Oracle8: ELSA-2023-12120: kernel-container Important Security Update
Summary
[5.15.0-7.86.6.1.el8uek] - net/rds: Delegate fan-out to a background worker (Gerd Rausch) [Orabug: 35051226] [5.15.0-7.86.6.el8uek] - runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001044] - rds: ib: Make sure messages that errors out also get unmapped (HÃ¥kon Bugge) [Orabug: 35015598] - Ignore hot plug events when force powering off a device (James Puthukattukaran) [Orabug: 35015761] - mptcp: UEK: disable mptcp protocol (Jack Vogel) [Orabug: 34821286] [5.15.0-7.86.5.el8uek] - uek-rpm: Enable HP watchdog for aarch64 (Saeed Mirzamohammadi) [Orabug: 34902069] - watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING (Jerry Hoemann) [Orabug: 34902069] - watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (Jerry Hoemann) [Orabug: 34902069] - Revert "selftests/bpf: Add test for unstable CT lookup API" (Alan Maguire) [Orabug: 34951842] - uek-rpm: config-x86-64*: enable CONFIG_MT7921E (Todd Vierling) [Orabug: 34970472] - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (Pablo Neira Ayuso) [Orabug: 34978152] {CVE-2023-0179} - perf/x86/rapl: Use standard Energy Unit for SPR Dram RAPL domain (Zhang Rui) [Orabug: 34978296] - powercap: intel_rapl: support new layout of Psys PowerLimit Register on SPR (Zhang Rui) [Orabug: 34978296] - uek: kabi: enable aarch64 kABI checking (Saeed Mirzamohammadi) [Orabug: 34339132] [5.15.0-7.86.4.el8uek] - net/rds: Fill in rds_exthdr_size gaps (Gerd Rausch) [Orabug: 34979170] - Revert "uek: kabi: enable aarch64 kABI checking" (Jack Vogel) - Revert "uek-rpm: Disable kABI checking for aarch64 64k builds" (Jack Vogel) [5.15.0-7.86.3.el8uek] - uek-rpm: Disable kABI checking for aarch64 64k builds (Saeed Mirzamohammadi) [Orabug: 34339132] [5.15.0-7.86.2.el8uek] - net/rds: Trigger rds_send_hs_ping() more than once (Gerd Rausch) [Orabug: 34607844] - Revert "RDS: TCP: Track peer's connection generation number" (Gerd Rausch) [Orabug: 34700109] - net/rds: Use the first lane until RDS_EXTHDR_NPATHS arrives (Gerd Rausch) [Orabug: 34314502] - net/rds: Kick-start TCP receiver after accept (Gerd Rausch) [Orabug: 34600819] - net/rds: rds_tcp_conn_path_shutdown must not discard messages (Gerd Rausch) [Orabug: 34560700] - net/rds: Encode cp_index in TCP source port (Gerd Rausch) [Orabug: 34556036] - uek: kabi: enable aarch64 kABI checking (Saeed Mirzamohammadi) [Orabug: 34339132] - uek-rpm: Disable Promise SuperTrak EX series storage controllers (Somasundaram Krishnasamy) [Orabug: 34670747] - uek-rpm: ol9: Disable CONFIG_IR_MCEUSB from UEK7 OL9. (Harshit Mogalapalli) [Orabug: 34820237] - IB/mlx5: Add a signature check to received EQEs and CQEs (Rohit Nair) [Orabug: 34821073] - rds: ib: Avoid tear-down of caches unless already initialized (HÃ¥kon Bugge) [Orabug: 34826403] - KVM: SVM: Fix AVIC GATag to support max number of vCPUs (Suravee Suthikulpanit) [Orabug: 34961703] - Revert "rds: ib: Enable FC by default" (HÃ¥kon Bugge) [Orabug: 34964359] - uek-rpm: Add nft_reject* modules to core rpm. (Somasundaram Krishnasamy) [Orabug: 34970060] - cpufreq: intel_pstate: Support Sapphire Rapids OOB mode (Srinivas Pandruvada) [Orabug: 34961609] [5.15.0-7.86.1.el8uek] - LTS version: v5.15.86 (Jack Vogel) - pwm: tegra: Fix 32 bit build (Steven Price) - mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (Christophe JAILLET) - extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered (Yassine Oudjana) - media: dvbdev: fix refcnt bug (Lin Ma) - media: dvbdev: fix build warning due to comments (Lin Ma) - net: stmmac: fix errno when create_singlethread_workqueue() fails (Gaosheng Cui) - scsi: qla2xxx: Fix crash when I/O abort times out (Arun Easi) - btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range (Filipe Manana) - ovl: fix use inode directly in rcu-walk mode (Chen Zhongjin) - fbdev: fbcon: release buffer when fbcon_do_set_font() failed (Tetsuo Handa) - gcov: add support for checksum field (Rickard x Andersson) - floppy: Fix memory leak in do_floppy_init() (Yuan Can) - regulator: core: fix deadlock on regulator enable (Johan Hovold) - iio: adc128s052: add proper .data members in adc128_of_match table (Rasmus Villemoes) - iio: adc: ad_sigma_delta: do not use internal iio_dev lock (Nuno Sá) - iio: fix memory leak in iio_device_register_eventset() (Zeng Heng) - reiserfs: Add missing calls to reiserfs_security_free() (Roberto Sassu) - security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 (Nathan Chancellor) - 9p: set req refcount to zero to avoid uninitialized usage (Schspa Shi) - loop: Fix the max_loop commandline argument treatment when it is set to 0 (Isaac J. Manjarres) - HID: mcp2221: don't connect hidraw (Enrik Berkhan) - HID: wacom: Ensure bootloader PID is usable in hidraw mode (Jason Gerecke) - xhci: Prevent infinite loop in transaction errors recovery for streams (Mathias Nyman) - usb: dwc3: core: defer probe on ulpi_read_id timeout (Ferry Toth) - usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (Sven Peter) - arm64: dts: qcom: sm8250: fix USB-DP PHY registers (Johan Hovold) - usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (Chunfeng Yun) - usb: cdnsp: fix lack of ZLP for ep0 (Pawel Laszczak) - ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (Jiao Zhou) - ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (Edward Pacman) - ALSA: usb-audio: add the quirk for KT0206 device (wangdicheng) - ima: Simplify ima_lsm_copy_rule (GUO Zihua) - pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (John Stultz) - afs: Fix lost servers_outstanding count (David Howells) - perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() (Yang Jihong) - pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (John Stultz) - LoadPin: Ignore the "contents" argument of the LSM hooks (Kees Cook) - drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern (Khaled Almahallawy) - ASoC: rt5670: Remove unbalanced pm_runtime_put() (Hans de Goede) - ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (Wang Jingjin) - ASoC: wm8994: Fix potential deadlock (Marek Szyprowski) - ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (Wang Yufen) - ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (Wang Jingjin) - ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (Wang Yufen) - ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (Wang Yufen) - ASoC: Intel: Skylake: Fix driver hang during shutdown (Cezary Rojewski) - ALSA: hda: add snd_hdac_stop_streams() helper (Pierre-Louis Bossart) - ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c (Pierre-Louis Bossart) - hwmon: (jc42) Fix missing unlock on error in jc42_write() (Yang Yingliang) - KVM: selftests: Fix build regression by using accessor function (Tyler Hicks) - tools/include: Add _RET_IP_ and math definitions to kernel.h (Karolina Drobnik) - orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (Zhang Xiaoxu) - orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (Zhang Xiaoxu) - drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (Nathan Chancellor) - drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (Nathan Chancellor) - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (Hawkins Jiawei) - scsi: elx: libefc: Fix second parameter type in state callbacks (Nathan Chancellor) - scsi: ufs: Reduce the START STOP UNIT timeout (Bart Van Assche) - scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (Justin Tee) - crypto: hisilicon/hpre - fix resource leak in remove process (Zhiqi Song) - clk: st: Fix memory leak in st_of_quadfs_setup() (Xiu Jianfeng) - media: si470x: Fix use-after-free in si470x_int_in_callback() (Shigeru Yoshida) - mmc: renesas_sdhi: better reset from HS400 mode (Wolfram Sang) - mmc: f-sdh30: Add quirks for broken timeout clock capability (Kunihiko Hayashi) - wifi: mt76: do not run mt76u_status_worker if the device is not running (Lorenzo Bianconi) - regulator: core: fix use_count leakage when handling boot-on (Rui Zhang) - libbpf: Avoid enum forward-declarations in public API in C++ mode (Andrii Nakryiko) - drm/amd/display: Use the largest vready_offset in pipe group (Wesley Chalmers) - blk-mq: fix possible memleak when register 'hctx' failed (Ye Bin) - media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (Mazin Al Haddad) - media: dvbdev: adopts refcnt to avoid UAF (Lin Ma) - media: dvb-frontends: fix leak of memory fw (Yan Lei) - ethtool: avoiding integer overflow in ethtool_phys_id() (Maxim Korotkov) - bpf: Prevent decl_tag from being referenced in func_proto arg (Stanislav Fomichev) - ppp: associate skb with a device at tx (Stanislav Fomichev) - mrp: introduce active flags to prevent UAF when applicant uninit (Schspa Shi) - ipv6/sit: use DEV_STATS_INC() to avoid data-races (Eric Dumazet) - net: add atomic_long_t to net_device_stats fields (Eric Dumazet) - drm/amd/display: fix array index out of bound error in bios parser (Aurabindo Pillai) - md/raid1: stop mdx_raid1 thread when raid1 array run failed (Jiang Li) - drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() (Li Zhong) - drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (Nathan Chancellor) - drm/sti: Use drm_mode_copy() (Ville Syrjälä) - drm/rockchip: Use drm_mode_copy() (Ville Syrjälä) - drm/msm: Use drm_mode_copy() (Ville Syrjälä) - s390/lcs: Fix return type of lcs_start_xmit() (Nathan Chancellor) - s390/netiucv: Fix return type of netiucv_tx() (Nathan Chancellor) - s390/ctcm: Fix return type of ctc{mp,}m_tx() (Nathan Chancellor) - drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (Nathan Chancellor) - drm/amdgpu: Fix type of second parameter in trans_msg() callback (Nathan Chancellor) - igb: Do not free q_vector unless new one was allocated (Kees Cook) - wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (Minsuk Kang) - hamradio: baycom_epp: Fix return type of baycom_send_packet() (Nathan Chancellor) - net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() (Nathan Chancellor) - bpf: make sure skb->len != 0 when redirecting to a tunneling device (Stanislav Fomichev) - qed (gcc13): use u16 for fid to be big enough (Jiri Slaby (SUSE)) - Revert "drm/amd/display: Limit max DSC target bpp for specific monitors" (Hamza Mahfooz) - drm/amd/display: prevent memory leak (gehao) - ipmi: fix memleak when unload ipmi driver (Zhang Yuchen) - ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (Amadeusz SÅawiÅski) - wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (Shigeru Yoshida) - wifi: ath9k: verify the expected usb_endpoints are present (Fedor Pchelkin) - brcmfmac: return error when getting invalid max_flowrings from dongle (Wright Feng) - media: imx-jpeg: Disable useless interrupt to avoid kernel panic (Ming Qian) - drm/etnaviv: add missing quirks for GC300 (Doug Brown) - hfs: fix OOB Read in __hfs_brec_find (ZhangPeng) - acct: fix potential integer overflow in encode_comp_t() (Zheng Yejian) - nilfs2: fix shift-out-of-bounds due to too large exponent of block size (Ryusuke Konishi) - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (Ryusuke Konishi) - ACPICA: Fix error code path in acpi_ds_call_control_method() (Rafael J. Wysocki) - fs: jfs: fix shift-out-of-bounds in dbDiscardAG (Hoi Pok Wu) - jfs: Fix fortify moan in symlink (Dr. David Alan Gilbert) - udf: Avoid double brelse() in udf_rename() (Shigeru Yoshida) - fs: jfs: fix shift-out-of-bounds in dbAllocAG (Dongliang Mu) - binfmt_misc: fix shift-out-of-bounds in check_special_flags (Liu Shixin) - x86/hyperv: Remove unregister syscore call from Hyper-V cleanup (Gaurav Kohli) - video: hyperv_fb: Avoid taking busy spinlock on panic path (Guilherme G. Piccoli) - arm64: make is_ttbrX_addr() noinstr-safe (Mark Rutland) - rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() (Zqiang) - HID: amd_sfh: Add missing check for dma_alloc_coherent (Jiasheng Jiang) - net: stream: purge sk_error_queue in sk_stream_kill_queues() (Eric Dumazet) - myri10ge: Fix an error handling path in myri10ge_probe() (Christophe JAILLET) - rxrpc: Fix missing unlock in rxrpc_do_sendmsg() (David Howells) - net_sched: reject TCF_EM_SIMPLE case for complex ematch module (Cong Wang) - mailbox: zynq-ipi: fix error handling while device_register() fails (Yang Yingliang) - mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (Yang Yingliang) - mailbox: mpfs: read the system controller's status (Conor Dooley) - skbuff: Account for tail adjustment during pull operations (Subash Abhinov Kasiviswanathan) - arm64: dts: mt8183: Fix Mali GPU clock (Chen-Yu Tsai) - soc: mediatek: pm-domains: Fix the power glitch issue (Chun-Jie Chen) - openvswitch: Fix flow lookup to use unmasked key (Eelco Chaudron) - selftests: devlink: fix the fd redirect in dummy_reporter_test (Jakub Kicinski) - rtc: mxc_v2: Add missing clk_disable_unprepare() (GUO Zihua) - igc: Set Qbv start_time and end_time to end_time if not being configured in GCL (Tan Tee Min) - igc: Lift TAPRIO schedule restriction (Kurt Kanzenbach) - igc: recalculate Qbv end_time by considering cycle time (Tan Tee Min) - igc: allow BaseTime 0 enrollment for Qbv (Tan Tee Min) - igc: Add checking for basetime less than zero (Muhammad Husaini Zulkifli) - igc: Use strict cycles for Qbv scheduling (Vinicius Costa Gomes) - igc: Enhance Qbv scheduling by using first flag bit (Vinicius Costa Gomes) - r6040: Fix kmemleak in probe and remove (Li Zetao) - unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg() (Kirill Tkhai) - nfc: pn533: Clear nfc_target before being used (Minsuk Kang) - net: enetc: avoid buffer leaks on xdp_do_redirect() failure (Vladimir Oltean) - selftests/bpf: Add test for unstable CT lookup API (Kumar Kartikeya Dwivedi) - block, bfq: fix possible uaf for 'bfqq->bic' (Yu Kuai) - mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net: macsec: fix net device access prior to holding a lock (Emeel Hakim) - nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (Dan Aloni) - rtc: pcf85063: fix pcf85063_clkout_control (Alexandre Belloni) - rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (Gaosheng Cui) - rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (Gaosheng Cui) - netfilter: flowtable: really fix NAT IPv6 offload (Qingfang DENG) - mfd: pm8008: Fix return value check in pm8008_probe() (Yang Yingliang) - mfd: pm8008: Remove driver data structure pm8008_data (Lee Jones) - mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (Christophe JAILLET) - mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (Matti Vaittinen) - powerpc/pseries/eeh: use correct API for error log size (Nathan Lynch) - powerpc/eeh: Drop redundant spinlock initialization (Haowen Bai) - remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (Shang XiaoJing) - remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (Yuan Can) - remoteproc: qcom_q6v5_pas: detach power domains on remove (Luca Weiss) - remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (Luca Weiss) - remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (Shang XiaoJing) - remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (Gaosheng Cui) - pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle) - pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm (xinlei lee) - pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (Uwe Kleine-König) - iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (Jason Gunthorpe) - selftests/powerpc: Fix resource leaks (Miaoqian Lin) - powerpc/hv-gpci: Fix hv_gpci event list (Kajol Jain) - powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in of_fsl_spi_probe() (Yang Yingliang) - powerpc/perf: callchain validate kernel stack pointer bounds (Nicholas Piggin) - powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (Yang Yingliang) - powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds (Gustavo A. R. Silva) - cxl: Fix refcount leak in cxl_calc_capp_routing (Miaoqian Lin) - powerpc/52xx: Fix a resource leak in an error handling path (Christophe JAILLET) - macintosh/macio-adb: check the return value of ioremap() (Xie Shaowen) - macintosh: fix possible memory leak in macio_add_one_device() (Yang Yingliang) - iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() (Yuan Can) - iommu/amd: Fix pci device refcount leak in ppr_notifier() (Yang Yingliang) - rtc: pcf85063: Fix reading alarm (Alexander Stein) - rtc: snvs: Allow a time difference on clock register read (Stefan Eichenberger) - rtc: cmos: Disable ACPI RTC event on removal (Rafael J. Wysocki) - rtc: cmos: Rename ACPI-related functions (Rafael J. Wysocki) - rtc: cmos: Eliminate forward declarations of some functions (Rafael J. Wysocki) - rtc: cmos: Call rtc_wake_setup() from cmos_do_probe() (Rafael J. Wysocki) - rtc: cmos: Call cmos_wake_setup() from cmos_do_probe() (Rafael J. Wysocki) - rtc: cmos: fix build on non-ACPI platforms (Alexandre Belloni) - rtc: cmos: Fix wake alarm breakage (Rafael J. Wysocki) - rtc: cmos: Fix event handler registration ordering issue (Rafael J. Wysocki) - rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (Rafael J. Wysocki) - dmaengine: idxd: Fix crc_val field for completion record (Fenghua Yu) - fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs (Abdun Nihaal) - pwm: tegra: Improve required rate calculation (Jon Hunter) - include/uapi/linux/swab: Fix potentially missing __always_inline (Matt Redfearn) - phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (Al Cooper) - iommu/rockchip: fix permission bits in page table entries v2 (Michael Riesch) - iommu/sun50i: Fix flush size (Jernej Skrabec) - iommu/sun50i: Fix R/W permission check (Jernej Skrabec) - iommu/sun50i: Consider all fault sources for reset (Jernej Skrabec) - iommu/sun50i: Fix reset release (Jernej Skrabec) - fs/ntfs3: Harden against integer overflows (Dan Carpenter) - overflow: Implement size_t saturating arithmetic helpers (Kees Cook) - fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() (Shigeru Yoshida) - RDMA/siw: Fix pointer cast warning (Arnd Bergmann) - perf stat: Do not delay the workload with --delay (Namhyung Kim) - perf stat: Refactor __run_perf_stat() common code (Adrián Herrera Arcila) - power: supply: fix null pointer dereferencing in power_supply_get_battery_info (ruanjinjie) - power: supply: ab8500: Fix error handling in ab8500_charger_init() (Yuan Can) - HSI: omap_ssi_core: Fix error handling in ssi_init() (Yuan Can) - power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (Zhang Qilong) - perf symbol: correction while adjusting symbol (Ajay Kaher) - perf trace: Handle failure when trace point folder is missed (Leo Yan) - perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number (Leo Yan) - perf trace: Return error if a system call doesn't exist (Leo Yan) - power: supply: fix residue sysfs file in error handle route of __power_supply_register() (Zeng Heng) - HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (Yang Yingliang) - HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (Yang Yingliang) - fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (Christophe JAILLET) - fbdev: uvesafb: don't build on UML (Randy Dunlap) - fbdev: geode: don't build on UML (Randy Dunlap) - fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe() (Gaosheng Cui) - fbdev: vermilion: decrease reference count in error path (Xiongfeng Wang) - fbdev: via: Fix error in via_core_init() (Shang XiaoJing) - fbdev: pm2fb: fix missing pci_disable_device() (Yang Yingliang) - fbdev: ssd1307fb: Drop optional dependency (Andy Shevchenko) - thermal/drivers/qcom/lmh: Fix irq handler return value (Bjorn Andersson) - thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (Luca Weiss) - thermal/drivers/imx8mm_thermal: Validate temperature range (Marcus Folkesson) - samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe() (Shang XiaoJing) - ksmbd: Fix resource leak in ksmbd_session_rpc_open() (Xiu Jianfeng) - tracing/hist: Fix issue of losting command info in error_log (Zheng Yejian) - usb: storage: Add check for kcalloc (Jiasheng Jiang) - i2c: ismt: Fix an out-of-bounds bug in ismt_access() (Zheyu Ma) - i2c: mux: reg: check return value after calling platform_get_resource() (Yang Yingliang) - gpiolib: protect the GPIO device against being dropped while in use by user-space (Bartosz Golaszewski) - gpiolib: make struct comments into real kernel docs (Bartosz Golaszewski) - gpiolib: cdev: fix NULL-pointer dereferences (Bartosz Golaszewski) - gpiolib: Get rid of redundant 'else' (Andy Shevchenko) - vme: Fix error not catched in fake_init() (Chen Zhongjin) - staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (YueHaibing) - staging: rtl8192u: Fix use after free in ieee80211_rx() (Dan Carpenter) - i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (Hui Tang) - chardev: fix error handling in cdev_device_add() (Yang Yingliang) - mcb: mcb-parse: fix error handing in chameleon_parse_gdd() (Yang Yingliang) - drivers: mcb: fix resource leak in mcb_probe() (Zhengchao Shao) - usb: gadget: f_hid: fix refcount leak on error path (John Keeping) - usb: gadget: f_hid: fix f_hidg lifetime vs cdev (John Keeping) - usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (Yang Yingliang) - coresight: trbe: remove cpuhp instance node before remove cpuhp state (Yang Shen) - counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update (Fabrice Gasnier) - iio: adis: add '__adis_enable_irq()' implementation (Ramona Bolboaca) - iio:imu:adis: Move exports into IIO_ADISLIB namespace (Jonathan Cameron) - iio: adis: stylistic changes (Nuno Sá) - iio: adis: handle devices that cannot unmask the drdy pin (Nuno Sá) - iio: temperature: ltc2983: make bulk write buffer DMA-safe (Cosmin Tanislav) - cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() (Yang Yingliang) - cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() (Yang Yingliang) - firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (Yang Yingliang) - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os (Zheng Wang) - misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (ruanjinjie) - ocxl: fix pci device refcount leak when calling get_function_0() (Yang Yingliang) - misc: ocxl: fix possible name leak in ocxl_file_register_afu() (Yang Yingliang) - test_firmware: fix memory leak in test_firmware_init() (Zhengchao Shao) - serial: sunsab: Fix error handling in sunsab_init() (Yuan Can) - serial: altera_uart: fix locking in polling mode (Gabriel Somlo) - tty: serial: altera_uart_{r,t}x_chars() need only uart_port (Jiri Slaby) - tty: serial: clean up stop-tx part in altera_uart_tx_chars() (Jiri Slaby) - serial: pch: Fix PCI device refcount leak in pch_request_dma() (Xiongfeng Wang) - serial: stm32: move dma_request_chan() before clk_prepare_enable() (Valentin Caron) - serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. (delisun) - serial: amba-pl011: avoid SBSA UART accessing DMACR register (Jiamei Xie) - extcon: usbc-tusb320: Update state on probe even if no IRQ pending (Marek Vasut) - extcon: usbc-tusb320: Add USB TYPE-C support (Marek Vasut) - extcon: usbc-tusb320: Factor out extcon into dedicated functions (Marek Vasut) - usb: typec: Factor out non-PD fwnode properties (Samuel Holland) - extcon: usbc-tusb320: Add support for TUSB320L (Yassine Oudjana) - extcon: usbc-tusb320: Add support for mode setting and reset (Yassine Oudjana) - usb: typec: tipd: Fix spurious fwnode_handle_put in error path (Sven Peter) - usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (Sven Peter) - usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (Yang Yingliang) - usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (Sven Peter) - staging: vme_user: Fix possible UAF in tsi148_dma_list_add (Gaosheng Cui) - usb: fotg210-udc: Fix ages old endianness issues (Linus Walleij) - uio: uio_dmem_genirq: Fix deadlock between irq config and handling (Rafael Mendonca) - uio: uio_dmem_genirq: Fix missing unlock in irq configuration (Rafael Mendonca) - vfio: platform: Do not pass return buffer to ACPI _RST method (Rafael Mendonca) - class: fix possible memory leak in __class_register() (Yang Yingliang) - serial: 8250_bcm7271: Fix error handling in brcmuart_init() (Yuan Can) - serial: tegra: Read DMA status before terminating (Kartik) - drivers: dio: fix possible memory leak in dio_init() (Yang Yingliang) - RISC-V: Align the shadow stack (Palmer Dabbelt) - IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (Dragos Tatulea) - hwrng: geode - Fix PCI device refcount leak (Xiongfeng Wang) - hwrng: amd - Fix PCI device refcount leak (Xiongfeng Wang) - crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (Gaosheng Cui) - RDMA/hns: Fix error code of CMD (Chengchang Tang) - RDMA/hns: Fix page size cap from firmware (Chengchang Tang) - RDMA/hns: Fix PBL page MTR find (Chengchang Tang) - RDMA/hns: Fix AH attr queried by query_qp (Chengchang Tang) - orangefs: Fix sysfs not cleanup when dev init failed (Zhang Xiaoxu) - PCI: mt7621: Add sentinel to quirks table (John Thomson) - PCI: mt7621: Rename mt7621_pci_ to mt7621_pcie_ (Bjorn Helgaas) - RDMA/srp: Fix error return code in srp_parse_options() (Wang Yufen) - RDMA/hfi1: Fix error return code in parse_platform_config() (Wang Yufen) - riscv/mm: add arch hook arch_clear_hugepage_flags (Tong Tiangen) - crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (Shang XiaoJing) - crypto: amlogic - Remove kcalloc without check (Christophe JAILLET) - RDMA/nldev: Fix failure to send large messages (Mark Zhang) - f2fs: avoid victim selection from previous victim section (Yonggil Song) - RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (Yuan Can) - scsi: snic: Fix possible UAF in snic_tgt_create() (Gaosheng Cui) - scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (Chen Zhongjin) - scsi: ipr: Fix WARNING in ipr_init() (Shang XiaoJing) - scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (Yang Yingliang) - scsi: fcoe: Fix possible name leak when device_register() fails (Yang Yingliang) - scsi: scsi_debug: Fix a warning in resp_report_zones() (Harshit Mogalapalli) - scsi: scsi_debug: Fix a warning in resp_verify() (Harshit Mogalapalli) - scsi: efct: Fix possible memleak in efct_device_init() (Chen Zhongjin) - scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (Yang Yingliang) - scsi: hpsa: Fix error handling in hpsa_add_sas_host() (Yang Yingliang) - scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (Yang Yingliang) - padata: Fix list iterator in padata_do_serial() (Daniel Jordan) - padata: Always leave BHs disabled when running ->parallel() (Daniel Jordan) - crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (Zhang Yiqun) - scsi: hpsa: Fix possible memory leak in hpsa_init_one() (Yuan Can) - dt-bindings: visconti-pcie: Fix interrupts array max constraints (Serge Semin) - dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq (Serge Semin) - RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (Zhang Xiaoxu) - RDMA/hns: fix memory leak in hns_roce_alloc_mr() (Zhengchao Shao) - crypto: ccree - Make cc_debugfs_global_fini() available for module init function (Uwe Kleine-König) - RDMA/hfi: Decrease PCI device reference count in error path (Xiongfeng Wang) - PCI: Check for alloc failure in pci_request_irq() (Zeng Heng) - RDMA/hns: Fix ext_sge num error when post send (Luoyouming) - RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (Luoyouming) - crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set() (Xiongfeng Wang) - crypto: cryptd - Use request context instead of stack for sub-request (Herbert Xu) - crypto: ccree - Remove debugfs when platform_driver_register failed (Gaosheng Cui) - scsi: scsi_debug: Fix a warning in resp_write_scat() (Harshit Mogalapalli) - RDMA/siw: Set defined status for work completion with undefined status (Bernard Metzler) - RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port (Mark Zhang) - RDMA/core: Make sure "ib_port" is valid when access sysfs node (Mark Zhang) - RDMA/restrack: Release MR restrack when delete (Mark Zhang) - PCI: vmd: Disable MSI remapping after suspend (Nirmal Patel) - IB/mad: Don't call to function that might sleep while in atomic context (Leonid Ravich) - RDMA/siw: Fix immediate work request flush to completion queue (Bernard Metzler) - scsi: qla2xxx: Fix set-but-not-used variable warnings (Bart Van Assche) - RDMA/irdma: Report the correct link speed (Shiraz Saleem) - f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super() (Chao Yu) - f2fs: fix normal discard process (Dongdong Zhang) - f2fs: fix to invalidate dcc->f2fs_issue_discard in error path (Chao Yu) - apparmor: Fix memleak in alloc_ns() (Xiu Jianfeng) - crypto: rockchip - rework by using crypto_engine (Corentin Labbe) - crypto: rockchip - remove non-aligned handling (Corentin Labbe) - crypto: rockchip - better handle cipher key (Corentin Labbe) - crypto: rockchip - add fallback for ahash (Corentin Labbe) - crypto: rockchip - add fallback for cipher (Corentin Labbe) - crypto: rockchip - do not store mode globally (Corentin Labbe) - crypto: rockchip - do not do custom power management (Corentin Labbe) - f2fs: Fix the race condition of resize flag between resizefs (Zhang Qilong) - PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (Kunihiko Hayashi) - RDMA/core: Fix order of nldev_exit call (Leon Romanovsky) - PCI: dwc: Fix n_fts[] array overrun (Vidya Sagar) - apparmor: Use pointer to struct aa_label for lbs_cred (Xiu Jianfeng) - scsi: core: Fix a race between scsi_done() and scsi_timeout() (Bart Van Assche) - crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (Natalia Petrova) - crypto: sun8i-ss - use dma_addr instead u32 (Corentin Labbe) - crypto: hisilicon/qm - fix missing destroy qp_idr (Weili Qian) - apparmor: Fix abi check to include v8 abi (John Johansen) - apparmor: fix lockdep warning when removing a namespace (John Johansen) - apparmor: fix a memleak in multi_transaction_new() (Gaosheng Cui) - net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path (Vladimir Oltean) - i40e: Fix the inability to attach XDP program on downed interface (Bartosz Staszewski) - stmmac: fix potential division by 0 (Piergiorgio Beruto) - Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (Wang ShaoBo) - Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (Inga Stotland) - sctp: sysctl: make extra pointers netns aware (Firo Yang) - ntb_netdev: Use dev_kfree_skb_any() in interrupt context (Eric Pilmore) - net: lan9303: Fix read error execution path (Jerry Ray) - can: tcan4x5x: Fix use of register error status mask (Markus Schneider-Pargmann) - can: m_can: Call the RAM init directly from m_can_chip_config (Vivek Yadav) - can: tcan4x5x: Remove invalid write in clear_interrupts (Markus Schneider-Pargmann) - net: amd-xgbe: Check only the minimum speed for active/passive cables (Tom Lendacky) - net: amd-xgbe: Fix logic around active and passive cables (Tom Lendacky) - af_unix: call proto_unregister() in the error path in af_unix_init() (Yang Yingliang) - net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - hamradio: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - net/tunnel: wait until all sk_user_data reader finish before releasing the sock (Hangbin Liu) - net: farsync: Fix kmemleak when rmmods farsync (Li Zetao) - ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang) - of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop() (ruanjinjie) - drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() (Yuan Can) - net: stmmac: fix possible memory leak in stmmac_dvr_probe() (Gaosheng Cui) - net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload() (Zhang Changzhong) - net: defxx: Fix missing err handling in dfx_init() (Yongqiang Liu) - net: vmw_vsock: vmci: Check memcpy_from_msg() (Artem Chernyshev) - clk: socfpga: Fix memory leak in socfpga_gate_init() (Xiu Jianfeng) - bpf: Do not zero-extend kfunc return values (Björn Töpel) - blktrace: Fix output non-blktrace event when blk_classic option enabled (Yang Jihong) - wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (Wang Yufen) - wifi: rtl8xxxu: Fix the channel width reporting (Bitterblue Smith) - wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (Bitterblue Smith) - spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode (Kris Bahnsen) - clk: samsung: Fix memory leak in _samsung_clk_register_pll() (Xiu Jianfeng) - media: coda: Add check for kmalloc (Jiasheng Jiang) - media: coda: Add check for dcoda_iram_alloc (Jiasheng Jiang) - media: c8sectpfe: Add of_node_put() when breaking out of loop (Liang He) - regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (Yuan Can) - mmc: core: Normalize the error handling branch in sd_read_ext_regs() (Zhen Lei) - memstick/ms_block: Add check for alloc_ordered_workqueue (Jiasheng Jiang) - memstick: ms_block: Add error handling support for add_disk() (Luis Chamberlain) - mmc: renesas_sdhi: alway populate SCC pointer (Wolfram Sang) - mmc: mmci: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: wbsd: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: via-sdmmc: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: meson-gx: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: omap_hsmmc: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: atmel-mci: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: wmt-sdmmc: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: vub300: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: toshsd: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: rtsx_pci: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: pxamci: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: mxcmmc: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: moxart: fix return value check of mmc_add_host() (Yang Yingliang) - mmc: alcor: fix return value check of mmc_add_host() (Yang Yingliang) - riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC (Pu Lehui) - NFSv4.x: Fail client initialisation if state manager thread can't run (Trond Myklebust) - SUNRPC: Fix missing release socket in rpc_sockname() (Wang ShaoBo) - xprtrdma: Fix regbuf data not freed in rpcrdma_req_create() (Zhang Xiaoxu) - ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (Gaosheng Cui) - media: saa7164: fix missing pci_disable_device() (Liu Shixin) - ALSA: pcm: Set missing stop_operating flag at undoing trigger start (Takashi Iwai) - bpf, sockmap: fix race in sock_map_free() (Eric Dumazet) - hwmon: (jc42) Restore the min/max/critical temperatures on resume (Martin Blumenstingl) - hwmon: (jc42) Convert register access and caching to regmap/regcache (Martin Blumenstingl) - regulator: core: fix resource leak in regulator_register() (Yang Yingliang) - configfs: fix possible memory leak in configfs_create_dir() (Chen Zhongjin) - hsr: Synchronize sequence number updates. (Sebastian Andrzej Siewior) - hsr: Synchronize sending frames to have always incremented outgoing seq nr. (Sebastian Andrzej Siewior) - hsr: Disable netpoll. (Sebastian Andrzej Siewior) - hsr: Avoid double remove of a node. (Sebastian Andrzej Siewior) - hsr: Add a rcu-read lock to hsr_forward_skb(). (Sebastian Andrzej Siewior) - clk: qcom: clk-krait: fix wrong div2 functions (Christian Marangi) - clk: qcom: lpass-sc7180: Fix pm_runtime usage (Douglas Anderson) - regulator: core: fix module refcount leak in set_supply() (Yang Yingliang) - wifi: mt76: fix coverity overrun-call in mt76_get_txpower() (Deren Wu) - wifi: mt76: mt7921: fix reporting of TX AGGR histogram (Lorenzo Bianconi) - mt76: stop the radar detector after leaving dfs channel (Xing Song) - wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails (Chen Zhongjin) - wifi: mac80211: fix memory leak in ieee80211_if_add() (Zhengchao Shao) - spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE (Alexander Sverdlin) - bonding: uninitialized variable in bond_miimon_inspect() (Dan Carpenter) - bpf, sockmap: Fix data loss caused by using apply_bytes on ingress redirect (Pengcheng Yang) - bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes (Pengcheng Yang) - bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data (Pengcheng Yang) - Input: wistron_btns - disable on UML (Randy Dunlap) - netfilter: conntrack: set icmpv6 redirects as RELATED (Florian Westphal) - ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe (Zhang Qilong) - drm/amdkfd: Fix memory leakage (Konstantin Meskhidze) - drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (Xiongfeng Wang) - drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() (Xiongfeng Wang) - drm/amd/pm/smu11: BACO is supported when it's in BACO state (Guchun Chen) - ASoC: mediatek: mt8173: Enable IRQ when pdata is ready (Ricardo Ribalda) - ASoC: mediatek: mt8173: Fix debugfs registration for components (AngeloGioacchino Del Regno) - wifi: iwlwifi: mvm: fix double free on tx path. (Ben Greear) - ALSA: asihpi: fix missing pci_disable_device() (Liu Shixin) - NFS: Fix an Oops in nfs_d_automount() (Trond Myklebust) - NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn (Trond Myklebust) - NFSv4: Fix a credential leak in _nfs4_discover_trunking() (Trond Myklebust) - NFSv4.2: Fix initialisation of struct nfs4_label (Trond Myklebust) - NFSv4.2: Fix a memory stomp in decode_attr_security_label (Trond Myklebust) - NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding (Trond Myklebust) - ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd (Jiasheng Jiang) - ASoC: dt-bindings: wcd9335: fix reset line polarity in example (Dmitry Torokhov) - drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe() (Zhang Zekun) - media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC (Aakarsh Jain) - media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() (Baisong Zhong) - media: dvb-core: Fix ignored return value in dvb_register_frontend() (Chen Zhongjin) - pinctrl: pinconf-generic: add missing of_node_put() (ZhangPeng) - clk: imx8mn: fix imx8mn_enet_phy_sels clocks list (Dario Binacchi) - clk: imx8mn: fix imx8mn_sai2_sels clocks list (Dario Binacchi) - clk: imx: replace osc_hdmi with dummy (Dario Binacchi) - clk: imx8mn: rename vpu_pll to m7_alt_pll (Dario Binacchi) - media: imon: fix a race condition in send_packet() (Gautam Menghani) - media: vimc: Fix wrong function called when vimc_init() fails (Chen Zhongjin) - ASoC: qcom: Add checks for devm_kcalloc (Yuan Can) - drbd: destroy workqueue when drbd device was freed (Wang ShaoBo) - drbd: remove call to memset before free device/resource/connection (Wang ShaoBo) - mtd: maps: pxa2xx-flash: fix memory leak in probe (Zheng Yongjun) - bonding: fix link recovery in mode 2 when updelay is nonzero (Jonathan Toppins) - drm/amdgpu: fix pci device refcount leak (Yang Yingliang) - clk: rockchip: Fix memory leak in rockchip_clk_register_pll() (Xiu Jianfeng) - regulator: core: use kfree_const() to free space conditionally (Wang ShaoBo) - ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT (Baisong Zhong) - ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT (Baisong Zhong) - pinctrl: k210: call of_node_put() (ZhangPeng) - HID: hid-sensor-custom: set fixed size for custom attributes (Marcus Folkesson) - bpf: Move skb->len == 0 checks into __bpf_redirect (Stanislav Fomichev) - mtd: spi-nor: Fix the number of bytes for the dummy cycles (Allen-KH Cheng) - mtd: spi-nor: hide jedec_id sysfs attribute if not present (Michael Walle) - inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict() (Eric Dumazet) - media: videobuf-dma-contig: use dma_mmap_coherent (Christoph Hellwig) - media: platform: exynos4-is: Fix error handling in fimc_md_init() (Yuan Can) - media: solo6x10: fix possible memory leak in solo_sysfs_init() (Yang Yingliang) - media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init() (Chen Zhongjin) - Input: elants_i2c - properly handle the reset GPIO when power is off (Douglas Anderson) - mtd: lpddr2_nvm: Fix possible null-ptr-deref (Hui Tang) - drm/msm/a6xx: Fix speed-bin detection vs probe-defer (Rob Clark) - wifi: ath10k: Fix return value in ath10k_pci_init() (Xiu Jianfeng) - block: clear ->slave_dir when dropping the main slave_dir reference (Christoph Hellwig) - ima: Fix misuse of dereference of pointer in template_desc_init_fields() (Xiu Jianfeng) - integrity: Fix memory leakage in keyring allocation error path (GUO Zihua) - drm/fourcc: Fix vsub/hsub for Q410 and Q401 (Brian Starkey) - drm/fourcc: Add packed 10bit YUV 4:2:0 format (Dave Stevenson) - regulator: qcom-rpmh: Fix PMR735a S3 regulator spec (Konrad Dybcio) - nvme: return err on nvme_init_non_mdts_limits fail (Joel Granados) - amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() (Dan Carpenter) - regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (Yang Yingliang) - nvmet: only allocate a single slab for bvecs (Christoph Hellwig) - libbpf: Fix uninitialized warning in btf_dump_dump_type_data (David Michael) - ASoC: pxa: fix null-pointer dereference in filter() (Zeng Heng) - drm/mediatek: Modify dpi power on/off sequence. (Xinlei Lee) - drm/radeon: Add the missed acpi_put_table() to fix memory leak (Hanjun Guo) - bfq: fix waker_bfqq inconsistency crash (Khazhismel Kumykov) - rxrpc: Fix ack.bufferSize to be 0 when generating an ack (David Howells) - net, proc: Provide PROC_FS=n fallback for proc_create_net_single_write() (David Howells) - media: camss: Clean up received buffers on failed start of streaming (Vladimir Zapolskiy) - wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port (Marek Vasut) - Input: joystick - fix Kconfig warning for JOYSTICK_ADC (Randy Dunlap) - mtd: Fix device name leak when register device failed in add_mtd_device() (Zhang Xiaoxu) - clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs (Manivannan Sadhasivam) - bpf: propagate precision across all frames, not just the last one (Andrii Nakryiko) - bpf: Check the other end of slot_type for STACK_SPILL (Martin KaFai Lau) - bpf: propagate precision in ALU/ALU64 operations (Andrii Nakryiko) - media: platform: exynos4-is: fix return value check in fimc_md_probe() (Yang Yingliang) - media: vivid: fix compose size exceed boundary (Liu Shixin) - bpf: Fix slot type check in check_stack_write_var_off (Kumar Kartikeya Dwivedi) - drm/msm/hdmi: use devres helper for runtime PM management (Dmitry Baryshkov) - drm/msm/hdmi: drop unused GPIO support (Dmitry Baryshkov) - ima: Handle -ESTALE returned by ima_filter_rule_match() (GUO Zihua) - drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure (Marek Vasut) - spi: Update reference to struct spi_controller (Jonathan Neuschäfer) - clk: renesas: r9a06g032: Repair grave increment error (Marek Vasut) - drm/rockchip: lvds: fix PM usage counter unbalance in poweron (Zhang Qilong) - can: kvaser_usb: Compare requested bittiming parameters with actual parameters in do_set_{,data}_bittiming (Jimmy Assarsson) - can: kvaser_usb: Add struct kvaser_usb_busparams (Jimmy Assarsson) - can: kvaser_usb_leaf: Fix bogus restart events (Anssi Hannula) - can: kvaser_usb_leaf: Fix wrong CAN state after stopping (Anssi Hannula) - can: kvaser_usb_leaf: Fix improved state not being reported (Anssi Hannula) - can: kvaser_usb: make use of units.h in assignment of frequency (Jimmy Assarsson) - can: kvaser_usb_leaf: Set Warning state even without bus errors (Anssi Hannula) - can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT (Jimmy Assarsson) - can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to {leaf,usbcan}_cmd_can_error_event (Jimmy Assarsson) - can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device (Jimmy Assarsson) - can: kvaser_usb: do not increase tx statistics when sending error message frames (Vincent Mailhol) - libbpf: Btf dedup identical struct test needs check for nested structs/arrays (Alan Maguire) - media: exynos4-is: don't rely on the v4l2_async_subdev internals (Marek Szyprowski) - soreuseport: Fix socket selection for SO_INCOMING_CPU. (Kuniyuki Iwashima) - venus: pm_helpers: Fix error check in vcodec_domains_get() (Tang Bin) - media: i2c: ad5820: Fix error path (Ricardo Ribalda) - media: adv748x: afe: Select input port when initializing AFE (Niklas Söderlund) - media: coda: jpeg: Add check for kmalloc (Jiasheng Jiang) - media: v4l2-ctrls: Fix off-by-one error in integer menu control check (Laurent Pinchart) - drm/amdgpu/powerplay/psm: Fix memory leak in power state init (Rafael Mendonca) - ipmi: kcs: Poll OBF briefly to reduce OBE latency (Andrew Jeffery) - ata: libata: fix NCQ autosense logic (Niklas Cassel) - ata: add/use ata_taskfile::{error|status} fields (Sergey Shtylyov) - ata: libata: move ata_{port,link,dev}_dbg to standard pr_XXX() macros (Hannes Reinecke) - libbpf: Fix null-pointer dereference in find_prog_by_sec_insn() (Shung-Hsi Yu) - libbpf: Fix use-after-free in btf_dump_name_dups (Xu Kuohai) - drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge (Abhinav Kumar) - wifi: rtl8xxxu: Fix reading the vendor of combo chips (Bitterblue Smith) - wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb() (Fedor Pchelkin) - wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (Fedor Pchelkin) - platform/mellanox: mlxbf-pmc: Fix event typo (James Hurley) - rapidio: devices: fix missing put_device in mport_cdev_open (Cai Xinchen) - hfs: Fix OOB Write in hfs_asc2mac (ZhangPeng) - relay: fix type mismatch when allocating memory in relay_create_buf() (Gavrilov Ilia) - eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD (Zhang Qilong) - rapidio: fix possible UAF when kfifo_alloc() fails (Wang Weiyang) - fs: sysv: Fix sysv_nblocks() returns wrong value (Chen Zhongjin) - lockd: set other missing fields when unlocking files (Trond Myklebust) - MIPS: OCTEON: warn only once if deprecated link status is being used (Ladislav Michl) - MIPS: BCM63xx: Add check for NULL for clk in clk_enable (Anastasia Belova) - platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register() (Yang Yingliang) - platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() (Yu Liao) - platform/chrome: cros_ec_typec: zero out stale pointers (Victor Ding) - platform/chrome: cros_ec_typec: Cleanup switch handle return paths (Prashant Malani) - PM: runtime: Do not call __rpm_callback() from rpm_idle() (Rafael J. Wysocki) - xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() (Harshit Mogalapalli) - x86/xen: Fix memory leak in xen_init_lock_cpu() (Xiu Jianfeng) - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Xiu Jianfeng) - uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix (Oleg Nesterov) - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (Li Zetao) - clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock() (Yang Yingliang) - cpu/hotplug: Do not bail-out in DYING/STARTING sections (Vincent Donnefort) - cpu/hotplug: Make target_store() a nop when target == state (Phil Auld) - futex: Resend potentially swallowed owner death notification (Alexey Izbyshev) - futex: Move to kernel/futex/ (Peter Zijlstra) - mips: ralink: mt7621: do not use kzalloc too early (John Thomson) - mips: ralink: mt7621: soc queries and tests as functions (John Thomson) - mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem (John Thomson) - clocksource/drivers/sh_cmt: Access registers according to spec (Wolfram Sang) - rapidio: rio: fix possible name leak in rio_register_mport() (Yang Yingliang) - rapidio: fix possible name leaks when rio_add_device() fails (Yang Yingliang) - debugfs: fix error when writing negative value to atomic_t debugfs file (Akinobu Mita) - lib/notifier-error-inject: fix error when writing -errno to debugfs file (Akinobu Mita) - libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value (Akinobu Mita) - cpufreq: amd_freq_sensitivity: Add missing pci_dev_put() (Xiongfeng Wang) - genirq/irqdesc: Don't try to remove non-existing sysfs files (Yang Yingliang) - nfsd: don't call nfsd_file_put from client states seqfile display (Jeff Layton) - NFSD: Finish converting the NFSv2 GETACL result encoder (Chuck Lever) - SUNRPC: Return true/false (not 1/0) from bool functions (Haowen Bai) - EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() (Yang Yingliang) - irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() (Wei Yongjun) - irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe() (Shang XiaoJing) - thermal: core: fix some possible name leaks in error paths (Yang Yingliang) - platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init() (Yuan Can) - perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box() (Xiongfeng Wang) - perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map() (Xiongfeng Wang) - perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() (Xiongfeng Wang) - perf/x86/intel/uncore: Fix reference count leak in sad_cfg_iio_topology() (Xiongfeng Wang) - PNP: fix name memory leak in pnp_alloc_dev() (Yang Yingliang) - selftests/efivarfs: Add checking of the test return value (Zhao Gongyi) - MIPS: vpe-cmp: fix possible memory leak while module exiting (Yang Yingliang) - MIPS: vpe-mt: fix possible memory leak while module exiting (Yang Yingliang) - ocfs2: fix memory leak in ocfs2_stack_glue_init() (Shang XiaoJing) - lib/fonts: fix undefined behavior in bit shift for get_default_font (Gaosheng Cui) - proc: fixup uptime selftest (Alexey Dobriyan) - timerqueue: Use rb_entry_safe() in timerqueue_getnext() (Barnabás PÅcze) - platform/x86: huawei-wmi: fix return value calculation (Barnabás PÅcze) - lib/debugobjects: fix stat count and optimize debug_objects_mem_init (wuchi) - perf: Fix possible memleak in pmu_dev_alloc() (Chen Zhongjin) - selftests/ftrace: event_triggers: wait longer for test_event_enable (Yipeng Zou) - cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() (Chen Hui) - fs: don't audit the capability check in simple_xattr_list() (Ondrej Mosnacek) - PM: hibernate: Fix mistake in kerneldoc comment (xiongxin) - x86/sgx: Reduce delay and interference of enclave release (Reinette Chatre) - alpha: fix syscall entry in !AUDUT_SYSCALL case (Al Viro) - alpha: fix TIF_NOTIFY_SIGNAL handling (Al Viro) - cpuidle: dt: Return the correct numbers of parsed idle states (Ulf Hansson) - sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() (Qais Yousef) - sched/core: Introduce sched_asym_cpucap_active() (Dietmar Eggemann) - sched/fair: Removed useless update of p->recent_used_cpu (Vincent Guittot) - sched/uclamp: Make select_idle_capacity() use util_fits_cpu() (Qais Yousef) - sched/uclamp: Make task_fits_capacity() use util_fits_cpu() (Qais Yousef) - sched/uclamp: Fix relationship between uclamp and migration margin (Qais Yousef) - sched/fair: Cleanup task_util and capacity type (Vincent Donnefort) - ovl: remove privs in ovl_fallocate() (Amir Goldstein) - ovl: remove privs in ovl_copyfile() (Amir Goldstein) - ovl: use ovl_copy_{real,upper}attr() wrappers (Christian Brauner) - ovl: store lower path in ovl_inode (Amir Goldstein) - tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (Michael Kelley) - tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init() (Yuan Can) - pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP (Stephen Boyd) - ARM: mmp: fix timer_read delay (Doug Brown) - pstore/ram: Fix error return code in ramoops_probe() (Wang Yufen) - seccomp: Move copy_seccomp() to no failure path. (Kuniyuki Iwashima) - arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC (Pali Rohár) - ARM: dts: turris-omnia: Add switch port 6 node (Pali Rohár) - ARM: dts: turris-omnia: Add ethernet aliases (Pali Rohár) - ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port (Pali Rohár) - arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name (AngeloGioacchino Del Regno) - arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings (AngeloGioacchino Del Regno) - arm64: dts: mt2712-evb: Fix usb vbus regulators unit names (AngeloGioacchino Del Regno) - arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names (AngeloGioacchino Del Regno) - arm64: dts: mt2712e: Fix unit address for pinctrl node (AngeloGioacchino Del Regno) - arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators (AngeloGioacchino Del Regno) - arm64: dts: mt6779: Fix devicetree build warnings (AngeloGioacchino Del Regno) - ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes (Jonathan Neuschäfer) - arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node (Jayesh Choudhary) - arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node (Jayesh Choudhary) - perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() (Shang XiaoJing) - perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() (Shang XiaoJing) - perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init() (Yuan Can) - arm64: mm: kfence: only handle translation faults (Mark Rutland) - arm64: Treat ESR_ELx as a 64-bit register (Alexandru Elisei) - soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe (Zhang Qilong) - soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe (Zhang Qilong) - soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync (Minghao Chi) - arm: dts: spear600: Fix clcd interrupt (Kory Maincent) - arm64: dts: qcom: sm6125: fix SDHCI CQE reg names (Krzysztof Kozlowski) - soc: qcom: apr: Add check for idr_alloc and of_property_read_string_index (Jiasheng Jiang) - soc: qcom: apr: make code more reuseable (Srinivas Kandagatla) - arm64: dts: qcom: sm8250: drop bogus DP PHY clock (Johan Hovold) - arm64: dts: qcom: sm8350: fix UFS PHY registers (Johan Hovold) - arm64: dts: qcom: sm8250: fix UFS PHY registers (Johan Hovold) - arm64: dts: qcom: sm8150: fix UFS PHY registers (Johan Hovold) - arm64: dts: qcom: Correct QMP PHY child node name (Shawn Guo) - soc: qcom: llcc: make irq truly optional (Luca Weiss) - arm64: dts: qcom: sm8250: correct LPASS pin pull down (Krzysztof Kozlowski) - arm64: dts: qcom: pm660: Use unique ADC5_VCOIN address in node name (Marijn Suijten) - drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static (Chen Jiahao) - ARM: dts: stm32: Fix AV96 WLAN regulator gpio property (Marek Vasut) - ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96 (Marek Vasut) - objtool, kcsan: Add volatile read/write instrumentation to whitelist (Marco Elver) - arm64: dts: qcom: msm8916: Drop MSS fallback compatible (Stephan Gerhold) - arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias (Krzysztof Kozlowski) - arm64: dts: qcom: sdm630: fix UART1 pin bias (Krzysztof Kozlowski) - ARM: dts: qcom: apq8064: fix coresight compatible (Luca Weiss) - arm64: dts: qcom: msm8996: fix GPU OPP table (Dmitry Baryshkov) - arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables (Dmitry Baryshkov) - arm64: dts: qcom: msm8996: Add MSM8996 Pro support (Yassine Oudjana) - arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable (Krzysztof Kozlowski) - arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins (Krzysztof Kozlowski) - usb: musb: remove extra check in musb_gadget_vbus_draw (Ivaylo Dimitrov) - drm/amd/display: Manually adjust strobe for DCN303 (Martin Leung) - LTS version: v5.15.85 (Jack Vogel) - net: loopback: use NET_NAME_PREDICTABLE for name_assign_type (Rasmus Villemoes) - selftests: net: Use "grep -E" instead of "egrep" (Tiezhu Yang) - Bluetooth: L2CAP: Fix u8 overflow (Sungwoo Kim) - HID: uclogic: Add HID_QUIRK_HIDINPUT_FORCE quirk (José Expósito) - usb: dwc3: pci: Update PCIe device ID for USB3 controller on CPU sub-system for Raptor Lake (Shruthi Sanil) - igb: Initialize mailbox message for VF reset (Tony Nguyen) - xhci: Apply XHCI_RESET_TO_DEFAULT quirk to ADL-N (Reka Norman) - USB: serial: f81534: fix division by zero on line-speed change (Johan Hovold) - USB: serial: f81232: fix division by zero on line-speed change (Johan Hovold) - USB: serial: cp210x: add Kamstrup RF sniffer PIDs (Bruno Thomsen) - USB: serial: option: add Quectel EM05-G modem (Duke Xin) - usb: gadget: uvc: Prevent buffer overflow in setup handler (Szymon Heidrich) - udf: Fix extending file within last block (Jan Kara) - udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size (Jan Kara) - udf: Fix preallocation discarding at indirect extent boundary (Jan Kara) - udf: Discard preallocation before extending file with a hole (Jan Kara) - LTS version: v5.15.84 (Jack Vogel) - net: fec: properly guard irq coalesce setup (Rasmus Villemoes) - ASoC: ops: Correct bounds check for second channel on SX controls (Charles Keepax) - nvme-pci: clear the prp2 field when not used (Lei Rao) - perf: Fix perf_pending_task() UaF (Peter Zijlstra) - ASoC: cs42l51: Correct PGA Volume minimum value (Charles Keepax) - net: fec: don't reset irq coalesce settings to defaults on "ip link up" (Rasmus Villemoes) - can: mcba_usb: Fix termination command argument (Yasushi SHOJI) - can: sja1000: fix size of OCR_MODE_MASK define (Heiko Schocher) - pinctrl: meditatek: Startup with the IRQs disabled (Ricardo Ribalda) - libbpf: Use page size as max_entries when probing ring buffer map (Hou Tao) - ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() (Mark Brown) - ASoC: fsl_micfil: explicitly clear CHnF flags (Shengjiu Wang) - ASoC: fsl_micfil: explicitly clear software reset bit (Shengjiu Wang) - nfp: fix use-after-free in area_cache_get() (Jialiang Wang) [Orabug: 34719738] {CVE-2022-3545} - vfs: fix copy_file_range() averts filesystem freeze protection (Amir Goldstein) - x86/vdso: Conditionally export __vdso_sgx_enter_enclave() (Nathan Chancellor) - LTS version: v5.15.83 (Jack Vogel) - io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() (Harshit Mogalapalli) - io_uring: move to separate directory (Jens Axboe) - block: move CONFIG_BLOCK guard to top Makefile (Masahiro Yamada) - can: esd_usb: Allow REC and TEC to return to zero (Frank Jungclaus) - s390/qeth: fix use-after-free in hsci (Alexandra Winter) - s390/qeth: fix various format strings (Heiko Carstens) - macsec: add missing attribute validation for offload (Emeel Hakim) - net: mvneta: Fix an out of bounds check (Dan Carpenter) - net: thunderbolt: fix memory leak in tbnet_open() (Zhengchao Shao) - ipv6: avoid use-after-free in ip6_fragment() (Eric Dumazet) - net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq() (Yang Yingliang) - net: phy: mxl-gpy: fix version reporting (Michael Walle) - xen/netback: fix build warning (Juergen Gross) - dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (Yuan Can) - ethernet: aeroflex: fix potential skb leak in greth_init_rings() (Zhang Changzhong) - tipc: call tipc_lxc_xmit without holding node_read_lock (Xin Long) - net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (Zhengchao Shao) - ipv4: Fix incorrect route flushing when table ID 0 is used (Ido Schimmel) - ipv4: Fix incorrect route flushing when source address is deleted (Ido Schimmel) - tipc: Fix potential OOB in tipc_link_proto_rcv() (YueHaibing) - net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (Liu Jian) - net: mdio: fix unbalanced fwnode reference count in mdio_device_release() (Zeng Heng) - net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (Liu Jian) - net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq (Yongqiang Liu) - net: microchip: sparx5: Fix missing destroy_workqueue of mact_queue (Qiheng Lin) - ip_gre: do not report erspan version on GRE interface (Hangbin Liu) - net: stmmac: fix "snps,axi-config" node property parsing (Jisheng Zhang) - gpio/rockchip: fix refcount leak in rockchip_gpiolib_register() (Wang Yufen) - nvme initialize core quirks before calling nvme_init_subsystem (Pankaj Raghav) - NFC: nci: Bounds check struct nfc_target arrays (Kees Cook) - i40e: Disallow ip4 and ip6 l4_4_bytes (Przemyslaw Patynowski) - i40e: Fix for VF MAC address 0 (Sylwester Dziedziuch) - i40e: Fix not setting default xps_cpus after reset (Michal Jaron) - net: mvneta: Prevent out of bounds read in mvneta_config_rss() (Dan Carpenter) - xen-netfront: Fix NULL sring after live migration (Lin Liu) - octeontx2-pf: Fix potential memory leak in otx2_init_tc() (Ziyang Xuan) - net: mdiobus: fix double put fwnode in the error path (Yang Yingliang) - net: mdiobus: fwnode_mdiobus_register_phy() rework error handling (Oleksij Rempel) - net: encx24j600: Fix invalid logic in reading of MISTAT register (Valentina Goncharenko) - net: encx24j600: Add parentheses to fix precedence (Valentina Goncharenko) - mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() (Wei Yongjun) - selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload (Zhengchao Shao) - net: dsa: sja1105: Check return value (Artem Chernyshev) - net: dsa: hellcreek: Check return value (Artem Chernyshev) - net: dsa: ksz: Check return value (Artem Chernyshev) - Bluetooth: Fix not cleanup led when bt_init fails (Chen Zhongjin) - Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() (Wang ShaoBo) - vmxnet3: use correct intrConf reference when using extended queues (Ronak Doshi) - vmxnet3: correctly report encapsulated LRO packet (Ronak Doshi) - af_unix: Get user_ns from in_skb in unix_diag_get_exact(). (Kuniyuki Iwashima) - drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 (Guillaume BRUN) - net: broadcom: Add PTP_1588_CLOCK_OPTIONAL dependency for BCMGENET under ARCH_BCM2835 (YueHaibing) - igb: Allocate MSI-X vector when testing (Akihiko Odaki) - e1000e: Fix TX dispatch condition (Akihiko Odaki) - gpio: amd8111: Fix PCI device reference count leak (Xiongfeng Wang) - drm/bridge: ti-sn65dsi86: Fix output polarity setting bug (Qiqi Zhang) - netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark (Pablo Neira Ayuso) - ca8210: Fix crash by zero initializing data (Hauke Mehrtens) - ieee802154: cc2520: Fix error return code in cc2520_hw_init() (Ziyang Xuan) - drm/vmwgfx: Fix race issue calling pin_user_pages (Dawei Li) - netfilter: nft_set_pipapo: Actually validate intervals in fields after the first one (Stefano Brivio) - gpiolib: fix memory leak in gpiochip_setup_dev() (Zeng Heng) - gpiolib: check the 'ngpios' property in core gpiolib code (Bartosz Golaszewski) - gpiolib: improve coding style for local variables (Bartosz Golaszewski) - clk: Fix pointer casting to prevent oops in devm_clk_release() (Uwe Kleine-König) - can: af_can: fix NULL pointer dereference in can_rcv_filter (Oliver Hartkopp) - HID: ite: Enable QUIRK_TOUCHPAD_ON_OFF_REPORT on Acer Aspire Switch V 10 (Hans de Goede) - HID: core: fix shift-out-of-bounds in hid_report_raw_event (ZhangPeng) - HID: hid-lg4ff: Add check for empty lbuf (Anastasia Belova) - HID: usbhid: Add ALWAYS_POLL quirk for some mice (Ankit Patel) - net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (Radu Nicolae Pirea (OSS)) - drm/shmem-helper: Avoid vm_open error paths (Rob Clark) - drm/shmem-helper: Remove errant put in error path (Rob Clark) - drm/amdgpu/sdma_v4_0: turn off SDMA ring buffer in the s2idle suspend (Prike Liang) - drm/vmwgfx: Don't use screen objects when SEV is active (Zack Rusin) - KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (Thomas Huth) - Bluetooth: Fix crash when replugging CSR fake controllers (Luiz Augusto von Dentz) - Bluetooth: btusb: Add debug message for CSR controllers (Ismael Ferreras Morezuelas) - mm/gup: fix gup_pud_range() for dax (John Starks) - memcg: fix possible use-after-free in memcg_write_event_control() (Tejun Heo) - media: v4l2-dv-timings.c: fix too strict blanking sanity checks (Hans Verkuil) - Revert "ARM: dts: imx7: Fix NAND controller size-cells" (Francesco Dolcini) - soundwire: intel: Initialize clock stop timeout (Sjoerd Simons) - media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area() (Hans Verkuil) - xen/netback: don't call kfree_skb() with interrupts disabled (Juergen Gross) - xen/netback: do some code cleanup (Juergen Gross) - xen/netback: Ensure protocol headers don't fall in the non-linear area (Ross Lagerwall) - drm/bridge: anx7625: Fix edid_read break case in sp_tx_edid_read() (Hsin-Yi Wang) - cifs: fix use-after-free caused by invalid pointer hostname (Zeng Heng) - rtc: cmos: avoid UIP when reading alarm time (Mateusz JoÅczyk) - rtc: cmos: avoid UIP when writing alarm time (Mateusz JoÅczyk) - rtc: mc146818-lib: extract mc146818_avoid_UIP (Mateusz JoÅczyk) - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths (Jann Horn) - mm/khugepaged: fix GUP-fast interaction by sending IPI (Jann Horn) - mm/khugepaged: take the right locks for page table retraction (Jann Horn) - net: usb: qmi_wwan: add u-blox 0x1342 composition (Davide Tronchin) - 9p/xen: check logical size for buffer size (Dominique Martinet) - usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer (Thinh Nguyen) - fbcon: Use kzalloc() in fbcon_prepare_logo() (Tetsuo Handa) - regulator: twl6030: fix get status of twl6032 regulators (Andreas Kemnade) - ASoC: soc-pcm: Add NULL check in BE reparenting (Srinivasa Rao Mandadapu) - btrfs: send: avoid unaligned encoded writes when attempting to clone range (Filipe Manana) - selftests/net: Find nettest in current directory (Daniel DÃaz) - ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event (Kees Cook) - regulator: slg51000: Wait after asserting CS pin (Konrad Dybcio) - 9p/fd: Use P9_HDRSZ for header size (GUO Zihua) - ASoC: rt711-sdca: fix the latency time of clock stop prepare state machine transitions (Shuming Fan) - ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 (Johan Jonker) - spi: mediatek: Fix DEVAPC Violation at KO Remove (Zhichao Liu) - ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register (Chancel Liu) - ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation (Giulio Benetti) - ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels (Tomislav Novak) - fs: use acquire ordering in __fget_light() (Jann Horn) - ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name (Johan Jonker) - arm64: dts: rockchip: fix ir-receiver node names (Johan Jonker) - ARM: dts: rockchip: fix ir-receiver node names (Johan Jonker) - arm: dts: rockchip: remove clock-frequency from rtc (Sebastian Reichel) - arm: dts: rockchip: fix node name for hym8563 rtc (Sebastian Reichel) - arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series (FUKAUMI Naoki) - mmc: mtk-sd: Fix missing clk_disable_unprepare in msdc_of_clock_parse() (Gaosheng Cui) - clk: Provide new devm_clk helpers for prepared and enabled clocks (Uwe Kleine-König) - clk: generalize devm_clk_get() a bit (Uwe Kleine-König) - LTS version: v5.15.82 (Jack Vogel) - ipc/sem: Fix dangling sem_array access in semtimedop race (Jann Horn) - Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send() (Zhang Xiaoxu) - char: tpm: Protect tpm_pm_suspend with locks (Jan Dabros) - Revert "clocksource/drivers/riscv: Events are stopped during CPU suspend" (Conor Dooley) - ACPI: HMAT: Fix initiator registration for single-initiator systems (Vishal Verma) - ACPI: HMAT: remove unnecessary variable initialization (Vishal Verma) - i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set (Andrew Lunn) - i2c: npcm7xx: Fix error handling in npcm_i2c_init() (Yuan Can) - serial: stm32: Deassert Transmit Enable on ->rs485_config() (Lukas Wunner) - serial: stm32: Use TC interrupt to deassert GPIO RTS in RS485 mode (Marek Vasut) - serial: stm32: Factor out GPIO RTS toggling into separate function (Marek Vasut) - ipv4: Fix route deletion when nexthop info is not specified (Ido Schimmel) - ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference (David Ahern) [Orabug: 34703911] {CVE-2022-3435} - selftests: net: fix nexthop warning cleanup double ip typo (Nikolay Aleksandrov) - selftests: net: add delete nexthop route warning test (Nikolay Aleksandrov) - Kconfig.debug: provide a little extra FRAME_WARN leeway when KASAN is enabled (Lee Jones) - parisc: Increase FRAME_WARN to 2048 bytes on parisc (Helge Deller) - mm: migrate: fix THP's mapcount on isolation (Gavin Shan) - mm: __isolate_lru_page_prepare() in isolate_migratepages_block() (Hugh Dickins) - iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() (Xiongfeng Wang) - iommu/vt-d: Fix PCI device refcount leak in has_external_pci() (Xiongfeng Wang) - nvme: fix SRCU protection of nvme_ns_head list (Caleb Sander) - riscv: kexec: Fixup irq controller broken in kexec crash path (Guo Ren) - riscv: fix race when vmap stack overflow (Jisheng Zhang) - riscv: Sync efi page table's kernel mappings before switching (Alexandre Ghiti) - pinctrl: single: Fix potential division by zero (Maxim Korotkov) - ASoC: ops: Fix bounds check for _sx controls (Mark Brown) - KVM: x86/mmu: Fix race condition in direct_page_fault (Kazuki Takiguchi) [Orabug: 34951672] {CVE-2022-45869} - io_uring/poll: fix poll_refs race with cancelation (Lin Ma) - io_uring: make poll refs more robust (Pavel Begunkov) - io_uring: cmpxchg for poll arm refs release (Pavel Begunkov) - io_uring: fix tw losing poll events (Pavel Begunkov) - io_uring: update res mask in io_poll_check_events (Pavel Begunkov) - tracing: Free buffers when a used dynamic event is removed (Steven Rostedt (Google)) - tracing: Fix race where histograms can be called before the event (Steven Rostedt (Google)) - tracing/osnoise: Fix duration type (Daniel Bristot de Oliveira) - drm/i915: Never return 0 if not all requests retired (Janusz Krzysztofik) - drm/i915: Fix negative value passed as remaining time (Janusz Krzysztofik) - drm/amdgpu: enable Vangogh VCN indirect sram mode (Leo Liu) - drm/amdgpu: temporarily disable broken Clang builds due to blown stack-frame (Lee Jones) - mmc: sdhci: Fix voltage switch delay (Adrian Hunter) - mmc: sdhci-sprd: Fix no reset data and command after voltage switch (Wenchao Chen) - mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check (Sebastian Falbesoner) - mmc: core: Fix ambiguous TRIM and DISCARD arg (Christian Löhle) - mmc: mmc_test: Fix removal of debugfs file (Ye Bin) - net: stmmac: Set MAC's flow control register to reflect current settings (Goh, Wei Sheng) - v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails (Linus Torvalds) - pinctrl: intel: Save and restore pins in "direct IRQ" mode (Andy Shevchenko) - x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 (Pawan Gupta) - nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() (ZhangPeng) - tools/vm/slabinfo-gnuplot: use "grep -E" instead of "egrep" (Tiezhu Yang) - error-injection: Add prompt for function error injection (Steven Rostedt (Google)) - ALSA: dice: fix regression for Lexicon I-ONIX FW810S (Takashi Sakamoto) - riscv: mm: Proper page permissions after initmem free (Björn Töpel) - riscv: vdso: fix section overlapping under some conditions (Jisheng Zhang) - hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (Yang Yingliang) - hwmon: (coretemp) Check for null before removing sysfs attrs (Phil Auld) - net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed (Yoshihiro Shimoda) - sctp: fix memory leak in sctp_stream_outq_migrate() (Zhengchao Shao) - packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE (Willem de Bruijn) - net: tun: Fix use-after-free in tun_detach() (Shigeru Yoshida) - afs: Fix fileserver probe RTT handling (David Howells) - net: mdiobus: fix unbalanced node reference count (Yang Yingliang) - net: hsr: Fix potential use-after-free (YueHaibing) - tipc: re-fetch skb cb after tipc_msg_validate (Xin Long) - dsa: lan9303: Correct stat name (Jerry Ray) - net: wwan: iosm: fix dma_alloc_coherent incompatible pointer type (M Chetan Kumar) - net: wwan: iosm: fix kernel test robot reported error (M Chetan Kumar) - net: ethernet: nixge: fix NULL dereference (Yuri Karpov) - net/9p: Fix a potential socket leak in p9_socket_open (Wang Hai) - net: net_netdev: Fix error handling in ntb_netdev_init_module() (Yuan Can) - net: ethernet: ti: am65-cpsw: fix error handling in am65_cpsw_nuss_probe() (Zhang Changzhong) - net: phy: fix null-ptr-deref while probe() failed (Yang Yingliang) - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration (Lorenzo Bianconi) - wifi: cfg80211: don't allow multi-BSSID in S1G (Johannes Berg) - wifi: cfg80211: fix buffer overflow in elem comparison (Johannes Berg) - aquantia: Do not purge addresses when setting the number of rings (Izabela Bakollari) - qlcnic: fix sleep-in-atomic-context bugs caused by msleep (Duoming Zhou) - can: m_can: Add check for devm_clk_get (Jiasheng Jiang) - can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods (Zhang Changzhong) - can: etas_es58x: es58x_init_netdev(): free netdev when register_candev() (Zhang Changzhong) - can: cc770: cc770_isa_probe(): add missing free_cc770dev() (Zhang Changzhong) - can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() (Zhang Changzhong) - net/mlx5e: Fix use-after-free when reverting termination table (Roi Dayan) - net/mlx5: Fix uninitialized variable bug in outlen_write() (YueHaibing) - net/mlx5: DR, Fix uninitialized var warning (YueHaibing) - net/mlx5: DR, Rename list field in matcher struct to list_node (Yevgeny Kliteynik) - e100: Fix possible use after free in e100_xmit_prepare (Wang Hai) - iavf: Fix error handling in iavf_init_module() (Yuan Can) - iavf: remove redundant ret variable (Minghao Chi) - fm10k: Fix error handling in fm10k_init_module() (Yuan Can) - i40e: Fix error handling in i40e_init_module() (Shang XiaoJing) - ixgbevf: Fix resource leak in ixgbevf_init_module() (Shang XiaoJing) - of: property: decrement node refcount in of_fwnode_get_reference_args() (Yang Yingliang) - nvmem: rmem: Fix return value check in rmem_read() (Wei Yongjun) - bpf: Do not copy spin lock field from user in bpf_selem_alloc (Xu Kuohai) - hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails (Gaosheng Cui) - hwmon: (i5500_temp) fix missing pci_disable_device() (Yang Yingliang) - hwmon: (ina3221) Fix shunt sum critical calculation (Ninad Malwade) - hwmon: (ltc2947) fix temperature scaling (Derek Nguyen) - libbpf: Handle size overflow for ringbuf mmap (Hou Tao) - ARM: at91: rm9200: fix usb device clock id (Michael Grzeschik) - scripts/faddr2line: Fix regression in name resolution on ppc64le (Srikar Dronamraju) - bpf, perf: Use subprog name when reporting subprog ksymbol (Hou Tao) - iio: light: rpr0521: add missing Kconfig dependencies (Paul Gazzillo) - iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw (Wei Yongjun) - iio: health: afe4403: Fix oob read in afe4403_read_raw (Wei Yongjun) - drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read" (Alex Deucher) - drm/amdgpu: update drm_display_info correctly when the edid is read (Claudio Suarez) - drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code (Lyude Paul) - btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (ChenXiaoSong) - btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker (Nikolay Borisov) - spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock (Frieder Schrempf) - btrfs: free btrfs_path before copying inodes to userspace (Anand Jain) - btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino (David Sterba) - erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang) - drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (Chris Wilson) - drm/i915: Create a dummy object for gen6 ppgtt (Maarten Lankhorst) - arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored (Catalin Marinas) - LTS version: v5.15.81 (Jack Vogel) - cifs: fix missed refcounting of ipc tcon (Paulo Alcantara) - drm/i915: fix TLB invalidation for Gen12 video and compute engines (Andrzej Hajda) [Orabug: 35005633] {CVE-2022-4139} - drm/amdgpu: always register an MMU notifier for userptr (Christian König) - drm/amdgpu: Enable Aldebaran devices to report CU Occupancy (Ramesh Errabolu) - drm/amd/display: No display after resume from WB/CB (Tsung-hua Lin) - drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN (Lyude Paul) - btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() (Zhen Lei) - btrfs: use kvcalloc in btrfs_get_dev_zone_info (Christoph Hellwig) - btrfs: zoned: fix missing endianness conversion in sb_write_pointer (Christoph Hellwig) - btrfs: free btrfs_path before copying subvol info to userspace (Anand Jain) - btrfs: free btrfs_path before copying fspath to userspace (Anand Jain) - btrfs: free btrfs_path before copying root refs to userspace (Josef Bacik) - genirq: Take the proposed affinity at face value if force==true (Luiz Capitulino) - irqchip/gic-v3: Always trust the managed affinity provided by the core code (Luiz Capitulino) - genirq: Always limit the affinity to online CPUs (Luiz Capitulino) - genirq/msi: Shutdown managed interrupts with unsatifiable affinities (Luiz Capitulino) - wifi: wilc1000: validate number of channels (Phil Turnbull) - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute (Phil Turnbull) - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute (Phil Turnbull) - wifi: wilc1000: validate pairwise and authentication suite offsets (Phil Turnbull) - fuse: lock inode unconditionally in fuse_fallocate() (Miklos Szeredi) - dm integrity: clear the journal on suspend (Mikulas Patocka) - dm integrity: flush the journal on suspend (Mikulas Patocka) - gpu: host1x: Avoid trying to use GART on Tegra20 (Robin Murphy) - scsi: iscsi: Fix possible memory leak when device_register() failed (Zhou Guanghui) - net: usb: qmi_wwan: add Telit 0x103a composition (Enrico Sau) - tcp: configurable source port perturb table size (Gleb Mazovetskiy) - platform/x86: ideapad-laptop: Fix interrupt storm on fn-lock toggle on some Yoga laptops (Arnav Rawat) - platform/x86: hp-wmi: Ignore Smart Experience App event (Kai-Heng Feng) - zonefs: fix zone report size in __zonefs_io_error() (Damien Le Moal) - drm/amdgpu: disable BACO support on more cards (Guchun Chen) - platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) (Hans de Goede) - platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() (Xiongfeng Wang) - xen/platform-pci: add missing free_irq() in error path (ruanjinjie) - xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too (Marek Marczykowski-Górecki) - ASoC: stm32: dfsdm: manage cb buffers cleanup (Olivier Moysan) - Input: i8042 - apply probe defer to more ASUS ZenBook models (Takashi Iwai) - Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] (Hans de Goede) - Input: soc_button_array - add use_low_level_irq module parameter (Hans de Goede) - Input: goodix - try resetting the controller when no config is set (Hans de Goede) - serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios() (Lukas Wunner) - tools: iio: iio_generic_buffer: Fix read size (Matti Vaittinen) - ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 (Hans de Goede) - Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode (Aman Dhoot) - x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (Michael Kelley) - x86/pm: Add enumeration check before spec MSRs save/restore setup (Pawan Gupta) - x86/tsx: Add a feature bit for TSX control MSR support (Pawan Gupta) - KVM: x86: remove exit_int_info warning in svm_handle_exit (Maxim Levitsky) - KVM: x86: add kvm_leave_nested (Maxim Levitsky) - KVM: x86: nSVM: harden svm_free_nested against freeing vmcb02 while still in use (Maxim Levitsky) - KVM: x86: forcibly leave nested mode on vCPU reset (Maxim Levitsky) - KVM: x86: nSVM: leave nested mode on vCPU free (Maxim Levitsky) - mm: vmscan: fix extreme overreclaim and swap floods (Johannes Weiner) - gcov: clang: fix the buffer overflow issue (Mukesh Ojha) - nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty (Chen Zhongjin) - usb: dwc3: gadget: Clear ep descriptor last (Thinh Nguyen) - usb: dwc3: gadget: Return -ESHUTDOWN on ep disable (Thinh Nguyen) - usb: dwc3: gadget: conditionally remove requests (Michael Grzeschik) - bus: ixp4xx: Don't touch bit 7 on IXP42x (Linus Walleij) - iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails (Chen Zhongjin) - iio: light: apds9960: fix wrong register for gesture gain (Alejandro Concepción RodrÃguez) - arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency (Jakob Unterwurzacher) - ext4: fix use-after-free in ext4_ext_shift_extents (Baokun Li) - usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1 (Pawel Laszczak) - usb: cdnsp: Fix issue with Clear Feature Halt Endpoint (Pawel Laszczak) - usb: dwc3: exynos: Fix remove() function (Marek Szyprowski) - KVM: arm64: pkvm: Fixup boot mode to reflect that the kernel resumes from EL1 (Marc Zyngier) - mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI (Brian Norris) - mmc: sdhci-brcmstb: Enable Clock Gating to save power (Al Cooper) - mmc: sdhci-brcmstb: Re-organize flags (Al Cooper) - nios2: add FORCE for vmlinuz.gz (Randy Dunlap) - init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash (Alexandre Belloni) - lib/vdso: use "grep -E" instead of "egrep" (Greg Kroah-Hartman) - s390/crashdump: fix TOD programmable field size (Heiko Carstens) - net: thunderx: Fix the ACPI memory leak (Yu Liao) - octeontx2-af: Fix reference count issue in rvu_sdp_init() (Xiongfeng Wang) - octeontx2-pf: Add check for devm_kcalloc (Jiasheng Jiang) - net: enetc: preserve TX ring priority across reconfiguration (Vladimir Oltean) - net: enetc: cache accesses to &priv->si->hw (Vladimir Oltean) - net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled (Vladimir Oltean) - nfc: st-nci: fix incorrect sizing calculations in EVT_TRANSACTION (Martin Faltesek) - nfc: st-nci: fix memory leaks in EVT_TRANSACTION (Martin Faltesek) - nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek) - s390/dasd: fix no record found for raw_track_access (Stefan Haberland) - arcnet: fix potential memory leak in com20020_probe() (Wang Hai) - ipv4: Fix error return code in fib_table_insert() (Ziyang Xuan) - dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). (Kuniyuki Iwashima) - fs: do not update freeing inode i_io_list (Svyatoslav Feldsherov) - netfilter: flowtable_offload: add missing locking (Felix Fietkau) - netfilter: ipset: restore allowing 64 clashing elements in hash:net,iface (Jozsef Kadlecsik) - dma-buf: fix racing conflict of dma_heap_add() (Dawei Li) - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (Yang Yingliang) - regulator: twl6030: re-add TWL6032_SUBCLASS (Andreas Kemnade) - NFC: nci: fix memory leak in nci_rx_data_packet() (Liu Shixin) - net: sched: allow act_ct to be built without NF_NAT (Xin Long) - net: sparx5: fix error handling in sparx5_port_open() (Liu Jian) - sfc: fix potential memleak in __ef100_hard_start_xmit() (Zhang Changzhong) - net: wwan: iosm: use ACPI_FREE() but not kfree() in ipc_pcie_read_bios_cfg() (Wang ShaoBo) - xfrm: Fix ignored return value in xfrm6_init() (Chen Zhongjin) - xfrm: Fix oops in __xfrm_state_delete() (Thomas Jarosch) - tipc: check skb_linearize() return value in tipc_disc_rcv() (YueHaibing) - tipc: add an extra conn_get in tipc_conn_alloc (Xin Long) - tipc: set con sock in tipc_conn_alloc (Xin Long) - net/mlx5: Fix handling of entry refcount when command is not issued to FW (Moshe Shemesh) - net/mlx5: Fix FW tracer timestamp calculation (Moshe Shemesh) - net/mlx5: Do not query pci info while pci disabled (Roy Novich) - netfilter: ipset: regression in ip_set_hash_ip.c (Vishwanath Pai) - Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() (Yang Yingliang) - Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() (Yang Yingliang) - macsec: Fix invalid error code set (YueHaibing) - nfp: add port from netdev validation for EEPROM access (Jaco Coetzee) - nfp: fill splittable of devlink_port_attrs correctly (Diana Wang) - net: pch_gbe: fix pci device refcount leak while module exiting (Yang Yingliang) - octeontx2-af: debugsfs: fix pci device refcount leak (Yang Yingliang) - net/qla3xxx: fix potential memleak in ql3xxx_send() (Zhang Changzhong) - net: mvpp2: fix possible invalid pointer dereference (Hui Tang) - net/mlx4: Check retval of mlx4_bitmap_init (Peter Kosyh) - net: ethernet: mtk_eth_soc: fix error handling in mtk_open() (Liu Jian) - ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties (Fabio Estevam) - ARM: mxs: fix memory leak in mxs_machine_init() (Zheng Yongjun) - iavf: Fix race condition between iavf_shutdown and iavf_remove (Slawomir Laba) - iavf: Do not restart Tx queues after reset task failure (Ivan Vecera) - iavf: Fix a crash during reset task (Ivan Vecera) - netfilter: nf_tables: do not set up extensions for end interval (Pablo Neira Ayuso) - netfilter: conntrack: Fix data-races around ct mark (Daniel Xu) - 9p/fd: fix issue of list_del corruption in p9_fd_cancel() (Zhengchao Shao) - net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() (Wang Hai) - nfc/nci: fix race with opening and closing (Lin Ma) - net: dsa: sja1105: disallow C45 transactions on the BASE-TX MDIO bus (Vladimir Oltean) - rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] (David Howells) - rxrpc: Use refcount_t rather than atomic_t (David Howells) - rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc (David Howells) - net: liquidio: simplify if expression (Leon Romanovsky) - selftests: mptcp: fix mibit vs mbit mix up (Matthieu Baerts) - selftests: mptcp: more stable simult_flows tests (Paolo Abeni) - ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl (Michael Grzeschik) - tee: optee: fix possible memory leak in optee_register_device() (Yang Yingliang) - bus: sunxi-rsb: Support atomic transfers (Samuel Holland) - bus: sunxi-rsb: Remove the shutdown callback (Samuel Holland) - regulator: core: fix UAF in destroy_regulator() (Yang Yingliang) - spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld() (Xiongfeng Wang) - regulator: core: fix kobject release warning and memory leak in regulator_register() (Zeng Heng) - ASoC: max98373: Add checks for devm_kcalloc (Jiasheng Jiang) - scsi: storvsc: Fix handling of srb_status and capacity change events (Michael Kelley) - x86/hyperv: Restore VP assist page after cpu offlining/onlining (Vitaly Kuznetsov) - ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() (Richard Fitzgerald) - ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove (Detlev Casanova) - ASoC: hdac_hda: fix hda pcm buffer overflow issue (Junxiao Chang) - ARM: dts: am335x-pcm-953: Define fixed regulators in root node (Dominik Haller) - af_key: Fix send_acquire race with pfkey_register (Herbert Xu) - xfrm: replay: Fix ESN wrap around for GSO (Christian Langrock) - xfrm: fix "disable_policy" on ipv4 early demux (Eyal Birger) - MIPS: pic32: treat port as signed integer (Jason A. Donenfeld) - RISC-V: vdso: Do not add missing symbols to version section in linker script (Nathan Chancellor) - ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue (Ai Chao) - Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly"" (Asher Song) - nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked (Aleksandr Miloserdov) - arm64/syscall: Include asm/ptrace.h in syscall_wrapper header. (Kuniyuki Iwashima) - block, bfq: fix null pointer dereference in bfq_bio_bfqg() (Yu Kuai) - drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (Hans de Goede) - scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC (Bart Van Assche) - scsi: ibmvfc: Avoid path failures during live migration (Brian King) - platform/x86/intel/hid: Add some ACPI device IDs (Ivan Hu) - platform/x86/intel/pmt: Sapphire Rapids PMT errata fix (David E. Box) - platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2 2-in-1 (Hans de Goede) - platform/x86: ideapad-laptop: Disable touchpad_switch (Manyi Li) - Revert "net: macsec: report real_dev features when HW offloading is enabled" (Sabrina Dubroca) - selftests/bpf: Add verifier test for release_reference() (Youlin Li) - spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run (Sean Nyekjaer) - wifi: ath11k: Fix QCN9074 firmware boot on x86 (Tyler J. Stachecki) - wifi: mac80211: Fix ack frame idr leak when mesh has no route (Nicolas Cavallari) - wifi: airo: do not assign -1 to unsigned char (Jason A. Donenfeld) - audit: fix undefined behavior in bit shift for AUDIT_BIT (Gaosheng Cui) - riscv: dts: sifive unleashed: Add PWM controlled LEDs (Emil Renner Berthing) - wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support (Jonas Jelonek) - wifi: mac80211: fix memory free error when registering wiphy fail (taozhang) - ceph: fix NULL pointer dereference for req->r_session (Xiubo Li) - ceph: Use kcalloc for allocating multiple elements (Kenneth Lee) - binder: validate alloc->mm in ->mmap() handler (Carlos Llamas) - x86/sgx: Add overflow check in sgx_validate_offset_length() (Borys PopÅawski) - x86/sgx: Create utility to validate user provided offset and length (Reinette Chatre) - ceph: avoid putting the realm twice when decoding snaps fails (Xiubo Li) - ceph: do not update snapshot context when there is no new snapshot (Xiubo Li) - iio: pressure: ms5611: fixed value compensation bug (Mitja Spes) - iio: ms5611: Simplify IO callback parameters (Lars-Peter Clausen) - nvme-pci: add NVME_QUIRK_BOGUS_NID for Netac NV7000 (Tiago Dias Ferreira) - nvme-pci: disable write zeroes on various Kingston SSD (Xander Li) - nvme-pci: disable namespace identifiers for the MAXIO MAP1001 (Christoph Hellwig) - nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro (Bean Huo) - nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH (Leo Savernik) - drm/display: Don't assume dual mode adaptors support i2c sub-addressing (Simon Rettberg) - ata: libata-core: do not issue non-internal commands once EH is pending (Niklas Cassel) - ata: libata-scsi: simplify __ata_scsi_queuecmd() (Wenchao Hao) - cifs: Fix connections leak when tlink setup failed (Zhang Xiaoxu) - cifs: support nested dfs links over reconnect (Paulo Alcantara) - cifs: split out dfs code from cifs_reconnect() (Paulo Alcantara) - cifs: introduce new helper for cifs_reconnect() (Paulo Alcantara) - sctp: clear out_curr if all frag chunks of current msg are pruned (Xin Long) - sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent (Xin Long) - tty: serial: fsl_lpuart: don't break the on-going transfer when global reset (Sherry Sun) - serial: fsl_lpuart: Fill in rs485_supported (Ilpo Järvinen) - serial: Add rs485_supported to uart_port (Ilpo Järvinen) - ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N (Maarten Zanders) - ASoC: fsl_sai: use local device pointer (Marco Felsch) - net: mana: Fix race on per-CQ variable napi work_done (Haiyang Zhang) [Orabug: 34917684] - vhost-scsi: Fix max number of virtqueues (Mike Christie) [Orabug: 34915127] - uek_kabi: unneeded include of uek_kabi.h in ip.h (Alan Maguire) [Orabug: 34911234] - uek-container: Enable CONFIG_IA32_EMULATION (Liam Merwick) [Orabug: 34909790] - uek-rpm: Disable CONFIG_SND_PCM_OSS for OL8 and OL9 (Harshit Mogalapalli) [Orabug: 34885467] - uek-container: ol9: Update config with that generated by 'make olddefconfig' (Liam Merwick) [Orabug: 34850980] - uek-container: ol8: Update config with that generated by 'make olddefconfig' (Liam Merwick) [Orabug: 34850980] - uek-container: Fix x86_64 PVH ELF note with binutils >= 2.36 (Liam Merwick) [Orabug: 34850980] - uek-rpm: ol9: Add spec file changes to build container kernel (Liam Merwick) [Orabug: 34850980] - uek-rpm: ol8: Add spec file changes to build container kernel (Liam Merwick) [Orabug: 34850980]
SRPMs
https://oss.oracle.com:443/ol8/SRPMS-updates//kernel-uek-5.15.0-7.86.6.1.el8uek.src.rpm
x86_64
kernel-uek-container-5.15.0-7.86.6.1.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-7.86.6.1.el8uek.x86_64.rpm - uek-rpm: ol9: x86_64: Add kernel-uek-container config file (Liam Merwick) [Orabug: 34850980] - uek-rpm: ol8: x86_64: Add kernel-uek-container config file (Liam Merwick) [Orabug: 34850980]
aarch64
i386
