for vmci register defines
    (bsc#1199291, jsc#SLE-24635).
  • XArray: Update the LRU list in xas_split() (git-fixes).
  • arm64: Add HWCAP for self-synchronising virtual counter (git-fixes)
  • arm64: Add cavium_erratum_23154_cpus missing sentinel (jsc#SLE-24682).
  • arm64: cpufeature: add HWCAP for FEAT_AFP (git-fixes)
  • arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot (git-fixes).
  • arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes)
  • arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC
    (git-fixes).
  • arm64: dts: rockchip: Assign RK3399 VDU clock rate (git-fixes).
  • arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA
    transfer (git-fixes)
  • arm_pmu: Validate single/group leader events (git-fixes).
  • asm-generic: remove a broken and needless ifdef conditional (git-fixes).
  • batman-adv: Use netif_rx() (git-fixes).
  • bcmgenet: add WOL IRQ check (git-fixes).
  • be2net: Fix buffer overflow in be_get_module_eeprom (bsc#1201323).
  • bitfield.h: Fix “type of reg too small for mask” test (git-fixes).
  • blk-mq: add one API for waiting until quiesce is done (bsc#1201651).
  • blk-mq: fix kabi support concurrent queue quiesce unquiesce
    (bsc#1201651).
  • blk-mq: support concurrent queue quiesce/unquiesce (bsc#1201651).
  • can: bcm: use call_rcu() instead of costly synchronize_rcu() (git-fixes).
  • can: grcan: grcan_probe(): remove extra of_node_get() (git-fixes).
  • can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
  • can: m_can: m_can_chip_config(): actually enable internal timestamping
    (git-fixes).
  • can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling
    for mcp2517fd (git-fixes).
  • can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken
    CRC on TBC register (git-fixes).
  • can: rcar_canfd: add __maybe_unused annotation to silence warning
    (git-fixes).
  • ceph: fix up non-directory creation in SGID directories (bsc#1201595).
  • cifs: fix reconnect on smb3 mount types (bsc#1201427).
  • configfs: fix a race in configfs_{,un}register_subsystem() (git-fixes).
  • cpufreq: mediatek: Unregister platform device on exit (git-fixes).
  • cpufreq: mediatek: Use module_init and add module_exit (git-fixes).
  • cpufreq: pmac32-cpufreq: Fix refcount leak bug (git-fixes).
  • cpuidle: PSCI: Move the has_lpi check to the beginning of the
    (git-fixes)
  • crypto: hisilicon/qm - modify the uacce mode check (bsc#1201391).
  • crypto: octeontx2 - Avoid stack variable overflow (jsc#SLE-24682).
  • crypto: octeontx2 - CN10K CPT to RNM workaround (jsc#SLE-24682).
  • crypto: octeontx2 - Use swap() instead of swap_engines() (jsc#SLE-24682).
  • crypto: octeontx2 - add apis for custom engine groups (jsc#SLE-24682).
  • crypto: octeontx2 - add synchronization between mailbox accesses
    (jsc#SLE-24682).
  • crypto: octeontx2 - fix missing unlock (jsc#SLE-24682).
  • crypto: octeontx2 - increase CPT HW instruction queue length
    (jsc#SLE-24682).
  • crypto: octeontx2 - out of bounds access in
    otx2_cpt_dl_custom_egrp_delete() (jsc#SLE-24682).
  • crypto: octeontx2 - parameters for custom engine groups (jsc#SLE-24682).
  • crypto: octeontx2 - select CONFIG_NET_DEVLINK (jsc#SLE-24682).
  • crypto: octeontx2 - use swap() to make code cleaner (jsc#SLE-24682).
  • crypto: qat - fix memory leak in RSA (git-fixes).
  • crypto: qat - remove dma_free_coherent() for DH (git-fixes).
  • crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
  • crypto: qat - set CIPHER capability for DH895XCC (git-fixes).
  • crypto: qat - set to zero DH parameters before free (git-fixes).
  • crypto: testmgr - allow ecdsa-nist in FIPS mode
    (jsc#SLE-21132,bsc#1201258).
  • device property: Add fwnode_irq_get_byname (jsc#SLE-24569)
  • device property: Check fwnode->secondary when finding properties
    (git-fixes).
  • dm: do not stop request queue after the dm device is suspended
    (bsc#1201651).
  • dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
    (git-fixes).
  • dma-debug: make things less spammy under memory pressure (git-fixes).
  • dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
    (git-fixes).
  • dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
  • dmaengine: lgm: Fix an error handling path in intel_ldma_probe()
    (git-fixes).
  • dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).
  • dmaengine: qcom: bam_dma: fix runtime PM underflow (git-fixes).
  • dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
    (git-fixes).
  • dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
    (git-fixes).
  • docs: firmware-guide: ACPI: Add named interrupt doc (jsc#SLE-24569)
  • docs: net: dsa: add more info about the other arguments to
    get_tag_protocol (git-fixes).
  • docs: net: dsa: delete port_mdb_dump (git-fixes).
  • docs: net: dsa: document change_tag_protocol (git-fixes).
  • docs: net: dsa: document port_fast_age (git-fixes).
  • docs: net: dsa: document port_setup and port_teardown (git-fixes).
  • docs: net: dsa: document the shutdown behavior (git-fixes).
  • docs: net: dsa: document the teardown method (git-fixes).
  • docs: net: dsa: re-explain what port_fdb_dump actually does (git-fixes).
  • docs: net: dsa: remove port_vlan_dump (git-fixes).
  • docs: net: dsa: rename tag_protocol to get_tag_protocol (git-fixes).
  • docs: net: dsa: update probing documentation (git-fixes).
  • dpaa2-eth: Initialize mutex used in one step timestamping path
    (git-fixes).
  • dpaa2-eth: destroy workqueue at the end of remove function (git-fixes).
  • dpaa2-eth: unregister the netdev before disconnecting from the PHY
    (git-fixes).
  • drbd: fix potential silent data corruption (git-fixes).
  • drivers: net: smc911x: Check for error irq (git-fixes).
  • drm/amd/display: Fix by adding FPU protection for
    dcn30_internal_validate_bw (git-fixes).
  • drm/amd/display: Ignore First MST Sideband Message Return Error
    (git-fixes).
  • drm/amd/display: Only use depth 36 bpp linebuffers on DCN display
    engines (git-fixes).
  • drm/amd/display: Set min dcfclk if pipe count is 0 (git-fixes).
  • drm/amd/vcn: fix an error msg on vcn 3.0 (git-fixes).
  • drm/amdgpu: To flush tlb for MMHUB of RAVEN series (git-fixes).
  • drm/i915/dg2: Add Wa_22011100796 (git-fixes).
  • drm/i915/gt: Serialize GRDOM access between multiple engine resets
    (git-fixes).
  • drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).
  • drm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist()
    (git-fixes).
  • drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).
  • drm/i915/uc: correctly track uc_fw init failure (git-fixes).
  • drm/i915: Fix a race between vma / object destruction and unbinding
    (git-fixes).
  • drm/i915: Require the vm mutex for i915_vma_bind() (git-fixes).
  • drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
    (git-fixes).
  • drm/imx/dcss: Add missing of_node_put() in fail path (git-fixes).
  • drm/mediatek: Detect CMDQ execution timeout (git-fixes).
  • drm/mediatek: Remove the pointer of struct cmdq_client (git-fixes).
  • drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb
    (git-fixes).
  • drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).
  • drm/panfrost: Put mapping instead of shmem obj on
    panfrost_mmu_map_fault_addr() error (git-fixes).
  • drm/ttm: fix locking in vmap/vunmap TTM GEM helpers (git-fixes).
  • dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo (git-fixes).
  • dt-bindings: gpio: Add Tegra241 support (jsc#SLE-24571)
  • dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC
    (git-fixes).
  • dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible
    (git-fixes).
  • e1000e: Enable GPT clock before sending message to CSME (git-fixes).
  • efi/x86: use naked RET on mixed mode call wrapper (git-fixes).
  • erofs: fix deadlock when shrink erofs slab (git-fixes).
  • ethernet: Fix error handling in xemaclite_of_probe (git-fixes).
  • ethtool: Fix get module eeprom fallback (bsc#1201323).
  • exfat: Define NLS_NAME_* as bit flags explicitly (bsc#1201725).
  • exfat: Downgrade ENAMETOOLONG error message to debug messages
    (bsc#1201725).
  • exfat: Drop superfluous new line for error messages (bsc#1201725).
  • exfat: Expand exfat_err() and co directly to pr_*() macro (bsc#1201725).
  • exfat: Return ENAMETOOLONG consistently for oversized paths
    (bsc#1201725).
  • exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).
  • exfat: fix referencing wrong parent directory information after renaming
    (git-fixes).
  • exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
    (git-fixes).
  • exfat: use updated exfat_chain directly during renaming (git-fixes).
  • export: fix string handling of namespace in EXPORT_SYMBOL_NS (git-fixes).
  • fat: add ratelimit to fat*_ent_bread() (git-fixes).
  • fbcon: Disallow setting font bigger than screen size (git-fixes).
  • fbcon: Prevent that screen size is smaller than font size (git-fixes).
  • fbdev: fbmem: Fix logo center image dx issue (git-fixes).
  • fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
  • fix race between exit_itimers() and /proc/pid/timers (git-fixes).
  • fjes: Check for error irq (git-fixes).
  • fsl/fman: Check for null pointer after calling devm_ioremap (git-fixes).
  • fsl/fman: Fix missing put_device() call in fman_port_probe (git-fixes).
  • fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201593).
  • fuse: make sure reclaim does not write the inode (bsc#1201592).
  • gpio: gpio-xilinx: Fix integer overflow (git-fixes).
  • gpio: pca953x: only use single read/write for No AI mode (git-fixes).
  • gpio: pca953x: use the correct range when do regmap sync (git-fixes).
  • gpio: pca953x: use the correct register address when regcache sync
    during init (git-fixes).
  • gpio: tegra186: Add IRQ per bank for Tegra241 (jsc#SLE-24571)
  • gpio: tegra186: Add support for Tegra241 (jsc#SLE-24571)
  • gve: Recording rx queue before sending to napi (git-fixes).
  • hwmon: (occ) Prevent power cap command overwriting poll response
    (git-fixes).
  • hwmon: (occ) Remove sequence numbering and checksum calculation
    (git-fixes).
  • hwrng: cavium - fix NULL but dereferenced coccicheck error
    (jsc#SLE-24682).
  • i2c: cadence: Change large transfer count reset logic to be
    unconditional (git-fixes).
  • i2c: cadence: Unregister the clk notifier in error path (git-fixes).
  • i2c: mlxcpld: Fix register setting for 400KHz frequency (git-fixes).
  • i2c: piix4: Fix a memory leak in the EFCH MMIO support (git-fixes).
  • i2c: smbus: Check for parent device before dereference (git-fixes).
  • i2c: smbus: Use device_() functions instead of of_() (jsc#SLE-24569)
  • i2c: tegra: Add SMBus block read function (jsc#SLE-24569)
  • i2c: tegra: Add the ACPI support (jsc#SLE-24569)
  • i2c: tegra: use i2c_timings for bus clock freq (jsc#SLE-24569)
  • ice: Avoid RTNL lock when re-creating auxiliary device (git-fixes).
  • ice: Fix error with handling of bonding MTU (git-fixes).
  • ice: Fix race condition during interface enslave (git-fixes).
  • ice: stop disabling VFs due to PF error responses (git-fixes).
  • ida: do not use BUG_ON() for debugging (git-fixes).
  • ima: Fix a potential integer overflow in ima_appraise_measurement
    (git-fixes).
  • ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
  • ima: force signature verification when CONFIG_KEXEC_SIG is configured
    (git-fixes).
  • inet_diag: fix kernel-infoleak for UDP sockets (git-fixes).
  • iov_iter: Fix iter_xarray_get_pages{,_alloc}() (git-fixes).
  • iov_iter: fix build issue due to possible type mis-match (git-fixes).
  • irqchip/gic-v3: Workaround Marvell erratum 38545 when reading IAR
    (jsc#SLE-24682).
  • irqchip/sifive-plic: Add missing thead,c900-plic match string
    (git-fixes).
  • irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
    (git-fixes).
  • ixgbevf: Require large buffers for build_skb on 82599VF (git-fixes).
  • kABI workaround for phy_device changes (git-fixes).
  • kABI workaround for rtsx_usb (git-fixes).
  • kABI workaround for snd-soc-rt5682-* (git-fixes).
  • kABI: fix adding field to scsi_device (git-fixes).
  • kABI: fix adding field to ufs_hba (git-fixes).
  • kABI: fix change of iscsi_host_remove() arguments (bsc#1198410).
  • kABI: fix removal of iscsi_destroy_conn (bsc#1198410).
  • kABI: i2c: smbus: restore of_ alert variant (jsc#SLE-24569). kABI fix
    for “i2c: smbus: Use device_() functions instead of of_()”
  • kabi/severities: Exclude ppc kvm
  • kabi/severities: add intel ice
  • kabi/severities: add stmmac network driver local symbols
  • kabi/severities: ignore dropped symbol rt5682_headset_detect
  • kasan: fix tag for large allocations when using CONFIG_SLAB (git fixes
    (mm/kasan)).
  • kernel-obs-build: include qemu_fw_cfg (boo#1201705)
  • kselftest/cgroup: fix test_stress.sh to use OUTPUT dir (git-fixes).
  • kselftest/vm: fix tests build with old libc (git-fixes).
  • kselftest: Fix vdso_test_abi return status (git-fixes).
  • kselftest: signal all child processes (git-fixes).
  • kvm/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
  • kvm: selftests: do not use bitfields larger than 32-bits for PTEs
    (git-fixes).
  • l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using
    netdev_master_upper_dev_get_rcu (git-fixes).
  • landlock: Add clang-format exceptions (git-fixes).
  • landlock: Change landlock_add_rule(2) argument check ordering
    (git-fixes).
  • landlock: Change landlock_restrict_self(2) check ordering (git-fixes).
  • landlock: Create find_rule() from unmask_layers() (git-fixes).
  • landlock: Define access_mask_t to enforce a consistent access mask size
    (git-fixes).
  • landlock: Fix landlock_add_rule(2) documentation (git-fixes).
  • landlock: Fix same-layer rule unions (git-fixes).
  • landlock: Format with clang-format (git-fixes).
  • landlock: Reduce the maximum number of layers to 16 (git-fixes).
  • landlock: Use square brackets around “landlock-ruleset” (git-fixes).
  • libceph: fix potential use-after-free on linger ping and resends
    (bsc#1201596).
  • lockdep: Correct lock_classes index mapping (git-fixes).
  • locking/lockdep: Avoid potential access of invalid memory in lock_class
    (git-fixes).
  • locking/lockdep: Iterate lock_classes directly when reading lockdep
    files (git-fixes).
  • loop: Use pr_warn_once() for loop_control_remove() warning (git-fixes).
  • loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
  • macsec: always read MACSEC_SA_ATTR_PN as a u64 (git-fixes).
  • macsec: fix NULL deref in macsec_add_rxsa (git-fixes).
  • macsec: fix error message in macsec_add_rxsa and _txsa (git-fixes).
  • macsec: limit replay window size with XPN (git-fixes).
  • md: bcache: check the return value of kzalloc() in
    detached_dev_do_request() (git-fixes).
  • memcg: page_alloc: skip bulk allocator for __GFP_ACCOUNT (git fixes
    (mm/pgalloc)).
  • memregion: Fix memregion_free() fallback definition (git-fixes).
  • minix: fix bug when opening a file with O_DIRECT (git-fixes).
  • misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
    (git-fixes).
  • misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).
  • misc: rtsx_usb: use separate command and response buffers (git-fixes).
  • mm/large system hash: avoid possible NULL deref in
    alloc_large_system_hash (git fixes (mm/pgalloc)).
  • mm/secretmem: avoid letting secretmem_users drop to zero (git fixes
    (mm/secretmem)).
  • mm/vmalloc: fix numa spreading for large hash tables (git fixes
    (mm/vmalloc)).
  • mm/vmalloc: make sure to dump unpurged areas in /proc/vmallocinfo (git
    fixes (mm/vmalloc)).
  • mm/vmalloc: repair warn_alloc()s in __vmalloc_area_node() (git fixes
    (mm/vmalloc)).
  • mm: do not try to NUMA-migrate COW pages that have other uses (git fixes
    (mm/numa)).
  • mm: swap: get rid of livelock in swapin readahead (git fixes (mm/swap)).
  • mt76: mt7921: get rid of mt7921_mac_set_beacon_filter (git-fixes).
  • mtd: rawnand: gpmi: validate controller clock rate (git-fixes).
  • natsemi: xtensa: fix section mismatch warnings (git-fixes).
  • nbd: fix possible overflow on ‘first_minor’ in nbd_dev_add() (git-fixes).
  • net/fsl: xgmac_mdio: Add workaround for erratum A-009885 (git-fixes).
  • net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
    (git-fixes).
  • net/qla3xxx: fix an error code in ql_adapter_up() (git-fixes).
  • net: ag71xx: Fix a potential double free in error handling paths
    (git-fixes).
  • net: altera: set a couple error code in probe() (git-fixes).
  • net: amd-xgbe: Fix skb data length underflow (git-fixes).
  • net: amd-xgbe: disable interrupts during pci removal (git-fixes).
  • net: amd-xgbe: ensure to reset the tx_timer_active flag (git-fixes).
  • net: annotate data-races on txq->xmit_lock_owner (git-fixes).
  • net: axienet: Fix TX ring slot available check (git-fixes).
  • net: axienet: Wait for PhyRstCmplt after core reset (git-fixes).
  • net: axienet: add missing memory barriers (git-fixes).
  • net: axienet: fix for TX busy handling (git-fixes).
  • net: axienet: fix number of TX ring slots for available check
    (git-fixes).
  • net: axienet: increase default TX ring size to 128 (git-fixes).
  • net: axienet: increase reset timeout (git-fixes).
  • net: axienet: limit minimum TX ring size (git-fixes).
  • net: bcm4908: Handle dma_set_coherent_mask error codes (git-fixes).
  • net: bcmgenet: Do not claim WOL when its not available (git-fixes).
  • net: bcmgenet: skip invalid partial checksums (git-fixes).
  • net: chelsio: cxgb3: check the return value of pci_find_capability()
    (git-fixes).
  • net: cpsw: Properly initialise struct page_pool_params (git-fixes).
  • net: cpsw: avoid alignment faults by taking NET_IP_ALIGN into account
    (git-fixes).
  • net: dpaa_eth: remove dead select in menuconfig FSL_DPAA_ETH (git-fixes).
  • net: dsa: ar9331: register the mdiobus under devres (git-fixes).
  • net: dsa: bcm_sf2: do not use devres for mdiobus (git-fixes).
  • net: dsa: be compatible with masters which unregister on shutdown
    (git-fixes).
  • net: dsa: felix: do not use devres for mdiobus (git-fixes).
  • net: dsa: hellcreek: be compatible with masters which unregister on
    shutdown (git-fixes).
  • net: dsa: lan9303: add VLAN IDs to master device (git-fixes).
  • net: dsa: lan9303: fix reset on probe (git-fixes).
  • net: dsa: lantiq_gswip: do not use devres for mdiobus (git-fixes).
  • net: dsa: microchip: ksz8863: be compatible with masters which
    unregister on shutdown (git-fixes).
  • net: dsa: mt7530: fix incorrect test in mt753x_phylink_validate()
    (git-fixes).
  • net: dsa: mt7530: fix kernel bug in mdiobus_free() when unbinding
    (git-fixes).
  • net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY (git-fixes).
  • net: dsa: mv88e6xxx: do not use devres for mdiobus (git-fixes).
  • net: dsa: mv88e6xxx: fix use-after-free in mv88e6xxx_mdios_unregister
    (git-fixes).
  • net: dsa: mv88e6xxx: flush switchdev FDB workqueue before removing VLAN
    (git-fixes).
  • net: dsa: xrs700x: be compatible with masters which unregister on
    shutdown (git-fixes).
  • net: ethernet: lpc_eth: Handle error for clk_enable (git-fixes).
  • net: ethernet: mtk_eth_soc: fix error checking in mtk_mac_config()
    (git-fixes).
  • net: ethernet: mtk_eth_soc: fix return values and refactor MDIO ops
    (git-fixes).
  • net: ethernet: ti: cpts: Handle error for clk_enable (git-fixes).
  • net: fec: only clear interrupt of handling queue in fec_enet_rx_queue()
    (git-fixes).
  • net: ieee802154: ca8210: Fix lifs/sifs periods (git-fixes).
  • net: ieee802154: ca8210: Stop leaking skb’s (git-fixes).
  • net: ieee802154: hwsim: Ensure proper channel selection at probe time
    (git-fixes).
  • net: ieee802154: mcr20a: Fix lifs/sifs periods (git-fixes).
  • net: ipa: add an interconnect dependency (git-fixes).
  • net: ipa: fix atomic update in ipa_endpoint_replenish() (git-fixes).
  • net: ipa: prevent concurrent replenish (git-fixes).
  • net: ipa: use a bitmap for endpoint replenish_enabled (git-fixes).
  • net: ks8851: Check for error irq (git-fixes).
  • net: lantiq_xrx200: fix statistics of received bytes (git-fixes).
  • net: ll_temac: check the return value of devm_kmalloc() (git-fixes).
  • net: macb: Fix lost RX packet wakeup race in NAPI receive (git-fixes).
  • net: macsec: Fix offload support for NETDEV_UNREGISTER event (git-fixes).
  • net: macsec: Verify that send_sci is on when setting Tx sci explicitly
    (git-fixes).
  • net: marvell: mvpp2: Fix the computation of shared CPUs (git-fixes).
  • net: marvell: prestera: Add missing of_node_put() in
    prestera_switch_set_base_mac_addr (git-fixes).
  • net: marvell: prestera: fix incorrect return of port_find (git-fixes).
  • net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (git-fixes).
  • net: mscc: ocelot: fix backwards compatibility with single-chain
    tc-flower offload (git-fixes).
  • net: mscc: ocelot: fix mutex lock error during ethtool stats read
    (git-fixes).
  • net: mscc: ocelot: fix using match before it is set (git-fixes).
  • net: mv643xx_eth: process retval from of_get_mac_address (git-fixes).
  • net: mvpp2: fix XDP rx queues registering (git-fixes).
  • net: phy: Do not trigger state machine while in suspend (git-fixes).
  • net: phylink: Force link down and retrigger resolve on interface change
    (git-fixes).
  • net: phylink: Force retrigger in case of latched link-fail indicator
    (git-fixes).
  • net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).
  • net: sfp: fix high power modules without diagnostic monitoring
    (git-fixes).
  • net: sfp: ignore disabled SFP node (git-fixes).
  • net: sparx5: Fix add vlan when invalid operation (git-fixes).
  • net: sparx5: Fix get_stat64 crash in tcpdump (git-fixes).
  • net: stmmac: Add platform level debug register dump feature (git-fixes).
  • net: stmmac: Avoid DMA_CHAN_CONTROL write if no Split Header support
    (git-fixes).
  • net: stmmac: configure PTP clock source prior to PTP initialization
    (git-fixes).
  • net: stmmac: dump gmac4 DMA registers correctly (git-fixes).
  • net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup (git-fixes).
  • net: stmmac: dwmac-visconti: Fix bit definitions for ETHER_CLK_SEL
    (git-fixes).
  • net: stmmac: dwmac-visconti: Fix clock configuration for RMII mode
    (git-fixes).
  • net: stmmac: dwmac-visconti: Fix value of ETHER_CLK_SEL_FREQ_SEL_2P5M
    (git-fixes).
  • net: stmmac: dwmac-visconti: No change to ETHER_CLOCK_SEL for unexpected
    speed request (git-fixes).
  • net: stmmac: ensure PTP time register reads are consistent (git-fixes).
  • net: stmmac: fix return value of __setup handler (git-fixes).
  • net: stmmac: fix tc flower deletion for VLAN priority Rx steering
    (git-fixes).
  • net: stmmac: properly handle with runtime pm in stmmac_dvr_remove()
    (git-fixes).
  • net: stmmac: ptp: fix potentially overflowing expression (git-fixes).
  • net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
    (git-fixes).
  • net: stmmac: skip only stmmac_ptp_register when resume from suspend
    (git-fixes).
  • net: sxgbe: fix return value of __setup handler (git-fixes).
  • net: systemport: Add global locking for descriptor lifecycle (git-fixes).
  • net: usb: Correct PHY handling of smsc95xx (git-fixes).
  • net: usb: Correct reset handling of smsc95xx (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
  • netdevsim: do not overwrite read only ethtool parms (git-fixes).
  • nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
  • nilfs2: fix incorrect masking of permission flags for symlinks
    (git-fixes).
  • nilfs2: fix lockdep warnings during disk space reclamation (git-fixes).
  • nilfs2: fix lockdep warnings in page operations for btree nodes
    (git-fixes).
  • nouveau/svm: Fix to migrate all requested pages (git-fixes).
  • nvme-auth: retry command if DNR bit is not set (bsc#1201675).
  • nvme: add APIs for stopping/starting admin queue (bsc#1201651).
  • nvme: apply nvme API to quiesce/unquiesce admin queue (bsc#1201651).
  • nvme: consider also host_iface when checking ip options (bsc#1199670).
  • nvme: implement In-Band authentication (jsc#SLE-20183).
  • nvme: kabi fixes for in-band authentication (bsc#1199086).
  • nvme: loop: clear NVME_CTRL_ADMIN_Q_STOPPED after admin queue is
    reallocated (bsc#1201651).
  • nvme: paring quiesce/unquiesce (bsc#1201651).
  • nvme: prepare for pairing quiescing and unquiescing (bsc#1201651).
  • nvme: wait until quiesce is done (bsc#1201651).
  • nvmet-auth: expire authentication sessions (jsc#SLE-20183).
  • nvmet: implement basic In-Band Authentication (jsc#SLE-20183).
  • octeontx2-af: Add a ‘rvu_free_bitmap()’ function (gix-fixes).
  • octeontx2-af: Do not fixup all VF action entries (git-fixes).
  • octeontx2-af: Fix a memleak bug in rvu_mbox_init() (git-fixes).
  • octeontx2-af: Fix some memory leaks in the error handling path of
    ‘cgx_lmac_init()’ (git-fixes).
  • octeontx2-af: cn10k: Do not enable RPM loopback for LPC interfaces
    (git-fixes).
  • octeontx2-pf: Forward error codes to VF (git-fixes).
  • optee: add error checks in optee_ffa_do_call_with_arg() (git-fixes).
  • page_alloc: fix invalid watemark check on a negative value (git fixes
    (mm/pgalloc)).
  • perf/amd/ibs: Add support for L3 miss filtering (jsc#SLE-24578).
  • perf/amd/ibs: Advertise zen4_ibs_extensions as pmu capability attribute
    (jsc#SLE-24578).
  • perf/amd/ibs: Cascade pmu init functions’ return value (jsc#SLE-24578).
  • perf/amd/ibs: Use ->is_visible callback for dynamic attributes
    (jsc#SLE-24578).
  • pinctrl: armada-37xx: Convert to use dev_err_probe() (git-fixes).
  • pinctrl: armada-37xx: Make use of the devm_platform_ioremap_resource()
    (git-fixes).
  • pinctrl: armada-37xx: Use temporary variable for struct device
    (git-fixes).
  • pinctrl: aspeed: Fix potential NULL dereference in
    aspeed_pinmux_set_mux() (git-fixes).
  • pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).
  • pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
  • platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).
  • power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
    (git-fixes).
  • powerpc/mobility: wait for memory transfer to complete (bsc#1201846
    ltc#198761).
  • powerpc/pseries/mobility: set NMI watchdog factor during an LPM
    (bsc#1201846 ltc#198761).
  • powerpc/pseries: Interface to represent PAPR firmware attributes
    (bsc#1200465 ltc#197256 jsc#SLE-18130).
  • powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY (bsc#1200465
    ltc#197256 jsc#SLE-18130).
  • powerpc/pseries: rename min_common_depth to primary_domain_index
    (bsc#1200465 ltc#197256 jsc#SLE-18130).
  • powerpc/watchdog: introduce a NMI watchdog’s factor (bsc#1201846
    ltc#198761).
  • ppp: ensure minimum packet size in ppp_write() (git-fixes).
  • qede: validate non LSO skb length (git-fixes).
  • r8152: fix a WOL issue (git-fixes).
  • r8169: fix accessing unset transport header (git-fixes).
  • random: document add_hwgenerator_randomness() with other input functions
    (git-fixes).
  • random: fix typo in comments (git-fixes).
  • raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).
  • reset: Fix devm bulk optional exclusive control getter (git-fixes).
  • rocker: fix a sleeping in atomic bug (git-fixes).
  • rpm/kernel-binary.spec.in: Require dwarves >= 1.22 on SLE15-SP3 or newer
    Dwarves 1.22 or newer is required to build kernels with BTF information
    embedded in modules.
  • rpm/modules.fips: add ecdsa_generic (jsc#SLE-21132,bsc#1201258).
  • samples/landlock: Add clang-format exceptions (git-fixes).
  • samples/landlock: Fix path_list memory leak (git-fixes).
  • samples/landlock: Format with clang-format (git-fixes).
  • scripts/dtc: Call pkg-config POSIXly correct (git-fixes).
  • scripts/gdb: change kernel config dumping method (git-fixes).
  • scripts: sphinx-pre-install: Fix ctex support on Debian (git-fixes).
  • scripts: sphinx-pre-install: add required ctex dependency (git-fixes).
  • scsi: avoid to quiesce sdev->request_queue two times (bsc#1201651).
  • scsi: core: sd: Add silence_suspend flag to suppress some PM messages
    (git-fixes).
  • scsi: iscsi: Add helper functions to manage iscsi_cls_conn (bsc#1198410).
  • scsi: iscsi: Add helper to remove a session from the kernel
    (bsc#1198410).
  • scsi: iscsi: Allow iscsi_if_stop_conn() to be called from kernel
    (bsc#1198410).
  • scsi: iscsi: Clean up bound endpoints during shutdown (bsc#1198410).
  • scsi: iscsi: Exclude zero from the endpoint ID range (git-fixes).
  • scsi: iscsi: Fix HW conn removal use after free (bsc#1198410).
  • scsi: iscsi: Fix session removal on shutdown (bsc#1198410).
  • scsi: libiscsi: Teardown iscsi_cls_conn gracefully (bsc#1198410).
  • scsi: lpfc: Fix mailbox command failure during driver initialization
    (git-fixes).
  • scsi: make sure that request queue queiesce and unquiesce balanced
    (bsc#1201651).
  • scsi: megaraid: Clear READ queue map’s nr_queues (git-fixes).
  • scsi: qedi: Use QEDI_MODE_NORMAL for error handling (bsc#1198410).
  • scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
    (bsc#1201958).
  • scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).
  • scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
  • scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).
  • scsi: qla2xxx: Fix response queue handler reading stale packets
    (bsc#1201958).
  • scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
  • scsi: qla2xxx: Update manufacturer details (bsc#1201958).
  • scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
  • scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).
  • scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
  • scsi: scsi_debug: Do not call kcalloc() if size arg is zero (git-fixes).
  • scsi: scsi_debug: Fix type in min_t to avoid stack OOB (git-fixes).
  • scsi: scsi_debug: Fix zone transition to full condition (git-fixes).
  • scsi: scsi_debug: Sanity check block descriptor length in
    resp_mode_select() (git-fixes).
  • scsi: sd: Fix potential NULL pointer dereference (git-fixes).
  • scsi: sd: Fix sd_do_mode_sense() buffer length handling (git-fixes).
  • scsi: ufs: Fix a deadlock in the error handler (git-fixes).
  • scsi: ufs: Fix runtime PM messages never-ending cycle (git-fixes).
  • scsi: ufs: Remove dead code (git-fixes).
  • scsi: ufs: core: scsi_get_lba() error fix (git-fixes).
  • seccomp: Invalidate seccomp mode to catch death failures (git-fixes).
  • selftest/net/forwarding: declare NETIFS p9 p10 (git-fixes).
  • selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
    ltc#197256 jsc#SLE-18130).
  • selftest/vm: fix map_fixed_noreplace test failure (git-fixes).
  • selftest/vm: verify mmap addr in mremap_test (git-fixes).
  • selftest/vm: verify remap destination address in mremap_test (git-fixes).
  • selftests, x86: fix how check_cc.sh is being invoked (git-fixes).
  • selftests/exec: Add non-regular to TEST_GEN_PROGS (git-fixes).
  • selftests/exec: Remove pipe from TEST_GEN_FILES (git-fixes).
  • selftests/fib_tests: Rework fib_rp_filter_test() (git-fixes).
  • selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT
    (git-fixes).
  • selftests/ftrace: make kprobe profile testcase description unique
    (git-fixes).
  • selftests/landlock: Add clang-format exceptions (git-fixes).
  • selftests/landlock: Add tests for O_PATH (git-fixes).
  • selftests/landlock: Add tests for unknown access rights (git-fixes).
  • selftests/landlock: Extend access right tests to directories (git-fixes).
  • selftests/landlock: Extend tests for minimal valid attribute size
    (git-fixes).
  • selftests/landlock: Format with clang-format (git-fixes).
  • selftests/landlock: Fully test file rename with “remove” access
    (git-fixes).
  • selftests/landlock: Make tests build with old libc (git-fixes).
  • selftests/landlock: Normalize array assignment (git-fixes).
  • selftests/landlock: Test landlock_create_ruleset(2) argument check
    ordering (git-fixes).
  • selftests/memfd: clean up mapping in mfd_fail_write (git-fixes).
  • selftests/memfd: remove unused variable (git-fixes).
  • selftests/net: pass ipv6_args to udpgso_bench’s IPv6 TCP test
    (git-fixes).
  • selftests/net: so_txtime: fix parsing of start time stamp on 32 bit
    systems (git-fixes).
  • selftests/net: so_txtime: usage(): fix documentation of default clock
    (git-fixes).
  • selftests/net: timestamping: Fix bind_phc check (git-fixes).
  • selftests/net: udpgso_bench_tx: fix dst ip argument (git-fixes).
  • selftests/powerpc/spectre_v2: Return skip code when miss_percent is high
    (git-fixes).
  • selftests/powerpc: Add a test of sigreturning to the kernel (git-fixes).
  • selftests/resctrl: Fix null pointer dereference on open failed
    (git-fixes).
  • selftests/rseq: Change type of rseq_offset to ptrdiff_t (git-fixes).
  • selftests/rseq: Fix ppc32 missing instruction selection “u” and “x” for
    load/store (git-fixes).
  • selftests/rseq: Fix ppc32 offsets by using long rather than off_t
    (git-fixes).
  • selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big
    endian (git-fixes).
  • selftests/rseq: Fix warnings about #if checks of undefined tokens
    (git-fixes).
  • selftests/rseq: Fix: work-around asm goto compiler bugs (git-fixes).
  • selftests/rseq: Introduce rseq_get_abi() helper (git-fixes).
  • selftests/rseq: Introduce thread pointer getters (git-fixes).
  • selftests/rseq: Remove arm/mips asm goto compiler work-around
    (git-fixes).
  • selftests/rseq: Remove useless assignment to cpu variable (git-fixes).
  • selftests/rseq: Remove volatile from __rseq_abi (git-fixes).
  • selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35
    (git-fixes).
  • selftests/rseq: introduce own copy of rseq uapi header (git-fixes).
  • selftests/rseq: remove ARRAY_SIZE define from individual tests
    (git-fixes).
  • selftests/rseq: x86-32: use %gs segment selector for accessing rseq
    thread area (git-fixes).
  • selftests/rseq: x86-64: use %fs segment selector for accessing rseq
    thread area (git-fixes).
  • selftests/seccomp: Do not call read() on TTY from background pgrp
    (git-fixes).
  • selftests/seccomp: Fix seccomp failure by adding missing headers
    (git-fixes).
  • selftests/sgx: Treat CC as one argument (git-fixes).
  • selftests/vm/transhuge-stress: fix ram size thinko (git-fixes).
  • selftests/vm: make charge_reserved_hugetlb.sh work with existing cgroup
    setting (git-fixes).
  • selftests/x86: Add validity check and allow field splitting (git-fixes).
  • selftests/zram01.sh: Fix compression ratio calculation (git-fixes).
  • selftests/zram: Adapt the situation that /dev/zram0 is being used
    (git-fixes).
  • selftests/zram: Skip max_comp_streams interface on newer kernel
    (git-fixes).
  • selftests: Add duplicate config only for MD5 VRF tests (git-fixes).
  • selftests: Fix IPv6 address bind tests (git-fixes).
  • selftests: Fix raw socket bind tests with VRF (git-fixes).
  • selftests: add ping test with ping_group_range tuned (git-fixes).
  • selftests: cgroup: Make cg_create() use 0755 for permission instead of
    0644 (git-fixes).
  • selftests: cgroup: Test open-time cgroup namespace usage for migration
    checks (git-fixes).
  • selftests: cgroup: Test open-time credential usage for migration checks
    (git-fixes).
  • selftests: clone3: clone3: add case CLONE3_ARGS_NO_TEST (git-fixes).
  • selftests: fixup build warnings in pidfd / clone3 tests (git-fixes).
  • selftests: forwarding: fix error message in learning_test (git-fixes).
  • selftests: forwarding: fix flood_unicast_test when h2 supports
    IFF_UNICAST_FLT (git-fixes).
  • selftests: forwarding: fix learning_test when h1 supports
    IFF_UNICAST_FLT (git-fixes).
  • selftests: futex: Use variable MAKE instead of make (git-fixes).
  • selftests: gpio: fix gpio compiling error (git-fixes).
  • selftests: harness: avoid false negatives if test has no ASSERTs
    (git-fixes).
  • selftests: icmp_redirect: pass xfail=0 to log_test() (git-fixes).
  • selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is
    operational (git-fixes).
  • selftests: mlxsw: resource_scale: Fix return value (git-fixes).
  • selftests: mlxsw: tc_police_scale: Make test more robust (git-fixes).
  • selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets
    (git-fixes).
  • selftests: mptcp: add csum mib check for mptcp_connect (git-fixes).
  • selftests: mptcp: fix diag instability (git-fixes).
  • selftests: mptcp: fix ipv6 routing setup (git-fixes).
  • selftests: mptcp: more stable diag tests (git-fixes).
  • selftests: net: Correct case name (git-fixes).
  • selftests: net: Correct ping6 expected rc from 2 to 1 (git-fixes).
  • selftests: net: Fix a typo in udpgro_fwd.sh (git-fixes).
  • selftests: net: tls: remove unused variable and code (git-fixes).
  • selftests: net: udpgro_fwd.sh: explicitly checking the available ping
    feature (git-fixes).
  • selftests: net: using ping6 for IPv6 in udpgro_fwd.sh (git-fixes).
  • selftests: netfilter: add a vrf+conntrack testcase (git-fixes).
  • selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
    (git-fixes).
  • selftests: netfilter: disable rp_filter on router (git-fixes).
  • selftests: netfilter: fix exit value for nft_concat_range (git-fixes).
  • selftests: nft_concat_range: add test for reload with no element add/del
    (git-fixes).
  • selftests: ocelot: tc_flower_chains: specify conform-exceed action for
    policer (git-fixes).
  • selftests: openat2: Add missing dependency in Makefile (git-fixes).
  • selftests: openat2: Print also errno in failure messages (git-fixes).
  • selftests: openat2: Skip testcases that fail with EOPNOTSUPP (git-fixes).
  • selftests: pmtu.sh: Kill nettest processes launched in subshell
    (git-fixes).
  • selftests: pmtu.sh: Kill tcpdump processes launched by subshell
    (git-fixes).
  • selftests: rtc: Increase test timeout so that all tests run (git-fixes).
  • selftests: skip mincore.check_file_mmap when fs lacks needed support
    (git-fixes).
  • selftests: test_vxlan_under_vrf: Fix broken test case (git-fixes).
  • selftests: vm: Makefile: rename TARGETS to VMTARGETS (git-fixes).
  • selftests: vm: fix clang build error multiple output files (git-fixes).
  • selftests: x86: fix [-Wstringop-overread] warn in
    test_process_vm_readv() (git-fixes).
  • serial: 8250: Fix PM usage_count for console handover (git-fixes).
  • serial: 8250: fix return error code in serial8250_request_std_resource()
    (git-fixes).
  • serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).
  • serial: sc16is7xx: Clear RS485 bits in the shutdown (git-fixes).
  • serial: stm32: Clear prev values before setting RTS delays (git-fixes).
  • smsc95xx: Ignore -ENODEV errors when device is unplugged (git-fixes).
  • soc: ixp4xx/npe: Fix unused match warning (git-fixes).
  • spi: Add Tegra234 QUAD SPI compatible (jsc#SLE-24570)
  • spi: amd: Limit max transfer and message size (git-fixes).
  • spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non
    DMA transfers (git-fixes).
  • spi: tegra210-quad: add acpi support (jsc#SLE-24570)
  • spi: tegra210-quad: add new chips to compatible (jsc#SLE-24570)
  • spi: tegra210-quad: combined sequence mode (jsc#SLE-24570)
  • spi: tegra210-quad: use device_reset method (jsc#SLE-24570)
  • spi: tegra210-quad: use devm call for cdata memory (jsc#SLE-24570)
  • supported.conf: mark drivers/nvme/common as supported (jsc#SLE-20183)
  • supported.conf: mark marvell octeontx2 crypto driver as supported
    (jsc#SLE-24682) Mark rvu_cptpf.ko and rvu_cptvf.ko as supported.
  • supported.conf: rvu_mbox as supported (jsc#SLE-24682)
  • sysctl: Fix data races in proc_dointvec() (git-fixes).
  • sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
  • sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
  • sysctl: Fix data races in proc_douintvec() (git-fixes).
  • sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
  • sysctl: Fix data races in proc_doulongvec_minmax() (git-fixes).
  • sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).
  • sysctl: Fix data-races in proc_dou8vec_minmax() (git-fixes).
  • tee: fix put order in teedev_close_context() (git-fixes).
  • tee: optee: do not check memref size on return from Secure World
    (git-fixes).
  • tee: tee_get_drvdata(): fix description of return value (git-fixes).
  • testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu
    set (git-fixes).
  • testing: nvdimm: asm/mce.h is not needed in nfit.c (git-fixes).
  • testing: nvdimm: iomap: make __nfit_test_ioremap a macro (git-fixes).
  • tests: fix idmapped mount_setattr test (git-fixes).
  • tools include UAPI: Sync sound/asound.h copy with the kernel sources
    (git-fixes).
  • tools/nolibc: fix incorrect truncation of exit code (git-fixes).
  • tools/nolibc: i386: fix initial stack alignment (git-fixes).
  • tools/nolibc: x86-64: Fix startup code bug (git-fixes).
  • tools/testing/scatterlist: add missing defines (git-fixes).
  • tty: n_gsm: Modify CR,PF bit when config requester (git-fixes).
  • tty: n_gsm: Save dlci address open status when config requester
    (git-fixes).
  • tty: n_gsm: fix buffer over-read in gsm_dlci_data() (git-fixes).
  • tty: n_gsm: fix decoupled mux resource (git-fixes).
  • tty: n_gsm: fix encoding of command/response bit (git-fixes).
  • tty: n_gsm: fix frame reception handling (git-fixes).
  • tty: n_gsm: fix incorrect UA handling (git-fixes).
  • tty: n_gsm: fix insufficient txframe size (git-fixes).
  • tty: n_gsm: fix invalid gsmtty_write_room() result (git-fixes).
  • tty: n_gsm: fix invalid use of MSC in advanced option (git-fixes).
  • tty: n_gsm: fix malformed counter for out of frame data (git-fixes).
  • tty: n_gsm: fix missing explicit ldisc flush (git-fixes).
  • tty: n_gsm: fix missing tty wakeup in convergence layer type 2
    (git-fixes).
  • tty: n_gsm: fix missing update of modem controls after DLCI open
    (git-fixes).
  • tty: n_gsm: fix mux activation issues in gsm_config() (git-fixes).
  • tty: n_gsm: fix mux cleanup after unregister tty device (git-fixes).
  • tty: n_gsm: fix reset fifo race condition (git-fixes).
  • tty: n_gsm: fix restart handling via CLD command (git-fixes).
  • tty: n_gsm: fix software flow control handling (git-fixes).
  • tty: n_gsm: fix sometimes uninitialized warning in
    gsm_dlci_modem_output() (git-fixes).
  • tty: n_gsm: fix wrong DLCI release order (git-fixes).
  • tty: n_gsm: fix wrong command frame length field encoding (git-fixes).
  • tty: n_gsm: fix wrong command retry handling (git-fixes).
  • tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
    (git-fixes).
  • tty: n_gsm: fix wrong signal octets encoding in MSC (git-fixes).
  • tty: serial: samsung_tty: set dma burst_size to 1 (git-fixes).
  • tun: avoid double free in tun_free_netdev (git-fixes).
  • tun: fix bonding active backup with arp monitoring (git-fixes).
  • tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
    (git-fixes).
  • tuntap: add sanity checks about msg_controllen in sendmsg (git-fixes).
  • uaccess: fix type mismatch warnings from access_ok() (git-fixes).
  • ucounts: Base set_cred_ucounts changes on the real user (git-fixes).
  • ucounts: Fix rlimit max values check (git-fixes).
  • ucounts: Fix systemd LimitNPROC with private users regression
    (git-fixes).
  • ucounts: Handle wrapping in is_ucounts_overlimit (git-fixes).
  • ucounts: In set_cred_ucounts assume new->ucounts is non-NULL (git-fixes).
  • udmabuf: add back sanity check (git-fixes).
  • usb: dwc3: gadget: Fix event pending check (git-fixes).
  • usb: serial: ftdi_sio: add Belimo device ids (git-fixes).
  • usb: typec: add missing uevent when partner support PD (git-fixes).
  • usbnet: Run unregister_netdev() before unbind() again (git-fixes).
  • usbnet: fix memory leak in error case (git-fixes).
  • userfaultfd/selftests: fix hugetlb area allocations (git-fixes).
  • veth: Do not record rx queue hint in veth_xmit (git-fixes).
  • veth: ensure skb entering GRO are not cloned (git-fixes).
  • video: of_display_timing.h: include errno.h (git-fixes).
  • virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
  • virtio_mmio: Restore guest page size on resume (git-fixes).
  • vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
    (git-fixes).
  • vsock/virtio: enable VQs early on probe (git-fixes).
  • vsock/virtio: initialize vdev->priv before using VQs (git-fixes).
  • vsock/virtio: read the negotiated features before using VQs (git-fixes).
  • vsock: remove vsock from connected table when connect is interrupted by
    a signal (git-fixes).
  • vt: fix memory overlapping when deleting chars in the buffer (git-fixes).
  • watch-queue: remove spurious double semicolon (git-fixes).
  • watch_queue: Fix missing locking in add_watch_to_object() (git-fixes).
  • watch_queue: Fix missing rcu annotation (git-fixes).
  • watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).
  • watchqueue: make sure to serialize ‘wqueue->defunct’ properly
    (git-fixes).
  • wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).
  • wifi: mac80211_hwsim: set virtio device ready in probe() (git-fixes).
  • wireguard: device: check for metadata_dst with skb_valid_dst()
    (git-fixes).
  • x86/bugs: Remove apostrophe typo (bsc#1190497).
  • x86/entry: Remove skip_r11rcx (bsc#1201524).
  • x86/ibt,xen: Sprinkle the ENDBR (bsc#1201471).
  • xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
    (bsc#1201381).
  • xhci: Set HCD flag to defer primary roothub registration (git-fixes).
  • xhci: dbc: Rename xhci_dbc_init and xhci_dbc_exit (git-fixes).
  • xhci: dbc: create and remove dbc structure in dbgtty driver (git-fixes).
  • xhci: dbc: refactor xhci_dbc_init() (git-fixes).
  • xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
    (git-fixes).
  • xprtrdma: treat all calls not a bcall when bc_serv is NULL (git-fixes).
  • zonefs: Clear inode information flags on inode creation (git-fixes).
  • zonefs: Fix management of open zones (git-fixes).
  • zonefs: add MODULE_ALIAS_FS (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:

    zypper in -t patch openSUSE-SLE-15.4-2022-2722=1

  • SUSE Linux Enterprise Module for Public Cloud 15-SP4:

    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-2722=1

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

Related for SUSE-SU-2022:2722-1