Oracle9: ELSA-2024-12272: kernel Important Security Update
Summary
[5.15.0-205.149.5.1.el9uek] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection (BHI) bug (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Add support for clearing branch history at syscall entry (Pawan Gupta) [Orabug: 36384802] {CVE-2024-2201} - x86/cpufeature: Add missing leaf enumeration (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - KVM: x86: Use a switch statement and macros in __feature_translate() (Jim Mattson) [Orabug: 36384802] {CVE-2024-2201} - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (Jim Mattson) [Orabug: 36384802] {CVE-2024-2201} - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs (Sean Christopherson) [Orabug: 36384802] {CVE-2024-2201} - x86/bugs: Use sysfs_emit() (Borislav Petkov) [Orabug: 36384802] {CVE-2024-2201} - x86/cpu: Support AMD Automatic IBRS (Kim Phillips) [Orabug: 36384802] {CVE-2024-2201} - Documentation/hw-vuln: Update spectre doc (Lin Yujun) [Orabug: 36384802] {CVE-2024-2201} - x86/speculation: Reorder SRSO and GDS functions (Alexandre Chartre) [Orabug: 36384802] {CVE-2024-2201} [5.15.0-205.149.5.el9uek] - uek-rpm: Bluefield 3: enable lockdown mode for secure boot (Dave Kleikamp) [Orabug: 36318788] - Documentation/x86: Update split lock documentation (Tony Luck) [Orabug: 36298291] - x86/split_lock: Add sysctl to control the misery mode (Guilherme G. Piccoli) [Orabug: 36298291] - x86/split-lock: Remove unused TIF_SLD bit (Tony Luck) [Orabug: 36298291] - x86/split_lock: Make life miserable for split lockers (Tony Luck) [Orabug: 36298291] [5.15.0-205.149.4.el9uek] - Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST (Luiz Augusto von Dentz) - netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate() (Ignat Korchagin) - ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails (Fedor Pchelkin) - afs: Fix endless loop in directory parsing (David Howells) - PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (Dan Carpenter) - Revert "drm/bridge: lt8912b: Register and attach our DSI device at probe" (Max Krummenacher) - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (Javier Carrasco) - usb: dwc3: gadget: Don't disconnect if not started (Thinh Nguyen) - platform/x86: intel-vbtn: Stop calling "VBDL" from notify_handler (Hans de Goede) - Fix null ptr in rds_tcp_recv_path (Allison Henderson) [Orabug: 35587408] - cifs: fix mid leak during reconnection after timeout threshold (Shyam Prasad N) [Orabug: 36123597] - vfio/mlx5: Activate the chunk mode functionality (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Add support for READING in chunk mode (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Add support for SAVING in chunk mode (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Pre-allocate chunks for the STOP_COPY phase (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Rename some stuff to match chunk mode (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Enable querying state size which is > 4GB (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Refactor the SAVE callback to activate a work only upon an error (Yishai Hadas) [Orabug: 36298327] - vfio/mlx5: Wake up the reader post of disabling the SAVING migration file (Yishai Hadas) [Orabug: 36298327] - net/mlx5: Introduce ifc bits for migration in a chunk mode (Yishai Hadas) [Orabug: 36298327] - af_unix: Drop oob_skb ref before purging queue in GC. (Kuniyuki Iwashima) [Orabug: 36375407] - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Shradha Gupta) [Orabug: 36379479] [5.15.0-205.149.3.el9uek] - net/rds: print PPID/COMM of process doing user reset on RDS connection (Juan Garcia) [Orabug: 36248460] - platform/mellanox: mlxbf-pmc: Fix offset calculation for crspace events (Shravan Kumar Ramani) [Orabug: 36299543] - platform/mellanox: mlxbf-tmfifo: Drop Tx network packet when Tx TmFIFO is full (Liming Sun) [Orabug: 36299543] - platform/mellanox: mlxbf-tmfifo: Remove unnecessary bool conversion (Jules Irenge) [Orabug: 36299543] - power: reset: pwr-mlxbf: support graceful reboot instead of emergency reset (Asmaa Mnebhi) [Orabug: 36299543] - platform/mellanox: tmfifo: fix kernel-doc warnings (Randy Dunlap) [Orabug: 36299543] - platform/mellanox: mlxbf-tmfifo: Convert to platform remove callback returning void (Uwe Kleine-König) [Orabug: 36299543] - platform/mellanox: mlxbf-pmc: Add support for BlueField-3 (Shravan Kumar Ramani) [Orabug: 36299543] - pwr-mlxbf: extend Kconfig to include gpio-mlxbf3 dependency (David Thompson) [Orabug: 36299543] - pinctrl: mlxbf3: Remove gpio_disable_free() (Asmaa Mnebhi) [Orabug: 36299543] - gpio: mlxbf3: use capital "OR" for multiple licenses in SPDX (Krzysztof Kozlowski) [Orabug: 36299543] - pinctrl: use capital "OR" for multiple licenses in SPDX (Krzysztof Kozlowski) [Orabug: 36299543] - gpio: mlxbf3: Support add_pin_ranges() (Asmaa Mnebhi) [Orabug: 36299543] - uek: kabi: Add two new exported kABI symbols for ACFS and EDV (Saeed Mirzamohammadi) [Orabug: 36303821] - uek-rpm: Update the aarch64 kABI files for new symbol (Yifei Liu) [Orabug: 36323808] - arm64: Minimize tlb flush due to vttbr writes on AmpereOne (Ganapatrao Kulkarni) [Orabug: 36349790] [5.15.0-205.149.2.el9uek] - LTS version: v5.15.149 (Vijayendra Suman) - usb: dwc3: gadget: Ignore End Transfer delay on teardown (Thinh Nguyen) - media: Revert "media: rkisp1: Drop IRQF_SHARED" (Tomi Valkeinen) - usb: dwc3: gadget: Execute gadget stop after halting the controller (Wesley Cheng) - usb: dwc3: gadget: Don't delay End Transfer on delayed_status (Thinh Nguyen) - staging: fbtft: core: set smem_len before fb_deferred_io_init call (Peter Suti) - smb3: Replace smb2pdu 1-element arrays with flex-arrays (Kees Cook) - fs/ntfs3: Add null pointer checks (Konstantin Komarov) - net: bcmgenet: Fix EEE implementation (Florian Fainelli) - drm/msm/dsi: Enable runtime PM (Konrad Dybcio) - PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (Douglas Anderson) - dm: limit the number of targets and parameter size area (Mikulas Patocka) - nilfs2: replace WARN_ONs for invalid DAT metadata block requests (Ryusuke Konishi) - nilfs2: fix potential bug in end_buffer_async_write (Ryusuke Konishi) - sched/membarrier: reduce the ability to hammer on sys_membarrier (Linus Torvalds) - netfilter: ipset: Missing gc cancellations fixed (Jozsef Kadlecsik) - net: prevent mss overflow in skb_segment() (Eric Dumazet) - hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range() (Davidlohr Bueso) - netfilter: ipset: fix performance regression in swap operation (Jozsef Kadlecsik) - scripts/decode_stacktrace.sh: optionally use LLVM utilities (Carlos Llamas) - scripts: decode_stacktrace: demangle Rust symbols (Miguel Ojeda) - scripts/decode_stacktrace.sh: support old bash version (Schspa Shi) - fbdev: flush deferred IO before closing (Nam Cao) - fbdev: Fix incorrect page mapping clearance at fb_deferred_io_release() (Takashi Iwai) - fbdev: Fix invalid page access after closing deferred I/O devices (Takashi Iwai) - fbdev: Rename pagelist to pagereflist for deferred I/O (Thomas Zimmermann) - fbdev: Track deferred-I/O pages in pageref struct (Thomas Zimmermann) - fbdev: defio: fix the pagelist corruption (Chuansheng Liu) - fbdev: Don't sort deferred-I/O pages by default (Thomas Zimmermann) - fbdev/defio: Early-out if page is already enlisted (Thomas Zimmermann) - serial: 8250_exar: Set missing rs485_supported flag (Lino Sanfilippo) - serial: 8250_exar: Fill in rs485_supported (Ilpo Järvinen) - usb: dwc3: gadget: Queue PM runtime idle on disconnect event (Wesley Cheng) - usb: dwc3: gadget: Handle EP0 request dequeuing properly (Wesley Cheng) - usb: dwc3: gadget: Refactor EP0 forced stall/restart into a separate API (Wesley Cheng) - usb: dwc3: gadget: Stall and restart EP0 if host is unresponsive (Wesley Cheng) - usb: dwc3: gadget: Submit endxfer command if delayed during disconnect (Wesley Cheng) - usb: dwc3: gadget: Force sending delayed status during soft disconnect (Wesley Cheng) - usb: dwc3: Fix ep0 handling when getting reset while doing control transfer (Mayank Rana) - usb: dwc3: gadget: Delay issuing End Transfer (Thinh Nguyen) - usb: dwc3: gadget: Only End Transfer for ep0 data phase (Thinh Nguyen) - usb: dwc3: ep0: Don't prepare beyond Setup stage (Thinh Nguyen) - usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue (Thinh Nguyen) - crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (Tianjia Zhang) - bus: moxtet: Add spi device table (Sjoerd Simons) - dma-buf: add dma_fence_timestamp helper (Christian König) - af_unix: Fix task hung while purging oob_skb in GC. (Kuniyuki Iwashima) - tracing: Inform kmemleak of saved_cmdlines allocation (Steven Rostedt (Google)) - pmdomain: core: Move the unused cleanup to a _sync initcall (Konrad Dybcio) - can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) (Oleksij Rempel) - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (Ziqi Zhao) - of: property: fix typo in io-channels (Nuno Sa) - mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE (Prakash Sangappa) - ceph: prevent use-after-free in encode_cap_msg() (Rishabh Dave) - net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio (Sinthu Raja) - s390/qeth: Fix potential loss of L3-IP@ in case of network issues (Alexandra Winter) - net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (Sinthu Raja) - irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (Marc Zyngier) - irqchip/irq-brcmstb-l2: Add write memory barrier before exit (Doug Berger) - wifi: mac80211: reload info pointer in ieee80211_tx_dequeue() (Johannes Berg) - nfp: flower: prevent re-adding mac index for bonded port (Daniel de Villiers) - nfp: use correct macro for LengthSelect in BAR config (Daniel Basilio) - crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Kim Phillips) - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() (Ryusuke Konishi) - nilfs2: fix data corruption in dsync block recovery for small block sizes (Ryusuke Konishi) - ALSA: hda/conexant: Add quirk for SWS JS201D (bo liu) - mmc: slot-gpio: Allow non-sleeping GPIO ro (Alexander Stein) - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Steve Wahl) - x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (Aleksander Mazur) - powerpc/64: Set task pt_regs->link to the LR value on scv entry (Naveen N Rao) - serial: max310x: fail probe if clock crystal is unstable (Hugo Villeneuve) - serial: max310x: improve crystal stable clock detection (Hugo Villeneuve) - serial: max310x: set default value when reading clock ready bit (Hugo Villeneuve) - ring-buffer: Clean ring_buffer_poll_wait() error return (Vincent Donnefort) - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Souradeep Chakrabarti) - drm/prime: Support page array >= 4GB (Philip Yang) - media: rc: bpf attach/detach requires write permission (Sean Young) - iio: accel: bma400: Fix a compilation problem (Mario Limonciello) - iio: core: fix memleak in iio_device_register_sysfs (Dinghao Liu) - iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC (zhili.liu) - staging: iio: ad5933: fix type mismatch regression (David Schiller) - tracing: Fix wasted memory in saved_cmdlines logic (Steven Rostedt (Google)) - ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li) - misc: fastrpc: Mark all sessions as invalid in cb_remove (Ekansh Gupta) - binder: signal epoll threads of self-work (Carlos Llamas) - ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (Vitaly Rodionov) - ASoC: codecs: wcd938x: handle deferred probe (Krzysztof Kozlowski) - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL (Edson Juliano Drosdeck) - xen-netback: properly sync TX responses (Jan Beulich) - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() (Nikita Zhandarovich) - nfc: nci: free rx_data_reassembly skb on NCI device cleanup (Fedor Pchelkin) - kbuild: Fix changing ELF file type for output of gen_btf for big endian (Nathan Chancellor) - firewire: core: correct documentation of fw_csr_string() kernel API (Takashi Sakamoto) - lsm: fix the logic in security_inode_getsecctx() (Ondrej Mosnacek) - Revert "drm/amd: flush any delayed gfxoff on suspend entry" (Mario Limonciello) - scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" (Lee Duncan) - mptcp: fix data re-injection from stale subflow (Paolo Abeni) - modpost: trim leading spaces when processing source files list (Radek Krejci) - i2c: i801: Fix block process call transactions (Jean Delvare) - i2c: i801: Remove i801_set_block_buffer_mode (Heiner Kallweit) - powerpc/kasan: Fix addr error caused by page alignment (Jiangfeng Xiao) - media: ir_toy: fix a memleak in irtoy_tx (Zhipeng Lu) - usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend (Uttkarsh Aggarwal) - usb: f_mass_storage: forbid async queue when shutdown happen (yuan linyu) - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (Oliver Neukum) - usb: ucsi_acpi: Fix command completion handling (Christian A. Ehrhardt) - iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP (Srinivas Pandruvada) - HID: wacom: Do not register input devices until after hid_hw_start (Jason Gerecke) - HID: wacom: generic: Avoid reporting a serial of '0' to userspace (Tatsunosuke Tobita) - HID: i2c-hid-of: fix NULL-deref on failed power up (Johan Hovold) - ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx (Luka Guzenko) - ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 (David Senoner) - scsi: storvsc: Fix ring buffer size calculation (Michael Kelley) - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Zach O'Keefe) - tracing/trigger: Fix to return error if failed to alloc snapshot (Masami Hiramatsu (Google)) - scs: add CONFIG_MMU dependency for vfree_atomic() (Samuel Holland) - i40e: Fix waiting for queues of all VSIs to be disabled (Ivan Vecera) - MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler (Guenter Roeck) path for statistics (Breno Leitao) - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() (Alexey Khoroshilov) - spi: ppc4xx: Drop write-only variable (Uwe Kleine-König) - net: openvswitch: limit the number of recursions from action sets (Aaron Conole) - wifi: iwlwifi: Fix some error codes (Dan Carpenter) - of: unittest: Fix compile in the non-dynamic case (Christian A. Ehrhardt) - btrfs: send: return EOPNOTSUPP on unknown flags (David Sterba) - btrfs: forbid deleting live subvol qgroup (Boris Burkov) - btrfs: do not ASSERT() if the newly created subvolume already got read (Qu Wenruo) - btrfs: forbid creating subvol qgroups (Boris Burkov) - netfilter: nft_set_rbtree: skip end interval element from gc (Pablo Neira Ayuso) - net: stmmac: xgmac: fix a typo of register name in DPP safety handling (Furong Xu) - net: stmmac: xgmac: use #define for string constants (Simon Horman) - clocksource: Skip watchdog check for large watchdog intervals (Jiri Wiesner) - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (Hans de Goede) - Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (Werner Sembach) - usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (Prashanth K) - usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK (Prashanth K) - USB: serial: cp210x: add ID for IMST iM871A-USB (Leonard Dallmayr) - USB: serial: option: add Fibocom FM101-GL variant (Puliang Lu) - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e (JackBB Wu) - ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter (Julian Sikorski) - drivers: lkdtm: fix clang -Wformat warning (Justin Stitt) - blk-iocost: Fix an UBSAN shift-out-of-bounds warning (Tejun Heo) - scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (Ming Lei) - fs/ntfs3: Fix an NULL dereference bug (Dan Carpenter) - netfilter: nft_set_pipapo: remove scratch_aligned pointer (Florian Westphal) - netfilter: nft_set_pipapo: add helper to release pcpu scratch area (Florian Westphal) - netfilter: nft_set_pipapo: store index in scratch maps (Florian Westphal) - netfilter: nft_ct: reject direction for ct id (Pablo Neira Ayuso) - drm/amd/display: Implement bounds check for stream encoder creation in DCN301 (Srinivasan Shanmugam) - drm/amd/display: Fix multiple memory leaks reported by coverity (Anson Jacob) - netfilter: nft_compat: restrict match/target protocol to u16 (Pablo Neira Ayuso) - netfilter: nft_compat: reject unused compat flag (Pablo Neira Ayuso) - ppp_async: limit MRU to 64K (Eric Dumazet) - af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC. (Kuniyuki Iwashima) - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (Shigeru Yoshida) - rxrpc: Fix response to PING RESPONSE ACKs to a dead call (David Howells) - inet: read sk->sk_family once in inet_recv_error() (Eric Dumazet) - hwmon: (coretemp) Fix bogus core_id to attr name mapping (Zhang Rui) - hwmon: (coretemp) Fix out-of-bounds memory access (Zhang Rui) - hwmon: (aspeed-pwm-tacho) mutex for tach reading (Loic Prylli) - octeontx2-pf: Fix a memleak otx2_sq_init (Zhipeng Lu) - atm: idt77252: fix a memleak in open_card_ubr0 (Zhipeng Lu) - tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) - selftests: net: avoid just another constant wait (Paolo Abeni) - selftests: net: cut more slack for gro fwd tests. (Paolo Abeni) - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels (Furong Xu) - drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case (Kuogee Hsieh) - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Tony Lindgren) - dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (Frank Li) - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (Yoshihiro Shimoda) - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (Christophe JAILLET) - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA (Christophe JAILLET) - dmaengine: ti: k3-udma: Report short packet errors (Jai Luthra) - dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (Guanhua Gao) - ASoC: codecs: lpass-wsa-macro: fix compander volume hack (Johan Hovold) - bonding: remove print in bond_verify_device_path (Zhengchao Shao) - HID: apple: Add 2021 magic keyboard FN key mapping (Benjamin Berg) - HID: apple: Add support for the 2021 Magic Keyboard (Alex Henrie) - gve: Fix use-after-free vulnerability (Praveen Kaligineedi) - arm64: irq: set the correct node for shadow call stack (Huang Shijie) path (Breno Leitao) - selftests: net: fix available tunnels detection (Paolo Abeni) - af_unix: fix lockdep positive in sk_diag_dump_icons() (Eric Dumazet) - net: ipv4: fix a memleak in ip_setup_cork (Zhipeng Lu) - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (Pablo Neira Ayuso) - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger (Pablo Neira Ayuso) - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV (Pablo Neira Ayuso) - bridge: mcast: fix disabled snooping after long uptime (Linus Lüssing) - llc: call sock_orphan() at release time (Eric Dumazet) - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (Helge Deller) - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550() (Christophe JAILLET) - ixgbe: Refactor overtemp event handling (Jedrzej Jagielski) - ixgbe: Refactor returning internal error codes (Jedrzej Jagielski) - ixgbe: Remove non-inclusive language (Piotr Skajewski) - tcp: add sanity checks to rx zerocopy (Eric Dumazet) - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (Eric Dumazet) - ip6_tunnel: use dev_sw_netstats_rx_add() (Eric Dumazet) - selftests: net: give more time for GRO aggregation (Paolo Abeni) - scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (Ming Lei) - scsi: isci: Fix an error code problem in isci_io_request_build() (Su Hui) - drm: using mul_u32_u32() requires linux/math64.h (Stephen Rothwell) - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update (Edward Adam Davis) - perf: Fix the nr_addr_filters fix (Peter Zijlstra) - drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (Srinivasan Shanmugam) - drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (Srinivasan Shanmugam) - drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (Srinivasan Shanmugam) - ceph: fix deadlock or deadcode of misusing dget() (Xiubo Li) - blk-mq: fix IO hang from sbitmap wakeup race (Ming Lei) - virtio_net: Fix "â%dâ directive writing between 1 and 11 bytes into a region of size 10" warnings (Zhu Yanjun) - drm/amdkfd: Fix lock dependency warning (Felix Kuehling) - libsubcmd: Fix memory leak in uniq() (Ian Rogers) - PCI/AER: Decode Requester ID when no error info found (Bjorn Helgaas) - PCI: Fix 64GT/s effective data rate calculation (Ilpo Järvinen) - fs/kernfs/dir: obey S_ISGID (Max Kellermann) - tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE (Adrian Reber) - selftests/sgx: Fix linker script asserts (Jo Van Bulck) - usb: hub: Replace hardcoded quirk value with BIT() macro (Hardik Gajjar) - perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present (James Clark) - PCI: switchtec: Fix stdev_release() crash after surprise hot remove (Daniel Stodden) - PCI: Only override AMD USB controller if required (Guilherme G. Piccoli) - mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt (Xiaowu.ding) - mfd: ti_am335x_tscadc: Fix TI SoC dependencies (Peter Robinson) - xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (Oleksandr Tyshchenko) - i3c: master: cdns: Update maximum prescaler value for i2c clock (Harshit Shah) - um: time-travel: fix time corruption (Johannes Berg) - um: net: Fix return type of uml_net_start_xmit() (Nathan Chancellor) - um: Don't use vfprintf() for os_info() (Benjamin Berg) - um: Fix naming clash between UML and scheduler (Anton Ivanov) - leds: trigger: panic: Don't register panic notifier if creating the trigger failed (Heiner Kallweit) - ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (bo liu) - drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (Srinivasan Shanmugam) - drm/amdgpu: Let KFD sync with VM fences (Felix Kuehling) - clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks (Alexander Stein) - clk: imx: scu: Fix memory leak in __imx_clk_gpr_scu() (Kuan-Wei Chiu) - watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 (Werner Fischer) - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() (Kuan-Wei Chiu) - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() (Kuan-Wei Chiu) - drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (Wang, Beyond) - drm/msm/dpu: Ratelimit framedone timeout msgs (Rob Clark) - media: i2c: imx335: Fix hblank min/max values (Kieran Bingham) - media: ddbridge: fix an error code problem in ddb_probe (Su Hui) - IB/ipoib: Fix mcast list locking (Daniel Vacek) - drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (Douglas Anderson) - f2fs: fix to tag gcing flag on page during block migration (Chao Yu) - media: rkisp1: Drop IRQF_SHARED (Tomi Valkeinen) - ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL (Pierre-Louis Bossart) - ALSA: hda: Intel: add HDA_ARL PCI ID support (Pierre-Louis Bossart) - PCI: add INTEL_HDA_ARL to pci_ids.h (Pierre-Louis Bossart) - media: rockchip: rga: fix swizzling for RGB formats (Michael Tretter) - media: stk1160: Fixed high volume of stk1160_dbg messages (Ghanshyam Agrawal) - drm/mipi-dsi: Fix detach call without attach (Tomi Valkeinen) - drm/framebuffer: Fix use of uninitialized variable (Tomi Valkeinen) - drm/drm_file: fix use of uninitialized variable (Tomi Valkeinen) - f2fs: fix write pointers on zoned device after roll forward (Jaegeuk Kim) - drm/amd/display: Fix tiled display misalignment (Meenakshikumar Somasundaram) - RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Jack Wang) - fast_dput(): handle underflows gracefully (Al Viro) - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (Cristian Ciocaltea) - ALSA: hda: Refer to correct stream index at loops (Takashi Iwai) - f2fs: fix to check return value of f2fs_reserve_new_block() (Chao Yu) - octeontx2-af: Fix max NPC MCAM entry check while validating ref_entry (Suman Ghosh) - i40e: Fix VF disable behavior to block all traffic (Andrii Staikov) - bridge: cfm: fix enum typo in br_cc_ccm_tx_parse (Lin Ma) - Bluetooth: L2CAP: Fix possible multiple reject send (Frédéric Danis) - Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks for QCA2066 (Zijun Hu) - wifi: cfg80211: free beacon_ies when overridden from hidden BSS (Benjamin Berg) - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (Su Hui) - ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision (Alexander Tsoy) - libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos (Mingyi Zhang) - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices (Zenm Chen) - arm64: dts: qcom: msm8998: Fix 'out-ports' is a required property (Mao Jinlong) - arm64: dts: qcom: msm8996: Fix 'in-ports' is a required property (Mao Jinlong) - md: Whenassemble the array, consult the superblock of the freshest device (Alex Lyakas) - block: prevent an integer overflow in bvec_try_merge_hw_page (Christoph Hellwig) - net: dsa: mv88e6xxx: Fix mv88e6352_serdes_get_stats error path (Tobias Waldekranz) - ARM: dts: imx23/28: Fix the DMA controller node name (Fabio Estevam) - ARM: dts: imx23-sansa: Use preferred i2c-gpios properties (Fabio Estevam) - ARM: dts: imx27-apf27dev: Fix LED name (Fabio Estevam) - ARM: dts: imx25/27: Pass timing0 (Fabio Estevam) - ARM: dts: imx25: Fix the iim compatible string (Fabio Estevam) - block/rnbd-srv: Check for unlikely string overflow (Kees Cook) - ionic: pass opcode to devcmd_wait (Shannon Nelson) - ARM: dts: imx1: Fix sram node (Fabio Estevam) - ARM: dts: imx27: Fix sram node (Fabio Estevam) - ARM: dts: imx: Use flash@0,0 pattern (Fabio Estevam) - ARM: dts: imx25/27-eukrea: Fix RTC node name (Fabio Estevam) - ARM: dts: rockchip: fix rk3036 hdmi ports node (Johan Jonker) - bpf: Set uattr->batch.count as zero before batched update or deletion (Hou Tao) - scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (Hannes Reinecke) - scsi: libfc: Don't schedule abort twice (Hannes Reinecke) - bpf: Add map and need_defer parameters to .map_fd_put_ptr() (Hou Tao) - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang) - ARM: dts: imx7s: Fix nand-controller #size-cells (Alexander Stein) - ARM: dts: imx7s: Fix lcdif compatible (Alexander Stein) - ARM: dts: imx7d: Fix coresight funnel ports (Alexander Stein) - scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (ching Huang) - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk (Zhengchao Shao) - PCI: Add no PM reset quirk for NVIDIA Spectrum devices (Ido Schimmel) - scsi: lpfc: Fix possible file string name overflow when updating firmware (Justin Tee) - selftests/bpf: Fix issues in setup_classid_environment() (Yafang Shao) - selftests/bpf: Fix pyperf180 compilation failure with clang18 (Yonghong Song) - selftests/bpf: satisfy compiler by having explicit return in btf test (Andrii Nakryiko) - wifi: rt2x00: restart beacon queue when hardware reset (Shiji Yang) - ext4: avoid online resizing failures due to oversized flex bg (Baokun Li) - ext4: remove unnecessary check from alloc_flex_gd() (Baokun Li) - ext4: unify the type of flexbg_size to unsigned int (Baokun Li) - ext4: fix inconsistent between segment fstrim and full fstrim (Ye Bin) - ecryptfs: Reject casefold directory inodes (Gabriel Krisman Bertazi) - SUNRPC: Fix a suspicious RCU usage warning (Anna Schumaker) - KVM: s390: fix setting of fpc register (Heiko Carstens) - s390/ptrace: handle setting of fpc register correctly (Heiko Carstens) - arch: consolidate arch_irq_work_raise prototypes (Arnd Bergmann) - jfs: fix array-index-out-of-bounds in diNewExt (Edward Adam Davis) - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock() (Oleg Nesterov) - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (Oleg Nesterov) - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (Oleg Nesterov) - crypto: stm32/crc32 - fix parsing list of devices (Thomas Bourgoin) - crypto: octeontx2 - Fix cptvf driver cleanup (Bharat Bhushan) - pstore/ram: Fix crash when setting number of cpus to an odd number (Weichen Chen) - jfs: fix uaf in jfs_evict_inode (Edward Adam Davis) - jfs: fix array-index-out-of-bounds in dbAdjTree (Manas Ghandat) - jfs: fix slab-out-of-bounds Read in dtSearch (Manas Ghandat) - UBSAN: array-index-out-of-bounds in dtSplitRoot (Osama Muhammad) - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree (Osama Muhammad) - ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events (Shuai Xue) - PM / devfreq: Synchronize devfreq_monitor_[start/stop] (Mukesh Ojha) - ACPI: extlog: fix NULL pointer dereference check (Prarit Bhargava) - PNP: ACPI: fix fortify warning (Dmitry Antipov) - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop (Yuluo Qiu) - audit: Send netlink ACK before setting connection in auditd_set (Chris Riches) - regulator: core: Only increment use_count when enable_count changes (Rui Zhang) - debugobjects: Stop accessing objects after releasing hash bucket lock (Andrzej Hajda) - perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file (Greg KH) - x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel (Zhiquan Li) - powerpc/lib: Validate size for vector operations (Naveen N Rao) - powerpc: pmd_move_must_withdraw() is only needed for CONFIG_TRANSPARENT_HUGEPAGE (Stephen Rothwell) - x86/boot: Ignore NMIs during very early boot (Jun'ichi Nomura) - powerpc/64s: Fix CONFIG_NUMA=n build due to create_section_mapping() (Michael Ellerman) - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages() (Michael Ellerman) - powerpc: Fix build error due to is_valid_bugaddr() (Michael Ellerman) - drivers/perf: pmuv3: don't expose SW_INCR event in sysfs (Mark Rutland) - arm64: irq: set the correct node for VMAP stack (Huang Shijie) - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add (Kunwu Chan) - x86/entry/ia32: Ensure s32 is sign extended to s64 (Richard Palethorpe) - tick/sched: Preserve number of idle sleeps across CPU hotplug events (Tim Chen) - mips: Call lose_fpu(0) before initializing fcr31 in mips_set_personality_nan (Xi Ruoyao) - mtd: cfi: allow building spi-intel standalone (Arnd Bergmann) - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read (Kamal Dasu) - block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (Li Lingfeng) - gpio: eic-sprd: Clear interrupt after set the interrupt type (Wenhua Lin) - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (Fedor Pchelkin) - drm/exynos: fix accidental on-stack copy of exynos_drm_plane (Arnd Bergmann) - drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (Markus Niebel) - cpufreq: intel_pstate: Refine computation of P-state for given frequency (Rafael J. Wysocki) - cpufreq: intel_pstate: Drop redundant intel_pstate_get_hwp_cap() call (Rafael J. Wysocki) - ksmbd: fix global oob in ksmbd_nl_policy (Lin Ma) - btrfs: add definition for EXTENT_TREE_V2 (Josef Bacik) - PM / devfreq: Fix buffer overflow in trans_stat_show (Christian Marangi) - mm/sparsemem: fix race in accessing memory_section->usage (Charan Teja Kalla) - mm: use __pfn_to_section() instead of open coding it (Rolf Eike Beer) - media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run (Zheng Wang) - ARM: dts: qcom: sdx55: fix USB SS wakeup (Johan Hovold) - ARM: dts: qcom: sdx55: fix USB DP/DM HS PHY interrupts (Johan Hovold) - ARM: dts: qcom: sdx55: fix pdc '#interrupt-cells' (Johan Hovold) - ARM: dts: samsung: exynos4210-i9100: Unconditionally enable LDO12 (Paul Cercueil) - ARM: dts: qcom: sdx55: fix USB wakeup interrupt types (Johan Hovold) - pipe: wakeup wr_wait after setting max_usage (Lukas Schauer) - fs/pipe: move check to pipe_has_watch_queue() (Max Kellermann) - bus: mhi: host: Add alignment check for event ring read pointer (Krishna chaitanya chundru) - bus: mhi: host: Rename "struct mhi_tre" to "struct mhi_ring_element" (Manivannan Sadhasivam) - PM: sleep: Fix possible deadlocks in core system-wide PM code (Rafael J. Wysocki) - PM: core: Remove unnecessary (void *) conversions (Li zeming) - drm/bridge: nxp-ptn3460: simplify some error checking (Dan Carpenter) - drm/tidss: Fix atomic_flush check (Tomi Valkeinen) - drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (Dan Carpenter) - drm: Don't unref the same fb many times by mistake due to deadlock handling (Ville Syrjälä) - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 (Mario Limonciello) - xfs: read only mounts with fsopen mount API are busted (Dave Chinner) - firmware: arm_scmi: Check mailbox/SMT channel for consistency (Cristian Marussi) - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (Pablo Neira Ayuso) - hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Michael Kelley) - wifi: iwlwifi: fix a memory corruption (Emmanuel Grumbach) - exec: Fix error handling in begin_new_exec() (Bernd Edlinger) - rbd: don't move requests to the running list on errors (Ilya Dryomov) - btrfs: don't abort filesystem when attempting to snapshot deleted subvolume (Omar Sandoval) - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (Qu Wenruo) - btrfs: don't warn if discard range is not aligned to sector (David Sterba) - btrfs: tree-checker: fix inline ref size in error messages (Chung-Chiang Cheng) - btrfs: ref-verify: free ref cache before clearing mount opt (Fedor Pchelkin) - btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (Omar Sandoval) - btrfs: fix race between reading a directory and adding entries to it (Filipe Manana) - btrfs: refresh dir last index during a rewinddir(3) call (Filipe Manana) - btrfs: set last dir index to the current last index when opening dir (Filipe Manana) - btrfs: fix infinite directory reads (Filipe Manana) - net: fec: fix the unhandled context fault from smmu (Shenwei Wang) - fjes: fix memleaks in fjes_hw_setup (Zhipeng Lu) - selftests: netdevsim: fix the udp_tunnel_nic test (Jakub Kicinski) - net: mvpp2: clear BM pool before initialization (Jenishkumar Maheshbhai Patel) - net: stmmac: Wait a bit for the reset to take effect (Bernd Edlinger) - netfilter: nf_tables: validate NFPROTO_* family (Pablo Neira Ayuso) - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes (Florian Westphal) - netfilter: nft_limit: reject configurations that cause integer overflow (Florian Westphal) - overflow: Allow mixed type arguments (Kees Cook) - net/mlx5e: fix a potential double-free in fs_any_create_groups (Dinghao Liu) - net/mlx5e: fix a double-free in arfs_create_groups (Zhipeng Lu) - net/mlx5: DR, Can't go to uplink vport on RX rule (Yevgeny Kliteynik) - net/mlx5: DR, Use the right GVMI number for drop action (Yevgeny Kliteynik) - ipv6: init the accept_queue's spinlocks in inet6_create (Zhengchao Shao) - netlink: fix potential sleeping issue in mqueue_flush_file (Zhengchao Shao) - tcp: Add memory barrier to tcp_push() (Salvatore Dipietro) - afs: Hide silly-rename files from userspace (David Howells) - tracing: Ensure visibility when inserting an element into tracing_map (Petr Pavlu) - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv (Sharath Srinivasan) - llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima) - llc: make llc_ui_sendmsg() more robust against bonding changes (Eric Dumazet) - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING (Lin Ma) - bnxt_en: Wait for FLR to complete during probe (Michael Chan) - tcp: make sure init the accept_queue's spinlocks once (Zhengchao Shao) - net/smc: fix illegal rmb_desc access in SMC-D connection dump (Wen Gu) - ksmbd: Add missing set_freezable() for freezable kthread (Namjae Jeon) - ksmbd: send lease break notification on FILE_RENAME_INFORMATION (Namjae Jeon) - ksmbd: don't increment epoch if current state and request state are same (Namjae Jeon) - ksmbd: fix potential circular locking issue in smb2_set_ea() (Namjae Jeon) - ksmbd: set v2 lease version on lease upgrade (Namjae Jeon) - rename(): fix the locking of subdirectories (Al Viro) - ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (Zhihao Cheng) - nouveau/vmm: don't set addr on the fail path to avoid warning (Dave Airlie) - rtc: Adjust failure return code for cmos_set_alarm() (Mario Limonciello) - mmc: mmc_spi: remove custom DMA mapped buffers (Andy Shevchenko) - mmc: core: Use mrq.sbc in close-ended ffu (Avri Altman) - scripts/get_abi: fix source path leak (Vegard Nossum) - lsm: new security_file_ioctl_compat() hook (Alfred Piccioni) - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts (Johan Hovold) - arm64: dts: qcom: sm8150: fix USB wakeup interrupt types (Johan Hovold) - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types (Johan Hovold) - arm64: dts: qcom: sc7180: fix USB wakeup interrupt types (Johan Hovold) - async: Introduce async_schedule_dev_nocall() (Rafael J. Wysocki) - async: Split async_schedule_node_domain() (Rafael J. Wysocki) - parisc/firmware: Fix F-extend for PDC addresses (Helge Deller) - bus: mhi: host: Add spinlock to protect WP access when queueing TREs (Bhaumik Bhatt) - bus: mhi: host: Drop chan lock before queuing buffers (Qiang Yu) - mips: Fix max_mapnr being uninitialized on early stages (Serge Semin) - media: ov9734: Enable runtime PM before registering async sub-device (Bingbu Cao) - rpmsg: virtio: Free driver_override when rpmsg_remove() (Xiaolei Wang) - media: imx355: Enable runtime PM before registering async sub-device (Bingbu Cao) - crypto: s390/aes - Fix buffer overread in CTR mode (Herbert Xu) - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu) - PM: hibernate: Enforce ordering during image compression/decompression (Hongchen Zhang) - crypto: api - Disallow identical driver names (Herbert Xu) - btrfs: sysfs: validate scrub_speed_max value (David Disseldorp) - ext4: allow for the last group to be marked as trimmed (Suraj Jitindar Singh) - iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. (Jonathan Cameron) - scsi: ufs: core: Remove the ufshcd_hba_exit() call from ufshcd_async_scan() (Bart Van Assche) - scsi: ufs: core: Simplify power management during async scan (Bart Van Assche) - dmaengine: fix NULL pointer in channel unregistration function (Amelie Delaunay) - iio: adc: ad7091r: Enable internal vref if external vref is not supplied (Marcelo Schmitt) - iio: adc: ad7091r: Allow users to configure device events (Marcelo Schmitt) - iio: adc: ad7091r: Set alert bit in config register (Marcelo Schmitt) - ksmbd: only v2 leases handle the directory (Namjae Jeon) - ksmbd: fix UAF issue in ksmbd_tcp_new_connection() (Namjae Jeon) - ksmbd: validate mech token in session setup (Namjae Jeon) - ksmbd: don't allow O_TRUNC open on read-only share (Namjae Jeon) - ksmbd: free ppace array on error in parse_dacl (Fedor Pchelkin) - LTS version: v5.15.148 (Vijayendra Suman) - Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (Song Liu) - arm64: dts: armada-3720-turris-mox: set irq type for RTC (Sjoerd Simons) - netfilter: nft_quota: copy content when cloning expression (Pablo Neira Ayuso) - netfilter: nft_last: copy content when cloning expression (Pablo Neira Ayuso) - netfilter: nft_limit: Clone packet limits' cost value (Phil Sutter) - netfilter: nft_limit: fix stateful object memory leak (Florian Westphal) - netfilter: nft_connlimit: memleak if nf_ct_netns_get() fails (Pablo Neira Ayuso) - netfilter: nf_tables: typo NULL check in _clone() function (Pablo Neira Ayuso) - block: Remove special-casing of compound pages (Matthew Wilcox (Oracle)) - i2c: s3c24xx: fix transferring more than one message in polling mode (Marek Szyprowski) - i2c: s3c24xx: fix read transfers in polling mode (Marek Szyprowski) - ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (Nikita Zhandarovich) - selftests: mlxsw: qos_pfc: Adjust the test to support 8 lanes (Amit Cohen) - mlxsw: spectrum_acl_tcam: Fix stack corruption (Ido Schimmel) - mlxsw: spectrum_acl_erp: Fix error flow of pool allocation failure (Amit Cohen) - ethtool: netlink: Add missing ethnl_ops_begin/complete (Ludvig Pärsson) - kdb: Fix a potential buffer overflow in kdb_local() (Christophe JAILLET) - ipvs: avoid stat macros calls from preemptible context (Fedor Pchelkin) - netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description (Pablo Neira Ayuso) - netfilter: nf_tables: skip dead set elements in netlink dump (Pablo Neira Ayuso) - netfilter: nf_tables: do not allow mismatch field size and set key length (Pablo Neira Ayuso) - netfilter: nft_limit: do not ignore unsupported flags (Pablo Neira Ayuso) - netfilter: nf_tables: memcg accounting for dynamically allocated objects (Vasily Averin) - netfilter: nft_limit: move stateful fields out of expression data (Pablo Neira Ayuso) - netfilter: nft_limit: rename stateful structure (Pablo Neira Ayuso) - netfilter: nft_quota: move stateful fields out of expression data (Pablo Neira Ayuso) - netfilter: nft_last: move stateful fields out of expression data (Pablo Neira Ayuso) - netfilter: nft_connlimit: move stateful fields out of expression data (Pablo Neira Ayuso) - netfilter: nf_tables: reject invalid set policy (Pablo Neira Ayuso) - net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe (Kunwu Chan) - bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (Hao Sun) - net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake calls (Qiang Ma) - net: ravb: Fix dma_addr_t truncation in error case (Nikita Yushchenko) - mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (Eric Dumazet) - mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (Eric Dumazet) - mptcp: strict validation before using mp_opt->hmac (Eric Dumazet) - mptcp: drop unused sk in mptcp_get_options (Geliang Tang) - mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (Eric Dumazet) - net: phy: micrel: populate .soft_reset for KSZ9131 (Claudiu Beznea) - net: ethernet: ti: am65-cpsw: Fix max mtu to fit ethernet frames (Sanjuán GarcÃa, Jorge) - net: qualcomm: rmnet: fix global oob in rmnet_policy (Lin Ma) - s390/pci: fix max size calculation in zpci_memcpy_toio() (Niklas Schnelle) - PCI: keystone: Fix race condition when initializing PHYs (Siddharth Vadapalli) - nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) - nvmet: re-fix tracing strncpy() warning (Arnd Bergmann) - serial: imx: Correct clock error message in function probe() (Christoph Niedermaier) - usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (Chunfeng Yun) - apparmor: avoid crash when parsed profile name is empty (Fedor Pchelkin) - perf env: Avoid recursively taking env->bpf_progs.lock (Ian Rogers) - nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) - usb: cdc-acm: return correct error code on unsupported break (Oliver Neukum) - tty: use 'if' in send_break() instead of 'goto' (Jiri Slaby (SUSE)) - tty: don't check for signal_pending() in send_break() (Jiri Slaby (SUSE)) - tty: early return from send_break() on TTY_DRIVER_HARDWARE_BREAK (Jiri Slaby (SUSE)) - tty: change tty_write_lock()'s ndelay parameter to bool (Jiri Slaby (SUSE)) - perf genelf: Set ELF program header addresses properly (Namhyung Kim) - iio: adc: ad9467: fix scale setting (Nuno Sa) - iio: adc: ad9467: don't ignore error codes (Nuno Sa) - iio: adc: ad9467: fix reset gpio handling (Nuno Sa) - iio: adc: ad9467: Benefit from devm_clk_get_enabled() to simplify (Uwe Kleine-König) - selftests/sgx: Skip non X86_64 platform (Zhao Mengmeng) - selftests/sgx: Fix uninitialized pointer dereference in error path (Jo Van Bulck) - serial: imx: fix tx statemachine deadlock (Paul Geurts) - software node: Let args be NULL in software_node_get_reference_args (Sakari Ailus) - libapi: Add missing linux/types.h header to get the __u64 type on io.h (Arnaldo Carvalho de Melo) - serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed (Uwe Kleine-König) - power: supply: bq256xx: fix some problem in bq256xx_hw_init (Su Hui) - power: supply: cw2015: correct time_to_empty units in sysfs (Jan Palus) - MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() (Christophe JAILLET) - MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() (Christophe JAILLET) - riscv: Fix module_alloc() that did not reset the linear mapping permissions (Alexandre Ghiti) - riscv: Check if the code to patch lies in the exit section (Alexandre Ghiti) - mips: Fix incorrect max_low_pfn adjustment (Serge Semin) - mips: dmi: Fix early remap on MIPS32 (Serge Semin) - mfd: intel-lpss: Fix the fractional clock divider flags (Andy Shevchenko) - leds: aw2013: Select missing dependency REGMAP_I2C (Dang Huynh) - mfd: syscon: Fix null pointer dereference in of_syscon_register() (Kunwu Chan) - ARM: 9330/1: davinci: also select PINCTRL (Randy Dunlap) - iommu/dma: Trace bounce buffer usage when mapping buffers (Isaac J. Manjarres) - serial: sc16is7xx: set safe default SPI clock frequency (Hugo Villeneuve) - serial: sc16is7xx: add check for unsupported SPI modes during probe (Hugo Villeneuve) - HID: wacom: Correct behavior when processing some confidence == false touches (Jason Gerecke) - iio: adc: ad7091r: Pass iio_dev to event handler (Marcelo Schmitt) - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache (Oliver Upton) - KVM: arm64: vgic-v4: Restore pending state on host userspace write (Marc Zyngier) - x86/kvm: Do not try to disable kvmclock if it was not enabled (Kirill A. Shutemov) - PCI: mediatek: Clear interrupt status before dispatching handler (qizhong cheng) - PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (Niklas Cassel) - wifi: mwifiex: configure BSSID consistently when starting AP (David Lin) - wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (Ilpo Järvinen) - wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (Ilpo Järvinen) - wifi: mt76: fix broken precal loading from MTD for mt7915 (Christian Marangi) - iommu/arm-smmu-qcom: Add missing GMU entry to match table (Rob Clark) - bpf: Fix re-attachment branch in bpf_tracing_prog_attach (Jiri Olsa) - Bluetooth: Fix atomicity violation in {min,max}_key_size_set (Gui-Dong Han) - rootfs: Fix support for rootfstype= when root= is given (Stefan Berger) - io_uring/rw: ensure io->bytes_done is always initialized (Jens Axboe) - pwm: jz4740: Don't use dev_err_probe() in .request() (Uwe Kleine-König) - block: add check that partition length needs to be aligned with block size (Min Li) - scsi: mpi3mr: Refresh sdev queue depth after controller reset (Chandrakanth patil) - fbdev: flush deferred work in fb_deferred_io_fsync() (Nam Cao) - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (ÃaÄhan Demir) - ALSA: oxygen: Fix right channel of capture volume mixer (Takashi Iwai) - serial: imx: Ensure that imx_uart_rs485_config() is called with enabled clock (Christoph Niedermaier) - usb: mon: Fix atomicity violation in mon_bin_vma_fault (Gui-Dong Han) - usb: typec: class: fix typec_altmode_put_partner to put plugs (RD Babiera) - Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" (Heikki Krogerus) - usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (Frank Li) - usb: cdns3: fix iso transfer error when mult is not zero (Frank Li) - usb: cdns3: fix uvc failure work since sg support enabled (Frank Li) - usb: chipidea: wait controller resume finished for wakeup irq (Xu Yang) - Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only" (Thinh Nguyen) - Revert "usb: dwc3: Soft reset phy on probe for host" (Thinh Nguyen) - usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (Uttkarsh Aggarwal) - usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (Xu Yang) - tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug (Heiko Carstens) - binder: fix race between mmput() and do_exit() (Carlos Llamas) - xen-netback: don't produce zero-size SKB frags (Jan Beulich) - virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session() (Wei Yongjun) - dma-mapping: Fix build error unused-value (Ren Zhijie) - Input: atkbd - use ab83 as id when skipping the getid command (Hans de Goede) - binder: fix unused alloc->free_async_space (Carlos Llamas) - binder: fix async space check for 0-sized buffers (Carlos Llamas) - selftests/bpf: Add assert for user stacks in test_task_stack (Jordan Rome) - of: unittest: Fix of_count_phandle_with_args() expected value message (Geert Uytterhoeven) - of: Fix double free in of_parse_phandle_with_args_map (Christian A. Ehrhardt) - ksmbd: validate the zero field of packet header (Li Nan) - drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (Zhipeng Lu) - IB/iser: Prevent invalidating wrong MR (Sergey Gorenko) - mmc: sdhci_omap: Fix TI SoC dependencies (Peter Robinson) - mmc: sdhci_am654: Fix TI SoC dependencies (Peter Robinson) - ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() (Geoffrey D. Bennett) - ALSA: scarlett2: Add missing error checks to *_ctl_get() (Geoffrey D. Bennett) - ALSA: scarlett2: Allow passing any output to line_out_remap() (Geoffrey D. Bennett) - ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() (Geoffrey D. Bennett) - ALSA: scarlett2: Add missing error check to scarlett2_config_save() (Geoffrey D. Bennett) - ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (Hans de Goede) - pwm: stm32: Fix enable count for clk in .probe() (Philipp Zabel) - pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (Philipp Zabel) - pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (Uwe Kleine-König) - clk: fixed-rate: fix clk_hw_register_fixed_rate_with_accuracy_parent_hw (Théo Lebrun) - clk: fixed-rate: add devm_clk_hw_register_fixed_rate (Dmitry Baryshkov) - clk: asm9260: use parent index to link the reference clock (Dmitry Baryshkov) - clk: si5341: fix an error code problem in si5341_output_clk_set_rate (Su Hui) - watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (Vignesh Raghavendra) - watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (Stefan Wahren) - watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (Jerry Hoemann) - watchdog: set cdev owner before adding (Curtis Klein) - drivers: clk: zynqmp: update divider round rate logic (Jay Buddhabhatti) - clk: zynqmp: Add a check for NULL pointer (Shubhrajyoti Datta) - clk: zynqmp: make bestdiv unsigned (Shubhrajyoti Datta) - drivers: clk: zynqmp: calculate closest mux rate (Jay Buddhabhatti) - clk: qcom: videocc-sm8150: Add missing PLL config property (Satya Priya Kakitapalli) - clk: qcom: videocc-sm8150: Update the videocc resets (Satya Priya Kakitapalli) - dt-bindings: clock: Update the videocc resets for sm8150 (Satya Priya Kakitapalli) - gpu/drm/radeon: fix two memleaks in radeon_vm_init (Zhipeng Lu) - drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Zhipeng Lu) - drm/amd/pm: fix a double-free in si_dpm_init (Zhipeng Lu) - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (Alex Deucher) - media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (Christophe JAILLET) - media: dvbdev: drop refcount on error path in dvb_device_open() (Dan Carpenter) - f2fs: fix the f2fs_file_write_iter tracepoint (Eric Biggers) - f2fs: fix to update iostat correctly in f2fs_filemap_fault() (Chao Yu) - f2fs: fix to check compress file in f2fs_move_file_range() (Chao Yu) - media: rkisp1: Disable runtime PM in probe error path (Laurent Pinchart) - clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (Satya Priya Kakitapalli) - media: cx231xx: fix a memleak in cx231xx_init_isoc (Zhipeng Lu) - drm/bridge: tc358767: Fix return value on error case (Tomi Valkeinen) - drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (Tomi Valkeinen) - drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (Zhipeng Lu) - drm/radeon/dpm: fix a memleak in sumo_parse_power_table (Zhipeng Lu) - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (Yang Yingliang) - drm/drv: propagate errors from drm_modeset_register_all() (Dmitry Baryshkov) - drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (Konrad Dybcio) - drm/msm/mdp4: flush vblank event on disable (Dmitry Baryshkov) - ASoC: cs35l34: Fix GPIO name and drop legacy include (Linus Walleij) - ASoC: cs35l33: Fix GPIO name and drop legacy include (Linus Walleij) - drm/radeon: check return value of radeon_ring_lock() (Nikita Zhandarovich) - drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (Nikita Zhandarovich) - drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (Nikita Zhandarovich) - f2fs: fix to avoid dirent corruption (Chao Yu) - drm/bridge: Fix typo in post_disable() description (Dario Binacchi) - media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere) - drm/tilcdc: Fix irq free on unload (Tomi Valkeinen) - drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (Uwe Kleine-König) - drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (Abhinav Singh) - drm/panel-elida-kd35t133: hold panel in reset for unprepare (Chris Morgan) - RDMA/hns: Fix inappropriate err code for unsupported operations (Junxian Huang) - RDMA/usnic: Silence uninitialized symbol smatch warnings (Leon Romanovsky) - Revert "drm/omapdrm: Annotate dma-fence critical section in commit path" (Tomi Valkeinen) - Revert "drm/tidss: Annotate dma-fence critical section in commit path" (Tomi Valkeinen) - ARM: davinci: always select CONFIG_CPU_ARM926T (Arnd Bergmann) - ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (Eric Dumazet) - mlxbf_gige: Enable the GigE port in mlxbf_gige_open (Asmaa Mnebhi) - mlxbf_gige: Fix intermittent no ip issue (Asmaa Mnebhi) - net/sched: act_ct: fix skb leak and crash on ooo frags (Tao Liu) - null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS (Christoph Hellwig) - block: make BLK_DEF_MAX_SECTORS unsigned (Keith Busch) - Bluetooth: btmtkuart: fix recv_buf() return value (Francesco Dolcini) - Bluetooth: Fix bogus check for re-auth no supported with non-ssp (Luiz Augusto von Dentz) - netfilter: nf_tables: mark newset as dead on transaction abort (Florian Westphal) - wifi: iwlwifi: mvm: send TX path flush in rfkill (Johannes Berg) - wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (Johannes Berg) - wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (Su Hui) - wifi: rtlwifi: add calculate_bit_shift() (Su Hui) - arm64: dts: qcom: sc7280: Mark SDHCI hosts as cache-coherent (Konrad Dybcio) - block: add check of 'minors' and 'first_minor' in device_add_disk() (Li Nan) - arm64: dts: qcom: sm8150-hdk: fix SS USB regulators (Dmitry Baryshkov) - soc: qcom: llcc: Fix dis_cap_alloc and retain_on_pc configuration (Atul Dhudase) - dma-mapping: clear dev->dma_mem to NULL after freeing it (Joakim Zhang) - dma-mapping: Add dma_release_coherent_memory to DMA API (Mark-PK Tsai) - virtio/vsock: fix logic which reduces credit update messages (Arseniy Krasnov) - selftests/net: fix grep checking for fib_nexthop_multiprefix (Hangbin Liu) - scsi: hisi_sas: Correct the number of global debugfs registers (Yihang Li) - scsi: hisi_sas: Rollback some operations if FLR failed (Yihang Li) - scsi: hisi_sas: Replace with standard error code return value (Yihang Li) - scsi: hisi_sas: Prevent parallel FLR and controller reset (Qi Liu) - scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (Luo Jiaxing) - block: Set memalloc_noio to false on device_add_disk() error path (Li Nan) - bpf: Fix verification of indirect var-off stack access (Andrei Matei) - arm64: dts: qcom: sc7280: fix usb_2 wakeup interrupt types (Johan Hovold) - arm64: dts: qcom: sdm845-db845c: correct LED panic indicator (Krzysztof Kozlowski) - arm64: dts: qcom: qrb5165-rb5: correct LED panic indicator (Krzysztof Kozlowski) - scsi: fnic: Return error if vmalloc() failed (Artem Chernyshev) - bpf: fix check for attempt to corrupt spilled pointer (Andrii Nakryiko) - arm64: dts: qcom: sm8250: Make watchdog bark interrupt edge triggered (Douglas Anderson) - arm64: dts: qcom: sm8150: Make watchdog bark interrupt edge triggered (Douglas Anderson) - arm64: dts: qcom: sdm845: Make watchdog bark interrupt edge triggered (Douglas Anderson) - arm64: dts: qcom: sc7280: Make watchdog bark interrupt edge triggered (Douglas Anderson) - arm64: dts: qcom: sc7180: Make watchdog bark interrupt edge triggered (Douglas Anderson) - ARM: dts: qcom: sdx65: correct SPMI node name (Krzysztof Kozlowski) - bpf: enforce precision of R0 on callback return (Andrii Nakryiko) - arm64: dts: ti: k3-am65-main: Fix DSS irq trigger type (Tomi Valkeinen) - wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (Su Hui) - firmware: meson_sm: populate platform devices from sm device tree data (Dmitry Rokosov) - firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (Christophe JAILLET) - net/ncsi: Fix netlink major/minor version numbers (Peter Delevoryas) - ARM: dts: qcom: apq8064: correct XOADC register address (Dmitry Baryshkov) - wifi: libertas: stop selecting wext (Arnd Bergmann) - wifi: ath11k: Defer on rproc_get failure (Luca Weiss) - bpf: Add crosstask check to __bpf_get_stack (Jordan Rome) - bpf, lpm: Fix check prefixlen before walking trie (Florian Lehner) - wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (Chih-Kang Chang) - NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (Trond Myklebust) - blocklayoutdriver: Fix reference leak of pnfs_device_node (Benjamin Coddington) - crypto: scomp - fix req->dst buffer overflow (Chengming Zhou) - crypto: sahara - do not resize req->src when doing hash operations (Ovidiu Panait) - crypto: sahara - fix processing hash requests with req->nbytes < sg->length (Ovidiu Panait) - crypto: sahara - improve error handling in sahara_sha_process() (Ovidiu Panait) - crypto: sahara - fix wait_for_completion_timeout() error handling (Ovidiu Panait) - crypto: sahara - fix ahash reqsize (Ovidiu Panait) - crypto: sahara - handle zero-length aes requests (Ovidiu Panait) - crypto: sahara - avoid skcipher fallback code duplication (Ovidiu Panait) - crypto: virtio - Wait for tasklet to complete on device remove (wangyangxin) - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (Osama Muhammad) - fs: indicate request originates from old mount API (Christian Brauner) - pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (Sergey Shtylyov) - crypto: sahara - fix error handling in sahara_hw_descriptor_create() (Ovidiu Panait) - crypto: sahara - fix processing requests with cryptlen < sg->length (Ovidiu Panait) - crypto: sahara - fix ahash selftest failure (Ovidiu Panait) - crypto: sahara - fix cbc selftest failure (Ovidiu Panait) - crypto: sahara - remove FLAGS_NEW_KEY logic (Ovidiu Panait) - crypto: af_alg - Disallow multiple in-flight AIO requests (Herbert Xu) - crypto: ccp - fix memleak in ccp_init_dm_workarea (Dinghao Liu) - crypto: sa2ul - Return crypto_aead_setkey to transfer the error (Chen Ni) - crypto: virtio - Handle dataq logic with tasklet (Gonglei (Arei)) - selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket (Mickaël Salaün) - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (ZhaoLong Wang) - kunit: debugfs: Fix unchecked dereference in debugfs_print_results() (Richard Fitzgerald) - ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (Tony Luck) - ACPI: LPSS: Fix the fractional clock divider flags (Andy Shevchenko) - spi: sh-msiof: Enforce fixed DTDL for R-Car H3 (Wolfram Sang) - efivarfs: force RO when remounting if SetVariable is not supported (Ilias Apalodimas) - calipso: fix memory leak in netlbl_calipso_add_pass() (Gavrilov Ilia) - cpufreq: scmi: process the result of devm_of_clk_add_hw_provider() (Alexandra Diupina) - cpufreq: Use of_property_present() for testing DT property presence (Rob Herring) - of: Add of_property_present() helper (Rob Herring) - of: property: define of_property_read_u{8,16,32,64}_array() unconditionally (Michael Walle) - ACPI: LPIT: Avoid u32 multiplication overflow (Nikita Kiryushin) - ACPI: video: check for error while searching for backlight device parent (Nikita Kiryushin) - mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (Ronald Monthero) - spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (Amit Kumar Mahapatra) - powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Kunwu Chan) - powerpc/powernv: Add a null pointer check in opal_powercap_init() (Kunwu Chan) - powerpc/powernv: Add a null pointer check in opal_event_init() (Kunwu Chan) - powerpc/powernv: Add a null pointer check to scom_debug_init_one() (Kunwu Chan) - selftests/powerpc: Fix error handling in FPU/VMX preemption tests (Michael Ellerman) - powerpc/pseries/memhp: Fix access beyond end of drmem array (Nathan Lynch) - powerpc/44x: select I2C for CURRITUCK (Randy Dunlap) - powerpc: add crtsavres.o to always-y instead of extra-y (Masahiro Yamada) - powerpc: remove checks for binutils older than 2.25 (Masahiro Yamada) - powerpc/toc: Future proof kernel toc (Alan Modra) - powerpc: Mark .opd section read-only (Christophe Leroy) - EDAC/thunderx: Fix possible out-of-bounds string access (Arnd Bergmann) - x86/lib: Fix overflow when counting digits (Colin Ian King) - coresight: etm4x: Fix width of CCITMIN field (James Clark) - PCI: Add ACS quirk for more Zhaoxin Root Ports (LeoLiuoc) - leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (Florian Eckert) - parport: parport_serial: Add Brainboxes device IDs and geometry (Cameron Williams) - parport: parport_serial: Add Brainboxes BAR details (Cameron Williams) - uio: Fix use-after-free in uio_open (Guanghui Feng) - binder: fix comment on binder_alloc_new_buf() return value (Carlos Llamas) - binder: fix trivial typo of binder_free_buf_locked() (Carlos Llamas) - binder: fix use-after-free in shinker's callback (Carlos Llamas) - binder: use EPOLLERR from eventpoll.h (Carlos Llamas) - kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list (Masami Hiramatsu (Google)) - bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (Alan Maguire) - Revert "ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek" (Greg Kroah-Hartman) - ACPI: resource: Add another DMI match for the TongFang GMxXGxx (Hans de Goede) - drm/crtc: fix uninitialized variable use (Jani Nikula) - ARM: sun9i: smp: fix return code check of of_property_match_string (Stefan Wahren) - net: qrtr: ns: Return 0 if server port is not present (Sarannya S) - ida: Fix crash in ida_free when the bitmap is empty (Matthew Wilcox (Oracle)) - i2c: rk3x: fix potential spinlock recursion on poll (Jensen Huang) - ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (Hans de Goede) - Input: xpad - add Razer Wolverine V2 support (Luca Weiss) - wifi: iwlwifi: pcie: avoid a NULL pointer dereference (Avraham Stern) - ARC: fix spare error (Vineet Gupta) - s390/scm: fix virtual vs physical address confusion (Vineeth Vijayan) - Input: i8042 - add nomux quirk for Acer P459-G2-M (Esther Shimanovich) - Input: atkbd - skip ATKBD_CMD_GETID in translated mode (Hans de Goede) - reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (Krzysztof Kozlowski) - ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (Steven Rostedt (Google)) - tracing: Fix uaf issue when open the hist or hist_debug file (Zheng Yejian) - MIPS: dts: loongson: drop incorrect dwmac fallback compatible (Krzysztof Kozlowski) - stmmac: dwmac-loongson: drop useless check for compatible fallback (Krzysztof Kozlowski) - tracing: Add size check when printing trace_marker output (Steven Rostedt (Google)) - tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (Steven Rostedt (Google)) - jbd2: fix soft lockup in journal_finish_inode_data_buffers() (Ye Bin) - platform/x86: intel-vbtn: Fix missing tablet-mode-switch events (Hans de Goede) - neighbour: Don't let neigh_forced_gc() disable preemption for long (Judy Hsiao) - drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (Ziqi Zhao) - jbd2: correct the printing of write_flags in jbd2_write_superblock() (Zhang Yi) - clk: rockchip: rk3128: Fix HCLK_OTG gate register (Weihao Li) - hwmon: (corsair-psu) Fix probe when built-in (Armin Wolf) - drm/exynos: fix a wrong error checking (Inki Dae) - drm/exynos: fix a potential error pointer dereference (Xiang Yang) - drm/amdgpu: Add NULL checks for function pointers (Lijo Lazar) - nvme: introduce helper function to get ctrl state (Keith Busch) - ASoC: ops: add correct range check for limiting volume (Srinivas Kandagatla) - ASoC: da7219: Support low DC impedance headset (David Rau) - net/tg3: fix race condition in tg3_reset_task() (Thinh Tran) - nouveau/tu102: flush all pdbs on vmm flush (Dave Airlie) - ASoC: rt5650: add mutex to avoid the jack detection failure (Shuming Fan) - ASoC: cs43130: Fix incorrect frame delay configuration (Maciej Strozek) - ASoC: cs43130: Fix the position of const qualifier (Maciej Strozek) - ASoC: Intel: Skylake: mem leak in skl register function (Kamil Duljas) - ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (David Lin) - ASoC: Intel: Skylake: Fix mem leak in few functions (Kamil Duljas) - ASoC: wm8974: Correct boost mixer inputs (Charles Keepax) - nvme-core: check for too small lba shift (Keith Busch) - drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (Lu Yao) - debugfs: fix automount d_fsdata usage (Johannes Berg) - wifi: cfg80211: lock wiphy mutex for rfkill poll (Johannes Berg) - mptcp: fix uninit-value in mptcp_incoming_options (Edward Adam Davis) - ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (Vasiliy Kovalev) - pinctrl: lochnagar: Don't build on MIPS (Charles Keepax) - f2fs: explicitly null-terminate the xattr list (Eric Biggers) [5.15.0-205.147.1.el9uek] - mm: avoid conflict between MADV_DOEXEC and upstream advice values (Anthony Yznaga) [Orabug: 36334308]
SRPMs
https://oss.oracle.com:443/ol9/SRPMS-updates//kernel-uek-5.15.0-205.149.5.1.el9uek.src.rpm
x86_64
bpftool-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-core-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-debug-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-debug-core-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-devel-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-doc-5.15.0-205.149.5.1.el9uek.noarch.rpm kernel-uek-modules-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-container-5.15.0-205.149.5.1.el9uek.x86_64.rpm kernel-uek-container-debug-5.15.0-205.149.5.1.el9uek.x86_64.rpm
aarch64
i386
