openSUSE: 2023:2892-1: important: the Linux Kernel Security Advisory Update
Description
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335). * CVE-2023-2430: Fixed a possible denial of service via a missing lock in the io_uring subsystem (bsc#1211014). * CVE-2023-28866: Fixed an out-of-bounds access in net/bluetooth/hci_sync.c because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but did not (bsc#1209780). * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842). * CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/btrfs/relocation.c (bsc#1212051). * CVE-2023-3212: Fixed a NULL pointer dereference flaw in the gfs2 file system (bsc#1212265). * CVE-2023-3220: Fixed a NULL pointer dereference flaw in dpu_crtc_atomic_check in drivers/gpu/drm/msm/disp/dpu1/dpu_crtc.c lacks check of the return value of kzalloc() (bsc#1212556). * CVE-2023-3357: Fixed a NULL pointer dereference flaw in the AMD Sensor Fusion Hub driver (bsc#1212605). * CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606). * CVE-2023-3389: Fixed a use-after-free vulnerability in the io_uring subsystem (bsc#1212838). * CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets in fl_set_geneve_opt in net/sched/cls_flower.c (bsc#1212504). * CVE-2023-35823: Fixed a use-after-free flaw in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c (bsc#1212494). * CVE-2023-35828: Fixed a use-after-free flaw in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c (bsc#1212513). * CVE-2023-35829: Fixed a use-after-free flaw in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c (bsc#1212495). The following non-security bugs were fixed: * ACPI: CPPC: Add AMD pstate energy performance preference cppc control (bsc#1212445). * ACPI: CPPC: Add auto select register read/write support (bsc#1212445). * ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() (git-fixes). * ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer (git-fixes). * ALSA: fireface: make read-only const array for model names static (git- fixes). * ALSA: hda/realtek: Add "Intel Reference board" and "NUC 13" SSID in the ALC256 (git-fixes). * ALSA: hda/realtek: Add a quirk for Compaq N14JP6 (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG G614Jx (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG G634Z (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG GA402X (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG GV601V (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG GX650P (git-fixes). * ALSA: hda/realtek: Add quirk for ASUS ROG GZ301V (git-fixes). * ALSA: hda/realtek: Add quirk for Clevo NPx0SNx (git-fixes). * ALSA: hda/realtek: Add quirks for ASUS GU604V and GU603V (git-fixes). * ALSA: hda/realtek: Add quirks for ROG ALLY CS35l41 audio (git-fixes). * ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 (git-fixes). * ALSA: hda/realtek: Amend G634 quirk to enable rear speakers (git-fixes). * ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook (git-fixes). * ALSA: hda/realtek: Whitespace fix (git-fixes). * ALSA: hda: LNL: add HD Audio PCI ID (git-fixes). * ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() (git-fixes). * ALSA: jack: Fix mutex call in snd_jack_report() (git-fixes). * ALSA: oxfw: make read-only const array models static (git-fixes). * ALSA: pcm: Fix potential data race at PCM memory allocation helpers (git- fixes). * ALSA: usb-audio: Add quirk flag for HEM devices to enable native DSD playback (git-fixes). * ALSA: usb-audio: Fix broken resume due to UAC3 power state (git-fixes). * ARM: 9295/1: unwind:fix unwind abort for uleb128 case (git-fixes) * ARM: cpu: Switch to arch_cpu_finalize_init() (bsc#1212448). * ARM: dts: Fix erroneous ADS touchscreen polarities (git-fixes). * ARM: dts: vexpress: add missing cache properties (git-fixes). * ASoC: dwc: move DMA init to snd_soc_dai_driver probe() (git-fixes). * ASoC: es8316: Do not set rate constraints for unsupported MCLKs (git-fixes). * ASoC: es8316: Increment max value for ALC Capture Target Volume control (git-fixes). * ASoC: imx-audmix: check return value of devm_kasprintf() (git-fixes). * ASoC: mediatek: mt8173: Fix irq error path (git-fixes). * ASoC: nau8824: Add quirk to active-high jack-detect (git-fixes). * ASoC: simple-card: Add missing of_node_put() in case of error (git-fixes). * ASoC: soc-pcm: test if a BE can be prepared (git-fixes). * Add MODULE_FIRMWARE() for FIRMWARE_TG357766 (git-fixes). * Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk (git-fixes). * Documentation: ABI: sysfs-class-net-qmi: pass_through contact update (git- fixes). * Documentation: bonding: fix the doc of peer_notif_delay (git-fixes). * Documentation: devlink: add add devlink-selftests to the table of contents (git-fixes). * Documentation: devlink: mlx5.rst: Fix htmldoc build warning (git-fixes). * Documentation: timers: hrtimers: Make hybrid union historical (git-fixes). * Drop a buggy dvb-core fix patch (bsc#1205758) * Fix documentation of panic_on_warn (git-fixes). * Get module prefix from kmod (bsc#1212835). * HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651 (git-fixes). * HID: wacom: Add error check to wacom_parse_and_register() (git-fixes). * IB/hfi1: Fix wrong mmu_node used for user SDMA packet after invalidate (git- fixes) * IB/isert: Fix dead lock in ib_isert (git-fixes) * IB/isert: Fix incorrect release of isert connection (git-fixes) * IB/isert: Fix possible list corruption in CMA handler (git-fixes) * IB/uverbs: Fix to consider event queue closing also upon non-blocking mode (git-fixes) * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - fix typo in register value define (git-fixes). * Input: drv260x - remove unused .reg_defaults (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: psmouse - fix OOB access in Elantech protocol (git-fixes). * Input: soc_button_array - add invalid acpi_index DMI quirk handling (git- fixes). * KVM: arm64: Do not hypercall before EL2 init (git-fixes) * KVM: arm64: Propagate errors from __pkvm_prot_finalize hypercall (git-fixes) * KVM: arm64: Save PSTATE early on exit (git-fixes) * KVM: arm64: vgic: Read HW interrupt pending state from the HW (git-fixes) * NTB: amd: Fix error handling in amd_ntb_pci_driver_init() (git-fixes). * NTB: ntb_tool: Add check for devm_kcalloc (git-fixes). * NTB: ntb_transport: fix possible memory leak while device_register() fails (git-fixes). * PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * PCI: Add pci_clear_master() stub for non-CONFIG_PCI (git-fixes). * PCI: Release resource invalidated by coalescing (git-fixes). * PCI: cadence: Fix Gen2 Link Retraining process (git-fixes). * PCI: endpoint: Add missing documentation about the MSI/MSI-X range (git- fixes). * PCI: ftpci100: Release the clock resources (git-fixes). * PCI: pciehp: Cancel bringup sequence if card is not present (git-fixes). * PCI: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked (git- fixes). * PCI: rockchip: Assert PCI Configuration Enable bit after probe (git-fixes). * PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core (git- fixes). * PCI: rockchip: Set address alignment for endpoint mode (git-fixes). * PCI: rockchip: Use u32 variable to access 32-bit registers (git-fixes). * PCI: rockchip: Write PCI Device ID to correct register (git-fixes). * PCI: vmd: Reset VMD config register between soft reboots (git-fixes). * PM: domains: fix integer overflow issues in genpd_parse_state() (git-fixes). * RDMA/bnxt_re: Avoid calling wake_up threads from spin_lock context (git- fixes) * RDMA/bnxt_re: Disable/kill tasklet only if it is enabled (git-fixes) * RDMA/bnxt_re: Fix to remove an unnecessary log (git-fixes) * RDMA/bnxt_re: Fix to remove unnecessary return labels (git-fixes) * RDMA/bnxt_re: Remove a redundant check inside bnxt_re_update_gid (git-fixes) * RDMA/bnxt_re: Remove unnecessary checks (git-fixes) * RDMA/bnxt_re: Return directly without goto jumps (git-fixes) * RDMA/bnxt_re: Use unique names while registering interrupts (git-fixes) * RDMA/bnxt_re: wraparound mbox producer index (git-fixes) * RDMA/cma: Always set static rate to 0 for RoCE (git-fixes) * RDMA/hns: Fix hns_roce_table_get return value (git-fixes) * RDMA/irdma: avoid fortify-string warning in irdma_clr_wqes (git-fixes) * RDMA/mlx5: Create an indirect flow table for steering anchor (git-fixes) * RDMA/mlx5: Do not set tx affinity when lag is in hash mode (git-fixes) * RDMA/mlx5: Fix affinity assignment (git-fixes) * RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions (git-fixes) * RDMA/mlx5: Rely on RoCE fw cap instead of devlink when setting profile (jsc#SLE-19253). * RDMA/rtrs: Fix rxe_dealloc_pd warning (git-fixes) * RDMA/rtrs: Fix the last iu->buf leak in err path (git-fixes) * RDMA/rxe: Fix access checks in rxe_check_bind_mw (git-fixes) * RDMA/rxe: Fix packet length checks (git-fixes) * RDMA/rxe: Fix ref count error in check_rkey() (git-fixes) * RDMA/rxe: Fix rxe_cq_post (git-fixes) * RDMA/rxe: Fix the use-before-initialization error of resp_pkts (git-fixes) * RDMA/rxe: Remove dangling declaration of rxe_cq_disable() (git-fixes) * RDMA/rxe: Remove the unused variable obj (git-fixes) * RDMA/rxe: Removed unused name from rxe_task struct (git-fixes) * RDMA/uverbs: Restrict usage of privileged QKEYs (git-fixes) * RDMA/vmw_pvrdma: Remove unnecessary check on wr->opcode (git-fixes) * Remove more packaging cruft for SLE < 12 SP3 * Remove orphaned CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT (bsc#1189998 git-fixes). * Revert "drm/amd/display: edp do not add non-edid timings" (git-fixes). * Revert "mtd: rawnand: arasan: Prevent an unsupported configuration" (git- fixes). * Revert "net: phy: dp83867: perform soft reset and retain established link" (git-fixes). * SUNRPC: Clean up svc_deferred_class trace events (git-fixes). * USB: cdns3: fix NCM gadget RX speed 20x slow than expection at iMX8QM (git- fixes). * USB: dwc3-meson-g12a: Fix an error handling path in dwc3_meson_g12a_probe() (git-fixes). * USB: dwc3: fix use-after-free on core driver unbind (git-fixes). * USB: dwc3: gadget: Propagate core init errors to UDC during pullup (git- fixes). * USB: dwc3: gadget: Reset num TRBs before giving back the request (git- fixes). * USB: dwc3: qcom: Fix an error handling path in dwc3_qcom_probe() (git- fixes). * USB: dwc3: qcom: Fix potential memory leak (git-fixes). * USB: dwc3: qcom: Release the correct resources in dwc3_qcom_remove() (git- fixes). * USB: dwc3: qcom: fix NULL-deref on suspend (git-fixes). * USB: gadget: u_serial: Add null pointer check in gserial_suspend (git- fixes). * USB: gadget: udc: fix NULL dereference in remove() (git-fixes). * USB: hide unused usbfs_notify_suspend/resume functions (git-fixes). * USB: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() (git-fixes). * USB: serial: option: add Quectel EM061KGL series (git-fixes). * USB: typec: ucsi: Fix command cancellation (git-fixes). * USB: xhci: Remove unused udev from xhci_log_ctx trace event (git-fixes). * Update commit 52b1b46c39ae ("of: Create platform devices for OF framebuffers") (bsc#1212405). * Update patches.suse/KVM-x86-fix-sending-PV-IPI.patch (git-fixes, bsc#1210853). * amdgpu: validate offset_in_bo of drm_amdgpu_gem_va (git-fixes). * apparmor: fix missing error check for rhashtable_insert_fast (git-fixes). * arm64: Add missing Set/Way CMO encodings (git-fixes). * arm64: Always load shadow stack pointer directly from the task struct (git- fixes) * arm64: Stash shadow stack pointer in the task struct on interrupt (git- fixes) * arm64: dts: Move BCM4908 dts to bcmbca folder (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename (git-fixes) * arm64: dts: imx8mn-var-som: fix PHY detection bug by adding deassert (git- fixes) * bnxt_en: Do not issue AP reset during ethtool's reset operation (git-fixes). * bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks (git-fixes). * bnxt_en: Prevent kernel panic when receiving unexpected PHC_UPDATE event (git-fixes). * bnxt_en: Query default VLAN before VNIC setup on a VF (git-fixes). * bnxt_en: Skip firmware fatal error recovery if chip is not accessible (git- fixes). * bonding: Fix negative jump label count on nested bonding (bsc#1212685). * bpf, arm64: Call build_prologue() first in first JIT pass (git-fixes) * bpf, arm64: Clear prog->jited_len along prog->jited (git-fixes) * bpf, arm64: Feed byte-offset into bpf line info (git-fixes) * bpf, arm64: Use emit_addr_mov_i64() for BPF_PSEUDO_FUNC (git-fixes) * bpf: Add extra path pointer check to d_path helper (git-fixes). * bpf: Fix UAF in task local storage (bsc#1212564). * bus: fsl-mc: fsl-mc-allocator: Drop a write-only variable (git-fixes). * bus: ti-sysc: Fix dispc quirk masking bool variables (git-fixes). * can: isotp: isotp_sendmsg(): fix return error fix on TX path (git-fixes). * can: kvaser_pciefd: Remove handler for unused KVASER_PCIEFD_PACK_TYPE_EFRAME_ACK (git-fixes). * can: kvaser_pciefd: Remove useless write to interrupt register (git-fixes). * can: length: fix bitstuffing count (git-fixes). * can: length: fix description of the RRS field (git-fixes). * can: length: make header self contained (git-fixes). * ceph: fix use-after-free bug for inodes when flushing capsnaps (bsc#1212540). * cgroup: Use cgroup_attach_{lock,unlock}() from cgroup_attach_task_all() (bsc#1212563). * cgroup: always put cset in cgroup_css_set_put_fork (bsc#1212561). * cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() (bsc#1212563). * clk: Fix memory leak in devm_clk_notifier_register() (git-fixes). * clk: cdce925: check return value of kasprintf() (git-fixes). * clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe (git-fixes). * clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() (git- fixes). * clk: imx: scu: use _safe list iterator to avoid a use after free (git- fixes). * clk: keystone: sci-clk: check return value of kasprintf() (git-fixes). * clk: qcom: camcc-sc7180: Add parent dependency to all camera GDSCs (git- fixes). * clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks (git-fixes). * clk: samsung: Add Exynos4212 compatible to CLKOUT driver (git-fixes). * clk: si5341: check return value of {devm_}kasprintf() (git-fixes). * clk: si5341: free unused memory on probe failure (git-fixes). * clk: si5341: return error if one synth clock registration fails (git-fixes). * clk: tegra: tegra124-emc: Fix potential memory leak (git-fixes). * clk: ti: clkctrl: check return value of kasprintf() (git-fixes). * clk: vc5: check memory returned by kasprintf() (git-fixes). * clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe (git- fixes). * crypto: marvell/cesa - Fix type mismatch warning (git-fixes). * crypto: nx - fix build warnings when DEBUG_FS is not enabled (git-fixes). * device-dax: Fix duplicate 'hmem' device registration (bsc#1211400). * disable two x86 PAT related patches (bsc#1212456). * docs/memory-barriers.txt: Add a missed closing parenthesis (git-fixes). * docs: networking: Update codeaurora references for rmnet (git-fixes). * drivers: meson: secure-pwrc: always enable DMA domain (git-fixes). * drm/amd/display: Add logging for display MALL refresh setting (git-fixes). * drm/amd/display: Add minimal pipe split transition state (git-fixes). * drm/amd/display: Add wrapper to call planes and stream update (git-fixes). * drm/amd/display: Explicitly specify update type per plane info change (git- fixes). * drm/amd/display: Fix artifacting on eDP panels when engaging freesync video mode (git-fixes). * drm/amd/display: Use dc_update_planes_and_stream (git-fixes). * drm/amd/display: add a NULL pointer check (bsc#1212848, bsc#1212961). * drm/amd/display: disable seamless boot if force_odm_combine is enabled (bsc#1212848, bsc#1212961). * drm/amd/display: drop redundant memset() in get_available_dsc_slices() (git- fixes). * drm/amd/display: edp do not add non-edid timings (git-fixes). * drm/amd/display: fix the system hang while disable PSR (git-fixes). * drm/amd/pm: Fix power context allocation in SMU13 (git-fixes). * drm/amd/pm: revise the ASPM settings for thunderbolt attached scenario (bsc#1212848, bsc#1212961). * drm/amd/pm: update the LC_L1_INACTIVITY setting to address possible noise issue (bsc#1212848, bsc#1212961). * drm/amd: Disable PSR-SU on Parade 0803 TCON (bsc#1212848, bsc#1212961). * drm/amd: Do not try to enable secure display TA multiple times (bsc#1212848, bsc#1212961). * drm/amd: Make sure image is written to trigger VBIOS image update flow (git- fixes). * drm/amd: Tighten permissions on VBIOS flashing attributes (git-fixes). * drm/amdgpu: Set vmbo destroy after pt bo is created (git-fixes). * drm/amdgpu: Validate VM ioctl flags (git-fixes). * drm/amdgpu: add missing radeon secondary PCI ID (git-fixes). * drm/amdgpu: fix clearing mappings for BOs that are always valid in VM (bsc#1212848, bsc#1212961). * drm/amdgpu: fix number of fence calculations (bsc#1212848, bsc#1212961). * drm/amdgpu: fix xclk freq on CHIP_STONEY (git-fixes). * drm/amdkfd: Fix potential deallocation of previously deallocated memory (git-fixes). * drm/bridge: tc358768: always enable HS video mode (git-fixes). * drm/bridge: tc358768: fix PLL parameters computation (git-fixes). * drm/bridge: tc358768: fix PLL target frequency (git-fixes). * drm/bridge: tc358768: fix TCLK_ZEROCNT computation (git-fixes). * drm/bridge: tc358768: fix TXTAGOCNT computation (git-fixes). * drm/bridge: ti-sn65dsi86: Avoid possible buffer overflow (git-fixes). * drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl (git-fixes). * drm/exynos: vidi: fix a wrong error return (git-fixes). * drm/i915/gvt: remove unused variable gma_bottom in command parser (git- fixes). * drm/i915/psr: Use hw.adjusted mode when calculating io/fast wake times (git- fixes). * drm/i915/selftests: Add some missing error propagation (git-fixes). * drm/i915/selftests: Increase timeout for live_parallel_switch (git-fixes). * drm/i915/selftests: Stop using kthread_stop() (git-fixes). * drm/i915: Explain the magic numbers for AUX SYNC/precharge length (git- fixes). * drm/i915: Use 18 fast wake AUX sync len (git-fixes). * drm/msm/adreno: fix sparse warnings in a6xx code (git-fixes). * drm/msm/dp: Free resources after unregistering them (git-fixes). * drm/msm/dpu: correct MERGE_3D length (git-fixes). * drm/msm/dpu: do not enable color-management if DSPPs are not available (git- fixes). * drm/msm/dsi: do not allow enabling 14nm VCO with unprogrammed rate (git- fixes). * drm/nouveau/dp: check for NULL nv_connector->native_mode (git-fixes). * drm/nouveau: add nv_encoder pointer check for NULL (git-fixes). * drm/nouveau: do not detect DSM for non-NVIDIA device (git-fixes). * drm/panel: sharp-ls043t1le01: adjust mode settings (git-fixes). * drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H (git- fixes). * drm/radeon: fix possible division-by-zero errors (git-fixes). * drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl (git- fixes). * drm/rockchip: vop: Leave vblank enabled in self-refresh (git-fixes). * drm/vram-helper: fix function names in vram helper doc (git-fixes). * drm: sun4i_tcon: use devm_clk_get_enabled in `sun4i_tcon_init_clocks` (git- fixes). * drm:amd:amdgpu: Fix missing buffer object unlock in failure path (git- fixes). * dt-bindings: i3c: silvaco,i3c-master: fix missing schema restriction (git- fixes). * dt-bindings: phy: brcm,brcmstb-usb-phy: Fix error in "compatible" conditional schema (git-fixes). * elf: correct note name comment (git-fixes). * ext4: Fix reusing stale buffer heads from last failed mounting (bsc#1213020). * ext4: add EA_INODE checking to ext4_iget() (bsc#1213106). * ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid() (bsc#1213088). * ext4: add lockdep annotations for i_data_sem for ea_inode's (bsc#1213109). * ext4: add strict range checks while freeing blocks (bsc#1213089). * ext4: avoid deadlock in fs reclaim with page writeback (bsc#1213016). * ext4: bail out of ext4_xattr_ibody_get() fails for any reason (bsc#1213018). * ext4: block range must be validated before use in ext4_mb_clear_bb() (bsc#1213090). * ext4: check iomap type only if ext4_iomap_begin() does not fail (bsc#1213103). * ext4: disallow ea_inodes with extended attributes (bsc#1213108). * ext4: fail ext4_iget if special inode unallocated (bsc#1213010). * ext4: fix WARNING in ext4_update_inline_data (bsc#1213012). * ext4: fix WARNING in mb_find_extent (bsc#1213099). * ext4: fix bug_on in __es_tree_search caused by bad quota inode (bsc#1213111). * ext4: fix data races when using cached status extents (bsc#1213102). * ext4: fix deadlock when converting an inline directory in nojournal mode (bsc#1213105). * ext4: fix i_disksize exceeding i_size problem in paritally written case (bsc#1213015). * ext4: fix lockdep warning when enabling MMP (bsc#1213100). * ext4: fix task hung in ext4_xattr_delete_inode (bsc#1213096). * ext4: fix to check return value of freeze_bdev() in ext4_shutdown() (bsc#1213021). * ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline (bsc#1213098). * ext4: improve error handling from ext4_dirhash() (bsc#1213104). * ext4: improve error recovery code paths in __ext4_remount() (bsc#1213017). * ext4: move where set the MAY_INLINE_DATA flag is set (bsc#1213011). * ext4: only update i_reserved_data_blocks on successful block allocation (bsc#1213019). * ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb() (bsc#1213087). * ext4: refuse to create ea block when umounted (bsc#1213093). * ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find() (bsc#1213107). * ext4: turn quotas off if mount failed after enabling quotas (bsc#1213110). * ext4: update s_journal_inum if it changes after journal replay (bsc#1213094). * ext4: use ext4_fc_tl_mem in fast-commit replay path (bsc#1213092). * ext4: zero i_disksize when initializing the bootloader inode (bsc#1213013). * extcon: Fix kernel doc of property capability fields to avoid warnings (git- fixes). * extcon: Fix kernel doc of property fields to avoid warnings (git-fixes). * extcon: usbc-tusb320: Add USB TYPE-C support (git-fixes). * extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered (git-fixes). * extcon: usbc-tusb320: Unregister typec port on driver removal (git-fixes). * extcon: usbc-tusb320: Update state on probe even if no IRQ pending (git- fixes). * fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() (git-fixes). * firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() (git-fixes). * hvcs: Fix hvcs port reference counting (bsc#1213134 ltc#202861). * hvcs: Get reference to tty in remove (bsc#1213134 ltc#202861). * hvcs: Synchronize hotplug remove with port free (bsc#1213134 ltc#202861). * hvcs: Use dev_groups to manage hvcs device attributes (bsc#1213134 ltc#202861). * hvcs: Use driver groups to manage driver attributes (bsc#1213134 ltc#202861). * hvcs: Use vhangup in hotplug remove (bsc#1213134 ltc#202861). * hwmon: (gsc-hwmon) fix fan pwm temperature scaling (git-fixes). * hwrng: imx-rngc - fix the timeout for init and self check (git-fixes). * hwrng: st - keep clock enabled while hwrng is registered (git-fixes). * i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle (git-fixes). * i2c: qup: Add missing unwind goto in qup_i2c_probe() (git-fixes). * iavf: remove mask from iavf_irq_enable_queues() (git-fixes). * ibmvnic: Do not reset dql stats on NON_FATAL err (bsc#1212603 ltc#202604). * ice, xsk: Diversify return values from xsk_wakeup call paths (git-fixes). * ice: Do not double unplug aux on peer initiated reset (git-fixes). * ice: Do not use WQ_MEM_RECLAIM flag for workqueue (git-fixes). * ice: Do not use WQ_MEM_RECLAIM flag for workqueue (jsc#PED-376). * ice: Fix DSCP PFC TLV creation (git-fixes). * ice: Fix DSCP PFC TLV creation (jsc#PED-376). * ice: Fix XDP memory leak when NIC is brought up and down (git-fixes). * ice: Fix ice VF reset during iavf initialization (jsc#PED-376). * ice: Fix ice_cfg_rdma_fltr() to only update relevant fields (jsc#PED-376). * ice: Fix ice_xdp_xmit() when XDP TX queue number is not sufficient (git- fixes). * ice: Fix memory corruption in VF driver (git-fixes). * ice: Ignore EEXIST when setting promisc mode (git-fixes). * ice: Prevent set_channel from changing queues while RDMA active (git-fixes). * ice: Prevent set_channel from changing queues while RDMA active (jsc#PED-376). * ice: Reset FDIR counter in FDIR init stage (git-fixes). * ice: Reset FDIR counter in FDIR init stage (jsc#PED-376). * ice: add profile conflict check for AVF FDIR (git-fixes). * ice: add profile conflict check for AVF FDIR (jsc#PED-376). * ice: block LAN in case of VF to VF offload (git-fixes). * ice: block LAN in case of VF to VF offload (jsc#PED-376). * ice: check if VF exists before mode check (jsc#PED-376). * ice: config netdev tc before setting queues number (git-fixes). * ice: copy last block omitted in ice_get_module_eeprom() (git-fixes). * ice: copy last block omitted in ice_get_module_eeprom() (jsc#PED-376). * ice: ethtool: Prohibit improper channel config for DCB (git-fixes). * ice: ethtool: advertise 1000M speeds properly (git-fixes). * ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg() (git- fixes). * ice: fix invalid check for empty list in ice_sched_assoc_vsi_to_agg() (jsc#PED-376). * ice: fix lost multicast packets in promisc mode (jsc#PED-376). * ice: fix wrong fallback logic for FDIR (git-fixes). * ice: fix wrong fallback logic for FDIR (jsc#PED-376). * ice: handle E822 generic device ID in PLDM header (git-fixes). * ice: switch: fix potential memleak in ice_add_adv_recipe() (git-fixes). * ice: switch: fix potential memleak in ice_add_adv_recipe() (jsc#PED-376). * ice: use bitmap_free instead of devm_kfree (git-fixes). * ice: xsk: disable txq irq before flushing hw (jsc#PED-376). * ice: xsk: use Rx ring's XDP ring when picking NAPI context (git-fixes). * ieee802154: hwsim: Fix possible memory leaks (git-fixes). * ifcvf/vDPA: fix misuse virtio-net device config size for blk dev (jsc#SLE-19253). * igb: Fix extts capture value format for 82580/i354/i350 (git-fixes). * igb: fix bit_shift to be in [1..8] range (git-fixes). * igb: fix nvm.ops.read() error handling (git-fixes). * igc: Clean the TX buffer and TX descriptor ring (git-fixes). * igc: Fix possible system crash when loading module (git-fixes). * iio: accel: fxls8962af: errata bug only applicable for FXLS8962AF (git- fixes). * iio: accel: fxls8962af: fixup buffer scan element type (git-fixes). * iio: adc: ad7192: Fix internal/external clock selection (git-fixes). * iio: adc: ad7192: Fix null ad7192_state pointer access (git-fixes). * init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init() (bsc#1212448). * init: Invoke arch_cpu_finalize_init() earlier (bsc#1212448). * init: Provide arch_cpu_finalize_init() (bsc#1212448). * init: Remove check_bugs() leftovers (bsc#1212448). * inotify: Avoid reporting event with invalid wd (bsc#1213025). * integrity: Fix possible multiple allocation in integrity_inode_get() (git- fixes). * io_uring: clear TIF_NOTIFY_SIGNAL if set and task_work not available (git- fixes). * io_uring: do not expose io_fill_cqe_aux() (bsc#1211014). * io_uring: do not gate task_work run on TIF_NOTIFY_SIGNAL (git-fixes). * io_uring: fix return value when removing provided buffers (git-fixes). * io_uring: fix size calculation when registering buf ring (git-fixes). * irqchip/clps711x: Remove unused clps711x_intc_init() function (git-fixes). * irqchip/ftintc010: Mark all function static (git-fixes). * irqchip/jcore-aic: Fix missing allocation of IRQ descriptors (git-fixes). * jbd2: fix data missing when reusing bh which is ready to be checkpointed (bsc#1213095). * jdb2: Do not refuse invalidation of already invalidated buffers (bsc#1213014). * kABI workaround for cpp_acpi extensions for EPP (bsc#1212445). * kernel-docs: Add buildrequires on python3-base when using python3 The python3 binary is provided by python3-base. * kernel-docs: Use python3 together with python3-Sphinx (bsc#1212741). * kprobe: reverse kp->flags when arm_kprobe failed (git-fixes). * kprobes: Fix check for probe enabled in kill_kprobe() (git-fixes). * kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list (git- fixes). * kprobes: Forbid probing on trampoline and BPF code areas (git-fixes). * kprobes: Prohibit probes in gate area (git-fixes). * kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case (git-fixes). * kprobes: do not call disarm_kprobe() for disabled kprobes (git-fixes). * lpfc: Account for fabric domain ctlr device loss recovery (bsc#1211346, bsc#1211852). * lpfc: Change firmware upgrade logging to KERN_NOTICE instead of TRACE_EVENT (bsc#1211852). * lpfc: Clean up SLI-4 CQE status handling (bsc#1211852). * lpfc: Clear NLP_IN_DEV_LOSS flag if already in rediscovery (bsc#1211852). * lpfc: Copyright updates for 14.2.0.13 patches (bsc#1211852). * lpfc: Enhance congestion statistics collection (bsc#1211852). * lpfc: Fix use-after-free rport memory access in lpfc_register_remote_port (bsc#1211852, bsc#1208410, bsc#1211346). * lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state (bsc#1211852). * lpfc: Update lpfc version to 14.2.0.13 (bsc#1211852). * mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 (git-fixes). * media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var() (git-fixes). * media: cec: core: do not set last_initiator if tx in progress (git-fixes). * media: cec: i2c: ch7322: also select REGMAP (git-fixes). * media: i2c: Correct format propagation for st-mipid02 (git-fixes). * media: usb: Check az6007_read() return value (git-fixes). * media: usb: siano: Fix warning due to null work_func_t function pointer (git-fixes). * media: venus: helpers: Fix ALIGN() of non power of two (git-fixes). * media: videodev2.h: Fix struct v4l2_input tuner index comment (git-fixes). * memory: brcmstb_dpfe: fix testing array offset after use (git-fixes). * meson saradc: fix clock divider mask length (git-fixes). * mfd: intel-lpss: Add missing check for platform_get_resource (git-fixes). * mfd: pm8008: Fix module autoloading (git-fixes). * mfd: rt5033: Drop rt5033-battery sub-device (git-fixes). * mfd: stmfx: Fix error path in stmfx_chip_init (git-fixes). * mfd: stmfx: Nullify stmfx->vdd in case of error (git-fixes). * mfd: stmpe: Only disable the regulators if they are enabled (git-fixes). * misc: fastrpc: Create fastrpc scalar with correct buffer count (git-fixes). * misc: pci_endpoint_test: Free IRQs before removing the device (git-fixes). * misc: pci_endpoint_test: Re-init completion for every test (git-fixes). * mlx5: do not use RT_TOS for IPv6 flowlabel (jsc#SLE-19253). * mlx5: fix possible ptp queue fifo use-after-free (jsc#PED-1549). * mlx5: fix skb leak while fifo resync and push (jsc#PED-1549). * mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() (git-fixes). * mm/vmalloc: do not output a spurious warning when huge vmalloc() fails (bsc#1211410). * mm: Move mm_cachep initialization to mm_init() (bsc#1212448). * mm: vmalloc: avoid warn_alloc noise caused by fatal signal (bsc#1211410). * mmc: bcm2835: fix deferred probing (git-fixes). * mmc: meson-gx: remove redundant mmc_request_done() call from irq context (git-fixes). * mmc: mmci: Set PROBE_PREFER_ASYNCHRONOUS (git-fixes). * mmc: mmci: stm32: fix max busy timeout calculation (git-fixes). * mmc: mtk-sd: fix deferred probing (git-fixes). * mmc: mvsdio: fix deferred probing (git-fixes). * mmc: omap: fix deferred probing (git-fixes). * mmc: omap_hsmmc: fix deferred probing (git-fixes). * mmc: owl: fix deferred probing (git-fixes). * mmc: sdhci-acpi: fix deferred probing (git-fixes). * mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 (git-fixes). * mmc: sdhci-spear: fix deferred probing (git-fixes). * mmc: sh_mmcif: fix deferred probing (git-fixes). * mmc: sunxi: fix deferred probing (git-fixes). * mmc: usdhi60rol0: fix deferred probing (git-fixes). * mtd: rawnand: meson: fix unaligned DMA buffers handling (git-fixes). * net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path (jsc#PED-1549). * net/mlx5: Add forgotten cleanup calls into mlx5_init_once() error path (jsc#SLE-19253). * net/mlx5: Allow async trigger completion execution on single CPU systems (jsc#SLE-19253). * net/mlx5: Allow future addition of IPsec object modifiers (jsc#SLE-19253). * net/mlx5: Avoid false positive lockdep warning by adding lock_class_key (jsc#SLE-19253). * net/mlx5: Avoid recovery in probe flows (jsc#PED-1549 bsc#1211794). * net/mlx5: Avoid recovery in probe flows (jsc#SLE-19253). * net/mlx5: Bridge, fix ageing of peer FDB entries (jsc#PED-1549). * net/mlx5: Bridge, fix ageing of peer FDB entries (jsc#SLE-19253). * net/mlx5: Bridge, verify LAG state when adding bond to bridge (jsc#SLE-19253). * net/mlx5: Collect command failures data only for known commands (jsc#PED-1549). * net/mlx5: DR, Check force-loopback RC QP capability independently from RoCE (jsc#PED-1549). * net/mlx5: DR, Check force-loopback RC QP capability independently from RoCE (jsc#SLE-19253). * net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs (jsc#PED-1549). * net/mlx5: DR, Fix crc32 calculation to work on big-endian (BE) CPUs (jsc#SLE-19253). * net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table (jsc#SLE-19253). * net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device (jsc#PED-1549). * net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device (jsc#SLE-19253). * net/mlx5: Devcom, serialize devcom registration (jsc#PED-1549). * net/mlx5: Disable eswitch before waiting for VF pages (jsc#PED-1549). * net/mlx5: Do not advertise IPsec netdev support for non-IPsec device (jsc#SLE-19253). * net/mlx5: Do not use already freed action pointer (jsc#SLE-19253). * net/mlx5: E-Switch, Fix an Oops in error handling code (jsc#PED-1549). * net/mlx5: E-Switch, Fix an Oops in error handling code (jsc#SLE-19253). * net/mlx5: E-Switch, properly handle ingress tagged packets on VST (jsc#PED-1549). * net/mlx5: E-Switch, properly handle ingress tagged packets on VST (jsc#SLE-19253). * net/mlx5: E-switch, Create per vport table based on devlink encap mode (jsc#PED-1549). * net/mlx5: E-switch, Create per vport table based on devlink encap mode (jsc#SLE-19253). * net/mlx5: E-switch, Do not destroy indirect table in split rule (jsc#PED-1549). * net/mlx5: E-switch, Do not destroy indirect table in split rule (jsc#SLE-19253). * net/mlx5: E-switch, Fix missing set of split_count when forward to ovs internal port (jsc#PED-1549). * net/mlx5: E-switch, Fix missing set of split_count when forward to ovs internal port (jsc#SLE-19253). * net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT (jsc#PED-1549). * net/mlx5: E-switch, Fix setting of reserved fields on MODIFY_SCHEDULING_ELEMENT (jsc#SLE-19253). * net/mlx5: E-switch, Fix switchdev mode after devlink reload (jsc#PED-1549). * net/mlx5: E-switch, Fix wrong usage of source port rewrite in split rules (jsc#PED-1549). * net/mlx5: ECPF, wait for VF pages only after disabling host PFs (jsc#PED-1549). * net/mlx5: Enhance debug print in page allocation failure (jsc#PED-1549). * net/mlx5: Enhance debug print in page allocation failure (jsc#SLE-19253). * net/mlx5: Expose SF firmware pages counter (jsc#PED-1549). * net/mlx5: Fix FW tracer timestamp calculation (jsc#SLE-19253). * net/mlx5: Fix RoCE setting at HCA level (jsc#PED-1549). * net/mlx5: Fix RoCE setting at HCA level (jsc#SLE-19253). * net/mlx5: Fix command stats access after free (jsc#PED-1549). * net/mlx5: Fix crash during sync firmware reset (jsc#SLE-19253). * net/mlx5: Fix error message when failing to allocate device memory (jsc#PED-1549). * net/mlx5: Fix error message when failing to allocate device memory (jsc#SLE-19253). * net/mlx5: Fix handling of entry refcount when command is not issued to FW (jsc#SLE-19253). * net/mlx5: Fix io_eq_size and event_eq_size params validation (jsc#PED-1549). * net/mlx5: Fix possible use-after-free in async command interface (jsc#SLE-19253). * net/mlx5: Fix ptp max frequency adjustment range (jsc#PED-1549). * net/mlx5: Fix ptp max frequency adjustment range (jsc#SLE-19253). * net/mlx5: Fix setting ec_function bit in MANAGE_PAGES (jsc#PED-1549). * net/mlx5: Fix steering rules cleanup (jsc#PED-1549). * net/mlx5: Fix steering rules cleanup (jsc#SLE-19253). * net/mlx5: Fix uninitialized variable bug in outlen_write() (jsc#SLE-19253). * net/mlx5: Geneve, Fix handling of Geneve object id as error code (jsc#PED-1549). * net/mlx5: Geneve, Fix handling of Geneve object id as error code (jsc#SLE-19253). * net/mlx5: Handle pairing of E-switch via uplink un/load APIs (jsc#PED-1549). * net/mlx5: Initialize flow steering during driver probe (jsc#SLE-19253). * net/mlx5: Lag, fix failure to cancel delayed bond work (jsc#PED-1549). * net/mlx5: Read embedded cpu after init bit cleared (jsc#PED-1549). * net/mlx5: Read embedded cpu after init bit cleared (jsc#SLE-19253). * net/mlx5: Read the TC mapping of all priorities on ETS query (jsc#PED-1549). * net/mlx5: Read the TC mapping of all priorities on ETS query (jsc#SLE-19253). * net/mlx5: Rearm the FW tracer after each tracer event (jsc#SLE-19253). * net/mlx5: SF, Drain health before removing device (jsc#PED-1549). * net/mlx5: SF, Drain health before removing device (jsc#SLE-19253). * net/mlx5: SF: Fix probing active SFs during driver probe phase (jsc#SLE-19253). * net/mlx5: Serialize module cleanup with reload and remove (jsc#PED-1549). * net/mlx5: Serialize module cleanup with reload and remove (jsc#SLE-19253). * net/mlx5: Set BREAK_FW_WAIT flag first when removing driver (jsc#PED-1549). * net/mlx5: Store page counters in a single array (jsc#PED-1549). * net/mlx5: Wait for firmware to enable CRS before pci_restore_state (jsc#SLE-19253). * net/mlx5: add IFC bits for bypassing port select flow table (git-fixes) * net/mlx5: check attr pointer validity before dereferencing it (jsc#PED-1549). * net/mlx5: check attr pointer validity before dereferencing it (jsc#SLE-19253). * net/mlx5: correct ECE offset in query qp output (jsc#SLE-19253). * net/mlx5: fix missing mutex_unlock in mlx5_fw_fatal_reporter_err_work() (jsc#SLE-19253). * net/mlx5: fs, fail conflicting actions (jsc#SLE-19253). * net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers (jsc#PED-1549). * net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers (jsc#SLE-19253). * net/mlx5: fw_tracer, Fix event handling (jsc#PED-1549). * net/mlx5: fw_tracer, Fix event handling (jsc#SLE-19253). * net/mlx5: fw_tracer, Zero consumer index when reloading the tracer (jsc#PED-1549). * net/mlx5: fw_tracer, Zero consumer index when reloading the tracer (jsc#SLE-19253). * net/mlx5e: Always clear dest encap in neigh-update-del (jsc#PED-1549). * net/mlx5e: Always clear dest encap in neigh-update-del (jsc#SLE-19253). * net/mlx5e: Avoid false lock dependency warning on tc_ht even more (jsc#PED-1549). * net/mlx5e: Avoid false lock dependency warning on tc_ht even more (jsc#SLE-19253). * net/mlx5e: Block entering switchdev mode with ns inconsistency (jsc#PED-1549). * net/mlx5e: Block entering switchdev mode with ns inconsistency (jsc#SLE-19253). * net/mlx5e: CT: Fix ct debugfs folder name (jsc#PED-1549). * net/mlx5e: Do not attach netdev profile while handling internal error (jsc#PED-1549). * net/mlx5e: Do not attach netdev profile while handling internal error (jsc#SLE-19253). * net/mlx5e: Do not cache tunnel offloads capability (jsc#PED-1549). * net/mlx5e: Do not clone flow post action attributes second time (jsc#PED-1549). * net/mlx5e: Do not increment ESN when updating IPsec ESN state (jsc#SLE-19253). * net/mlx5e: Do not support encap rules with gbp option (jsc#PED-1549). * net/mlx5e: Do not support encap rules with gbp option (jsc#SLE-19253). * net/mlx5e: E-Switch, Fix comparing termination table instance (jsc#SLE-19253). * net/mlx5e: Extend SKB room check to include PTP-SQ (jsc#SLE-19253). * net/mlx5e: Fix MPLSoUDP encap to use MPLS action information (jsc#SLE-19253). * net/mlx5e: Fix RX reporter for XSK RQs (jsc#PED-1549). * net/mlx5e: Fix SQ wake logic in ptp napi_poll context (jsc#PED-1549). * net/mlx5e: Fix SQ wake logic in ptp napi_poll context (jsc#SLE-19253). * net/mlx5e: Fix capability check for updating vnic env counters (jsc#SLE-19253). * net/mlx5e: Fix cleanup null-ptr deref on encap lock (jsc#PED-1549). * net/mlx5e: Fix crash unsetting rx-vlan-filter in switchdev mode (jsc#PED-1549). * net/mlx5e: Fix deadlock in tc route query code (jsc#PED-1549). * net/mlx5e: Fix error handling in mlx5e_refresh_tirs (jsc#PED-1549). * net/mlx5e: Fix error handling in mlx5e_refresh_tirs (jsc#SLE-19253). * net/mlx5e: Fix hw mtu initializing at XDP SQ allocation (jsc#PED-1549). * net/mlx5e: Fix hw mtu initializing at XDP SQ allocation (jsc#SLE-19253). * net/mlx5e: Fix macsec ASO context alignment (jsc#PED-1549). * net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY) (jsc#PED-1549). * net/mlx5e: Fix macsec ssci attribute handling in offload path (jsc#PED-1549). * net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS (jsc#SLE-19253). * net/mlx5e: Fix use-after-free when reverting termination table (jsc#SLE-19253). * net/mlx5e: Fix wrong application of the LRO state (jsc#SLE-19253). * net/mlx5e: Fix wrong tc flag used when set hw-tc-offload off (jsc#SLE-19253). * net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent (jsc#PED-1549). * net/mlx5e: IPoIB, Block queue count configuration when sub interfaces are present (jsc#PED-1549). * net/mlx5e: IPoIB, Do not allow CQE compression to be turned on by default (jsc#PED-1549). * net/mlx5e: IPoIB, Do not allow CQE compression to be turned on by default (jsc#SLE-19253). * net/mlx5e: IPoIB, Fix child PKEY interface stats on rx path (jsc#PED-1549). * net/mlx5e: IPoIB, Show unknown speed instead of error (jsc#PED-1549). * net/mlx5e: IPoIB, Show unknown speed instead of error (jsc#SLE-19253). * net/mlx5e: Initialize link speed to zero (jsc#PED-1549). * net/mlx5e: Modify slow path rules to go to slow fdb (jsc#SLE-19253). * net/mlx5e: Nullify table pointer when failing to create (jsc#PED-1549). * net/mlx5e: Overcome slow response for first macsec ASO WQE (jsc#PED-1549). * net/mlx5e: QoS, Fix wrongfully setting parent_element_id on MODIFY_SCHEDULING_ELEMENT (jsc#PED-1549). * net/mlx5e: QoS, Fix wrongfully setting parent_element_id on MODIFY_SCHEDULING_ELEMENT (jsc#SLE-19253). * net/mlx5e: Remove redundant xsk pointer check in mlx5e_mpwrq_validate_xsk (jsc#PED-1549). * net/mlx5e: Set decap action based on attr for sample (jsc#PED-1549). * net/mlx5e: Set geneve_tlv_option_0_exist when matching on geneve option (jsc#PED-1549). * net/mlx5e: Set uplink rep as NETNS_LOCAL (jsc#PED-1549). * net/mlx5e: Set uplink rep as NETNS_LOCAL (jsc#SLE-19253). * net/mlx5e: TC, Fix ct_clear overwriting ct action metadata (jsc#SLE-19253). * net/mlx5e: TC, Keep mod hdr actions after mod hdr alloc (jsc#PED-1549). * net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change (jsc#PED-1549). * net/mlx5e: Update rx ring hw mtu upon each rx-fcs flag change (jsc#SLE-19253). * net/mlx5e: Use correct encap attribute during invalidation (jsc#PED-1549). * net/mlx5e: Verify dev is present for fix features ndo (jsc#PED-1549). * net/mlx5e: Verify flow_source cap before using it (jsc#PED-1549). * net/mlx5e: Verify flow_source cap before using it (jsc#SLE-19253). * net/mlx5e: do as little as possible in napi poll when budget is 0 (jsc#PED-1549). * net/mlx5e: do as little as possible in napi poll when budget is 0 (jsc#SLE-19253). * net/mlx5e: kTLS, Fix build time constant test in RX (jsc#SLE-19253). * net/mlx5e: kTLS, Fix build time constant test in TX (jsc#SLE-19253). * net/net_failover: fix txq exceeding warning (git-fixes). * net/sched: fix initialization order when updating chain 0 head (git-fixes). * net/sched: flower: fix possible OOB write in fl_set_geneve_opt() (git- fixes). * net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms (git-fixes). * net: ena: Account for the number of processed bytes in XDP (git-fixes). * net: ena: Do not register memory info on XDP exchange (git-fixes). * net: ena: Fix rx_copybreak value update (git-fixes). * net: ena: Fix toeplitz initial hash value (git-fixes). * net: ena: Set default value for RX interrupt moderation (git-fixes). * net: ena: Update NUMA TPH hint register upon NUMA node update (git-fixes). * net: ena: Use bitmask to indicate packet redirection (git-fixes). * net: hns3: add interrupts re-initialization while doing VF FLR (git-fixes). * net: hns3: fix output information incomplete for dumping tx queue info with debugfs (git-fixes). * net: hns3: fix reset delay time to avoid configuration timeout (git-fixes). * net: hns3: fix sending pfc frames after reset issue (git-fixes). * net: hns3: fix tm port shapping of fibre port is incorrect after driver initialization (git-fixes). * net: mlx5: eliminate anonymous module_init & module_exit (jsc#PED-1549). * net: mlx5: eliminate anonymous module_init & module_exit (jsc#SLE-19253). * net: sched: fix possible refcount leak in tc_chain_tmplt_add() (git-fixes). * net: usb: qmi_wwan: add support for Compal RXM-G1 (git-fixes). * nfcsim.c: Fix error checking for debugfs_create_dir (git-fixes). * nfp: only report pause frame configuration for physical device (git-fixes). * nilfs2: fix buffer corruption due to concurrent device reads (git-fixes). * nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key() (git-fixes). * nilfs2: fix possible out-of-bounds segment allocation in resize ioctl (git- fixes). * nouveau: fix client work fence deletion race (git-fixes). * ntb: idt: Fix error handling in idt_pci_driver_init() (git-fixes). * ntb: intel: Fix error handling in intel_ntb_pci_driver_init() (git-fixes). * nvme-core: fix dev_pm_qos memleak (git-fixes). * nvme-core: fix memory leak in dhchap_ctrl_secret (git-fixes). * nvme-core: fix memory leak in dhchap_secret_store (git-fixes). * nvme-multipath: support io stats on the mpath device (bsc#1210565). * nvme-pci: add quirk for missing secondary temperature thresholds (git- fixes). * nvme: double KA polling frequency to avoid KATO with TBKAS on (git-fixes). * nvme: introduce nvme_start_request (bsc#1210565). * ocfs2: fix defrag path triggering jbd2 ASSERT (git-fixes). * ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown (git-fixes). * ocfs2: fix non-auto defrag path not working issue (git-fixes). * octeontx2-pf: Avoid use of GFP_KERNEL in atomic context (git-fixes). * octeontx2-pf: Fix resource leakage in VF driver unbind (git-fixes). * octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt (git-fixes). * octeontx2-pf: Recalculate UDP checksum for ptp 1-step sync packet (git- fixes). * opp: Fix use-after-free in lazy_opp_tables after probe deferral (git-fixes). * perf/x86/intel/cstate: Add Emerald Rapids (PED-4396). * phy: Revert "phy: Remove SOC_EXYNOS4212 dep. from PHY_EXYNOS4X12_USB" (git- fixes). * phy: tegra: xusb: Clear the driver reference in usb-phy dev (git-fixes). * phy: tegra: xusb: check return value of devm_kzalloc() (git-fixes). * pinctrl: at91-pio4: check return value of devm_kasprintf() (git-fixes). * pinctrl: cherryview: Return correct value if pin in push-pull mode (git- fixes). * pinctrl: microchip-sgpio: check return value of devm_kasprintf() (git- fixes). * platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0 (git-fixes). * platform/x86: think-lmi: Correct NVME password handling (git-fixes). * platform/x86: think-lmi: Correct System password interface (git-fixes). * platform/x86: think-lmi: mutex protection around multiple WMI calls (git- fixes). * platform/x86: thinkpad_acpi: Fix lkp-tests warnings for platform profiles (git-fixes). * power: supply: Fix logic checking if system is running from battery (git- fixes). * power: supply: Ratelimit no data debug output (git-fixes). * power: supply: ab8500: Fix external_power_changed race (git-fixes). * power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule() (git-fixes). * power: supply: sc27xx: Fix external_power_changed race (git-fixes). * powerpc/64s/radix: Fix exit lazy tlb mm switch with irqs enabled (bsc#1194869). * powerpc/iommu: Limit number of TCEs to 512 for H_STUFF_TCE hcall (bsc#1194869 bsc#1212701). * powerpc/purgatory: remove PGO flags (bsc#1194869). * powerpc/set_memory: Avoid spinlock recursion in change_page_attr() (bsc#1194869). * pstore/ram: Add check for kstrdup (git-fixes). * pwm: ab8500: Fix error code in probe() (git-fixes). * pwm: imx-tpm: force 'real_period' to be zero in suspend (git-fixes). * pwm: sysfs: Do not apply state to already disabled PWMs (git-fixes). * qed/qede: Fix scheduling while atomic (git-fixes). * radeon: avoid double free in ci_dpm_init() (git-fixes). * rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check (git-fixes). * regmap: spi-avmm: Fix regmap_bus max_raw_write (git-fixes). * regulator: Fix error checking for debugfs_create_dir (git-fixes). * regulator: core: Fix more error checking for debugfs_create_dir() (git- fixes). * regulator: core: Streamline debugfs operations (git-fixes). * regulator: helper: Document ramp_delay parameter of regulator_set_ramp_delay_regmap() (git-fixes). * regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK (git-fixes). * rpm/check-for-config-changes: ignore also PAHOLE_HAS_* We now also have options like CONFIG_PAHOLE_HAS_LANG_EXCLUDE. * rtc: efi: Add wakeup support (bsc#1213116). * rtc: efi: Enable SET/GET WAKEUP services as optional (bsc#1213116). * rtc: efi: switch to devm_rtc_allocate_device (bsc#1213116). * rtc: st-lpc: Release some resources in st_rtc_probe() in case of error (git- fixes). * s390/ap: fix memory leak in ap_init_qci_info() (git-fixes). * s390/dasd: Use correct lock while counting channel queue length (git-fixes bsc#1212592). * s390/gmap: voluntarily schedule during key setting (git-fixes bsc#1212892). * s390/pkey: zeroize key blobs (git-fixes bsc#1212619). * s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue() (git- fixes). * sched/debug: fix dentry leak in update_sched_domain_debugfs (git-fixes) * sched: Fix DEBUG && !SCHEDSTATS warn (git-fixes) * scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git- fixes). * scsi: stex: Fix gcc 13 warnings (git-fixes). * selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET (git-fixes). * selftests: mptcp: depend on SYN_COOKIES (git-fixes). * selftests: mptcp: sockopt: return error if wrong mark (git-fixes). * serial: 8250: lock port for UART_IER access in omap8250_irq() (git-fixes). * serial: 8250: lock port for stop_rx() in omap8250_irq() (git-fixes). * serial: 8250: omap: Fix freeing of resources on failed register (git-fixes). * serial: 8250_omap: Use force_suspend and resume for system suspend (git- fixes). * serial: atmel: do not enable IRQs prematurely (git-fixes). * serial: lantiq: add missing interrupt ack (git-fixes). * signal/s390: Use force_sigsegv in default_trap_handler (git-fixes bsc#1212861). * soc/fsl/qe: fix usb.c build errors (git-fixes). * soc: samsung: exynos-pmu: Re-introduce Exynos4212 support (git-fixes). * soundwire: dmi-quirks: add new mapping for HP Spectre x360 (git-fixes). * soundwire: qcom: fix storing port config out-of-bounds (git-fixes). * spi: bcm-qspi: return error if neither hif_mspi nor mspi is available (git- fixes). * spi: dw: Round of n_bytes to power of 2 (git-fixes). * spi: fsl-dspi: avoid SCK glitches with continuous transfers (git-fixes). * spi: lpspi: disable lpspi module irq in DMA mode (git-fixes). * spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG (git-fixes). * spi: tegra210-quad: Fix combined sequence (bsc#1212584) * spi: tegra210-quad: Fix iterator outside loop (git-fixes). * spi: tegra210-quad: Multi-cs support (bsc#1212584) * supported.conf: Move bt878 and bttv modules to kernel-*-extra (jsc#PED-3931) * task_work: Decouple TIF_NOTIFY_SIGNAL and task_work (git-fixes). * task_work: Introduce task_work_pending (git-fixes). * test_firmware: Use kstrtobool() instead of strtobool() (git-fixes). * test_firmware: prevent race conditions by a correct implementation of locking (git-fixes). * test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (git-fixes). * thermal/drivers/sun8i: Fix some error handling paths in sun8i_ths_probe() (git-fixes). * thunderbolt: dma_test: Use correct value for absent rings when creating paths (git-fixes). * tls: Skip tls_append_frag on zero copy size (git-fixes). * tools: bpftool: Remove invalid \' json escape (git-fixes). * tracing/histograms: Allow variables to have some modifiers (git-fixes). * tracing/probe: trace_probe_primary_from_call(): checked list_first_entry (git-fixes). * tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode() (git- fixes). * tracing: Have event format check not flag %p* on __get_dynamic_array() (git- fixes, bsc#1212350). * tracing: Introduce helpers to safely handle dynamic-sized sockaddrs (git- fixes). * tracing: Update print fmt check to handle new __get_sockaddr() macro (git- fixes, bsc#1212350). * tty: serial: imx: fix rs485 rx after tx (git-fixes). * tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error (git-fixes). * tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk (git-fixes). * ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584). * ubi: ensure that VID header offset + VID header size <= alloc, size (bsc#1210584). * udf: Avoid double brelse() in udf_rename() (bsc#1213032). * udf: Define EFSCORRUPTED error code (bsc#1213038). * udf: Detect system inodes linked into directory hierarchy (bsc#1213114). * udf: Discard preallocation before extending file with a hole (bsc#1213036). * udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size (bsc#1213035). * udf: Do not bother merging very long extents (bsc#1213040). * udf: Do not update file length for failed writes to inline files (bsc#1213041). * udf: Fix error handling in udf_new_inode() (bsc#1213112). * udf: Fix extending file within last block (bsc#1213037). * udf: Fix preallocation discarding at indirect extent boundary (bsc#1213034). * udf: Preserve link count of system files (bsc#1213113). * udf: Truncate added extents on failed expansion (bsc#1213039). * usrmerge: Adjust module path in the kernel sources (bsc#1212835). * vDPA: check VIRTIO_NET_F_RSS for max_virtqueue_paris's presence (jsc#PED-1549). * vDPA: check virtio device features to detect MQ (jsc#PED-1549). * vDPA: fix 'cast to restricted le16' warnings in vdpa.c (jsc#PED-1549). * vdpa/ifcvf: fix the calculation of queuepair (jsc#PED-1549). * vdpa/mlx5: Directly assign memory key (jsc#PED-1549). * vdpa/mlx5: Directly assign memory key (jsc#SLE-19253). * vdpa/mlx5: Do not clear mr struct on destroy MR (jsc#PED-1549). * vdpa/mlx5: Do not clear mr struct on destroy MR (jsc#SLE-19253). * vdpa/mlx5: Fix rule forwarding VLAN to TIR (jsc#PED-1549). * vdpa/mlx5: Fix wrong configuration of virtio_version_1_0 (jsc#SLE-19253). * vdpa/mlx5: Fix wrong mac address deletion (jsc#PED-1549). * vdpa/mlx5: Initialize CVQ iotlb spinlock (jsc#PED-1549). * vdpa/mlx5: should not activate virtq object when suspended (jsc#PED-1549). * vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit (jsc#PED-1549). * vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit (jsc#SLE-19253). * vdpa: Use BIT_ULL for bit operations (jsc#PED-1549). * vdpa: conditionally fill max max queue pair for stats (jsc#PED-1549). * vduse: Fix NULL pointer dereference on sysfs access (jsc#PED-1549). * vduse: Fix returning wrong type in vduse_domain_alloc_iova() (jsc#PED-1549). * vduse: avoid empty string for dev name (jsc#PED-1549). * vduse: check that offset is within bounds in get_config() (jsc#PED-1549). * vduse: fix memory corruption in vduse_dev_ioctl() (jsc#PED-1549). * vduse: prevent uninitialized memory accesses (jsc#PED-1549). * vhost-vdpa: fix an iotlb memory leak (jsc#PED-1549). * vhost-vdpa: free iommu domain after last use during cleanup (jsc#PED-1549). * vhost_vdpa: fix the crash in unmap a large memory (jsc#PED-1549). * vhost_vdpa: fix unmap process in no-batch mode (jsc#PED-1549). * vhost_vdpa: support PACKED when setting-getting vring_base (jsc#PED-1549). * vhost_vdpa: support PACKED when setting-getting vring_base (jsc#SLE-19253). * w1: fix loop in w1_fini() (git-fixes). * w1: w1_therm: fix locking behavior in convert_t (git-fixes). * wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key() (git-fixes). * wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx (git- fixes). * wifi: ath9k: convert msecs to jiffies where needed (git-fixes). * wifi: ath9k: do not allow to overwrite ENDPOINT0 attributes (git-fixes). * wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation (git-fixes). * wifi: atmel: Fix an error handling path in atmel_probe() (git-fixes). * wifi: cfg80211: rewrite merging of inherited elements (git-fixes). * wifi: iwlwifi: mvm: indicate HW decrypt for beacon protection (git-fixes). * wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler() (git-fixes). * wifi: iwlwifi: pull from TXQs with softirqs disabled (git-fixes). * wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan() (git-fixes). * wifi: orinoco: Fix an error handling path in orinoco_cs_probe() (git-fixes). * wifi: orinoco: Fix an error handling path in spectrum_cs_probe() (git- fixes). * wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled (git- fixes). * wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown (git-fixes). * wifi: wilc1000: fix for absent RSN capabilities WFA testcase (git-fixes). * writeback: fix call of incorrect macro (bsc#1213024). * writeback: fix dereferencing NULL mapping->host on writeback_page_template (git-fixes). * x86/build: Avoid relocation information in final vmlinux (bsc#1187829). * x86/cpu: Switch to arch_cpu_finalize_init() (bsc#1212448). * x86/fpu: Mark init functions __init (bsc#1212448). * x86/fpu: Move FPU initialization into arch_cpu_finalize_init() (bsc#1212448). * x86/fpu: Remove cpuinfo argument from init functions (bsc#1212448). * x86/init: Initialize signal frame size late (bsc#1212448). * x86/kprobes: Fix __recover_optprobed_insn check optimizing logic (git- fixes). * x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range (git-fixes). * x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build (git-fixes). * x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter (git-fixes). * x86/microcode: Print previous version of microcode after reload (git-fixes). * x86/mm: Fix RESERVE_BRK() for older binutils (git-fixes). * x86/mm: Fix use of uninitialized buffer in sme_enable() (git-fixes). * x86/mm: Initialize text poking earlier (bsc#1212448). * x86/mm: Use mm_alloc() in poking_init() (bsc#1212448). * x86/mm: fix poking_init() for Xen PV guests (git-fixes). * x86/msr: Add AMD CPPC MSR definitions (bsc#1212445). * x86/sgx: Fix race between reclaimer and page fault handler (git-fixes). * x86/sgx: Mark PCMD page as dirty when modifying contents (git-fixes). * x86/xen: fix secondary processor fpu initialization (bsc#1212869). ## Special Instructions and Notes: * Please reboot the system after installing this update.
Patch
## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-2892=1 openSUSE-SLE-15.5-2023-2892=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-2892=1
Package List
* openSUSE Leap 15.5 (aarch64 x86_64) * dlm-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.6.1 * kernel-azure-devel-5.14.21-150500.33.6.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.6.1 * kernel-syms-azure-5.14.21-150500.33.6.1 * kselftests-kmp-azure-5.14.21-150500.33.6.1 * cluster-md-kmp-azure-5.14.21-150500.33.6.1 * ocfs2-kmp-azure-5.14.21-150500.33.6.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.6.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * reiserfs-kmp-azure-5.14.21-150500.33.6.1 * dlm-kmp-azure-5.14.21-150500.33.6.1 * kernel-azure-debuginfo-5.14.21-150500.33.6.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * gfs2-kmp-azure-5.14.21-150500.33.6.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.6.1 * kernel-azure-extra-5.14.21-150500.33.6.1 * kernel-azure-debugsource-5.14.21-150500.33.6.1 * kernel-azure-optional-5.14.21-150500.33.6.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.6.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.6.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.6.1 * kernel-azure-vdso-5.14.21-150500.33.6.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.6.1 * kernel-source-azure-5.14.21-150500.33.6.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.6.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-5.14.21-150500.33.6.1 * kernel-azure-debuginfo-5.14.21-150500.33.6.1 * kernel-azure-debugsource-5.14.21-150500.33.6.1 * kernel-syms-azure-5.14.21-150500.33.6.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.6.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.6.1 * kernel-source-azure-5.14.21-150500.33.6.1
References
* #1187829 * #1189998 * #1194869 * #1205758 * #1208410 * #1209039 * #1209780 * #1210335 * #1210565 * #1210584 * #1210853 * #1211014 * #1211346 * #1211400 * #1211410 * #1211794 * #1211852 * #1212051 * #1212265 * #1212350 * #1212405 * #1212445 * #1212448 * #1212456 * #1212494 * #1212495 * #1212504 * #1212513 * #1212540 * #1212556 * #1212561 * #1212563 * #1212564 * #1212584 * #1212592 * #1212603 * #1212605 * #1212606 * #1212619 * #1212685 * #1212701 * #1212741 * #1212835 * #1212838 * #1212842 * #1212848 * #1212861 * #1212869 * #1212892 * #1212961 * #1213010 * #1213011 * #1213012 * #1213013 * #1213014 * #1213015 * #1213016 * #1213017 * #1213018 * #1213019 * #1213020 * #1213021 * #1213024 * #1213025 * #1213032 * #1213034 * #1213035 * #1213036 * #1213037 * #1213038 * #1213039 * #1213040 * #1213041 * #1213087 * #1213088 * #1213089 * #1213090 * #1213092 * #1213093 * #1213094 * #1213095 * #1213096 * #1213098 * #1213099 * #1213100 * #1213102 * #1213103 * #1213104 * #1213105 * #1213106 * #1213107 * #1213108 * #1213109 * #1213110 * #1213111 * #1213112 * #1213113 * #1213114 * #1213116 * #1213134 ## References: * https://www.suse.com/security/cve/CVE-2023-1249.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-2430.html * https://www.suse.com/security/cve/CVE-2023-28866.html * https://www.suse.com/security/cve/CVE-2023-3090.html * https://www.suse.com/security/cve/CVE-2023-3111.html * https://www.suse.com/security/cve/CVE-2023-3212.html * https://www.suse.com/security/cve/CVE-2023-3220.html * https://www.suse.com/security/cve/CVE-2023-3357.html * https://www.suse.com/security/cve/CVE-2023-3358.html * https://www.suse.com/security/cve/CVE-2023-3389.html * https://www.suse.com/security/cve/CVE-2023-35788.html * https://www.suse.com/security/cve/CVE-2023-35823.html * https://www.suse.com/security/cve/CVE-2023-35828.html * https://www.suse.com/security/cve/CVE-2023-35829.html * https://bugzilla.suse.com/show_bug.cgi?id=1187829 * https://bugzilla.suse.com/show_bug.cgi?id=1189998 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1205758 * https://bugzilla.suse.com/show_bug.cgi?id=1208410 * https://bugzilla.suse.com/show_bug.cgi?id=1209039 * https://bugzilla.suse.com/show_bug.cgi?id=1209780 * https://bugzilla.suse.com/show_bug.cgi?id=1210335 * https://bugzilla.suse.com/show_bug.cgi?id=1210565 * https://bugzilla.suse.com/show_bug.cgi?id=1210584 * https://bugzilla.suse.com/show_bug.cgi?id=1210853 * https://bugzilla.suse.com/show_bug.cgi?id=1211014 * https://bugzilla.suse.com/show_bug.cgi?id=1211346 * https://bugzilla.suse.com/show_bug.cgi?id=1211400 * https://bugzilla.suse.com/show_bug.cgi?id=1211410 * https://bugzilla.suse.com/show_bug.cgi?id=1211794 * https://bugzilla.suse.com/show_bug.cgi?id=1211852 * https://bugzilla.suse.com/show_bug.cgi?id=1212051 * https://bugzilla.suse.com/show_bug.cgi?id=1212265 * https://bugzilla.suse.com/show_bug.cgi?id=1212350 * https://bugzilla.suse.com/show_bug.cgi?id=1212405 * https://bugzilla.suse.com/show_bug.cgi?id=1212445 * https://bugzilla.suse.com/show_bug.cgi?id=1212448 * https://bugzilla.suse.com/show_bug.cgi?id=1212456 * https://bugzilla.suse.com/show_bug.cgi?id=1212494 * https://bugzilla.suse.com/show_bug.cgi?id=1212495 * https://bugzilla.suse.com/show_bug.cgi?id=1212504 * https://bugzilla.suse.com/show_bug.cgi?id=1212513 * https://bugzilla.suse.com/show_bug.cgi?id=1212540 * https://bugzilla.suse.com/show_bug.cgi?id=1212556 * https://bugzilla.suse.com/show_bug.cgi?id=1212561 * https://bugzilla.suse.com/show_bug.cgi?id=1212563 * https://bugzilla.suse.com/show_bug.cgi?id=1212564 * https://bugzilla.suse.com/show_bug.cgi?id=1212584 * https://bugzilla.suse.com/show_bug.cgi?id=1212592 * https://bugzilla.suse.com/show_bug.cgi?id=1212603 * https://bugzilla.suse.com/show_bug.cgi?id=1212605 * https://bugzilla.suse.com/show_bug.cgi?id=1212606 * https://bugzilla.suse.com/show_bug.cgi?id=1212619 * https://bugzilla.suse.com/show_bug.cgi?id=1212685 * https://bugzilla.suse.com/show_bug.cgi?id=1212701 * https://bugzilla.suse.com/show_bug.cgi?id=1212741 * https://bugzilla.suse.com/show_bug.cgi?id=1212835 * https://bugzilla.suse.com/show_bug.cgi?id=1212838 * https://bugzilla.suse.com/show_bug.cgi?id=1212842 * https://bugzilla.suse.com/show_bug.cgi?id=1212848 * https://bugzilla.suse.com/show_bug.cgi?id=1212861 * https://bugzilla.suse.com/show_bug.cgi?id=1212869 * https://bugzilla.suse.com/show_bug.cgi?id=1212892 * https://bugzilla.suse.com/show_bug.cgi?id=1212961 * https://bugzilla.suse.com/show_bug.cgi?id=1213010 * https://bugzilla.suse.com/show_bug.cgi?id=1213011 * https://bugzilla.suse.com/show_bug.cgi?id=1213012 * https://bugzilla.suse.com/show_bug.cgi?id=1213013 * https://bugzilla.suse.com/show_bug.cgi?id=1213014 * https://bugzilla.suse.com/show_bug.cgi?id=1213015 * https://bugzilla.suse.com/show_bug.cgi?id=1213016 * https://bugzilla.suse.com/show_bug.cgi?id=1213017 * https://bugzilla.suse.com/show_bug.cgi?id=1213018 * https://bugzilla.suse.com/show_bug.cgi?id=1213019 * https://bugzilla.suse.com/show_bug.cgi?id=1213020 * https://bugzilla.suse.com/show_bug.cgi?id=1213021 * https://bugzilla.suse.com/show_bug.cgi?id=1213024 * https://bugzilla.suse.com/show_bug.cgi?id=1213025 * https://bugzilla.suse.com/show_bug.cgi?id=1213032 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1213035 * https://bugzilla.suse.com/show_bug.cgi?id=1213036 * https://bugzilla.suse.com/show_bug.cgi?id=1213037 * https://bugzilla.suse.com/show_bug.cgi?id=1213038 * https://bugzilla.suse.com/show_bug.cgi?id=1213039 * https://bugzilla.suse.com/show_bug.cgi?id=1213040 * https://bugzilla.suse.com/show_bug.cgi?id=1213041 * https://bugzilla.suse.com/show_bug.cgi?id=1213087 * https://bugzilla.suse.com/show_bug.cgi?id=1213088 * https://bugzilla.suse.com/show_bug.cgi?id=1213089 * https://bugzilla.suse.com/show_bug.cgi?id=1213090 * https://bugzilla.suse.com/show_bug.cgi?id=1213092 * https://bugzilla.suse.com/show_bug.cgi?id=1213093 * https://bugzilla.suse.com/show_bug.cgi?id=1213094 * https://bugzilla.suse.com/show_bug.cgi?id=1213095 * https://bugzilla.suse.com/show_bug.cgi?id=1213096 * https://bugzilla.suse.com/show_bug.cgi?id=1213098 * https://bugzilla.suse.com/show_bug.cgi?id=1213099 * https://bugzilla.suse.com/show_bug.cgi?id=1213100 * https://bugzilla.suse.com/show_bug.cgi?id=1213102 * https://bugzilla.suse.com/show_bug.cgi?id=1213103 * https://bugzilla.suse.com/show_bug.cgi?id=1213104 * https://bugzilla.suse.com/show_bug.cgi?id=1213105 * https://bugzilla.suse.com/show_bug.cgi?id=1213106 * https://bugzilla.suse.com/show_bug.cgi?id=1213107 * https://bugzilla.suse.com/show_bug.cgi?id=1213108 * https://bugzilla.suse.com/show_bug.cgi?id=1213109 * https://bugzilla.suse.com/show_bug.cgi?id=1213110 * https://bugzilla.suse.com/show_bug.cgi?id=1213111 * https://bugzilla.suse.com/show_bug.cgi?id=1213112 * https://bugzilla.suse.com/show_bug.cgi?id=1213113 * https://bugzilla.suse.com/show_bug.cgi?id=1213114 * https://bugzilla.suse.com/show_bug.cgi?id=1213116 * https://bugzilla.suse.com/show_bug.cgi?id=1213134 * https://jira.suse.com/browse/PED-3931
