Sicherheit: Mehrere Probleme in Linux

Lesezeichen hinzufügen

--===============0992304954757306556==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:0749-1
Rating: important
References:

* #1177529
* #1193629
* #1197534
* #1198438
* #1200054
* #1202633
* #1203331
* #1204363
* #1204993
* #1205544
* #1205846
* #1206103
* #1206232
* #1206935
* #1207051
* #1207270
* #1207560
* #1207845
* #1207846
* #1208212
* #1208420
* #1208449
* #1208534
* #1208541
* #1208542
* #1208570
* #1208607
* #1208628
* #1208700
* #1208741
* #1208759
* #1208776
* #1208784
* #1208787
* #1208816
* #1208837
* #1208843

Cross-References:

* CVE-2022-3523
* CVE-2022-38096
* CVE-2023-0461
* CVE-2023-0597
* CVE-2023-1118
* CVE-2023-22995
* CVE-2023-22998
* CVE-2023-23000
* CVE-2023-23004
* CVE-2023-23559
* CVE-2023-25012
* CVE-2023-26545

CVSS scores:

* CVE-2022-3523 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-3523 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-38096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-38096 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-0597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-0597 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-1118 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1118 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-22995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-22995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-22998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-22998 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-23000 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-23000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-23004 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-23004 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-23559 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
* CVE-2023-23559 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25012 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-25012 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-26545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-26545 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Real Time Module 15-SP4

An update that solves 12 vulnerabilities and has 25 fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security and bugfixes.

* CVE-2022-3523: Fixed use after free related to device private page handling
(bsc#1204363).
* CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query()
(bsc#1203331).
* CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
* CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm
(bsc#1207845).
* CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in
media/rc (bsc#1208837).
* CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree in
drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).
* CVE-2023-22998: Fixed misinterpretation of the
irtio_gpu_object_shmem_init()
return value (bsc#1208776).
* CVE-2023-23000: Fixed return value of tegra_xusb_find_port_node function
phy/tegra (bsc#1208816).
* CVE-2023-23004: Fixed misinterpretation of the get_sg_table return value in
arm/malidp_planes.c (bsc#1208843).
* CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer
overflow (bsc#1207051).
* CVE-2023-25012: Fixed a use-After-Free in bigben_set_led() in hid
(bsc#1207560).
* CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation
failure (bsc#1208700).

The following non-security bugs were fixed:

* [xen] fix "direction" argument of iov_iter_kvec() (git-fixes).
* acpi: NFIT: fix a potential deadlock during NFIT teardown (git-fixes).
* acpi: battery: Fix missing NUL-termination with large strings (git-fixes).
* acpica: Drop port I/O validation for some regions (git-fixes).
* acpica: nsrepair: handle cases without a return value correctly
(git-fixes).
* alsa: hda/ca0132: minor fix for allocation size (git-fixes).
* alsa: hda/conexant: add a new hda codec SN6180 (git-fixes).
* alsa: hda/realtek - fixed wrong gpio assigned (git-fixes).
* alsa: hda: Do not unset preset when cleaning up codec (git-fixes).
* alsa: ice1712: Delete unreachable code in aureon_add_controls()
(git-fixes).
* alsa: ice1712: Do not left ice->gpio_mutex locked in
aureon_add_controls()
(git-fixes).
* applicom: Fix PCI device refcount leak in applicom_init() (git-fixes).
* arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
(git-
fixes).
* arm64: dts: imx8m: Align SoC unique ID node unit address (git-fixes).
* arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
(git-fixes).
* arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description (git-
fixes).
* arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name (git-fixes).
* arm64: dts: meson-gx: Fix Ethernet MAC address unit name (git-fixes).
* arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address (git-
fixes).
* arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN (git-
fixes).
* arm64: dts: meson: remove CPU opps below 1GHz for G12A boards (git-fixes).
* arm64: dts: mt8192: Fix CPU map for single-cluster SoC (git-fixes).
* arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges (git-fixes).
* arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names (git-
fixes).
* arm64: dts: qcom: ipq8074: fix Gen3 PCIe node (git-fixes).
* arm64: dts: qcom: qcs404: use symbol names for PCIe resets (git-fixes).
* arm64: dts: qcom: sc7180: correct SPMI bus address cells (git-fixes).
* arm64: dts: qcom: sc7280: correct SPMI bus address cells (git-fixes).
* arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name (git-
fixes).
* arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
(git-fixes).
* arm64: dts: renesas: beacon-renesom: Fix gpio expander reference (git-
fixes).
* arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
(git-
fixes).
* arm64: dts: ti: k3-j7200: Fix wakeup pinmux range (git-fixes).
* arm64: efi: Make efi_rt_lock a raw_spinlock (git-fixes).
* arm: OMAP1: call platform_device_put() in error case in
omap1_dm_timer_init() (git-fixes).
* arm: OMAP2+: Fix memory leak in realtime_counter_init() (git-fixes).
* arm: bcm2835_defconfig: Enable the framebuffer (git-fixes).
* arm: dts: am5748: keep usb4_tm disabled (git-fixes)
* arm: dts: exynos: correct HDMI phy compatible in Exynos4 (git-fixes).
* arm: dts: exynos: correct TMU phandle in Exynos4 (git-fixes).
* arm: dts: exynos: correct TMU phandle in Exynos4210 (git-fixes).
* arm: dts: exynos: correct TMU phandle in Exynos5250 (git-fixes).
* arm: dts: exynos: correct TMU phandle in Odroid HC1 (git-fixes).
* arm: dts: exynos: correct TMU phandle in Odroid XU (git-fixes).
* arm: dts: exynos: correct TMU phandle in Odroid XU3 family (git-fixes).
* arm: dts: exynos: correct wr-active property in Exynos3250 Rinato (git-
fixes).
* arm: dts: imx7-colibri-eval-v3: correct can controller comment (git-fixes)
* arm: dts: imx7s: correct iomuxc gpr mux controller cells (git-fixes).
* arm: dts: qcom: msm8974: add required ranges to OCMEM (git-fixes)
* arm: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
(git-fixes).
* arm: dts: rockchip: add power-domains property to dp node on rk3288 (git-
fixes).
* arm: dts: spear320-hmi: correct STMPE GPIO compatible (git-fixes).
* arm: dts: stm32: add missing usbh clock and fix clk order on (git-fixes)
* arm: dts: stm32: use usbphyc ck_usbo_48m as USBH OHCI clock on (git-fixes)
* arm: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference (git-fixes).
* arm: imx: Call ida_simple_remove() for ida_simple_get (git-fixes).
* arm: imx: rename DEBUG_IMX21_IMX27_UART to DEBUG_IMX27_UART (git-fixes)
* arm: omap: remove debug-leds driver (git-fixes)
* arm: remove some dead code (git-fixes)
* arm: renumber bits related to _TIF_WORK_MASK (git-fixes)
* arm: s3c: fix s3c64xx_set_timer_source prototype (git-fixes).
* arm: shmobile: rcar-gen2: Add missing of_node_put() (git-fixes)
* arm: zynq: Fix refcount leak in zynq_early_slcr_init (git-fixes).
* ascpi / x86: Add support for LPS0 callback handler (git-fixes).
* asoc: Intel: sof_cs42l42: always set dpcm_capture for amplifiers (git-
fixes).
* asoc: Intel: sof_rt5682: always set dpcm_capture for amplifiers
(git-fixes).
* asoc: adau7118: do not disable regulators on device unbind (git-fixes).
* asoc: cs42l56: fix DT probe (git-fixes).
* asoc: dt-bindings: meson: fix gx-card codec node regex (git-fixes).
* asoc: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
(git-fixes).
* asoc: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
(git-fixes).
* asoc: mchp-spdifrx: fix controls which rely on rsr register (git-fixes).
* asoc: rsnd: Remove unnecessary rsnd_dbg_dai_call() (git-fixes).
* asoc: rsnd: fixup #endif position (git-fixes).
* asoc: rt715-sdca: fix clock stop prepare timeout issue (git-fixes).
* asoc: soc-compress.c: fixup private_data on snd_soc_new_compress() (git-
fixes).
* asoc: soc-dapm.h: fixup warning struct snd_pcm_substream not declared (git-
fixes).
* asoc: tlv320adcx140: fix 'ti,gpio-config' DT property init
(git-fixes).
* auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() (git-
fixes).
* avoid deadlock for recursive I/O on dm-thin when used as swap
(bsc#1177529).
* backlight: backlight: Fix doc for backlight_device_get_by_name (git-fixes).
* block: bio-integrity: Copy flags when bio_integrity_payload is cloned
(bsc#1208541).
* bluetooth: L2CAP: Fix potential user-after-free (git-fixes).
* bluetooth: hci_qca: get wakeup status from serdev device handle
(git-fixes).
* cifs: Check the lease context if we actually got a lease (bsc#1193629).
* cifs: Convert struct fealist away from 1-element array (bsc#1193629).
* cifs: Fix lost destroy smbd connection when MR allocate failed (git-fixes).
* cifs: Fix oops due to uncleared server->smbd_conn in reconnect
(git-fixes).
* cifs: Fix uninitialized memory read in smb3_qfs_tcon() (bsc#1193629).
* cifs: Fix uninitialized memory reads for oparms.mode (bsc#1193629).
* cifs: Fix use-after-free in rdata->read_into_pages() (git-fixes).
* cifs: Fix warning and UAF when destroy the MR list (git-fixes).
* cifs: Get rid of unneeded conditional in the smb2_get_aead_req()
(bsc#1193629).
* cifs: Replace remaining 1-element arrays (bsc#1193629).
* cifs: Replace zero-length arrays with flexible-array members (bsc#1193629).
* cifs: Use kstrtobool() instead of strtobool() (bsc#1193629).
* cifs: do not try to use rdma offload on encrypted connections
(bsc#1193629).
* cifs: fix mount on old smb servers (boo#1206935).
* cifs: get rid of dns resolve worker (bsc#1193629).
* cifs: get rid of unneeded conditional in cifs_get_num_sgs() (bsc#1193629).
* cifs: improve checking of DFS links over STATUS_OBJECT_NAME_INVALID (git-
fixes).
* cifs: introduce cifs_io_parms in smb2_async_writev() (bsc#1193629).
* cifs: match even the scope id for ipv6 addresses (bsc#1193629).
* cifs: prevent data race in cifs_reconnect_tcon() (bsc#1193629).
* cifs: prevent data race in smb2_reconnect() (bsc#1193629).
* cifs: print last update time for interface list (bsc#1193629).
* cifs: remove unneeded 2bytes of padding from smb2 tree connect
(bsc#1193629).
* cifs: return a single-use cfid if we did not get a lease (bsc#1193629).
* cifs: reuse cifs_match_ipaddr for comparison of dstaddr too (bsc#1193629).
* cifs: split out smb3_use_rdma_offload() helper (bsc#1193629).
* cifs: update ip_addr for ses only for primary chan setup (bsc#1193629).
* cifs: use tcon allocation functions even for dummy tcon (git-fixes).
* cifs: use the least loaded channel for sending requests (bsc#1193629).
* clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled() (git-fixes).
* clk: imx: avoid memory leak (git-fixes).
* clk: mxl: Add option to override gate clks (git-fixes).
* clk: mxl: Fix a clk entry by adding relevant flags (git-fixes).
* clk: mxl: Remove redundant spinlocks (git-fixes).
* clk: mxl: Switch from direct readl/writel based IO to regmap based IO (git-
fixes).
* clk: mxl: syscon_node_to_regmap() returns error pointers (git-fixes).
* clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents (git-fixes).
* clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents (git-
fixes).
* clk: ralink: fix 'mt7621_gate_is_enabled()' function (git-fixes).
* clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init() failed
(git-fixes).
* clk: renesas: cpg-mssr: Remove superfluous check in resume code
(git-fixes).
* comedi: use menuconfig for main Comedi menu (git-fixes).
* crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2 (git-
fixes).
* crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
(git-fixes).
* crypto: crypto4xx - Call dma_unmap_page when done (git-fixes).
* crypto: essiv - Handle EBUSY correctly (git-fixes).
* crypto: qat - fix out-of-bounds read (git-fixes).
* crypto: rsa-pkcs1pad - Use akcipher_request_complete (git-fixes).
* crypto: seqiv - Handle EBUSY correctly (git-fixes).
* crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
* crypto: xts - Handle EBUSY correctly (git-fixes).
* dmaengine: dw-axi-dmac: Do not dereference NULL structure (git-fixes).
* dmaengine: dw-edma: Do not permit non-inc interleaved xfers (git-fixes).
* dmaengine: dw-edma: Drop chancnt initialization (git-fixes).
* dmaengine: dw-edma: Fix invalid interleaved xfers semantics (git-fixes).
* dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers (git-
fixes).
* dmaengine: dw-edma: Fix readq_ch() return value truncation (git-fixes).
* dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0 (git-fixes).
* dmaengine: ptdma: check for null desc before calling pt_cmd_callback (git-
fixes).
* docs: ftrace: fix a issue with duplicated subtitle number (git-fixes).
* docs: gdbmacros: print newest record (git-fixes).
* documentation: simplify and clarify DCO contribution example language (git-
fixes).
* driver core: fix potential null-ptr-deref in device_add() (git-fixes).
* driver core: fix resource leak in device_add() (git-fixes).
* driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links (git-
fixes).
* drivers: base: transport_class: fix possible memory leak (git-fixes).
* drivers: base: transport_class: fix resource leak when
transport_add_device() fails (git-fixes).
* drm/amd/display: Properly handle additional cases where DCN is not
supported
(git-fixes).
* drm/amd/display: reduce else-if to else in dcn10_blank_pixel_data() (git-
fixes).
* drm/amdgpu: fix enum odm_combine_mode mismatch (git-fixes).
* drm/bridge: lt8912b: Add hot plug detection (git-fixes).
* drm/bridge: lt9611: fix HPD reenablement (git-fixes).
* drm/bridge: lt9611: fix clock calculation (git-fixes).
* drm/bridge: lt9611: fix polarity programming (git-fixes).
* drm/bridge: lt9611: fix programming of video modes (git-fixes).
* drm/bridge: lt9611: fix sleep mode setup (git-fixes).
* drm/bridge: lt9611: pass a pointer to the of node (git-fixes).
* drm/bridge: megachips: Fix error handling in i2c_register_driver() (git-
fixes).
* drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats (git-fixes).
* drm/hyperv : Removing the restruction of VRAM allocation with PCI bar size
(git-fixes).
* drm/hyperv: Fix an error handling path in hyperv_vmbus_probe() (git-fixes).
* drm/i915/gen11: Moving WAs to icl_gt_workarounds_init() (git-fixes).
* drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list (git-
fixes).
* drm/i915: Do not use BAR mappings for ring buffers with LLC (git-fixes).
* drm/mediatek: Clean dangling pointer on bind error path (git-fixes).
* drm/mediatek: Drop unbalanced obj unref (git-fixes).
* drm/mediatek: Use NULL instead of 0 for NULL pointer (git-fixes).
* drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd (git-
fixes).
* drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc (git-fixes).
* drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness (git-fixes).
* drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() (git-fixes).
* drm/msm/dpu: Add check for cstate (git-fixes).
* drm/msm/dpu: Add check for pstates (git-fixes).
* drm/msm/dpu: Disallow unallocated resources to be returned (git-fixes).
* drm/msm/dpu: drop stale comment from struct dpu_mdp_cfg doc (git-fixes).
* drm/msm/dpu: set pdpu->is_rt_pipe early in
dpu_plane_sspp_atomic_update()
(git-fixes).
* drm/msm/gem: Add check for kmalloc (git-fixes).
* drm/msm/hdmi: Add missing check for alloc_ordered_workqueue (git-fixes).
* drm/msm/mdp5: Add check for kzalloc (git-fixes).
* drm/msm: clean event_thread->worker in case of an error (git-fixes).
* drm/msm: use strscpy instead of strncpy (git-fixes).
* drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED (git-
fixes).
* drm/omapdrm: Remove unused struct csc_coef_rgb2yuv (git-fixes).
* drm/vc4: hdmi: Correct interlaced timings again (git-fixes).
* drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5 (git-fixes).
* drm/vc4: hvs: Set AXI panic modes (git-fixes).
* drm/vc4: vec: Use pm_runtime_resume_and_get() in vc4_vec_encoder_enable()
(git-fixes).
* drm/vkms: Fix memory leak in vkms_init() (git-fixes).
* drm/vkms: Fix null-ptr-deref in vkms_release() (git-fixes).
* drm: Fix potential null-ptr-deref due to drmm_mode_config_init() (git-
fixes).
* drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC (git-fixes).
* drm: tidss: Fix pixel format definition (git-fixes).
* dt-bindings: arm: fsl: Fix bindings for APF28Dev board (git-fixes).
* dt-bindings: hwlock: sun6i: Add missing #hwlock-cells (git-fixes).
* dt-bindings: input: iqs626a: Redefine trackpad property types (git-fixes).
* dt-bindings: msm: dsi-controller-main: Add vdd* descriptions back in (git-
fixes).
* dt-bindings: net: snps,dwmac: Fix snps,reset-delays-us dependency (git-
fixes).
* dt-bindings: power: supply: pm8941-coincell: Do not require charging
properties (git-fixes).
* dt-bindings: usb: amlogic,meson-g12a-usb-ctrl: make G12A usb3-phy0 optional
(git-fixes).
* eeprom: idt_89hpesx: Fix error handling in idt_init() (git-fixes).
* firmware: coreboot: Remove GOOGLE_COREBOOT_TABLE_ACPI/OF Kconfig entries
(git-fixes).
* firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle (git-
fixes).
* firmware: stratix10-svc: add missing gen_pool_destroy() in
stratix10_svc_drv_probe() (git-fixes).
* fuse: add inode/permission checks to fileattr_get/fileattr_set
(bsc#1208759).
* gpio: tegra186: remove unneeded loop in tegra186_gpio_init_route_mapping()
(git-fixes).
* gpio: vf610: connect GPIO label to dev name (git-fixes).
* gpu: host1x: Do not skip assigning syncpoints to channels (git-fixes).
* gpu: ipu-v3: common: Add of_node_put() for reference returned by
of_graph_get_port_by_id() (git-fixes).
* hid: asus: use spinlock to protect concurrent accesses (git-fixes).
* hid: asus: use spinlock to safely schedule workers (git-fixes).
* hid: bigben: use spinlock to protect concurrent accesses (git-fixes).
* hid: bigben: use spinlock to safely schedule workers (git-fixes).
* hid: bigben_probe(): validate report count (git-fixes).
* hid: bigben_worker() remove unneeded check on report_field (git-fixes).
* hid: core: Fix deadloop in hid_apply_multiplier (git-fixes).
* hid: elecom: add support for TrackBall 056E:011C (git-fixes).
* hv: fix comment typo in vmbus_channel/low_latency (git-fixes).
* hv_netvsc: Allocate memory in netvsc_dma_map() with GFP_ATOMIC (git-fixes).
* hv_netvsc: Check status in SEND_RNDIS_PKT completion message (git-fixes).
* hwmon: (ftsteutates) Fix scaling of measurements (git-fixes).
* hwmon: (ltc2945) Handle error case in ltc2945_value_store (git-fixes).
* hwmon: (mlxreg-fan) Return zero speed for broken fan (git-fixes).
* i2c: designware: fix i2c_dw_clk_rate() return size to be u32 (git-fixes).
* iio: light: tsl2563: Do not hardcode interrupt trigger type (git-fixes).
* input: ads7846 - always set last command to PWRDOWN (git-fixes).
* input: ads7846 - do not check penirq immediately for 7845 (git-fixes).
* input: ads7846 - do not report pressure for ads7845 (git-fixes).
* input: iqs269a - configure device with a single block write (git-fixes).
* input: iqs269a - drop unused device node references (git-fixes).
* input: iqs269a - increase interrupt handler return delay (git-fixes).
* input: iqs626a - drop unused device node references (git-fixes).
* iommu/hyper-v: Allow hyperv irq remapping without x2apic (git-fixes).
* irqchip/gic-v3: Refactor ISB + EOIR at ack time (git-fixes)
* kabi fix for: nfs: Further optimisations for 'ls -l' (git-fixes).
* kabi fix for: nfsd: Have legacy NFSD WRITE decoders use
xdr_stream_subsegment() (git-fixes).
* kabi fix for: nfsv3: handle out-of-order write replies (bsc#1205544).
* kabi fix for: nfsv4.1 query for fs_location attr on a new file system
(Never, kabi).
* kmap_local: do not assume kmap PTEs are linear arrays in memory (git-fixes)
Update config/armv7hl/default too.
* leds: led-class: Add missing put_device() to led_put() (git-fixes).
* leds: led-core: Fix refcount leak in of_led_get() (git-fixes).
* lib/mpi: Fix buffer overrun when SG is too long (git-fixes).
* lib/zlib: remove redundation assignement of avail_in dfltcc_gdht() (git-
fixes).
* locking/rwsem: Allow slowpath writer to ignore handoff bit if not set by
first waiter (bsc#1207270).
* locking/rwsem: Always try to wake waiters in out_nolock path (bsc#1207270).
* locking/rwsem: Conditionally wake waiters in reader/writer slowpaths
(bsc#1207270).
* locking/rwsem: Disable preemption in all down_read*() and up_read() code
paths (bsc#1207270).
* locking/rwsem: Disable preemption in all down_write*() and up_write() code
paths (bsc#1207270).
* locking/rwsem: Disable preemption while trying for rwsem lock
(bsc#1207270).
* locking/rwsem: Make handoff bit handling more consistent (bsc#1207270).
* locking/rwsem: No need to check for handoff bit if wait queue empty
(bsc#1207270).
* locking/rwsem: Prevent non-first waiter from spinning in down_write()
slowpath (bsc#1207270).
* locking: Add missing __sched attributes (bsc#1207270).
* media: coda: Add check for dcoda_iram_alloc (git-fixes).
* media: coda: Add check for kmalloc (git-fixes).
* media: i2c: ov7670: 0 instead of -EINVAL was returned (git-fixes).
* media: i2c: ov772x: Fix memleak in ov772x_probe() (git-fixes).
* media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in
imx7_csi_init() (git-fixes).
* media: ipu3-cio2: Fix PM runtime usage_count in driver unbind (git-fixes).
* media: max9286: Fix memleak in max9286_v4l2_register() (git-fixes).
* media: ov2740: Fix memleak in ov2740_init_controls() (git-fixes).
* media: ov5675: Fix memleak in ov5675_init_controls() (git-fixes).
* media: platform: ti: Add missing check for devm_regulator_get (git-fixes).
* media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (git-fixes).
* media: saa7134: Use video_unregister_device for radio_dev (git-fixes).
* media: ti: cal: fix possible memory leak in cal_ctx_create() (git-fixes).
* media: usb: siano: Fix use after free bugs caused by do_submit_urb (git-
fixes).
* media: uvcvideo: Fix race condition with usb_kill_urb (git-fixes).
* media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data (git-
fixes).
* media: v4l2-jpeg: ignore the unknown APP14 marker (git-fixes).
* mfd: cs5535: Do not build on UML (git-fixes).
* mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() (git-
fixes).
* misc/mei/hdcp: Use correct macros to initialize uuid_le (git-fixes).
* misc: enclosure: Fix doc for enclosure_find() (git-fixes).
* mmc: jz4740: Work around bug on JZ4760(B) (git-fixes).
* mmc: mmc_spi: fix error handling in mmc_spi_probe() (git-fixes).
* mmc: sdio: fix possible resource leaks in some error paths (git-fixes).
* move upstreamed i915 and media fixes into sorted section
* mtd: dataflash: remove duplicate SPI ID table (git-fixes).
* mtd: rawnand: fsl_elbc: Propagate HW ECC settings to HW (git-fixes).
* mtd: rawnand: sunxi: Clean up chips after failed init (git-fixes).
* mtd: rawnand: sunxi: Fix the size of the last OOB region (git-fixes).
* mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
(git-fixes).
* mtd: spi-nor: core: fix implicit declaration warning (git-fixes).
* mtd: spi-nor: sfdp: Fix index value for SCCR dwords (git-fixes).
* mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
(git-fixes).
* net/rose: Fix to not accept on connected socket (git-fixes).
* net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change (git-
fixes).
* nfc: fix memory leak of se_io context in nfc_genl_se_io (git-fixes).
* nfs: Always initialise fattr->label in nfs_fattr_alloc() (git-fixes).
* nfs: Create a new nfs_alloc_fattr_with_label() function (git-fixes).
* nfs: Do not allocate nfs_fattr on the stack in __nfs42_ssc_open() (git-
fixes).
* nfs: Further optimisations for 'ls -l' (git-fixes).
* nfs: nfs4clinet: check the return value of kstrdup() (git-fixes).
* nfsd: COMMIT operations must not return NFS?ERR_INVAL (git-fixes).
* nfsd: De-duplicate net_generic(nf->nf_net, nfsd_net_id) (git-fixes).
* nfsd: Fix nfsd_breaker_owns_lease() return values (git-fixes).
* nfsd: Have legacy NFSD WRITE decoders use xdr_stream_subsegment() (git-
fixes).
* nfsv3: handle out-of-order write replies (bsc#1205544).
* nfsv4 expose nfs_parse_server_name function (git-fixes).
* nfsv4 handle port presence in fs_location server string (git-fixes).
* nfsv4 only print the label when its queried (git-fixes).
* nfsv4 remove zero number of fs_locations entries error check (git-fixes).
* nfsv4 store server support for fs_location attribute (git-fixes).
* nfsv4.1 query for fs_location attr on a new file system (git-fixes).
* nfsv4.1: Fix uninitialised variable in devicenotify (git-fixes).
* nfsv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
(git-fixes).
* nfsv4: Protect the state recovery thread against direct reclaim
(git-fixes).
* nvme-auth: check chap ctrl_key once constructed (bsc#1202633).
* nvme-auth: clear sensitive info right after authentication completes
(bsc#1202633).
* nvme-auth: convert dhchap_auth_list to an array (bsc#1202633).
* nvme-auth: do not ignore key generation failures when initializing ctrl
keys
(bsc#1202633).
* nvme-auth: do not keep long lived 4k dhchap buffer (bsc#1202633).
* nvme-auth: do not override ctrl keys before validation (bsc#1202633).
* nvme-auth: do not re-authenticate if the controller is not LIVE
(bsc#1202633).
* nvme-auth: do not use NVMe status codes (bsc#1202633).
* nvme-auth: fix an error code in nvme_auth_process_dhchap_challenge()
(bsc#1202633).
* nvme-auth: fix smatch warning complaints (bsc#1202633).
* nvme-auth: guarantee dhchap buffers under memory pressure (bsc#1202633).
* nvme-auth: have dhchap_auth_work wait for queues auth to complete
(bsc#1202633).
* nvme-auth: mark nvme_auth_wq static (bsc#1202633).
* nvme-auth: no need to reset chap contexts on re-authentication
(bsc#1202633).
* nvme-auth: remove redundant auth_work flush (bsc#1202633).
* nvme-auth: remove redundant buffer deallocations (bsc#1202633).
* nvme-auth: remove redundant deallocations (bsc#1202633).
* nvme-auth: remove redundant if statement (bsc#1202633).
* nvme-auth: remove symbol export from nvme_auth_reset (bsc#1202633).
* nvme-auth: rename __nvme_auth_[reset|free] to nvme_auth[reset|free]_dhchap
(bsc#1202633).
* nvme-auth: rename authentication work elements (bsc#1202633).
* nvme-auth: use workqueue dedicated to authentication (bsc#1202633).
* nvme-fabrics: show well known discovery name (bsc#1200054).
* ocfs2: Fix data corruption after failed write (bsc#1208542).
* pci/ioc: Enlarge virtfn sysfs name buffer (git-fixes).
* pci/pm: Observe reset delay irrespective of bridge_d3 (git-fixes).
* pci: Fix dropping valid root bus resources with .end = zero (git-fixes).
* pci: hotplug: Allow marking devices as disconnected during bind/unbind
(git-
fixes).
* pci: hv: update comment in x86 specific hv_arch_irq_unmask (git-fixes).
* pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
* phy: rockchip-typec: fix tcphy_get_mode error case (git-fixes).
* pinctrl: mediatek: Initialize variable *buf to zero (git-fixes).
* pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins (git-
fixes).
* pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups (git-
fixes).
* pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
(git-fixes).
* platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering
(bsc#1208420).
* platform/x86: amd-pmc: Correct usage of SMU version (git-fixes).
* platform/x86: amd-pmc: Export Idlemask values based on the APU (git-fixes).
* platform/x86: amd-pmc: Fix compilation when CONFIG_DEBUGFS is disabled
(git-
fixes).
* platform/x86: touchscreen_dmi: Add Chuwi Vi8 (CWI501) DMI match
(git-fixes).
* platform: x86: MLX_PLATFORM: select REGMAP instead of depending on it (git-
fixes).
* powercap: fix possible name leak in powercap_register_zone() (git-fixes).
* powerpc/eeh: Set channel state after notifying the drivers (bsc#1208784
ltc#201612).
* printf: fix errname.c list (git-fixes).
* qede: avoid uninitialized entries in coal_entry array (bsc#1205846).
* qede: fix interrupt coalescing configuration (bsc#1205846).
* refresh patches.suse/ice-clear-stale-Tx-queue-settings-before-
configuring.patch. Fix bug introduced by broken backport (bsc#1208628).
* remoteproc/mtk_scp: Move clk ops outside send_lock (git-fixes).
* remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
(git-fixes).
* revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in
set_protocol" (git-fixes).
* revert "crypto: rsa-pkcs1pad - Replace GFP_ATOMIC with GFP_KERNEL in
pkcs1pad_encrypt_sign_complete" (git-fixes).
* revert "hid: logitech-hidpp: add a module parameter to keep firmware
gestures" (git-fixes).
* revert "usb: dwc3: qcom: Keep power domain on to retain controller
status"
(git-fixes).
* rtc: allow rtc_read_alarm without read_alarm callback (git-fixes).
* rtc: pm8xxx: fix set-alarm race (git-fixes).
* rtc: sun6i: Always export the internal oscillator (git-fixes).
* s390/dasd: Fix potential memleak in dasd_eckd_init() (git-fixes).
* scsi: lpfc: Copyright updates for 14.2.0.10 patches (bsc#1208607).
* scsi: lpfc: Exit PRLI completion handling early if ndlp not in PRLI_ISSUE
state (bsc#1208607).
* scsi: lpfc: Fix space indentation in lpfc_xcvr_data_show() (bsc#1208607).
* scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
(bsc#1208607).
* scsi: lpfc: Introduce new attention types for lpfc_sli4_async_fc_evt()
handler (bsc#1208607).
* scsi: lpfc: Reinitialize internal VMID data structures after FLOGI
completion (bsc#1208607).
* scsi: lpfc: Remove duplicate ndlp kref decrement in lpfc_cleanup_rpis()
(bsc#1208607 bsc#1208534).
* scsi: lpfc: Remove redundant clean up code in disable_vport()
(bsc#1208607).
* scsi: lpfc: Replace outdated strncpy() with strscpy() (bsc#1208607).
* scsi: lpfc: Resolve miscellaneous variable set but not used compiler
warnings (bsc#1208607).
* scsi: lpfc: Set max DMA segment size to HBA supported SGE length
(bsc#1208607).
* scsi: lpfc: Update lpfc version to 14.2.0.10 (bsc#1208607).
* scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438
bsc#1206103).
* scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).
* scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).
* scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).
* scsi: qla2xxx: Fix erroneous link down (bsc#1208570).
* scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).
* scsi: qla2xxx: Fix exchange oversubscription for management commands
(bsc#1208570).
* scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).
* scsi: qla2xxx: Fix printk() format string (bsc#1208570).
* scsi: qla2xxx: Fix stalled login (bsc#1208570).
* scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static
(bsc#1208570).
* scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).
* scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).
* scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).
* scsi: qla2xxx: Remove dead code (bsc#1208570).
* scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).
* scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).
* scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).
* scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called
(bsc#1208570).
* scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).
* scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).
* scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).
* scsi: qla2xxx: Use a variable for repeated mem_size computation
(bsc#1208570).
* scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).
* scsi: qla2xxx: edif: Fix performance dip due to lock contention
(bsc#1208570).
* scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).
* scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).
* sefltests: netdevsim: wait for devlink instance after netns removal (git-
fixes).
* selftest/lkdtm: Skip stack-entropy test if lkdtm is not available (git-
fixes).
* selftests/ftrace: Add check for ping command for trigger tests (bsc#1204993
ltc#200103).
* selftests/ftrace: Convert tracer tests to use 'requires' to specify
program
dependency (bsc#1204993 ltc#200103).
* selftests/powerpc: Account for offline cpus in perf-hwbreak test
(bsc#1206232).
* selftests/powerpc: Bump up rlimit for perf-hwbreak test (bsc#1206232).
* selftests/powerpc: Move perror closer to its use (bsc#1206232).
* serial: fsl_lpuart: fix RS485 RTS polariy inverse issue (git-fixes).
* serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
(git-fixes).
* smb3: Replace smb2pdu 1-element arrays with flex-arrays (bsc#1193629).
* soundwire: cadence: Do not overflow the command FIFOs (git-fixes).
* spi: bcm63xx-hsspi: Endianness fix for ARM based SoC (git-fixes).
* spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one() (git-
fixes).
* spi: tegra210-quad: Fix validate combined sequence (git-fixes).
* staging: mt7621-dts: change palmbus address to lower case (git-fixes).
* struct uvc_device move flush_status new member to end (git-fixes).
* sunrpc allow for unspecified transport time in rpc_clnt_add_xprt (git-
fixes).
* sunrpc: Fix potential race conditions in rpc_sysfs_xprt_state_change()
(git-
fixes).
* sunrpc: Fix socket waits for write buffer space (git-fixes).
* thermal/drivers/hisi: Drop second sensor hi3660 (git-fixes).
* thermal/drivers/tsens: Drop msm8976-specific defines (git-fixes).
* thermal/drivers/tsens: Sort out msm8976 vs msm8956 data (git-fixes).
* thermal/drivers/tsens: fix slope values for msm8939 (git-fixes).
* thermal/drivers/tsens: limit num_sensors to 9 for msm8939 (git-fixes).
* thermal: intel: BXT_PMIC: select REGMAP instead of depending on it (git-
fixes).
* thermal: intel: powerclamp: Fix cur_state for multi package system (git-
fixes).
* thermal: intel: quark_dts: fix error pointer dereference (git-fixes).
* tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
(git-
fixes).
* tty: serial: fsl_lpuart: clear LPUART Status Register in
lpuart32_shutdown()
(git-fixes).
* tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown() (git-
fixes).
* tty: serial: qcom-geni-serial: stop operations in progress at shutdown
(git-
fixes).
* update internal module version number for cifs.ko (bsc#1193629).
* usb: core: Do not hold device lock while reading the "descriptors"
sysfs
file (git-fixes).
* usb: dwc3: core: Host wake up support from system suspend (git-fixes).
* usb: dwc3: pci: add support for the Intel Meteor Lake-M (git-fixes).
* usb: dwc3: qcom: Configure wakeup interrupts during suspend (git-fixes).
* usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
(git-fixes).
* usb: dwc3: qcom: Keep power domain on to retain controller status (git-
fixes).
* usb: dwc3: qcom: clean up icc init (git-fixes).
* usb: dwc3: qcom: clean up suspend callbacks (git-fixes).
* usb: dwc3: qcom: fix gadget-only builds (git-fixes).
* usb: dwc3: qcom: fix peripheral and OTG suspend (git-fixes).
* usb: dwc3: qcom: fix wakeup implementation (git-fixes).
* usb: dwc3: qcom: only parse 'maximum-speed' once (git-fixes).
* usb: dwc3: qcom: suppress unused-variable warning (git-fixes).
* usb: early: xhci-dbc: Fix a potential out-of-bound memory access (git-
fixes).
* usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
(git-fixes).
* usb: gadget: u_serial: Add null pointer check in gserial_resume
(git-fixes).
* usb: max-3421: Fix setting of I/O pins (git-fixes).
* usb: musb: Add and use inline function musb_otg_state_string (git-fixes).
* usb: musb: Add and use inline functions musb_{get,set}_state (git-fixes).
* usb: musb: mediatek: do not unregister something that wasn't registered
(git-fixes).
* usb: musb: remove schedule work called after flush (git-fixes).
* usb: serial: option: add support for VW/Skoda "Carstick LTE"
(git-fixes).
* vc_screen: do not clobber return value in vcs_read (git-fixes).
* vc_screen: modify vcs_size() handling in vcs_read() (git-fixes).
* vdpa_sim: not reset state in vdpasim_queue_ready (git-fixes).
* vfs: filename_create(): fix incorrect intent (bsc#1197534).
* virt/sev-guest: Add a MODULE_ALIAS (bsc#1208449).
* virt/sev-guest: Prevent IV reuse in the SNP guest driver (bsc#1208449).
* virt/sev-guest: Remove unnecessary free in init_crypto() (bsc#1208449).
* virt: sev-guest: Pass the appropriate argument type to iounmap()
(bsc#1208449).
* virt: sevguest: Change driver name to reflect generic SEV support
(bsc#1208449).
* virt: sevguest: Rename the sevguest dir and files to sev-guest
(bsc#1208449).
* vmci: check context->notify_page after call to get_user_pages_fast() to
avoid GPF (git-fixes).
* vmxnet3: move rss code block under eop descriptor (bsc#1208212).
* watchdog: Fix kmemleak in watchdog_cdev_register (git-fixes).
* watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in
error path (git-fixes).
* watchdog: pcwd_usb: Fix attempting to access uninitialized memory (git-
fixes).
* watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
(git-fixes).
* wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup (git-fixes).
* wifi: ath11k: allow system suspend to survive ath11k (git-fixes).
* wifi: ath9k: Fix potential stack-out-of-bounds write in
ath9k_wmi_rsp_callback() (git-fixes).
* wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
callback
function (git-fixes).
* wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
(git-
fixes).
* wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() (git-fixes).
* wifi: cfg80211: Fix extended KCK key length check in
nl80211_set_rekey_data() (git-fixes).
* wifi: cfg80211: Fix use after free for wext (git-fixes).
* wifi: ipw2200: fix memory leak in ipw_wdev_init() (git-fixes).
* wifi: ipw2x00: do not call dev_kfree_skb() under spin_lock_irqsave() (git-
fixes).
* wifi: iwl3945: Add missing check for create_singlethread_workqueue (git-
fixes).
* wifi: iwl4965: Add missing check for create_singlethread_workqueue() (git-
fixes).
* wifi: iwlegacy: common: do not call dev_kfree_skb() under
spin_lock_irqsave() (git-fixes).
* wifi: libertas: cmdresp: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: libertas: fix memory leak in lbs_init_adapter() (git-fixes).
* wifi: libertas: if_usb: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: libertas: main: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: libertas_tf: do not call kfree_skb() under spin_lock_irqsave() (git-
fixes).
* wifi: mac80211: make rate u32 in sta_set_rate_info_rx() (git-fixes).
* wifi: mwifiex: Add missing compatible string for SD8787 (git-fixes).
* wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize() (git-
fixes).
* wifi: orinoco: check return value of hermes_write_wordrec() (git-fixes).
* wifi: rsi: Fix memory leak in rsi_coex_attach() (git-fixes).
* wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU (git-fixes).
* wifi: rtl8xxxu: do not call dev_kfree_skb() under spin_lock_irqsave() (git-
fixes).
* wifi: rtlwifi: Fix global-out-of-bounds bug in
_rtl8812ae_phy_set_txpower_limit() (git-fixes).
* wifi: rtlwifi: rtl8188ee: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: rtlwifi: rtl8723be: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: rtlwifi: rtl8821ae: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).
* wifi: rtw89: Add missing check for alloc_workqueue (git-fixes).
* wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() (git-fixes).
* wifi: wl3501_cs: do not call kfree_skb() under spin_lock_irqsave() (git-
fixes).
* x86/hyperv: Introduce HV_MAX_SPARSE_VCPU_BANKS/HV_VCPUS_PER_SPARSE_BANK
constants (git-fixes).
* x86/xen: Fix memory leak in xen_init_lock_cpu() (git-fixes).
* x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (git-fixes).
* xen-netfront: Fix NULL sring after live migration (git-fixes).
* xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too (git-fixes).
* xen/arm: Fix race in RB-tree based P2M accounting (git-fixes)
* xen/netback: do some code cleanup (git-fixes).
* xen/netback: fix build warning (git-fixes).
* xen/netfront: destroy queues before real_num_tx_queues is zeroed (git-
fixes).
* xen/platform-pci: add missing free_irq() in error path (git-fixes).
* xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() (git-
fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-749=1

* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-749=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-749=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-749=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-749=1

* SUSE Real Time Module 15-SP4
zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2023-749=1

## Package List:

* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.14.2
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-debugsource-5.14.21-150400.15.14.2
* openSUSE Leap 15.4 (x86_64)
* ocfs2-kmp-rt-5.14.21-150400.15.14.2
* kernel-rt-devel-5.14.21-150400.15.14.2
* gfs2-kmp-rt-5.14.21-150400.15.14.2
* kernel-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-devel-debuginfo-5.14.21-150400.15.14.2
* kernel-rt_debug-debugsource-5.14.21-150400.15.14.2
* kernel-rt_debug-devel-5.14.21-150400.15.14.2
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-debugsource-5.14.21-150400.15.14.2
* dlm-kmp-rt-5.14.21-150400.15.14.2
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-syms-rt-5.14.21-150400.15.14.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.14.2
* cluster-md-kmp-rt-5.14.21-150400.15.14.2
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* openSUSE Leap 15.4 (noarch)
* kernel-devel-rt-5.14.21-150400.15.14.2
* kernel-source-rt-5.14.21-150400.15.14.2
* openSUSE Leap 15.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.14.2
* kernel-rt_debug-5.14.21-150400.15.14.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.14.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-debugsource-5.14.21-150400.15.14.2
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.14.2
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-debugsource-5.14.21-150400.15.14.2
* SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
* kernel-livepatch-5_14_21-150400_15_14-rt-debuginfo-1-150400.1.3.1
* kernel-livepatch-SLE15-SP4-RT_Update_4-debugsource-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_14-rt-1-150400.1.3.1
* SUSE Real Time Module 15-SP4 (x86_64)
* ocfs2-kmp-rt-5.14.21-150400.15.14.2
* kernel-rt-devel-5.14.21-150400.15.14.2
* gfs2-kmp-rt-5.14.21-150400.15.14.2
* kernel-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-devel-debuginfo-5.14.21-150400.15.14.2
* kernel-rt_debug-debugsource-5.14.21-150400.15.14.2
* kernel-rt_debug-devel-5.14.21-150400.15.14.2
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.14.2
* kernel-rt-debugsource-5.14.21-150400.15.14.2
* dlm-kmp-rt-5.14.21-150400.15.14.2
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* kernel-syms-rt-5.14.21-150400.15.14.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.14.2
* cluster-md-kmp-rt-5.14.21-150400.15.14.2
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2
* SUSE Real Time Module 15-SP4 (noarch)
* kernel-devel-rt-5.14.21-150400.15.14.2
* kernel-source-rt-5.14.21-150400.15.14.2
* SUSE Real Time Module 15-SP4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.14.2
* kernel-rt_debug-5.14.21-150400.15.14.2

## References:

* https://www.suse.com/security/cve/CVE-2022-3523.html
* https://www.suse.com/security/cve/CVE-2022-38096.html
* https://www.suse.com/security/cve/CVE-2023-0461.html
* https://www.suse.com/security/cve/CVE-2023-0597.html
* https://www.suse.com/security/cve/CVE-2023-1118.html
* https://www.suse.com/security/cve/CVE-2023-22995.html
* https://www.suse.com/security/cve/CVE-2023-22998.html
* https://www.suse.com/security/cve/CVE-2023-23000.html
* https://www.suse.com/security/cve/CVE-2023-23004.html
* https://www.suse.com/security/cve/CVE-2023-23559.html
* https://www.suse.com/security/cve/CVE-2023-25012.html
* https://www.suse.com/security/cve/CVE-2023-26545.html
* https://bugzilla.suse.com/show_bug.cgi?id=1177529
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1197534
* https://bugzilla.suse.com/show_bug.cgi?id=1198438
* https://bugzilla.suse.com/show_bug.cgi?id=1200054
* https://bugzilla.suse.com/show_bug.cgi?id=1202633
* https://bugzilla.suse.com/show_bug.cgi?id=1203331
* https://bugzilla.suse.com/show_bug.cgi?id=1204363
* https://bugzilla.suse.com/show_bug.cgi?id=1204993
* https://bugzilla.suse.com/show_bug.cgi?id=1205544
* https://bugzilla.suse.com/show_bug.cgi?id=1205846
* https://bugzilla.suse.com/show_bug.cgi?id=1206103
* https://bugzilla.suse.com/show_bug.cgi?id=1206232
* https://bugzilla.suse.com/show_bug.cgi?id=1206935
* https://bugzilla.suse.com/show_bug.cgi?id=1207051
* https://bugzilla.suse.com/show_bug.cgi?id=1207270
* https://bugzilla.suse.com/show_bug.cgi?id=1207560
* https://bugzilla.suse.com/show_bug.cgi?id=1207845
* https://bugzilla.suse.com/show_bug.cgi?id=1207846
* https://bugzilla.suse.com/show_bug.cgi?id=1208212
* https://bugzilla.suse.com/show_bug.cgi?id=1208420
* https://bugzilla.suse.com/show_bug.cgi?id=1208449
* https://bugzilla.suse.com/show_bug.cgi?id=1208534
* https://bugzilla.suse.com/show_bug.cgi?id=1208541
* https://bugzilla.suse.com/show_bug.cgi?id=1208542
* https://bugzilla.suse.com/show_bug.cgi?id=1208570
* https://bugzilla.suse.com/show_bug.cgi?id=1208607
* https://bugzilla.suse.com/show_bug.cgi?id=1208628
* https://bugzilla.suse.com/show_bug.cgi?id=1208700
* https://bugzilla.suse.com/show_bug.cgi?id=1208741
* https://bugzilla.suse.com/show_bug.cgi?id=1208759
* https://bugzilla.suse.com/show_bug.cgi?id=1208776
* https://bugzilla.suse.com/show_bug.cgi?id=1208784
* https://bugzilla.suse.com/show_bug.cgi?id=1208787
* https://bugzilla.suse.com/show_bug.cgi?id=1208816
* https://bugzilla.suse.com/show_bug.cgi?id=1208837
* https://bugzilla.suse.com/show_bug.cgi?id=1208843

--===============0992304954757306556==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

<div class="container">
<h1>Security update for the Linux Kernel</h1>

<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2023:0749-1</td>
</tr>

<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1177529">#1177529</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1193629">#1193629</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1197534">#1197534</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1198438">#1198438</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1200054">#1200054</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202633">#1202633</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1203331">#1203331</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204363">#1204363</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204993">#1204993</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1205544">#1205544</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1205846">#1205846</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206103">#1206103</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206232">#1206232</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206935">#1206935</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207051">#1207051</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207270">#1207270</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207560">#1207560</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207845">#1207845</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207846">#1207846</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208212">#1208212</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208420">#1208420</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208449">#1208449</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208534">#1208534</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208541">#1208541</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208542">#1208542</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208570">#1208570</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208607">#1208607</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208628">#1208628</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208700">#1208700</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208741">#1208741</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208759">#1208759</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208776">#1208776</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208784">#1208784</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208787">#1208787</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208816">#1208816</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208837">#1208837</a>
</li>

<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208843">#1208843</a>
</li>

</ul>
</td>
</tr>

<tr>
<th>
Cross-References:
</th>
<td>
<ul>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2022-3523.html">CVE-2022-3523</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2022-38096.html">CVE-2022-38096</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-0461.html">CVE-2023-0461</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-0597.html">CVE-2023-0597</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-1118.html">CVE-2023-1118</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22995.html">CVE-2023-22995</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-22998.html">CVE-2023-22998</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-23000.html">CVE-2023-23000</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-23004.html">CVE-2023-23004</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-23559.html">CVE-2023-23559</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-25012.html">CVE-2023-25012</a>
</li>

<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-26545.html">CVE-2023-26545</a>
</li>

</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">

<li class="list-group-item">
CVE-2022-3523

(

SUSE

):

6.4
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2022-3523

(

NVD

):

5.3
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2022-38096

(

SUSE

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2022-38096

(

NVD

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-0461

(

SUSE

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-0461

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-0597

(

SUSE

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
</li>

<li class="list-group-item">
CVE-2023-0597

(

NVD

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
</li>

<li class="list-group-item">
CVE-2023-1118

(

SUSE

):

7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-1118

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-22995

(

SUSE

):

3.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
</li>

<li class="list-group-item">
CVE-2023-22995

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-22998

(

SUSE

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-22998

(

NVD

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-23000

(

SUSE

):

2.9
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
</li>

<li class="list-group-item">
CVE-2023-23000

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-23004

(

SUSE

):

4.0
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-23004

(

NVD

):

5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-23559

(

SUSE

):

6.5
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
</li>

<li class="list-group-item">
CVE-2023-23559

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-25012

(

SUSE

):

6.8
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-25012

(

NVD

):

4.6
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
</li>

<li class="list-group-item">
CVE-2023-26545

(

SUSE

):

7.0
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

<li class="list-group-item">
CVE-2023-26545

(

NVD

):

7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
</li>

</ul>
</td>
</tr>

<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">

<li class="list-group-item">openSUSE Leap
15.4</li>

<li class="list-group-item">openSUSE Leap
Micro 5.3</li>

<li class="list-group-item">SUSE Linux
Enterprise High Performance Computing 15 SP4</li>

<li class="list-group-item">SUSE Linux
Enterprise Live Patching 15-SP4</li>

<li class="list-group-item">SUSE Linux
Enterprise Micro 5.3</li>

<li class="list-group-item">SUSE Linux
Enterprise Micro 5.4</li>

<li class="list-group-item">SUSE Linux
Enterprise Micro for Rancher 5.3</li>

<li class="list-group-item">SUSE Linux
Enterprise Real Time 15 SP4</li>

<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP4</li>

<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP4</li>

<li class="list-group-item">SUSE Real
Time Module 15-SP4</li>

</ul>
</td>
</tr>
</tbody>
</table>

An update that solves 12 vulnerabilities and has 25 fixes can now
be installed.

<h2>Description:</h2>
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive
various security and bugfixes.
<ul>
<li>CVE-2022-3523: Fixed use after free related to device private page
handling (bsc#1204363).</li>
<li>CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query()
(bsc#1203331).</li>
<li>CVE-2023-0461: Fixed use-after-free in icsk_ulp_data
(bsc#1208787).</li>
<li>CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in
x86/mm (bsc#1207845).</li>
<li>CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim()
in media/rc (bsc#1208837).</li>
<li>CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree
in drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).</li>
<li>CVE-2023-22998: Fixed misinterpretation of the
irtio_gpu_object_shmem_init() return value (bsc#1208776).</li>
<li>CVE-2023-23000: Fixed return value of tegra_xusb_find_port_node
function phy/tegra (bsc#1208816).</li>
<li>CVE-2023-23004: Fixed misinterpretation of the get_sg_table return
value in arm/malidp_planes.c (bsc#1208843).</li>
<li>CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a
buffer overflow (bsc#1207051).</li>
<li>CVE-2023-25012: Fixed a use-After-Free in bigben_set_led() in hid
(bsc#1207560).</li>
<li>CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an
allocation failure (bsc#1208700).</li>
</ul>
The following non-security bugs were fixed:
<ul>
<li>[xen] fix "direction" argument of iov_iter_kvec()
(git-fixes).</li>
<li>acpi: NFIT: fix a potential deadlock during NFIT teardown
(git-fixes).</li>
<li>acpi: battery: Fix missing NUL-termination with large strings
(git-fixes).</li>
<li>acpica: Drop port I/O validation for some regions
(git-fixes).</li>
<li>acpica: nsrepair: handle cases without a return value correctly
(git-fixes).</li>
<li>alsa: hda/ca0132: minor fix for allocation size
(git-fixes).</li>
<li>alsa: hda/conexant: add a new hda codec SN6180
(git-fixes).</li>
<li>alsa: hda/realtek - fixed wrong gpio assigned (git-fixes).</li>
<li>alsa: hda: Do not unset preset when cleaning up codec
(git-fixes).</li>
<li>alsa: ice1712: Delete unreachable code in aureon_add_controls()
(git-fixes).</li>
<li>alsa: ice1712: Do not left ice->gpio_mutex locked in
aureon_add_controls() (git-fixes).</li>
<li>applicom: Fix PCI device refcount leak in applicom_init()
(git-fixes).</li>
<li>arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal
trip (git-fixes).</li>
<li>arm64: dts: imx8m: Align SoC unique ID node unit address
(git-fixes).</li>
<li>arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
(git-fixes).</li>
<li>arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
(git-fixes).</li>
<li>arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
(git-fixes).</li>
<li>arm64: dts: meson-gx: Fix Ethernet MAC address unit name
(git-fixes).</li>
<li>arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
(git-fixes).</li>
<li>arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
(git-fixes).</li>
<li>arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
(git-fixes).</li>
<li>arm64: dts: mt8192: Fix CPU map for single-cluster SoC
(git-fixes).</li>
<li>arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges
(git-fixes).</li>
<li>arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
(git-fixes).</li>
<li>arm64: dts: qcom: ipq8074: fix Gen3 PCIe node (git-fixes).</li>
<li>arm64: dts: qcom: qcs404: use symbol names for PCIe resets
(git-fixes).</li>
<li>arm64: dts: qcom: sc7180: correct SPMI bus address cells
(git-fixes).</li>
<li>arm64: dts: qcom: sc7280: correct SPMI bus address cells
(git-fixes).</li>
<li>arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
(git-fixes).</li>
<li>arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of
4k (git-fixes).</li>
<li>arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
(git-fixes).</li>
<li>arm64: dts: rockchip: drop unused LED mode property from
rk3328-roc-cc (git-fixes).</li>
<li>arm64: dts: ti: k3-j7200: Fix wakeup pinmux range
(git-fixes).</li>
<li>arm64: efi: Make efi_rt_lock a raw_spinlock (git-fixes).</li>
<li>arm: OMAP1: call platform_device_put() in error case in
omap1_dm_timer_init() (git-fixes).</li>
<li>arm: OMAP2+: Fix memory leak in realtime_counter_init()
(git-fixes).</li>
<li>arm: bcm2835_defconfig: Enable the framebuffer
(git-fixes).</li>
<li>arm: dts: am5748: keep usb4_tm disabled (git-fixes)</li>
<li>arm: dts: exynos: correct HDMI phy compatible in Exynos4
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Exynos4
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Exynos4210
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Exynos5250
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Odroid HC1
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Odroid XU
(git-fixes).</li>
<li>arm: dts: exynos: correct TMU phandle in Odroid XU3 family
(git-fixes).</li>
<li>arm: dts: exynos: correct wr-active property in Exynos3250 Rinato
(git-fixes).</li>
<li>arm: dts: imx7-colibri-eval-v3: correct can controller comment
(git-fixes)</li>
<li>arm: dts: imx7s: correct iomuxc gpr mux controller cells
(git-fixes).</li>
<li>arm: dts: qcom: msm8974: add required ranges to OCMEM
(git-fixes)</li>
<li>arm: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU
node (git-fixes).</li>
<li>arm: dts: rockchip: add power-domains property to dp node on rk3288
(git-fixes).</li>
<li>arm: dts: spear320-hmi: correct STMPE GPIO compatible
(git-fixes).</li>
<li>arm: dts: stm32: add missing usbh clock and fix clk order on
(git-fixes)</li>
<li>arm: dts: stm32: use usbphyc ck_usbo_48m as USBH OHCI clock on
(git-fixes)</li>
<li>arm: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
(git-fixes).</li>
<li>arm: imx: Call ida_simple_remove() for ida_simple_get
(git-fixes).</li>
<li>arm: imx: rename DEBUG_IMX21_IMX27_UART to DEBUG_IMX27_UART
(git-fixes)</li>
<li>arm: omap: remove debug-leds driver (git-fixes)</li>
<li>arm: remove some dead code (git-fixes)</li>
<li>arm: renumber bits related to _TIF_WORK_MASK (git-fixes)</li>
<li>arm: s3c: fix s3c64xx_set_timer_source prototype
(git-fixes).</li>
<li>arm: shmobile: rcar-gen2: Add missing of_node_put()
(git-fixes)</li>
<li>arm: zynq: Fix refcount leak in zynq_early_slcr_init
(git-fixes).</li>
<li>ascpi / x86: Add support for LPS0 callback handler
(git-fixes).</li>
<li>asoc: Intel: sof_cs42l42: always set dpcm_capture for amplifiers
(git-fixes).</li>
<li>asoc: Intel: sof_rt5682: always set dpcm_capture for amplifiers
(git-fixes).</li>
<li>asoc: adau7118: do not disable regulators on device unbind
(git-fixes).</li>
<li>asoc: cs42l56: fix DT probe (git-fixes).</li>
<li>asoc: dt-bindings: meson: fix gx-card codec node regex
(git-fixes).</li>
<li>asoc: mchp-spdifrx: Fix uninitialized use of mr in
mchp_spdifrx_hw_params() (git-fixes).</li>
<li>asoc: mchp-spdifrx: disable all interrupts in
mchp_spdifrx_dai_remove() (git-fixes).</li>
<li>asoc: mchp-spdifrx: fix controls which rely on rsr register
(git-fixes).</li>
<li>asoc: rsnd: Remove unnecessary rsnd_dbg_dai_call()
(git-fixes).</li>
<li>asoc: rsnd: fixup #endif position (git-fixes).</li>
<li>asoc: rt715-sdca: fix clock stop prepare timeout issue
(git-fixes).</li>
<li>asoc: soc-compress.c: fixup private_data on snd_soc_new_compress()
(git-fixes).</li>
<li>asoc: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
(git-fixes).</li>
<li>asoc: tlv320adcx140: fix 'ti,gpio-config' DT
property init (git-fixes).</li>
<li>auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
(git-fixes).</li>
<li>avoid deadlock for recursive I/O on dm-thin when used as swap
(bsc#1177529).</li>
<li>backlight: backlight: Fix doc for backlight_device_get_by_name
(git-fixes).</li>
<li>block: bio-integrity: Copy flags when bio_integrity_payload is cloned
(bsc#1208541).</li>
<li>bluetooth: L2CAP: Fix potential user-after-free
(git-fixes).</li>
<li>bluetooth: hci_qca: get wakeup status from serdev device handle
(git-fixes).</li>
<li>cifs: Check the lease context if we actually got a lease
(bsc#1193629).</li>
<li>cifs: Convert struct fealist away from 1-element array
(bsc#1193629).</li>
<li>cifs: Fix lost destroy smbd connection when MR allocate failed
(git-fixes).</li>
<li>cifs: Fix oops due to uncleared server->smbd_conn in reconnect
(git-fixes).</li>
<li>cifs: Fix uninitialized memory read in smb3_qfs_tcon()
(bsc#1193629).</li>
<li>cifs: Fix uninitialized memory reads for oparms.mode
(bsc#1193629).</li>
<li>cifs: Fix use-after-free in rdata->read_into_pages()
(git-fixes).</li>
<li>cifs: Fix warning and UAF when destroy the MR list
(git-fixes).</li>
<li>cifs: Get rid of unneeded conditional in the smb2_get_aead_req()
(bsc#1193629).</li>
<li>cifs: Replace remaining 1-element arrays (bsc#1193629).</li>
<li>cifs: Replace zero-length arrays with flexible-array members
(bsc#1193629).</li>
<li>cifs: Use kstrtobool() instead of strtobool()
(bsc#1193629).</li>
<li>cifs: do not try to use rdma offload on encrypted connections
(bsc#1193629).</li>
<li>cifs: fix mount on old smb servers (boo#1206935).</li>
<li>cifs: get rid of dns resolve worker (bsc#1193629).</li>
<li>cifs: get rid of unneeded conditional in cifs_get_num_sgs()
(bsc#1193629).</li>
<li>cifs: improve checking of DFS links over STATUS_OBJECT_NAME_INVALID
(git-fixes).</li>
<li>cifs: introduce cifs_io_parms in smb2_async_writev()
(bsc#1193629).</li>
<li>cifs: match even the scope id for ipv6 addresses
(bsc#1193629).</li>
<li>cifs: prevent data race in cifs_reconnect_tcon()
(bsc#1193629).</li>
<li>cifs: prevent data race in smb2_reconnect() (bsc#1193629).</li>
<li>cifs: print last update time for interface list
(bsc#1193629).</li>
<li>cifs: remove unneeded 2bytes of padding from smb2 tree connect
(bsc#1193629).</li>
<li>cifs: return a single-use cfid if we did not get a lease
(bsc#1193629).</li>
<li>cifs: reuse cifs_match_ipaddr for comparison of dstaddr too
(bsc#1193629).</li>
<li>cifs: split out smb3_use_rdma_offload() helper
(bsc#1193629).</li>
<li>cifs: update ip_addr for ses only for primary chan setup
(bsc#1193629).</li>
<li>cifs: use tcon allocation functions even for dummy tcon
(git-fixes).</li>
<li>cifs: use the least loaded channel for sending requests
(bsc#1193629).</li>
<li>clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled()
(git-fixes).</li>
<li>clk: imx: avoid memory leak (git-fixes).</li>
<li>clk: mxl: Add option to override gate clks (git-fixes).</li>
<li>clk: mxl: Fix a clk entry by adding relevant flags
(git-fixes).</li>
<li>clk: mxl: Remove redundant spinlocks (git-fixes).</li>
<li>clk: mxl: Switch from direct readl/writel based IO to regmap based IO
(git-fixes).</li>
<li>clk: mxl: syscon_node_to_regmap() returns error pointers
(git-fixes).</li>
<li>clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents
(git-fixes).</li>
<li>clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents
(git-fixes).</li>
<li>clk: ralink: fix 'mt7621_gate_is_enabled()'
function (git-fixes).</li>
<li>clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init()
failed (git-fixes).</li>
<li>clk: renesas: cpg-mssr: Remove superfluous check in resume code
(git-fixes).</li>
<li>comedi: use menuconfig for main Comedi menu (git-fixes).</li>
<li>crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
(git-fixes).</li>
<li>crypto: ccp - Failure on re-initialization due to duplicate sysfs
filename (git-fixes).</li>
<li>crypto: crypto4xx - Call dma_unmap_page when done
(git-fixes).</li>
<li>crypto: essiv - Handle EBUSY correctly (git-fixes).</li>
<li>crypto: qat - fix out-of-bounds read (git-fixes).</li>
<li>crypto: rsa-pkcs1pad - Use akcipher_request_complete
(git-fixes).</li>
<li>crypto: seqiv - Handle EBUSY correctly (git-fixes).</li>
<li>crypto: x86/ghash - fix unaligned access in ghash_setkey()
(git-fixes).</li>
<li>crypto: xts - Handle EBUSY correctly (git-fixes).</li>
<li>dmaengine: dw-axi-dmac: Do not dereference NULL structure
(git-fixes).</li>
<li>dmaengine: dw-edma: Do not permit non-inc interleaved xfers
(git-fixes).</li>
<li>dmaengine: dw-edma: Drop chancnt initialization
(git-fixes).</li>
<li>dmaengine: dw-edma: Fix invalid interleaved xfers semantics
(git-fixes).</li>
<li>dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
(git-fixes).</li>
<li>dmaengine: dw-edma: Fix readq_ch() return value truncation
(git-fixes).</li>
<li>dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0
(git-fixes).</li>
<li>dmaengine: ptdma: check for null desc before calling pt_cmd_callback
(git-fixes).</li>
<li>docs: ftrace: fix a issue with duplicated subtitle number
(git-fixes).</li>
<li>docs: gdbmacros: print newest record (git-fixes).</li>
<li>documentation: simplify and clarify DCO contribution example language
(git-fixes).</li>
<li>driver core: fix potential null-ptr-deref in device_add()
(git-fixes).</li>
<li>driver core: fix resource leak in device_add()
(git-fixes).</li>
<li>driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links
(git-fixes).</li>
<li>drivers: base: transport_class: fix possible memory leak
(git-fixes).</li>
<li>drivers: base: transport_class: fix resource leak when
transport_add_device() fails (git-fixes).</li>
<li>drm/amd/display: Properly handle additional cases where DCN is not
supported (git-fixes).</li>
<li>drm/amd/display: reduce else-if to else in dcn10_blank_pixel_data()
(git-fixes).</li>
<li>drm/amdgpu: fix enum odm_combine_mode mismatch
(git-fixes).</li>
<li>drm/bridge: lt8912b: Add hot plug detection (git-fixes).</li>
<li>drm/bridge: lt9611: fix HPD reenablement (git-fixes).</li>
<li>drm/bridge: lt9611: fix clock calculation (git-fixes).</li>
<li>drm/bridge: lt9611: fix polarity programming (git-fixes).</li>
<li>drm/bridge: lt9611: fix programming of video modes
(git-fixes).</li>
<li>drm/bridge: lt9611: fix sleep mode setup (git-fixes).</li>
<li>drm/bridge: lt9611: pass a pointer to the of node
(git-fixes).</li>
<li>drm/bridge: megachips: Fix error handling in i2c_register_driver()
(git-fixes).</li>
<li>drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
(git-fixes).</li>
<li>drm/hyperv : Removing the restruction of VRAM allocation with PCI bar
size (git-fixes).</li>
<li>drm/hyperv: Fix an error handling path in hyperv_vmbus_probe()
(git-fixes).</li>
<li>drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()
(git-fixes).</li>
<li>drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
(git-fixes).</li>
<li>drm/i915: Do not use BAR mappings for ring buffers with LLC
(git-fixes).</li>
<li>drm/mediatek: Clean dangling pointer on bind error path
(git-fixes).</li>
<li>drm/mediatek: Drop unbalanced obj unref (git-fixes).</li>
<li>drm/mediatek: Use NULL instead of 0 for NULL pointer
(git-fixes).</li>
<li>drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
(git-fixes).</li>
<li>drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
(git-fixes).</li>
<li>drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
(git-fixes).</li>
<li>drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
(git-fixes).</li>
<li>drm/msm/dpu: Add check for cstate (git-fixes).</li>
<li>drm/msm/dpu: Add check for pstates (git-fixes).</li>
<li>drm/msm/dpu: Disallow unallocated resources to be returned
(git-fixes).</li>
<li>drm/msm/dpu: drop stale comment from struct dpu_mdp_cfg doc
(git-fixes).</li>
<li>drm/msm/dpu: set pdpu->is_rt_pipe early in
dpu_plane_sspp_atomic_update() (git-fixes).</li>
<li>drm/msm/gem: Add check for kmalloc (git-fixes).</li>
<li>drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
(git-fixes).</li>
<li>drm/msm/mdp5: Add check for kzalloc (git-fixes).</li>
<li>drm/msm: clean event_thread->worker in case of an error
(git-fixes).</li>
<li>drm/msm: use strscpy instead of strncpy (git-fixes).</li>
<li>drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED
(git-fixes).</li>
<li>drm/omapdrm: Remove unused struct csc_coef_rgb2yuv
(git-fixes).</li>
<li>drm/vc4: hdmi: Correct interlaced timings again
(git-fixes).</li>
<li>drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
(git-fixes).</li>
<li>drm/vc4: hvs: Set AXI panic modes (git-fixes).</li>
<li>drm/vc4: vec: Use pm_runtime_resume_and_get() in
vc4_vec_encoder_enable() (git-fixes).</li>
<li>drm/vkms: Fix memory leak in vkms_init() (git-fixes).</li>
<li>drm/vkms: Fix null-ptr-deref in vkms_release()
(git-fixes).</li>
<li>drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
(git-fixes).</li>
<li>drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
(git-fixes).</li>
<li>drm: tidss: Fix pixel format definition (git-fixes).</li>
<li>dt-bindings: arm: fsl: Fix bindings for APF28Dev board
(git-fixes).</li>
<li>dt-bindings: hwlock: sun6i: Add missing #hwlock-cells
(git-fixes).</li>
<li>dt-bindings: input: iqs626a: Redefine trackpad property types
(git-fixes).</li>
<li>dt-bindings: msm: dsi-controller-main: Add vdd* descriptions back in
(git-fixes).</li>
<li>dt-bindings: net: snps,dwmac: Fix snps,reset-delays-us dependency
(git-fixes).</li>
<li>dt-bindings: power: supply: pm8941-coincell: Do not require charging
properties (git-fixes).</li>
<li>dt-bindings: usb: amlogic,meson-g12a-usb-ctrl: make G12A usb3-phy0
optional (git-fixes).</li>
<li>eeprom: idt_89hpesx: Fix error handling in idt_init()
(git-fixes).</li>
<li>firmware: coreboot: Remove GOOGLE_COREBOOT_TABLE_ACPI/OF Kconfig
entries (git-fixes).</li>
<li>firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
(git-fixes).</li>
<li>firmware: stratix10-svc: add missing gen_pool_destroy() in
stratix10_svc_drv_probe() (git-fixes).</li>
<li>fuse: add inode/permission checks to fileattr_get/fileattr_set
(bsc#1208759).</li>
<li>gpio: tegra186: remove unneeded loop in
tegra186_gpio_init_route_mapping() (git-fixes).</li>
<li>gpio: vf610: connect GPIO label to dev name (git-fixes).</li>
<li>gpu: host1x: Do not skip assigning syncpoints to channels
(git-fixes).</li>
<li>gpu: ipu-v3: common: Add of_node_put() for reference returned by
of_graph_get_port_by_id() (git-fixes).</li>
<li>hid: asus: use spinlock to protect concurrent accesses
(git-fixes).</li>
<li>hid: asus: use spinlock to safely schedule workers
(git-fixes).</li>
<li>hid: bigben: use spinlock to protect concurrent accesses
(git-fixes).</li>
<li>hid: bigben: use spinlock to safely schedule workers
(git-fixes).</li>
<li>hid: bigben_probe(): validate report count (git-fixes).</li>
<li>hid: bigben_worker() remove unneeded check on report_field
(git-fixes).</li>
<li>hid: core: Fix deadloop in hid_apply_multiplier
(git-fixes).</li>
<li>hid: elecom: add support for TrackBall 056E:011C
(git-fixes).</li>
<li>hv: fix comment typo in vmbus_channel/low_latency
(git-fixes).</li>
<li>hv_netvsc: Allocate memory in netvsc_dma_map() with GFP_ATOMIC
(git-fixes).</li>
<li>hv_netvsc: Check status in SEND_RNDIS_PKT completion message
(git-fixes).</li>
<li>hwmon: (ftsteutates) Fix scaling of measurements
(git-fixes).</li>
<li>hwmon: (ltc2945) Handle error case in ltc2945_value_store
(git-fixes).</li>
<li>hwmon: (mlxreg-fan) Return zero speed for broken fan
(git-fixes).</li>
<li>i2c: designware: fix i2c_dw_clk_rate() return size to be u32
(git-fixes).</li>
<li>iio: light: tsl2563: Do not hardcode interrupt trigger type
(git-fixes).</li>
<li>input: ads7846 - always set last command to PWRDOWN
(git-fixes).</li>
<li>input: ads7846 - do not check penirq immediately for 7845
(git-fixes).</li>
<li>input: ads7846 - do not report pressure for ads7845
(git-fixes).</li>
<li>input: iqs269a - configure device with a single block write
(git-fixes).</li>
<li>input: iqs269a - drop unused device node references
(git-fixes).</li>
<li>input: iqs269a - increase interrupt handler return delay
(git-fixes).</li>
<li>input: iqs626a - drop unused device node references
(git-fixes).</li>
<li>iommu/hyper-v: Allow hyperv irq remapping without x2apic
(git-fixes).</li>
<li>irqchip/gic-v3: Refactor ISB + EOIR at ack time
(git-fixes)</li>
<li>kabi fix for: nfs: Further optimisations for 'ls
-l' (git-fixes).</li>
<li>kabi fix for: nfsd: Have legacy NFSD WRITE decoders use
xdr_stream_subsegment() (git-fixes).</li>
<li>kabi fix for: nfsv3: handle out-of-order write replies
(bsc#1205544).</li>
<li>kabi fix for: nfsv4.1 query for fs_location attr on a new file system
(Never, kabi).</li>
<li>kmap_local: do not assume kmap PTEs are linear arrays in memory
(git-fixes) Update config/armv7hl/default too.</li>
<li>leds: led-class: Add missing put_device() to led_put()
(git-fixes).</li>
<li>leds: led-core: Fix refcount leak in of_led_get()
(git-fixes).</li>
<li>lib/mpi: Fix buffer overrun when SG is too long
(git-fixes).</li>
<li>lib/zlib: remove redundation assignement of avail_in dfltcc_gdht()
(git-fixes).</li>
<li>locking/rwsem: Allow slowpath writer to ignore handoff bit if not set
by first waiter (bsc#1207270).</li>
<li>locking/rwsem: Always try to wake waiters in out_nolock path
(bsc#1207270).</li>
<li>locking/rwsem: Conditionally wake waiters in reader/writer slowpaths
(bsc#1207270).</li>
<li>locking/rwsem: Disable preemption in all down_read*() and up_read()
code paths (bsc#1207270).</li>
<li>locking/rwsem: Disable preemption in all down_write*() and up_write()
code paths (bsc#1207270).</li>
<li>locking/rwsem: Disable preemption while trying for rwsem lock
(bsc#1207270).</li>
<li>locking/rwsem: Make handoff bit handling more consistent
(bsc#1207270).</li>
<li>locking/rwsem: No need to check for handoff bit if wait queue empty
(bsc#1207270).</li>
<li>locking/rwsem: Prevent non-first waiter from spinning in down_write()
slowpath (bsc#1207270).</li>
<li>locking: Add missing __sched attributes (bsc#1207270).</li>
<li>media: coda: Add check for dcoda_iram_alloc (git-fixes).</li>
<li>media: coda: Add check for kmalloc (git-fixes).</li>
<li>media: i2c: ov7670: 0 instead of -EINVAL was returned
(git-fixes).</li>
<li>media: i2c: ov772x: Fix memleak in ov772x_probe()
(git-fixes).</li>
<li>media: imx: imx7-media-csi: fix missing clk_disable_unprepare() in
imx7_csi_init() (git-fixes).</li>
<li>media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
(git-fixes).</li>
<li>media: max9286: Fix memleak in max9286_v4l2_register()
(git-fixes).</li>
<li>media: ov2740: Fix memleak in ov2740_init_controls()
(git-fixes).</li>
<li>media: ov5675: Fix memleak in ov5675_init_controls()
(git-fixes).</li>
<li>media: platform: ti: Add missing check for devm_regulator_get
(git-fixes).</li>
<li>media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
(git-fixes).</li>
<li>media: saa7134: Use video_unregister_device for radio_dev
(git-fixes).</li>
<li>media: ti: cal: fix possible memory leak in cal_ctx_create()
(git-fixes).</li>
<li>media: usb: siano: Fix use after free bugs caused by do_submit_urb
(git-fixes).</li>
<li>media: uvcvideo: Fix race condition with usb_kill_urb
(git-fixes).</li>
<li>media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
(git-fixes).</li>
<li>media: v4l2-jpeg: ignore the unknown APP14 marker
(git-fixes).</li>
<li>mfd: cs5535: Do not build on UML (git-fixes).</li>
<li>mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
(git-fixes).</li>
<li>misc/mei/hdcp: Use correct macros to initialize uuid_le
(git-fixes).</li>
<li>misc: enclosure: Fix doc for enclosure_find() (git-fixes).</li>
<li>mmc: jz4740: Work around bug on JZ4760(B) (git-fixes).</li>
<li>mmc: mmc_spi: fix error handling in mmc_spi_probe()
(git-fixes).</li>
<li>mmc: sdio: fix possible resource leaks in some error paths
(git-fixes).</li>
<li>move upstreamed i915 and media fixes into sorted section</li>
<li>mtd: dataflash: remove duplicate SPI ID table (git-fixes).</li>
<li>mtd: rawnand: fsl_elbc: Propagate HW ECC settings to HW
(git-fixes).</li>
<li>mtd: rawnand: sunxi: Clean up chips after failed init
(git-fixes).</li>
<li>mtd: rawnand: sunxi: Fix the size of the last OOB region
(git-fixes).</li>
<li>mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
(git-fixes).</li>
<li>mtd: spi-nor: core: fix implicit declaration warning
(git-fixes).</li>
<li>mtd: spi-nor: sfdp: Fix index value for SCCR dwords
(git-fixes).</li>
<li>mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
(git-fixes).</li>
<li>net/rose: Fix to not accept on connected socket
(git-fixes).</li>
<li>net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change
(git-fixes).</li>
<li>nfc: fix memory leak of se_io context in nfc_genl_se_io
(git-fixes).</li>
<li>nfs: Always initialise fattr->label in nfs_fattr_alloc()
(git-fixes).</li>
<li>nfs: Create a new nfs_alloc_fattr_with_label() function
(git-fixes).</li>
<li>nfs: Do not allocate nfs_fattr on the stack in __nfs42_ssc_open()
(git-fixes).</li>
<li>nfs: Further optimisations for 'ls -l'
(git-fixes).</li>
<li>nfs: nfs4clinet: check the return value of kstrdup()
(git-fixes).</li>
<li>nfsd: COMMIT operations must not return NFS?ERR_INVAL
(git-fixes).</li>
<li>nfsd: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
(git-fixes).</li>
<li>nfsd: Fix nfsd_breaker_owns_lease() return values
(git-fixes).</li>
<li>nfsd: Have legacy NFSD WRITE decoders use xdr_stream_subsegment()
(git-fixes).</li>
<li>nfsv3: handle out-of-order write replies (bsc#1205544).</li>
<li>nfsv4 expose nfs_parse_server_name function (git-fixes).</li>
<li>nfsv4 handle port presence in fs_location server string
(git-fixes).</li>
<li>nfsv4 only print the label when its queried (git-fixes).</li>
<li>nfsv4 remove zero number of fs_locations entries error check
(git-fixes).</li>
<li>nfsv4 store server support for fs_location attribute
(git-fixes).</li>
<li>nfsv4.1 query for fs_location attr on a new file system
(git-fixes).</li>
<li>nfsv4.1: Fix uninitialised variable in devicenotify
(git-fixes).</li>
<li>nfsv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
(git-fixes).</li>
<li>nfsv4: Protect the state recovery thread against direct reclaim
(git-fixes).</li>
<li>nvme-auth: check chap ctrl_key once constructed
(bsc#1202633).</li>
<li>nvme-auth: clear sensitive info right after authentication completes
(bsc#1202633).</li>
<li>nvme-auth: convert dhchap_auth_list to an array
(bsc#1202633).</li>
<li>nvme-auth: do not ignore key generation failures when initializing
ctrl keys (bsc#1202633).</li>
<li>nvme-auth: do not keep long lived 4k dhchap buffer
(bsc#1202633).</li>
<li>nvme-auth: do not override ctrl keys before validation
(bsc#1202633).</li>
<li>nvme-auth: do not re-authenticate if the controller is not LIVE
(bsc#1202633).</li>
<li>nvme-auth: do not use NVMe status codes (bsc#1202633).</li>
<li>nvme-auth: fix an error code in nvme_auth_process_dhchap_challenge()
(bsc#1202633).</li>
<li>nvme-auth: fix smatch warning complaints (bsc#1202633).</li>
<li>nvme-auth: guarantee dhchap buffers under memory pressure
(bsc#1202633).</li>
<li>nvme-auth: have dhchap_auth_work wait for queues auth to complete
(bsc#1202633).</li>
<li>nvme-auth: mark nvme_auth_wq static (bsc#1202633).</li>
<li>nvme-auth: no need to reset chap contexts on re-authentication
(bsc#1202633).</li>
<li>nvme-auth: remove redundant auth_work flush (bsc#1202633).</li>
<li>nvme-auth: remove redundant buffer deallocations
(bsc#1202633).</li>
<li>nvme-auth: remove redundant deallocations (bsc#1202633).</li>
<li>nvme-auth: remove redundant if statement (bsc#1202633).</li>
<li>nvme-auth: remove symbol export from nvme_auth_reset
(bsc#1202633).</li>
<li>nvme-auth: rename __nvme_auth_[reset|free] to
nvme_auth[reset|free]_dhchap (bsc#1202633).</li>
<li>nvme-auth: rename authentication work elements
(bsc#1202633).</li>
<li>nvme-auth: use workqueue dedicated to authentication
(bsc#1202633).</li>
<li>nvme-fabrics: show well known discovery name
(bsc#1200054).</li>
<li>ocfs2: Fix data corruption after failed write
(bsc#1208542).</li>
<li>pci/ioc: Enlarge virtfn sysfs name buffer (git-fixes).</li>
<li>pci/pm: Observe reset delay irrespective of bridge_d3
(git-fixes).</li>
<li>pci: Fix dropping valid root bus resources with .end = zero
(git-fixes).</li>
<li>pci: hotplug: Allow marking devices as disconnected during
bind/unbind (git-fixes).</li>
<li>pci: hv: update comment in x86 specific hv_arch_irq_unmask
(git-fixes).</li>
<li>pci: switchtec: Return -EFAULT for copy_to_user() errors
(git-fixes).</li>
<li>phy: rockchip-typec: fix tcphy_get_mode error case
(git-fixes).</li>
<li>pinctrl: mediatek: Initialize variable *buf to zero
(git-fixes).</li>
<li>pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
(git-fixes).</li>
<li>pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
(git-fixes).</li>
<li>pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
(git-fixes).</li>
<li>platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering
(bsc#1208420).</li>
<li>platform/x86: amd-pmc: Correct usage of SMU version
(git-fixes).</li>
<li>platform/x86: amd-pmc: Export Idlemask values based on the APU
(git-fixes).</li>
<li>platform/x86: amd-pmc: Fix compilation when CONFIG_DEBUGFS is
disabled (git-fixes).</li>
<li>platform/x86: touchscreen_dmi: Add Chuwi Vi8 (CWI501) DMI match
(git-fixes).</li>
<li>platform: x86: MLX_PLATFORM: select REGMAP instead of depending on it
(git-fixes).</li>
<li>powercap: fix possible name leak in powercap_register_zone()
(git-fixes).</li>
<li>powerpc/eeh: Set channel state after notifying the drivers
(bsc#1208784 ltc#201612).</li>
<li>printf: fix errname.c list (git-fixes).</li>
<li>qede: avoid uninitialized entries in coal_entry array
(bsc#1205846).</li>
<li>qede: fix interrupt coalescing configuration
(bsc#1205846).</li>
<li>refresh
patches.suse/ice-clear-stale-Tx-queue-settings-before-configuring.patch. Fix bug introduced by broken backport (bsc#1208628).</li>
<li>remoteproc/mtk_scp: Move clk ops outside send_lock
(git-fixes).</li>
<li>remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem
headers (git-fixes).</li>
<li>revert "char: pcmcia: cm4000_cs: Replace mdelay with
usleep_range in set_protocol" (git-fixes).</li>
<li>revert "crypto: rsa-pkcs1pad - Replace GFP_ATOMIC with
GFP_KERNEL in pkcs1pad_encrypt_sign_complete" (git-fixes).</li>
<li>revert "hid: logitech-hidpp: add a module parameter to keep
firmware gestures" (git-fixes).</li>
<li>revert "usb: dwc3: qcom: Keep power domain on to retain
controller status" (git-fixes).</li>
<li>rtc: allow rtc_read_alarm without read_alarm callback
(git-fixes).</li>
<li>rtc: pm8xxx: fix set-alarm race (git-fixes).</li>
<li>rtc: sun6i: Always export the internal oscillator
(git-fixes).</li>
<li>s390/dasd: Fix potential memleak in dasd_eckd_init()
(git-fixes).</li>
<li>scsi: lpfc: Copyright updates for 14.2.0.10 patches
(bsc#1208607).</li>
<li>scsi: lpfc: Exit PRLI completion handling early if ndlp not in
PRLI_ISSUE state (bsc#1208607).</li>
<li>scsi: lpfc: Fix space indentation in lpfc_xcvr_data_show()
(bsc#1208607).</li>
<li>scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware
write (bsc#1208607).</li>
<li>scsi: lpfc: Introduce new attention types for
lpfc_sli4_async_fc_evt() handler (bsc#1208607).</li>
<li>scsi: lpfc: Reinitialize internal VMID data structures after FLOGI
completion (bsc#1208607).</li>
<li>scsi: lpfc: Remove duplicate ndlp kref decrement in
lpfc_cleanup_rpis() (bsc#1208607 bsc#1208534).</li>
<li>scsi: lpfc: Remove redundant clean up code in disable_vport()
(bsc#1208607).</li>
<li>scsi: lpfc: Replace outdated strncpy() with strscpy()
(bsc#1208607).</li>
<li>scsi: lpfc: Resolve miscellaneous variable set but not used compiler
warnings (bsc#1208607).</li>
<li>scsi: lpfc: Set max DMA segment size to HBA supported SGE length
(bsc#1208607).</li>
<li>scsi: lpfc: Update lpfc version to 14.2.0.10
(bsc#1208607).</li>
<li>scsi: qla2xxx: Add option to disable FC2 Target support (bsc#1198438
bsc#1206103).</li>
<li>scsi: qla2xxx: Check if port is online before sending ELS
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix IOCB resource check warning
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix erroneous link down (bsc#1208570).</li>
<li>scsi: qla2xxx: Fix exchange oversubscription
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix exchange oversubscription for management commands
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix link failure in NPIV environment
(bsc#1208570).</li>
<li>scsi: qla2xxx: Fix printk() format string (bsc#1208570).</li>
<li>scsi: qla2xxx: Fix stalled login (bsc#1208570).</li>
<li>scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static
(bsc#1208570).</li>
<li>scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).</li>
<li>scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).</li>
<li>scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).</li>
<li>scsi: qla2xxx: Remove dead code (bsc#1208570).</li>
<li>scsi: qla2xxx: Remove increment of interface err cnt
(bsc#1208570).</li>
<li>scsi: qla2xxx: Remove the unused variable wwn
(bsc#1208570).</li>
<li>scsi: qla2xxx: Remove unintended flag clearing
(bsc#1208570).</li>
<li>scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets
called (bsc#1208570).</li>
<li>scsi: qla2xxx: Simplify if condition evaluation
(bsc#1208570).</li>
<li>scsi: qla2xxx: Update version to 10.02.08.100-k
(bsc#1208570).</li>
<li>scsi: qla2xxx: Update version to 10.02.08.200-k
(bsc#1208570).</li>
<li>scsi: qla2xxx: Use a variable for repeated mem_size computation
(bsc#1208570).</li>
<li>scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).</li>
<li>scsi: qla2xxx: edif: Fix performance dip due to lock contention
(bsc#1208570).</li>
<li>scsi: qla2xxx: edif: Fix stall session after app start
(bsc#1208570).</li>
<li>scsi: qla2xxx: edif: Reduce memory usage during low I/O
(bsc#1208570).</li>
<li>sefltests: netdevsim: wait for devlink instance after netns removal
(git-fixes).</li>
<li>selftest/lkdtm: Skip stack-entropy test if lkdtm is not available
(git-fixes).</li>
<li>selftests/ftrace: Add check for ping command for trigger tests
(bsc#1204993 ltc#200103).</li>
<li>selftests/ftrace: Convert tracer tests to use
'requires' to specify program dependency (bsc#1204993 ltc#200103).</li>
<li>selftests/powerpc: Account for offline cpus in perf-hwbreak test
(bsc#1206232).</li>
<li>selftests/powerpc: Bump up rlimit for perf-hwbreak test
(bsc#1206232).</li>
<li>selftests/powerpc: Move perror closer to its use
(bsc#1206232).</li>
<li>serial: fsl_lpuart: fix RS485 RTS polariy inverse issue
(git-fixes).</li>
<li>serial: tegra: Add missing clk_disable_unprepare() in
tegra_uart_hw_init() (git-fixes).</li>
<li>smb3: Replace smb2pdu 1-element arrays with flex-arrays
(bsc#1193629).</li>
<li>soundwire: cadence: Do not overflow the command FIFOs
(git-fixes).</li>
<li>spi: bcm63xx-hsspi: Endianness fix for ARM based SoC
(git-fixes).</li>
<li>spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
(git-fixes).</li>
<li>spi: tegra210-quad: Fix validate combined sequence
(git-fixes).</li>
<li>staging: mt7621-dts: change palmbus address to lower case
(git-fixes).</li>
<li>struct uvc_device move flush_status new member to end
(git-fixes).</li>
<li>sunrpc allow for unspecified transport time in rpc_clnt_add_xprt
(git-fixes).</li>
<li>sunrpc: Fix potential race conditions in
rpc_sysfs_xprt_state_change() (git-fixes).</li>
<li>sunrpc: Fix socket waits for write buffer space
(git-fixes).</li>
<li>thermal/drivers/hisi: Drop second sensor hi3660
(git-fixes).</li>
<li>thermal/drivers/tsens: Drop msm8976-specific defines
(git-fixes).</li>
<li>thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
(git-fixes).</li>
<li>thermal/drivers/tsens: fix slope values for msm8939
(git-fixes).</li>
<li>thermal/drivers/tsens: limit num_sensors to 9 for msm8939
(git-fixes).</li>
<li>thermal: intel: BXT_PMIC: select REGMAP instead of depending on it
(git-fixes).</li>
<li>thermal: intel: powerclamp: Fix cur_state for multi package system
(git-fixes).</li>
<li>thermal: intel: quark_dts: fix error pointer dereference
(git-fixes).</li>
<li>tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma
case (git-fixes).</li>
<li>tty: serial: fsl_lpuart: clear LPUART Status Register in
lpuart32_shutdown() (git-fixes).</li>
<li>tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
(git-fixes).</li>
<li>tty: serial: qcom-geni-serial: stop operations in progress at
shutdown (git-fixes).</li>
<li>update internal module version number for cifs.ko
(bsc#1193629).</li>
<li>usb: core: Do not hold device lock while reading the
"descriptors" sysfs file (git-fixes).</li>
<li>usb: dwc3: core: Host wake up support from system suspend
(git-fixes).</li>
<li>usb: dwc3: pci: add support for the Intel Meteor Lake-M
(git-fixes).</li>
<li>usb: dwc3: qcom: Configure wakeup interrupts during suspend
(git-fixes).</li>
<li>usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
(git-fixes).</li>
<li>usb: dwc3: qcom: Keep power domain on to retain controller status
(git-fixes).</li>
<li>usb: dwc3: qcom: clean up icc init (git-fixes).</li>
<li>usb: dwc3: qcom: clean up suspend callbacks (git-fixes).</li>
<li>usb: dwc3: qcom: fix gadget-only builds (git-fixes).</li>
<li>usb: dwc3: qcom: fix peripheral and OTG suspend
(git-fixes).</li>
<li>usb: dwc3: qcom: fix wakeup implementation (git-fixes).</li>
<li>usb: dwc3: qcom: only parse 'maximum-speed' once
(git-fixes).</li>
<li>usb: dwc3: qcom: suppress unused-variable warning
(git-fixes).</li>
<li>usb: early: xhci-dbc: Fix a potential out-of-bound memory access
(git-fixes).</li>
<li>usb: gadget: fusb300_udc: free irq on the error path in
fusb300_probe() (git-fixes).</li>
<li>usb: gadget: u_serial: Add null pointer check in gserial_resume
(git-fixes).</li>
<li>usb: max-3421: Fix setting of I/O pins (git-fixes).</li>
<li>usb: musb: Add and use inline function musb_otg_state_string
(git-fixes).</li>
<li>usb: musb: Add and use inline functions musb_{get,set}_state
(git-fixes).</li>
<li>usb: musb: mediatek: do not unregister something that wasn't
registered (git-fixes).</li>
<li>usb: musb: remove schedule work called after flush
(git-fixes).</li>
<li>usb: serial: option: add support for VW/Skoda "Carstick
LTE" (git-fixes).</li>
<li>vc_screen: do not clobber return value in vcs_read
(git-fixes).</li>
<li>vc_screen: modify vcs_size() handling in vcs_read()
(git-fixes).</li>
<li>vdpa_sim: not reset state in vdpasim_queue_ready
(git-fixes).</li>
<li>vfs: filename_create(): fix incorrect intent
(bsc#1197534).</li>
<li>virt/sev-guest: Add a MODULE_ALIAS (bsc#1208449).</li>
<li>virt/sev-guest: Prevent IV reuse in the SNP guest driver
(bsc#1208449).</li>
<li>virt/sev-guest: Remove unnecessary free in init_crypto()
(bsc#1208449).</li>
<li>virt: sev-guest: Pass the appropriate argument type to iounmap()
(bsc#1208449).</li>
<li>virt: sevguest: Change driver name to reflect generic SEV support
(bsc#1208449).</li>
<li>virt: sevguest: Rename the sevguest dir and files to sev-guest
(bsc#1208449).</li>
<li>vmci: check context->notify_page after call to
get_user_pages_fast() to avoid GPF (git-fixes).</li>
<li>vmxnet3: move rss code block under eop descriptor
(bsc#1208212).</li>
<li>watchdog: Fix kmemleak in watchdog_cdev_register
(git-fixes).</li>
<li>watchdog: at91sam9_wdt: use devm_request_irq to avoid missing
free_irq() in error path (git-fixes).</li>
<li>watchdog: pcwd_usb: Fix attempting to access uninitialized memory
(git-fixes).</li>
<li>watchdog: sbsa_wdog: Make sure the timeout programming is within the
limits (git-fixes).</li>
<li>wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
(git-fixes).</li>
<li>wifi: ath11k: allow system suspend to survive ath11k
(git-fixes).</li>
<li>wifi: ath9k: Fix potential stack-out-of-bounds write in
ath9k_wmi_rsp_callback() (git-fixes).</li>
<li>wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
callback function (git-fixes).</li>
<li>wifi: brcmfmac: fix potential memory leak in
brcmf_netdev_start_xmit() (git-fixes).</li>
<li>wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
(git-fixes).</li>
<li>wifi: cfg80211: Fix extended KCK key length check in
nl80211_set_rekey_data() (git-fixes).</li>
<li>wifi: cfg80211: Fix use after free for wext (git-fixes).</li>
<li>wifi: ipw2200: fix memory leak in ipw_wdev_init()
(git-fixes).</li>
<li>wifi: ipw2x00: do not call dev_kfree_skb() under spin_lock_irqsave()
(git-fixes).</li>
<li>wifi: iwl3945: Add missing check for create_singlethread_workqueue
(git-fixes).</li>
<li>wifi: iwl4965: Add missing check for create_singlethread_workqueue()
(git-fixes).</li>
<li>wifi: iwlegacy: common: do not call dev_kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: libertas: cmdresp: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: libertas: fix memory leak in lbs_init_adapter()
(git-fixes).</li>
<li>wifi: libertas: if_usb: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: libertas: main: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: libertas_tf: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).</li>
<li>wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
(git-fixes).</li>
<li>wifi: mwifiex: Add missing compatible string for SD8787
(git-fixes).</li>
<li>wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
(git-fixes).</li>
<li>wifi: orinoco: check return value of hermes_write_wordrec()
(git-fixes).</li>
<li>wifi: rsi: Fix memory leak in rsi_coex_attach()
(git-fixes).</li>
<li>wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
(git-fixes).</li>
<li>wifi: rtl8xxxu: do not call dev_kfree_skb() under spin_lock_irqsave()
(git-fixes).</li>
<li>wifi: rtlwifi: Fix global-out-of-bounds bug in
_rtl8812ae_phy_set_txpower_limit() (git-fixes).</li>
<li>wifi: rtlwifi: rtl8188ee: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: rtlwifi: rtl8723be: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: rtlwifi: rtl8821ae: do not call kfree_skb() under
spin_lock_irqsave() (git-fixes).</li>
<li>wifi: rtw89: Add missing check for alloc_workqueue
(git-fixes).</li>
<li>wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
(git-fixes).</li>
<li>wifi: wl3501_cs: do not call kfree_skb() under spin_lock_irqsave()
(git-fixes).</li>
<li>x86/hyperv: Introduce
HV_MAX_SPARSE_VCPU_BANKS/HV_VCPUS_PER_SPARSE_BANK constants (git-fixes).</li>
<li>x86/xen: Fix memory leak in xen_init_lock_cpu()
(git-fixes).</li>
<li>x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
(git-fixes).</li>
<li>xen-netfront: Fix NULL sring after live migration
(git-fixes).</li>
<li>xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too
(git-fixes).</li>
<li>xen/arm: Fix race in RB-tree based P2M accounting
(git-fixes)</li>
<li>xen/netback: do some code cleanup (git-fixes).</li>
<li>xen/netback: fix build warning (git-fixes).</li>
<li>xen/netfront: destroy queues before real_num_tx_queues is zeroed
(git-fixes).</li>
<li>xen/platform-pci: add missing free_irq() in error path
(git-fixes).</li>
<li>xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
(git-fixes).</li>
</ul>

<h2>Special Instructions and Notes:</h2>
<ul>

<li>Please reboot the system after installing this
update.</li>

</ul>

<h2>Patch Instructions:</h2>

To install this SUSE Important update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch". 

Alternatively you can run the command listed for your product:

<ul class="list-group">

<li class="list-group-item">
openSUSE Leap Micro 5.3

 
<code>zypper in -t patch
openSUSE-Leap-Micro-5.3-2023-749=1</code>

</li>

<li class="list-group-item">
openSUSE Leap 15.4

 
<code>zypper in -t patch
openSUSE-SLE-15.4-2023-749=1</code>

</li>

<li class="list-group-item">
SUSE Linux Enterprise Micro for Rancher 5.3

 
<code>zypper in -t patch
SUSE-SLE-Micro-5.3-2023-749=1</code>

</li>

<li class="list-group-item">
SUSE Linux Enterprise Micro 5.3

 
<code>zypper in -t patch
SUSE-SLE-Micro-5.3-2023-749=1</code>

</li>

<li class="list-group-item">
SUSE Linux Enterprise Live Patching 15-SP4

 
<code>zypper in -t patch
SUSE-SLE-Module-Live-Patching-15-SP4-2023-749=1</code>

</li>

<li class="list-group-item">
SUSE Real Time Module 15-SP4

 
<code>zypper in -t patch
SUSE-SLE-Module-RT-15-SP4-2023-749=1</code>

</li>

</ul>

<h2>Package List:</h2>
<ul>

<li>
openSUSE Leap Micro 5.3 (nosrc x86_64)
<ul>

<li>kernel-rt-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
openSUSE Leap Micro 5.3 (x86_64)
<ul>

<li>kernel-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debugsource-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
openSUSE Leap 15.4 (x86_64)
<ul>

<li>ocfs2-kmp-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt-devel-5.14.21-150400.15.14.2</li>

<li>gfs2-kmp-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-devel-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-debugsource-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-devel-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debugsource-5.14.21-150400.15.14.2</li>

<li>dlm-kmp-rt-5.14.21-150400.15.14.2</li>

<li>cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-syms-rt-5.14.21-150400.15.14.1</li>

<li>kernel-rt_debug-debuginfo-5.14.21-150400.15.14.2</li>

<li>cluster-md-kmp-rt-5.14.21-150400.15.14.2</li>

<li>ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>dlm-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>gfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
openSUSE Leap 15.4 (noarch)
<ul>

<li>kernel-devel-rt-5.14.21-150400.15.14.2</li>

<li>kernel-source-rt-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
openSUSE Leap 15.4 (nosrc x86_64)
<ul>

<li>kernel-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
<ul>

<li>kernel-rt-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
<ul>

<li>kernel-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debugsource-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
<ul>

<li>kernel-rt-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Linux Enterprise Micro 5.3 (x86_64)
<ul>

<li>kernel-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debugsource-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
<ul>

<li>kernel-livepatch-5_14_21-150400_15_14-rt-debuginfo-1-150400.1.3.1</li>

<li>kernel-livepatch-SLE15-SP4-RT_Update_4-debugsource-1-150400.1.3.1</li>

<li>kernel-livepatch-5_14_21-150400_15_14-rt-1-150400.1.3.1</li>

</ul>
</li>

<li>
SUSE Real Time Module 15-SP4 (x86_64)
<ul>

<li>ocfs2-kmp-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt-devel-5.14.21-150400.15.14.2</li>

<li>gfs2-kmp-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-devel-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-debugsource-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-devel-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-rt-debugsource-5.14.21-150400.15.14.2</li>

<li>dlm-kmp-rt-5.14.21-150400.15.14.2</li>

<li>cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>kernel-syms-rt-5.14.21-150400.15.14.1</li>

<li>kernel-rt_debug-debuginfo-5.14.21-150400.15.14.2</li>

<li>cluster-md-kmp-rt-5.14.21-150400.15.14.2</li>

<li>ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>dlm-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

<li>gfs2-kmp-rt-debuginfo-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Real Time Module 15-SP4 (noarch)
<ul>

<li>kernel-devel-rt-5.14.21-150400.15.14.2</li>

<li>kernel-source-rt-5.14.21-150400.15.14.2</li>

</ul>
</li>

<li>
SUSE Real Time Module 15-SP4 (nosrc x86_64)
<ul>

<li>kernel-rt-5.14.21-150400.15.14.2</li>

<li>kernel-rt_debug-5.14.21-150400.15.14.2</li>

</ul>
</li>

</ul>

<h2>References:</h2>
<ul>

<li>
<a href="https://www.suse.com/security/cve/CVE-2022-3523.html">https://www.suse.com/security/cve/CVE-2022-3523.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2022-38096.html">https://www.suse.com/security/cve/CVE-2022-38096.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-0461.html">https://www.suse.com/security/cve/CVE-2023-0461.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-0597.html">https://www.suse.com/security/cve/CVE-2023-0597.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-1118.html">https://www.suse.com/security/cve/CVE-2023-1118.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22995.html">https://www.suse.com/security/cve/CVE-2023-22995.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-22998.html">https://www.suse.com/security/cve/CVE-2023-22998.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-23000.html">https://www.suse.com/security/cve/CVE-2023-23000.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-23004.html">https://www.suse.com/security/cve/CVE-2023-23004.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-23559.html">https://www.suse.com/security/cve/CVE-2023-23559.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-25012.html">https://www.suse.com/security/cve/CVE-2023-25012.html</a>
</li>

<li>
<a href="https://www.suse.com/security/cve/CVE-2023-26545.html">https://www.suse.com/security/cve/CVE-2023-26545.html</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1177529">https://bugzilla.suse.com/show_bug.cgi?id=1177529</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1193629">https://bugzilla.suse.com/show_bug.cgi?id=1193629</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1197534">https://bugzilla.suse.com/show_bug.cgi?id=1197534</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1198438">https://bugzilla.suse.com/show_bug.cgi?id=1198438</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1200054">https://bugzilla.suse.com/show_bug.cgi?id=1200054</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1202633">https://bugzilla.suse.com/show_bug.cgi?id=1202633</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1203331">https://bugzilla.suse.com/show_bug.cgi?id=1203331</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204363">https://bugzilla.suse.com/show_bug.cgi?id=1204363</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1204993">https://bugzilla.suse.com/show_bug.cgi?id=1204993</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1205544">https://bugzilla.suse.com/show_bug.cgi?id=1205544</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1205846">https://bugzilla.suse.com/show_bug.cgi?id=1205846</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206103">https://bugzilla.suse.com/show_bug.cgi?id=1206103</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206232">https://bugzilla.suse.com/show_bug.cgi?id=1206232</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1206935">https://bugzilla.suse.com/show_bug.cgi?id=1206935</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207051">https://bugzilla.suse.com/show_bug.cgi?id=1207051</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207270">https://bugzilla.suse.com/show_bug.cgi?id=1207270</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207560">https://bugzilla.suse.com/show_bug.cgi?id=1207560</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207845">https://bugzilla.suse.com/show_bug.cgi?id=1207845</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1207846">https://bugzilla.suse.com/show_bug.cgi?id=1207846</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208212">https://bugzilla.suse.com/show_bug.cgi?id=1208212</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208420">https://bugzilla.suse.com/show_bug.cgi?id=1208420</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208449">https://bugzilla.suse.com/show_bug.cgi?id=1208449</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208534">https://bugzilla.suse.com/show_bug.cgi?id=1208534</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208541">https://bugzilla.suse.com/show_bug.cgi?id=1208541</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208542">https://bugzilla.suse.com/show_bug.cgi?id=1208542</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208570">https://bugzilla.suse.com/show_bug.cgi?id=1208570</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208607">https://bugzilla.suse.com/show_bug.cgi?id=1208607</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208628">https://bugzilla.suse.com/show_bug.cgi?id=1208628</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208700">https://bugzilla.suse.com/show_bug.cgi?id=1208700</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208741">https://bugzilla.suse.com/show_bug.cgi?id=1208741</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208759">https://bugzilla.suse.com/show_bug.cgi?id=1208759</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208776">https://bugzilla.suse.com/show_bug.cgi?id=1208776</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208784">https://bugzilla.suse.com/show_bug.cgi?id=1208784</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208787">https://bugzilla.suse.com/show_bug.cgi?id=1208787</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208816">https://bugzilla.suse.com/show_bug.cgi?id=1208816</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208837">https://bugzilla.suse.com/show_bug.cgi?id=1208837</a>
</li>

<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1208843">https://bugzilla.suse.com/show_bug.cgi?id=1208843</a>
</li>

</ul>

</div>

--===============0992304954757306556==--