SUSE: 2022:3264-1 important: the Linux Kernel | LinuxSecurity.com

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:3264-1
Rating:             important
References:         #1023051 #1065729 #1156395 #1179722 #1179723 
                    #1181862 #1191662 #1191667 #1191881 #1192594 
                    #1192968 #1194272 #1194535 #1197158 #1197755 
                    #1197756 #1197757 #1197760 #1197763 #1197920 
                    #1198971 #1199291 #1200431 #1200845 #1200868 
                    #1200869 #1200870 #1200871 #1200872 #1200873 
                    #1201019 #1201420 #1201610 #1201705 #1201726 
                    #1201948 #1202096 #1202097 #1202346 #1202347 
                    #1202393 #1202396 #1202447 #1202564 #1202577 
                    #1202636 #1202672 #1202701 #1202708 #1202709 
                    #1202710 #1202711 #1202712 #1202713 #1202714 
                    #1202715 #1202716 #1202717 #1202718 #1202720 
                    #1202722 #1202745 #1202756 #1202810 #1202811 
                    #1202860 #1202895 #1202898 #1203063 #1203098 
                    #1203107 #1203116 #1203117 #1203135 #1203136 
                    #1203137 SLE-24635 
Cross-References:   CVE-2016-3695 CVE-2020-27784 CVE-2021-4155
                    CVE-2021-4203 CVE-2022-20368 CVE-2022-20369
                    CVE-2022-2588 CVE-2022-26373 CVE-2022-2663
                    CVE-2022-2905 CVE-2022-2977 CVE-2022-3028
                    CVE-2022-36879 CVE-2022-39188 CVE-2022-39190
                   
CVSS scores:
                    CVE-2016-3695 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2016-3695 (SUSE): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
                    CVE-2020-27784 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-27784 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-4155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-4203 (SUSE): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
                    CVE-2022-20368 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20368 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-20369 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-20369 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-2588 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-26373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-2663 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
                    CVE-2022-2663 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
                    CVE-2022-2905 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-2977 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
                    CVE-2022-3028 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-3028 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-36879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-36879 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-39188 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-39188 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-39190 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-39190 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Desktop 15-SP3
                    SUSE Linux Enterprise High Availability 15-SP3
                    SUSE Linux Enterprise High Performance Computing
                    SUSE Linux Enterprise High Performance Computing 15-SP3
                    SUSE Linux Enterprise Micro 5.1
                    SUSE Linux Enterprise Micro 5.2
                    SUSE Linux Enterprise Module for Basesystem 15-SP3
                    SUSE Linux Enterprise Module for Development Tools 15-SP3
                    SUSE Linux Enterprise Module for Legacy Software 15-SP3
                    SUSE Linux Enterprise Module for Live Patching 15-SP3
                    SUSE Linux Enterprise Server
                    SUSE Linux Enterprise Server 15-SP3
                    SUSE Linux Enterprise Server for SAP Applications
                    SUSE Linux Enterprise Server for SAP Applications 15-SP3
                    SUSE Linux Enterprise Storage 7.1
                    SUSE Linux Enterprise Workstation Extension 15-SP3
                    SUSE Manager Proxy 4.2
                    SUSE Manager Retail Branch Server 4.2
                    SUSE Manager Server 4.2
                    openSUSE Leap 15.3
                    openSUSE Leap 15.4
                    openSUSE Leap Micro 5.2
______________________________________________________________________________

   An update that solves 15 vulnerabilities, contains one
   feature and has 61 fixes is now available.

Description:


   The SUSE Linux Enterprise 15 SP3 kernel was updated receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2022-39190: Fixed an issue that was discovered in
     net/netfilter/nf_tables_api.c and could cause a denial of service upon
     binding to an already bound chain (bnc#1203117).
   - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where
     a device driver can free a page while it still has stale TLB entries
     (bnc#1203107).
   - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
     net/xfrm/xfrm_policy.c where a refcount could be dropped twice
     (bnc#1201948).
   - CVE-2022-3028: Fixed race condition that was found in the IP framework
     for transforming packets (XFRM subsystem) (bnc#1202898).
   - CVE-2022-2977: Fixed reference counting for struct tpm_chip
     (bsc#1202672).
   - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke
     descriptors (bsc#1202564, bsc#1202860).
   - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where
     the message handling could be confused and incorrectly matches the
     message (bnc#1202097).
   - CVE-2022-26373: Fixed non-transparent sharing of return predictor
     targets between contexts in some Intel Processors (bnc#1201726).
   - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
   - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of
     v4l2-mem2mem.c (bnc#1202347).
   - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
     (bsc#1202346).
   - CVE-2021-4203: Fixed use-after-free read flaw that was found in
     sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
     SO_PEERGROUPS race with listen() (bnc#1194535).
   - CVE-2021-4155: Fixed a data leak flaw that was found in the way
     XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).
   - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()
     printer_ioctl() when accessing a deallocated instance (bnc#1202895).
   - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in
     drivers/acpi/apei/einj.c that allowed users to simulate hardware errors
     and consequently cause a denial of service (bnc#1023051).

   The following non-security bugs were fixed:

   - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
     (git-fixes).
   - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes).
   - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).
   - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes).
   - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool
     (git-fixes).
   - ACPI: video: Force backlight native for some TongFang devices
     (git-fixes).
   - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).
   - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).
   - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
     (git-fixes).
   - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
     (git-fixes).
   - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).
   - ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).
   - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).
   - ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).
   - ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes).
   - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).
   - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
     (git-fixes).
   - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).
   - ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes).
   - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).
   - ALSA: hda/realtek: Fix deadlock by COEF mutex (git-fixes).
   - ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).
   - ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).
   - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
   - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
     (git-fixes).
   - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP
     machines (git-fixes).
   - ALSA: info: Fix llseek return value when using callback (git-fixes).
   - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
     (git-fixes).
   - ARM: 9077/1: PLT: Move struct plt_entries definition to header
     (git-fixes).
   - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link()
     (git-fixes).
   - ARM: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).
   - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without
     DYNAMIC_FTRACE (git-fixes).
   - ASoC: SOF: debug: Fix potential buffer overflow by snprintf()
     (git-fixes).
   - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes).
   - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).
   - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
     (git-fixes).
   - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).
   - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
     (git-fixes).
   - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).
   - ASoC: tas2770: Allow mono streams (git-fixes).
   - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).
   - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).
   - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).
   - Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
   - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).
   - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
     (git-fixes).
   - HID: wacom: Do not register pad_input for touch switch (git-fixes).
   - HID: wacom: Only report rotation for art pen (git-fixes).
   - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
     (git-fixes).
   - Input: rk805-pwrkey - fix module autoloading (git-fixes).
   - KABI: cgroup: Restore KABI of css_set (bsc#1201610).
   - KVM: PPC: Book3S HV: Context tracking exit guest context before enabling
     irqs (bsc#1065729).
   - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     (bsc#1156395).
   - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()
     (bsc#1156395).
   - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).
   - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant
     (bsc#1156395).
   - KVM: VMX: Refuse to load kvm_intel if EPT and NX are disabled
     (git-fixes).
   - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
     (git-fixes).
   - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
     (git-fixes).
   - KVM: x86: accept userspace interrupt only if no event is injected
     (git-fixes).
   - NFS: fix nfs_path in case of a rename retry (git-fixes).
   - NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
   - NFSD: Clamp WRITE offsets (git-fixes).
   - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).
   - NFSD: prevent integer overflow on 32 bit systems (git-fixes).
   - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes).
   - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag
     (git-fixes).
   - NFSv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).
   - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error
     (git-fixes).
   - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).
   - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).
   - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
   - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
   - PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
   - PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
   - PCI: hv: Make the code arch neutral by adding arch specific interfaces
     (bsc#1200845).
   - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
   - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
     (bsc#1200845).
   - PCI: qcom: Fix pipe clock imbalance (git-fixes).
   - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct
     IO compeletion") (git-fixes).
   - SUNRPC: Clean up scheduling of autoclose (git-fixes).
   - SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
   - SUNRPC: Fix READ_PLUS crasher (git-fixes).
   - SUNRPC: Prevent immediate close+reconnect (git-fixes).
   - VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
   - VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,
     jsc#SLE-24635).
   - VMCI: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC
     (bsc#1199291, jsc#SLE-24635).
   - VMCI: Fix some error handling paths in vmci_guest_probe_device()
     (bsc#1199291, jsc#SLE-24635).
   - VMCI: Release notification_bitmap in error path (bsc#1199291,
     jsc#SLE-24635).
   - VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).
   - VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291,
     jsc#SLE-24635).
   - VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,
     jsc#SLE-24635).
   - VMCI: dma dg: allocate send and receive buffers for DMA datagrams
     (bsc#1199291, jsc#SLE-24635).
   - VMCI: dma dg: detect DMA datagram capability (bsc#1199291,
     jsc#SLE-24635).
   - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams
     (bsc#1199291, jsc#SLE-24635).
   - VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
   - VMCI: dma dg: whitespace formatting change for vmci register defines
     (bsc#1199291, jsc#SLE-24635).
   - arm64: signal: nofpsimd: Do not allocate fp/simd context when not
     available (git-fixes).
   - asm-generic: sections: refactor memory_intersects (git-fixes).
   - ata: libata-eh: Add missing command name (git-fixes).
   - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).
   - blk-iocost: clamp inuse and skip noops in __propagate_weights()
     (bsc#1202722).
   - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).
   - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).
   - blk-iocost: rename propagate_active_weights() to propagate_weights()
     (bsc#1202722).
   - blktrace: fix blk_rq_merge documentation (git-fixes).
   - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).
   - can: m_can: process interrupt only when not runtime suspended
     (git-fixes).
   - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).
   - ceph: do not truncate file in atomic_open (bsc#1202811).
   - cgroup: Trace event cgroup id fields should be u64 (git-fixes).
   - cgroup: Use separate src/dst nodes when preloading css_sets for
     migration (bsc#1201610).
   - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).
   - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).
   - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).
   - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).
   - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).
   - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).
   - devlink: Fix use-after-free after a failed reload (git-fixes).
   - dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
   - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed
     (git-fixes).
   - dpaa2-eth: unregister the netdev before disconnecting from the PHY
     (git-fixes).
   - driver core: Do not probe devices after bus_type.match() probe deferral
     (git-fixes).
   - drm/amdgpu: Check BO's requested pinning domains against its
     preferred_domains (git-fixes).
   - drm/amdgpu: remove useless condition in
     amdgpu_job_stop_all_jobs_on_sched() (git-fixes).
   - drm/gem: Properly annotate WW context on drm_gem_lock_reservations()
     error (git-fixes).
   - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
     (git-fixes).
   - drm/meson: Fix overflow implicit truncation warnings (git-fixes).
   - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
     (git-fixes).
   - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).
   - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).
   - drm/msm/dsi: fix the inconsistent indenting (git-fixes).
   - drm/sun4i: dsi: Prevent underflow when computing packet sizes
     (git-fixes).
   - ehea: fix error return code in ehea_restart_qps() (git-fixes).
   - enetc: Fix endianness issues for enetc_qos (git-fixes).
   - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
     (git-fixes).
   - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).
   - ext4: add reserved GDT blocks check (bsc#1202712).
   - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).
   - ext4: do not use the orphan list when migrating an inode (bsc#1197756).
   - ext4: fix bug_on in ext4_writepages (bsc#1200872).
   - ext4: fix error handling code in add_new_gdb (bsc#1179722).
   - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).
   - ext4: fix invalid inode checksum (bsc#1179723).
   - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).
   - ext4: fix overhead calculation to account for the reserved gdt blocks
     (bsc#1200869).
   - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).
   - ext4: fix race when reusing xattr blocks (bsc#1198971).
   - ext4: fix symlink file size not match to file content (bsc#1200868).
   - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).
   - ext4: fix use-after-free in ext4_search_dir (bsc#1202710).
   - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).
   - ext4: force overhead calculation if the s_overhead_cluster makes no
     sense (bsc#1200870).
   - ext4: recover csum seed of tmp_inode after migrating to extents
     (bsc#1202713).
   - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).
   - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).
   - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).
   - firmware: tegra: bpmp: Do only aligned access to IPC memory area
     (git-fixes).
   - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped
     pages (bsc#1200873).
   - fuse: Remove the control interface for virtio-fs (bsc#1203137).
   - fuse: ioctl: translate ENOSYS (bsc#1203136).
   - fuse: limit nsec (bsc#1203135).
   - gadgetfs: ep_io - wait until IRQ finishes (git-fixes).
   - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).
   - geneve: fix TOS inheriting for ipv4 (git-fixes).
   - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).
   - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info
     (bsc#1202701).
   - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).
   - i2c: imx: Make sure to unregister adapter on remove() (git-fixes).
   - ice: report supported and advertised autoneg using PHY capabilities
     (git-fixes).
   - ieee802154/adf7242: defer destroy_workqueue call (git-fixes).
   - iio: adc: mcp3911: make use of the sign bit (git-fixes).
   - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).
   - intel_th: pci: Add Meteor Lake-P support (git-fixes).
   - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).
   - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).
   - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement
     (git-fixes).
   - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop
     (git-fixes).
   - iommu/exynos: Handle failed IOMMU device registration properly
     (git-fixes).
   - iommu/iova: Improve 32-bit free space estimate (git-fixes).
   - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).
   - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).
   - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).
   - iommu/omap: Fix regression in probe for NULL pointer dereference
     (git-fixes).
   - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).
   - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).
   - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).
   - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
     (git-fixes).
   - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
   - ipmi: ssif: initialize ssif_info->client early (git-fixes).
   - ixgbevf: add correct exception tracing for XDP (git-fixes).
   - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
     aborted (bsc#1202716).
   - jbd2: fix outstanding credits assert in
     jbd2_journal_commit_transaction() (bsc#1202715).
   - kabi/severities: add stmmac driver local sumbols
   - kbuild: do not create built-in objects for external module builds
     (jsc#SLE-24559 bsc#1202756).
   - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862
     git-fixes).
   - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).
   - kernel-obs-build: include qemu_fw_cfg (boo#1201705)
   - kfifo: fix kfifo_to_user() return type (git-fixes).
   - kfifo: fix ternary sign extension bugs (git-fixes).
   - lib/list_debug.c: Detect uninitialized lists (git-fixes).
   - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
     (git-fixes).
   - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420
     ZDI-CAN-17325).
   - list: add "list_del_init_careful()" to go with "list_empty_careful()"
     (bsc#1202745).
   - locking/lockdep: Avoid potential access of invalid memory in lock_class
     (git-fixes).
   - loop: Fix missing discard support when using LOOP_CONFIGURE
     (bsc#1202718).
   - mbcache: add functions to delete entry if unused (bsc#1198971).
   - mbcache: do not reclaim used entries (bsc#1198971).
   - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
   - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).
   - mfd: t7l66xb: Drop platform disable callback (git-fixes).
   - misc: fastrpc: fix memory corruption on open (git-fixes).
   - misc: fastrpc: fix memory corruption on probe (git-fixes).
   - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
     (git-fixes, bsc#1203098).
   - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).
   - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).
   - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).
   - mmc: pxamci: Fix another error handling path in pxamci_probe()
     (git-fixes).
   - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
     (git-fixes).
   - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).
   - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).
   - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).
   - mtd: rawnand: meson: Fix a potential double free issue (git-fixes).
   - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
     (git-fixes).
   - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path
     (git-fixes).
   - net/mlx5e: Check for needed capability for cvlan matching (git-fixes).
   - net/sonic: Fix a resource leak in an error handling path in
     'jazz_sonic_probe()' (git-fixes).
   - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).
   - net: cpsw: Properly initialise struct page_pool_params (git-fixes).
   - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).
   - net: davinci_emac: Fix incorrect masking of tx and rx error channel
     (git-fixes).
   - net: dsa: b53: fix an off by one in checking "vlan->vid" (git-fixes).
   - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
   - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).
   - net: enetc: Use pci_release_region() to release some resources
     (git-fixes).
   - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).
   - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).
   - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).
   - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).
   - net: ethernet: ezchip: fix error handling (git-fixes).
   - net: ethernet: ezchip: remove redundant check (git-fixes).
   - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).
   - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory
     (git-fixes).
   - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).
   - net: fec_ptp: add clock rate zero check (git-fixes).
   - net: ftgmac100: Fix crash when removing driver (git-fixes).
   - net: hdlc_x25: Return meaningful error code in x25_open (git-fixes).
   - net: hns: Fix kernel-doc (git-fixes).
   - net: lantiq: fix memory corruption in RX ring (git-fixes).
   - net: lapbether: Prevent racing when checking whether the netif is
     running (git-fixes).
   - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).
   - net: mscc: ocelot: correctly report the timestamping RX filters in
     ethtool (git-fixes).
   - net: mscc: ocelot: do not downgrade timestamping RX filters in
     SIOCSHWTSTAMP (git-fixes).
   - net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes).
   - net: netcp: Fix an error message (git-fixes).
   - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).
   - net: rose: fix netdev reference changes (git-fixes).
   - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
     pointer (git-fixes).
   - net: stmicro: handle clk_prepare() failure during init (git-fixes).
   - net: stmmac: Modify configuration method of EEE timers (git-fixes).
   - net: stmmac: Use resolved link config in mac_link_up() (git-fixes).
   - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).
   - net: stmmac: dwmac1000: Fix extended MAC address registers definition
     (git-fixes).
   - net: vmxnet3: fix possible NULL pointer dereference in
     vmxnet3_rq_cleanup() (bsc#1200431).
   - net: vmxnet3: fix possible use-after-free bugs in
     vmxnet3_rq_alloc_rx_buf() (bsc#1200431).
   - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c
     (bsc#1200431).
   - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
     (git-fixes).
   - net:enetc: allocate CBD ring data memory using DMA coherent methods
     (git-fixes).
   - net_sched: cls_route: disallow handle of 0 (bsc#1202393).
   - nfsd: fix use-after-free due to delegation race (git-fixes).
   - nvme: fix RCU hole that allowed for endless looping in multipath round
     robin (bsc#1202636).
   - objtool: Add support for intra-function calls (bsc#1202396).
   - objtool: Make handle_insn_ops() unconditional (bsc#1202396).
   - objtool: Remove INSN_STACK (bsc#1202396).
   - objtool: Rework allocating stack_ops on decode (bsc#1202396).
   - objtool: Support multiple stack_op per instruction (bsc#1202396).
   - ocfs2: drop acl cache for directories too (bsc#1191667).
   - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).
   - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).
   - octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes).
   - perf bench: Share some global variables to fix build with gcc 10
     (git-fixes).
   - pinctrl/rockchip: fix gpio device creation (git-fixes).
   - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
     (git-fixes).
   - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).
   - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).
   - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).
   - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for
     PMI check in power_pmu_disable (bsc#1156395).
   - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).
   - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
   - powerpc/powernv: Staticify functions without prototypes (bsc#1065729).
   - powerpc/powernv: delay rng platform device creation until later in boot
     (bsc#1065729).
   - powerpc/powernv: rename remaining rng powernv_ functions to pnv_
     (bsc#1065729).
   - powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
   - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
   - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).
   - powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
   - powerpc: define get_cycles macro for arch-override (bsc#1065729).
   - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).
   - profiling: fix shift too large makes kernel panic (git-fixes).
   - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).
   - random: fix crash on multiple early calls to add_bootloader_randomness()
     (git-fixes).
   - ratelimit: Fix data-races in ___ratelimit() (git-fixes).
   - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr
     (bsc#1202714).
   - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config
     (git-fixes).
   - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).
   - s390/crash: fix incorrect number of bytes to copy to user space
     (git-fixes).
   - s390/crash: make copy_oldmem_page() return number of bytes copied
     (git-fixes).
   - s390/mm: do not trigger write fault when vma does not allow VM_WRITE
     (git-fixes).
   - s390/mm: fix 2KB pgtable release race (git-fixes).
   - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594
     LTC#197522).
   - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE
     (bsc#1203063).
   - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).
   - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).
   - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for
     GFT_ID (bsc#1203063).
   - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT
     discovery (bsc#1203063).
   - scsi: lpfc: Remove SANDiags related code (bsc#1203063).
   - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).
   - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).
   - selftests: futex: Use variable MAKE instead of make (git-fixes).
   - serial: 8250_dw: Store LSR into lsr_saved_flags in
     dw8250_tx_wait_empty() (git-fixes).
   - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).
   - serial: mvebu-uart: uart2 error bits clearing (git-fixes).
   - serial: tegra: Change lower tolerance baud rate limit for tegra20 and
     tegra30 (git-fixes).
   - silence nfscache allocation warnings with kvzalloc (git-fixes).
   - spi: Fix incorrect cs_setup delay handling (git-fixes).
   - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).
   - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).
   - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
     (git-fixes).
   - staging: rtl8712: fix use after free bugs (git-fixes).
   - tee: optee: Fix incorrect page free bug (git-fixes).
   - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     (git-fixes).
   - thermal: sysfs: Fix cooling_device_stats_setup() error code path
     (git-fixes).
   - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).
   - tools/thermal: Fix possible path truncations (git-fixes).
   - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).
   - tracing/histograms: Fix memory leak problem (git-fixes).
   - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).
   - tracing: Add ustring operation to filtering string pointers (git-fixes).
   - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).
   - tty: serial: lpuart: disable flow control while waiting for the transmit
     engine to complete (git-fixes).
   - tty: vt: initialize unicode screen buffer (git-fixes).
   - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).
   - usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).
   - usb: dwc3: ep0: Fix delay status handling (git-fixes).
   - usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).
   - usb: dwc3: gadget: Fix IN endpoint max packet size allocation
     (git-fixes).
   - usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).
   - usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).
   - usb: dwc3: gadget: Remove unnecessary checks (git-fixes).
   - usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback
     (git-fixes).
   - usb: dwc3: gadget: Store resource index of start cmd (git-fixes).
   - usb: dwc3: qcom: fix missing optional irq warnings.
   - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
     (git-fixes).
   - usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes).
   - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).
   - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
     uvcg_info (git-fixes).
   - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).
   - usb: renesas: Fix refcount leak bug (git-fixes).
   - usb: typec: altmodes/displayport: correct pin assignment for UFP
     receptacles (git-fixes).
   - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
   - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
   - vboxguest: Do not use devm for irq (git-fixes).
   - vfio/ccw: Remove UUID from s390 debug log (git-fixes).
   - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).
   - video: fbdev: arkfb: Check the size of screen before memset_io()
     (git-fixes).
   - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
     (git-fixes).
   - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).
   - video: fbdev: s3fb: Check the size of screen before memset_io()
     (git-fixes).
   - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).
   - video: fbdev: vt8623fb: Check the size of screen before memset_io()
     (git-fixes).
   - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).
   - vmxnet3: Implement ethtool's get_channels command (bsc#1200431).
   - vmxnet3: Record queue number to incoming packets (bsc#1200431).
   - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).
   - vmxnet3: add command to set ring buffer sizes (bsc#1200431).
   - vmxnet3: add support for capability registers (bsc#1200431).
   - vmxnet3: add support for large passthrough BAR register (bsc#1200431).
   - vmxnet3: add support for out of order rx completion (bsc#1200431).
   - vmxnet3: disable overlay offloads if UPT device does not support
     (bsc#1200431).
   - vmxnet3: do not reschedule napi for rx processing (bsc#1200431).
   - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).
   - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).
   - vmxnet3: prepare for version 7 changes (bsc#1200431).
   - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).
   - vmxnet3: update to version 7 (bsc#1200431).
   - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).
   - vsock: Fix memory leak in vsock_connect() (git-fixes).
   - vsock: Set socket state back to SS_UNCONNECTED in
     vsock_connect_timeout() (git-fixes).
   - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
     armada_37xx_wdt_probe() (git-fixes).
   - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
     (git-fixes).
   - wifi: mac80211: Do not finalize CSA in IBSS mode if state is
     disconnected (git-fixes).
   - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).
   - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).
   - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).
   - x86/olpc: fix 'logical not is only applied to the left hand side'
     (git-fixes).
   - xfs: Fix assert failure in xfs_setattr_size() (git-fixes).
   - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).
   - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).
   - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).
   - xfs: mark a data structure sick if there are cross-referencing errors
     (git-fixes).
   - xfs: only reset incore inode health state flags when reclaiming an inode
     (git-fixes).
   - xfs: prevent a UAF when log IO errors race with unmount (git-fixes).
   - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).
   - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap Micro 5.2:

      zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3264=1

   - openSUSE Leap 15.4:

      zypper in -t patch openSUSE-SLE-15.4-2022-3264=1

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-SLE-15.3-2022-3264=1

   - SUSE Linux Enterprise Workstation Extension 15-SP3:

      zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-3264=1

   - SUSE Linux Enterprise Module for Live Patching 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-3264=1

      Please note that this is the initial kernel livepatch without fixes
      itself, this livepatch package is later updated by seperate standalone
      livepatch updates.

   - SUSE Linux Enterprise Module for Legacy Software 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-3264=1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3264=1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3264=1

   - SUSE Linux Enterprise Micro 5.2:

      zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3264=1

   - SUSE Linux Enterprise Micro 5.1:

      zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3264=1

   - SUSE Linux Enterprise High Availability 15-SP3:

      zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3264=1



Package List:

   - openSUSE Leap Micro 5.2 (aarch64 x86_64):

      kernel-default-5.3.18-150300.59.93.1
      kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1

   - openSUSE Leap 15.4 (aarch64):

      dtb-al-5.3.18-150300.59.93.1
      dtb-zte-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150300.59.93.1
      cluster-md-kmp-default-debuginfo-5.3.18-150300.59.93.1
      dlm-kmp-default-5.3.18-150300.59.93.1
      dlm-kmp-default-debuginfo-5.3.18-150300.59.93.1
      gfs2-kmp-default-5.3.18-150300.59.93.1
      gfs2-kmp-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-5.3.18-150300.59.93.1
      kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-base-rebuild-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      kernel-default-devel-5.3.18-150300.59.93.1
      kernel-default-devel-debuginfo-5.3.18-150300.59.93.1
      kernel-default-extra-5.3.18-150300.59.93.1
      kernel-default-extra-debuginfo-5.3.18-150300.59.93.1
      kernel-default-livepatch-5.3.18-150300.59.93.1
      kernel-default-livepatch-devel-5.3.18-150300.59.93.1
      kernel-default-optional-5.3.18-150300.59.93.1
      kernel-default-optional-debuginfo-5.3.18-150300.59.93.1
      kernel-obs-build-5.3.18-150300.59.93.1
      kernel-obs-build-debugsource-5.3.18-150300.59.93.1
      kernel-obs-qa-5.3.18-150300.59.93.1
      kernel-syms-5.3.18-150300.59.93.1
      kselftests-kmp-default-5.3.18-150300.59.93.1
      kselftests-kmp-default-debuginfo-5.3.18-150300.59.93.1
      ocfs2-kmp-default-5.3.18-150300.59.93.1
      ocfs2-kmp-default-debuginfo-5.3.18-150300.59.93.1
      reiserfs-kmp-default-5.3.18-150300.59.93.1
      reiserfs-kmp-default-debuginfo-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (ppc64le x86_64):

      kernel-debug-5.3.18-150300.59.93.1
      kernel-debug-debuginfo-5.3.18-150300.59.93.1
      kernel-debug-debugsource-5.3.18-150300.59.93.1
      kernel-debug-devel-5.3.18-150300.59.93.1
      kernel-debug-devel-debuginfo-5.3.18-150300.59.93.1
      kernel-debug-livepatch-devel-5.3.18-150300.59.93.1
      kernel-kvmsmall-5.3.18-150300.59.93.1
      kernel-kvmsmall-debuginfo-5.3.18-150300.59.93.1
      kernel-kvmsmall-debugsource-5.3.18-150300.59.93.1
      kernel-kvmsmall-devel-5.3.18-150300.59.93.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.93.1
      kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (aarch64 x86_64):

      cluster-md-kmp-preempt-5.3.18-150300.59.93.1
      cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.93.1
      dlm-kmp-preempt-5.3.18-150300.59.93.1
      dlm-kmp-preempt-debuginfo-5.3.18-150300.59.93.1
      gfs2-kmp-preempt-5.3.18-150300.59.93.1
      gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-5.3.18-150300.59.93.1
      kernel-preempt-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-debugsource-5.3.18-150300.59.93.1
      kernel-preempt-devel-5.3.18-150300.59.93.1
      kernel-preempt-devel-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-extra-5.3.18-150300.59.93.1
      kernel-preempt-extra-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-livepatch-devel-5.3.18-150300.59.93.1
      kernel-preempt-optional-5.3.18-150300.59.93.1
      kernel-preempt-optional-debuginfo-5.3.18-150300.59.93.1
      kselftests-kmp-preempt-5.3.18-150300.59.93.1
      kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.93.1
      ocfs2-kmp-preempt-5.3.18-150300.59.93.1
      ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.93.1
      reiserfs-kmp-preempt-5.3.18-150300.59.93.1
      reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (aarch64):

      cluster-md-kmp-64kb-5.3.18-150300.59.93.1
      cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.93.1
      dlm-kmp-64kb-5.3.18-150300.59.93.1
      dlm-kmp-64kb-debuginfo-5.3.18-150300.59.93.1
      dtb-al-5.3.18-150300.59.93.1
      dtb-allwinner-5.3.18-150300.59.93.1
      dtb-altera-5.3.18-150300.59.93.1
      dtb-amd-5.3.18-150300.59.93.1
      dtb-amlogic-5.3.18-150300.59.93.1
      dtb-apm-5.3.18-150300.59.93.1
      dtb-arm-5.3.18-150300.59.93.1
      dtb-broadcom-5.3.18-150300.59.93.1
      dtb-cavium-5.3.18-150300.59.93.1
      dtb-exynos-5.3.18-150300.59.93.1
      dtb-freescale-5.3.18-150300.59.93.1
      dtb-hisilicon-5.3.18-150300.59.93.1
      dtb-lg-5.3.18-150300.59.93.1
      dtb-marvell-5.3.18-150300.59.93.1
      dtb-mediatek-5.3.18-150300.59.93.1
      dtb-nvidia-5.3.18-150300.59.93.1
      dtb-qcom-5.3.18-150300.59.93.1
      dtb-renesas-5.3.18-150300.59.93.1
      dtb-rockchip-5.3.18-150300.59.93.1
      dtb-socionext-5.3.18-150300.59.93.1
      dtb-sprd-5.3.18-150300.59.93.1
      dtb-xilinx-5.3.18-150300.59.93.1
      dtb-zte-5.3.18-150300.59.93.1
      gfs2-kmp-64kb-5.3.18-150300.59.93.1
      gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.93.1
      kernel-64kb-5.3.18-150300.59.93.1
      kernel-64kb-debuginfo-5.3.18-150300.59.93.1
      kernel-64kb-debugsource-5.3.18-150300.59.93.1
      kernel-64kb-devel-5.3.18-150300.59.93.1
      kernel-64kb-devel-debuginfo-5.3.18-150300.59.93.1
      kernel-64kb-extra-5.3.18-150300.59.93.1
      kernel-64kb-extra-debuginfo-5.3.18-150300.59.93.1
      kernel-64kb-livepatch-devel-5.3.18-150300.59.93.1
      kernel-64kb-optional-5.3.18-150300.59.93.1
      kernel-64kb-optional-debuginfo-5.3.18-150300.59.93.1
      kselftests-kmp-64kb-5.3.18-150300.59.93.1
      kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.93.1
      ocfs2-kmp-64kb-5.3.18-150300.59.93.1
      ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.93.1
      reiserfs-kmp-64kb-5.3.18-150300.59.93.1
      reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (noarch):

      kernel-devel-5.3.18-150300.59.93.1
      kernel-docs-5.3.18-150300.59.93.1
      kernel-docs-html-5.3.18-150300.59.93.1
      kernel-macros-5.3.18-150300.59.93.1
      kernel-source-5.3.18-150300.59.93.1
      kernel-source-vanilla-5.3.18-150300.59.93.1

   - openSUSE Leap 15.3 (s390x):

      kernel-zfcpdump-5.3.18-150300.59.93.1
      kernel-zfcpdump-debuginfo-5.3.18-150300.59.93.1
      kernel-zfcpdump-debugsource-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      kernel-default-extra-5.3.18-150300.59.93.1
      kernel-default-extra-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-debugsource-5.3.18-150300.59.93.1
      kernel-preempt-extra-5.3.18-150300.59.93.1
      kernel-preempt-extra-debuginfo-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      kernel-default-livepatch-5.3.18-150300.59.93.1
      kernel-default-livepatch-devel-5.3.18-150300.59.93.1
      kernel-livepatch-5_3_18-150300_59_93-default-1-150300.7.3.1

   - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      reiserfs-kmp-default-5.3.18-150300.59.93.1
      reiserfs-kmp-default-debuginfo-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-5.3.18-150300.59.93.1
      kernel-obs-build-debugsource-5.3.18-150300.59.93.1
      kernel-syms-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):

      kernel-preempt-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-debugsource-5.3.18-150300.59.93.1
      kernel-preempt-devel-5.3.18-150300.59.93.1
      kernel-preempt-devel-debuginfo-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):

      kernel-docs-5.3.18-150300.59.93.1
      kernel-source-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-5.3.18-150300.59.93.1
      kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      kernel-default-devel-5.3.18-150300.59.93.1
      kernel-default-devel-debuginfo-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):

      kernel-preempt-5.3.18-150300.59.93.1
      kernel-preempt-debuginfo-5.3.18-150300.59.93.1
      kernel-preempt-debugsource-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):

      kernel-64kb-5.3.18-150300.59.93.1
      kernel-64kb-debuginfo-5.3.18-150300.59.93.1
      kernel-64kb-debugsource-5.3.18-150300.59.93.1
      kernel-64kb-devel-5.3.18-150300.59.93.1
      kernel-64kb-devel-debuginfo-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):

      kernel-devel-5.3.18-150300.59.93.1
      kernel-macros-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):

      kernel-zfcpdump-5.3.18-150300.59.93.1
      kernel-zfcpdump-debuginfo-5.3.18-150300.59.93.1
      kernel-zfcpdump-debugsource-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):

      kernel-default-5.3.18-150300.59.93.1
      kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):

      kernel-default-5.3.18-150300.59.93.1
      kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1

   - SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):

      cluster-md-kmp-default-5.3.18-150300.59.93.1
      cluster-md-kmp-default-debuginfo-5.3.18-150300.59.93.1
      dlm-kmp-default-5.3.18-150300.59.93.1
      dlm-kmp-default-debuginfo-5.3.18-150300.59.93.1
      gfs2-kmp-default-5.3.18-150300.59.93.1
      gfs2-kmp-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debuginfo-5.3.18-150300.59.93.1
      kernel-default-debugsource-5.3.18-150300.59.93.1
      ocfs2-kmp-default-5.3.18-150300.59.93.1
      ocfs2-kmp-default-debuginfo-5.3.18-150300.59.93.1


References:

   https://www.suse.com/security/cve/CVE-2016-3695.html
   https://www.suse.com/security/cve/CVE-2020-27784.html
   https://www.suse.com/security/cve/CVE-2021-4155.html
   https://www.suse.com/security/cve/CVE-2021-4203.html
   https://www.suse.com/security/cve/CVE-2022-20368.html
   https://www.suse.com/security/cve/CVE-2022-20369.html
   https://www.suse.com/security/cve/CVE-2022-2588.html
   https://www.suse.com/security/cve/CVE-2022-26373.html
   https://www.suse.com/security/cve/CVE-2022-2663.html
   https://www.suse.com/security/cve/CVE-2022-2905.html
   https://www.suse.com/security/cve/CVE-2022-2977.html
   https://www.suse.com/security/cve/CVE-2022-3028.html
   https://www.suse.com/security/cve/CVE-2022-36879.html
   https://www.suse.com/security/cve/CVE-2022-39188.html
   https://www.suse.com/security/cve/CVE-2022-39190.html
   https://bugzilla.suse.com/1023051
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1179722
   https://bugzilla.suse.com/1179723
   https://bugzilla.suse.com/1181862
   https://bugzilla.suse.com/1191662
   https://bugzilla.suse.com/1191667
   https://bugzilla.suse.com/1191881
   https://bugzilla.suse.com/1192594
   https://bugzilla.suse.com/1192968
   https://bugzilla.suse.com/1194272
   https://bugzilla.suse.com/1194535
   https://bugzilla.suse.com/1197158
   https://bugzilla.suse.com/1197755
   https://bugzilla.suse.com/1197756
   https://bugzilla.suse.com/1197757
   https://bugzilla.suse.com/1197760
   https://bugzilla.suse.com/1197763
   https://bugzilla.suse.com/1197920
   https://bugzilla.suse.com/1198971
   https://bugzilla.suse.com/1199291
   https://bugzilla.suse.com/1200431
   https://bugzilla.suse.com/1200845
   https://bugzilla.suse.com/1200868
   https://bugzilla.suse.com/1200869
   https://bugzilla.suse.com/1200870
   https://bugzilla.suse.com/1200871
   https://bugzilla.suse.com/1200872
   https://bugzilla.suse.com/1200873
   https://bugzilla.suse.com/1201019
   https://bugzilla.suse.com/1201420
   https://bugzilla.suse.com/1201610
   https://bugzilla.suse.com/1201705
   https://bugzilla.suse.com/1201726
   https://bugzilla.suse.com/1201948
   https://bugzilla.suse.com/1202096
   https://bugzilla.suse.com/1202097
   https://bugzilla.suse.com/1202346
   https://bugzilla.suse.com/1202347
   https://bugzilla.suse.com/1202393
   https://bugzilla.suse.com/1202396
   https://bugzilla.suse.com/1202447
   https://bugzilla.suse.com/1202564
   https://bugzilla.suse.com/1202577
   https://bugzilla.suse.com/1202636
   https://bugzilla.suse.com/1202672
   https://bugzilla.suse.com/1202701
   https://bugzilla.suse.com/1202708
   https://bugzilla.suse.com/1202709
   https://bugzilla.suse.com/1202710
   https://bugzilla.suse.com/1202711
   https://bugzilla.suse.com/1202712
   https://bugzilla.suse.com/1202713
   https://bugzilla.suse.com/1202714
   https://bugzilla.suse.com/1202715
   https://bugzilla.suse.com/1202716
   https://bugzilla.suse.com/1202717
   https://bugzilla.suse.com/1202718
   https://bugzilla.suse.com/1202720
   https://bugzilla.suse.com/1202722
   https://bugzilla.suse.com/1202745
   https://bugzilla.suse.com/1202756
   https://bugzilla.suse.com/1202810
   https://bugzilla.suse.com/1202811
   https://bugzilla.suse.com/1202860
   https://bugzilla.suse.com/1202895
   https://bugzilla.suse.com/1202898
   https://bugzilla.suse.com/1203063
   https://bugzilla.suse.com/1203098
   https://bugzilla.suse.com/1203107
   https://bugzilla.suse.com/1203116
   https://bugzilla.suse.com/1203117
   https://bugzilla.suse.com/1203135
   https://bugzilla.suse.com/1203136
   https://bugzilla.suse.com/1203137

SUSE: 2022:3264-1 important: the Linux Kernel

September 14, 2022
An update that solves 15 vulnerabilities, contains one feature and has 61 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP3 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain (bnc#1203117). - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107). - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948). - CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898). - CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672). - CVE-2022-2905: Fixed tnum_range usage on array range checking for poke descriptors (bsc#1202564, bsc#1202860). - CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097). - CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726). - CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096). - CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347). - CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346). - CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535). - CVE-2021-4155: Fixed a data leak flaw that was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272). - CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl() printer_ioctl() when accessing a deallocated instance (bnc#1202895). - CVE-2016-3695: Fixed an issue inside the einj_error_inject function in drivers/acpi/apei/einj.c that allowed users to simulate hardware errors and consequently cause a denial of service (bnc#1023051). The following non-security bugs were fixed: - ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks (git-fixes). - ACPI: LPSS: Fix missing check in register_device_clock() (git-fixes). - ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes). - ACPI: processor: Remove freq Qos request for all CPUs (git-fixes). - ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool (git-fixes). - ACPI: video: Force backlight native for some TongFang devices (git-fixes). - ALSA: bcd2000: Fix a UAF bug on the error path of probing (git-fixes). - ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes). - ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model (git-fixes). - ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED (git-fixes). - ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes). - ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NS50PU (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes). - ALSA: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes). - ALSA: hda/realtek: Add quirk for HP Dev One (git-fixes). - ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes). - ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (git-fixes). - ALSA: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes). - ALSA: hda/realtek: Add quirk for the Framework Laptop (git-fixes). - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes). - ALSA: hda/realtek: Fix deadlock by COEF mutex (git-fixes). - ALSA: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes). - ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (git-fixes). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (git-fixes). - ALSA: info: Fix llseek return value when using callback (git-fixes). - ALSA: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II (git-fixes). - ARM: 9077/1: PLT: Move struct plt_entries definition to header (git-fixes). - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (git-fixes). - ARM: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes). - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (git-fixes). - ASoC: SOF: debug: Fix potential buffer overflow by snprintf() (git-fixes). - ASoC: audio-graph-card: Add of_node_put() in fail path (git-fixes). - ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes). - ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV (git-fixes). - ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes). - ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe (git-fixes). - ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes). - ASoC: tas2770: Allow mono streams (git-fixes). - Bluetooth: L2CAP: Fix build errors in some archs (git-fixes). - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes). - Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes). - Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019). - HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes). - HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report (git-fixes). - HID: wacom: Do not register pad_input for touch switch (git-fixes). - HID: wacom: Only report rotation for art pen (git-fixes). - Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes). - Input: rk805-pwrkey - fix module autoloading (git-fixes). - KABI: cgroup: Restore KABI of css_set (bsc#1201610). - KVM: PPC: Book3S HV: Context tracking exit guest context before enabling irqs (bsc#1065729). - KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB (bsc#1156395). - KVM: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr() (bsc#1156395). - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395). - KVM: PPC: Use arch_get_random_seed_long instead of powernv variant (bsc#1156395). - KVM: VMX: Refuse to load kvm_intel if EPT and NX are disabled (git-fixes). - KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case (git-fixes). - KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case (git-fixes). - KVM: x86: accept userspace interrupt only if no event is injected (git-fixes). - NFS: fix nfs_path in case of a rename retry (git-fixes). - NFSD: Add missing NFSv2 .pc_func methods (git-fixes). - NFSD: Clamp WRITE offsets (git-fixes). - NFSD: Fix possible sleep during nfsd4_release_lockowner() (git-fixes). - NFSD: prevent integer overflow on 32 bit systems (git-fixes). - NFSD: prevent underflow in nfssvc_decode_writeargs() (git-fixes). - NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes). - NFSv4: Fix second deadlock in nfs4_evict_inode() (git-fixes). - NFSv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error (git-fixes). - NTB: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes). - PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes). - PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845). - PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845). - PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845). - PCI: hv: Make the code arch neutral by adding arch specific interfaces (bsc#1200845). - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845). - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (bsc#1200845). - PCI: qcom: Fix pipe clock imbalance (git-fixes). - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion") (git-fixes). - SUNRPC: Clean up scheduling of autoclose (git-fixes). - SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes). - SUNRPC: Fix READ_PLUS crasher (git-fixes). - SUNRPC: Prevent immediate close+reconnect (git-fixes). - VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635). - VMCI: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291, jsc#SLE-24635). - VMCI: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC (bsc#1199291, jsc#SLE-24635). - VMCI: Fix some error handling paths in vmci_guest_probe_device() (bsc#1199291, jsc#SLE-24635). - VMCI: Release notification_bitmap in error path (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: add support for DMA datagrams receive (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: allocate send and receive buffers for DMA datagrams (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: detect DMA datagram capability (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: register dummy IRQ handlers for DMA datagrams (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635). - VMCI: dma dg: whitespace formatting change for vmci register defines (bsc#1199291, jsc#SLE-24635). - arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (git-fixes). - asm-generic: sections: refactor memory_intersects (git-fixes). - ata: libata-eh: Add missing command name (git-fixes). - atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes). - blk-iocost: clamp inuse and skip noops in __propagate_weights() (bsc#1202722). - blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720). - blk-iocost: fix weight updates of inner active iocgs (bsc#1202717). - blk-iocost: rename propagate_active_weights() to propagate_weights() (bsc#1202722). - blktrace: fix blk_rq_merge documentation (git-fixes). - can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes). - can: m_can: process interrupt only when not runtime suspended (git-fixes). - ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810). - ceph: do not truncate file in atomic_open (bsc#1202811). - cgroup: Trace event cgroup id fields should be u64 (git-fixes). - cgroup: Use separate src/dst nodes when preloading css_sets for migration (bsc#1201610). - clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes). - clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes). - clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes). - clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes). - clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes). - coresight: cti: Correct the parameter for pm_runtime_put (git-fixes). - devlink: Fix use-after-free after a failed reload (git-fixes). - dm raid: fix KASAN warning in raid5_add_disks (git-fixes). - dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed (git-fixes). - dpaa2-eth: unregister the netdev before disconnecting from the PHY (git-fixes). - driver core: Do not probe devices after bus_type.match() probe deferral (git-fixes). - drm/amdgpu: Check BO's requested pinning domains against its preferred_domains (git-fixes). - drm/amdgpu: remove useless condition in amdgpu_job_stop_all_jobs_on_sched() (git-fixes). - drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error (git-fixes). - drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" (git-fixes). - drm/meson: Fix overflow implicit truncation warnings (git-fixes). - drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() (git-fixes). - drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes). - drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes). - drm/msm/dsi: fix the inconsistent indenting (git-fixes). - drm/sun4i: dsi: Prevent underflow when computing packet sizes (git-fixes). - ehea: fix error return code in ehea_restart_qps() (git-fixes). - enetc: Fix endianness issues for enetc_qos (git-fixes). - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (git-fixes). - ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755). - ext4: add reserved GDT blocks check (bsc#1202712). - ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708). - ext4: do not use the orphan list when migrating an inode (bsc#1197756). - ext4: fix bug_on in ext4_writepages (bsc#1200872). - ext4: fix error handling code in add_new_gdb (bsc#1179722). - ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757). - ext4: fix invalid inode checksum (bsc#1179723). - ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709). - ext4: fix overhead calculation to account for the reserved gdt blocks (bsc#1200869). - ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662). - ext4: fix race when reusing xattr blocks (bsc#1198971). - ext4: fix symlink file size not match to file content (bsc#1200868). - ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871). - ext4: fix use-after-free in ext4_search_dir (bsc#1202710). - ext4: fix warning in ext4_handle_inode_extension (bsc#1202711). - ext4: force overhead calculation if the s_overhead_cluster makes no sense (bsc#1200870). - ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713). - ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971). - ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971). - fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes). - firmware: tegra: bpmp: Do only aligned access to IPC memory area (git-fixes). - fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages (bsc#1200873). - fuse: Remove the control interface for virtio-fs (bsc#1203137). - fuse: ioctl: translate ENOSYS (bsc#1203136). - fuse: limit nsec (bsc#1203135). - gadgetfs: ep_io - wait until IRQ finishes (git-fixes). - geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes). - geneve: fix TOS inheriting for ipv4 (git-fixes). - gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes). - hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info (bsc#1202701). - hwmon: (gpio-fan) Fix array out of bounds access (git-fixes). - i2c: imx: Make sure to unregister adapter on remove() (git-fixes). - ice: report supported and advertised autoneg using PHY capabilities (git-fixes). - ieee802154/adf7242: defer destroy_workqueue call (git-fixes). - iio: adc: mcp3911: make use of the sign bit (git-fixes). - iio: adc: mcp3911: use correct formula for AD conversion (git-fixes). - intel_th: pci: Add Meteor Lake-P support (git-fixes). - intel_th: pci: Add Raptor Lake-S CPU support (git-fixes). - intel_th: pci: Add Raptor Lake-S PCH support (git-fixes). - iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement (git-fixes). - iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop (git-fixes). - iommu/exynos: Handle failed IOMMU device registration properly (git-fixes). - iommu/iova: Improve 32-bit free space estimate (git-fixes). - iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes). - iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes). - iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes). - iommu/omap: Fix regression in probe for NULL pointer dereference (git-fixes). - iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes). - iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes). - iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes). - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) (git-fixes). - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes). - ipmi: ssif: initialize ssif_info->client early (git-fixes). - ixgbevf: add correct exception tracing for XDP (git-fixes). - jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted (bsc#1202716). - jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() (bsc#1202715). - kabi/severities: add stmmac driver local sumbols - kbuild: do not create built-in objects for external module builds (jsc#SLE-24559 bsc#1202756). - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862 git-fixes). - kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes). - kernel-obs-build: include qemu_fw_cfg (boo#1201705) - kfifo: fix kfifo_to_user() return type (git-fixes). - kfifo: fix ternary sign extension bugs (git-fixes). - lib/list_debug.c: Detect uninitialized lists (git-fixes). - lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() (git-fixes). - lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420 ZDI-CAN-17325). - list: add "list_del_init_careful()" to go with "list_empty_careful()" (bsc#1202745). - locking/lockdep: Avoid potential access of invalid memory in lock_class (git-fixes). - loop: Fix missing discard support when using LOOP_CONFIGURE (bsc#1202718). - mbcache: add functions to delete entry if unused (bsc#1198971). - mbcache: do not reclaim used entries (bsc#1198971). - md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158). - mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes). - mfd: t7l66xb: Drop platform disable callback (git-fixes). - misc: fastrpc: fix memory corruption on open (git-fixes). - misc: fastrpc: fix memory corruption on probe (git-fixes). - mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (git-fixes, bsc#1203098). - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763). - mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447). - mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes). - mmc: pxamci: Fix another error handling path in pxamci_probe() (git-fixes). - module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols (git-fixes). - mtd: maps: Fix refcount leak in ap_flash_init (git-fixes). - mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes). - mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes). - mtd: rawnand: meson: Fix a potential double free issue (git-fixes). - mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release (git-fixes). - mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path (git-fixes). - net/mlx5e: Check for needed capability for cvlan matching (git-fixes). - net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' (git-fixes). - net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes). - net: cpsw: Properly initialise struct page_pool_params (git-fixes). - net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes). - net: davinci_emac: Fix incorrect masking of tx and rx error channel (git-fixes). - net: dsa: b53: fix an off by one in checking "vlan->vid" (git-fixes). - net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes). - net: dsa: mt7530: fix VLAN traffic leaks (git-fixes). - net: enetc: Use pci_release_region() to release some resources (git-fixes). - net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes). - net: enetc: unmap DMA in enetc_send_cmd() (git-fixes). - net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes). - net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes). - net: ethernet: ezchip: fix error handling (git-fixes). - net: ethernet: ezchip: remove redundant check (git-fixes). - net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes). - net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory (git-fixes). - net: fec: fix the potential memory leak in fec_enet_init() (git-fixes). - net: fec_ptp: add clock rate zero check (git-fixes). - net: ftgmac100: Fix crash when removing driver (git-fixes). - net: hdlc_x25: Return meaningful error code in x25_open (git-fixes). - net: hns: Fix kernel-doc (git-fixes). - net: lantiq: fix memory corruption in RX ring (git-fixes). - net: lapbether: Prevent racing when checking whether the netif is running (git-fixes). - net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes). - net: mscc: ocelot: correctly report the timestamping RX filters in ethtool (git-fixes). - net: mscc: ocelot: do not downgrade timestamping RX filters in SIOCSHWTSTAMP (git-fixes). - net: mvpp2: fix interrupt mask/unmask skip condition (git-fixes). - net: netcp: Fix an error message (git-fixes). - net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes). - net: rose: fix netdev reference changes (git-fixes). - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer (git-fixes). - net: stmicro: handle clk_prepare() failure during init (git-fixes). - net: stmmac: Modify configuration method of EEE timers (git-fixes). - net: stmmac: Use resolved link config in mac_link_up() (git-fixes). - net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes). - net: stmmac: dwmac1000: Fix extended MAC address registers definition (git-fixes). - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (bsc#1200431). - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (bsc#1200431). - net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c (bsc#1200431). - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (git-fixes). - net:enetc: allocate CBD ring data memory using DMA coherent methods (git-fixes). - net_sched: cls_route: disallow handle of 0 (bsc#1202393). - nfsd: fix use-after-free due to delegation race (git-fixes). - nvme: fix RCU hole that allowed for endless looping in multipath round robin (bsc#1202636). - objtool: Add support for intra-function calls (bsc#1202396). - objtool: Make handle_insn_ops() unconditional (bsc#1202396). - objtool: Remove INSN_STACK (bsc#1202396). - objtool: Rework allocating stack_ops on decode (bsc#1202396). - objtool: Support multiple stack_op per instruction (bsc#1202396). - ocfs2: drop acl cache for directories too (bsc#1191667). - ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920). - ocfs2: mount fails with buffer overflow in strlen (bsc#1197760). - octeontx2-af: fix infinite loop in unmapping NPC counter (git-fixes). - perf bench: Share some global variables to fix build with gcc 10 (git-fixes). - pinctrl/rockchip: fix gpio device creation (git-fixes). - pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map (git-fixes). - pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes). - pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes). - platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes). - powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable (bsc#1156395). - powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729). - powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729). - powerpc/powernv: Staticify functions without prototypes (bsc#1065729). - powerpc/powernv: delay rng platform device creation until later in boot (bsc#1065729). - powerpc/powernv: rename remaining rng powernv_ functions to pnv_ (bsc#1065729). - powerpc/powernv: wire up rng during setup_arch (bsc#1065729). - powerpc/pseries: wire up rng during setup_arch() (bsc#1065729). - powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess). - powerpc: Enable execve syscall exit tracepoint (bsc#1065729). - powerpc: define get_cycles macro for arch-override (bsc#1065729). - powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729). - profiling: fix shift too large makes kernel panic (git-fixes). - qlcnic: Add null check after calling netdev_alloc_skb (git-fixes). - random: fix crash on multiple early calls to add_bootloader_randomness() (git-fixes). - ratelimit: Fix data-races in ___ratelimit() (git-fixes). - reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr (bsc#1202714). - remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config (git-fixes). - remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes). - s390/crash: fix incorrect number of bytes to copy to user space (git-fixes). - s390/crash: make copy_oldmem_page() return number of bytes copied (git-fixes). - s390/mm: do not trigger write fault when vma does not allow VM_WRITE (git-fixes). - s390/mm: fix 2KB pgtable release race (git-fixes). - s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594 LTC#197522). - scsi: lpfc: Add warning notification period to CMF_SYNC_WQE (bsc#1203063). - scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063). - scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063). - scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for GFT_ID (bsc#1203063). - scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT discovery (bsc#1203063). - scsi: lpfc: Remove SANDiags related code (bsc#1203063). - scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063). - scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063). - selftests: futex: Use variable MAKE instead of make (git-fixes). - serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() (git-fixes). - serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes). - serial: mvebu-uart: uart2 error bits clearing (git-fixes). - serial: tegra: Change lower tolerance baud rate limit for tegra20 and tegra30 (git-fixes). - silence nfscache allocation warnings with kvzalloc (git-fixes). - spi: Fix incorrect cs_setup delay handling (git-fixes). - spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes). - spi: synquacer: Add missing clk_disable_unprepare() (git-fixes). - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (git-fixes). - staging: rtl8712: fix use after free bugs (git-fixes). - tee: optee: Fix incorrect page free bug (git-fixes). - thermal: Fix NULL pointer dereferences in of_thermal_ functions (git-fixes). - thermal: sysfs: Fix cooling_device_stats_setup() error code path (git-fixes). - thunderbolt: Use the actual buffer in tb_async_error() (git-fixes). - tools/thermal: Fix possible path truncations (git-fixes). - tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes). - tracing/histograms: Fix memory leak problem (git-fixes). - tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes). - tracing: Add ustring operation to filtering string pointers (git-fixes). - tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes). - tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete (git-fixes). - tty: vt: initialize unicode screen buffer (git-fixes). - usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes). - usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes). - usb: dwc3: ep0: Fix delay status handling (git-fixes). - usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes). - usb: dwc3: gadget: Fix IN endpoint max packet size allocation (git-fixes). - usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes). - usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes). - usb: dwc3: gadget: Remove unnecessary checks (git-fixes). - usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (git-fixes). - usb: dwc3: gadget: Store resource index of start cmd (git-fixes). - usb: dwc3: qcom: fix missing optional irq warnings. - usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (git-fixes). - usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes). - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes). - usb: gadget: uvc: call uvc uvcg_warn on completed status instead of uvcg_info (git-fixes). - usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes). - usb: renesas: Fix refcount leak bug (git-fixes). - usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles (git-fixes). - usbnet: Fix linkwatch use-after-free on disconnect (git-fixes). - usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes). - vboxguest: Do not use devm for irq (git-fixes). - vfio/ccw: Remove UUID from s390 debug log (git-fixes). - video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes). - video: fbdev: arkfb: Check the size of screen before memset_io() (git-fixes). - video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() (git-fixes). - video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes). - video: fbdev: s3fb: Check the size of screen before memset_io() (git-fixes). - video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes). - video: fbdev: vt8623fb: Check the size of screen before memset_io() (git-fixes). - virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes). - vmxnet3: Implement ethtool's get_channels command (bsc#1200431). - vmxnet3: Record queue number to incoming packets (bsc#1200431). - vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431). - vmxnet3: add command to set ring buffer sizes (bsc#1200431). - vmxnet3: add support for capability registers (bsc#1200431). - vmxnet3: add support for large passthrough BAR register (bsc#1200431). - vmxnet3: add support for out of order rx completion (bsc#1200431). - vmxnet3: disable overlay offloads if UPT device does not support (bsc#1200431). - vmxnet3: do not reschedule napi for rx processing (bsc#1200431). - vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431). - vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431). - vmxnet3: prepare for version 7 changes (bsc#1200431). - vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431). - vmxnet3: update to version 7 (bsc#1200431). - vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431). - vsock: Fix memory leak in vsock_connect() (git-fixes). - vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() (git-fixes). - watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() (git-fixes). - wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (git-fixes). - wifi: mac80211: Do not finalize CSA in IBSS mode if state is disconnected (git-fixes). - wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes). - wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes). - wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes). - x86/olpc: fix 'logical not is only applied to the left hand side' (git-fixes). - xfs: Fix assert failure in xfs_setattr_size() (git-fixes). - xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes). - xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577). - xfs: make xfs_rtalloc_query_range input parameters const (git-fixes). - xfs: mark a data structure sick if there are cross-referencing errors (git-fixes). - xfs: only reset incore inode health state flags when reclaiming an inode (git-fixes). - xfs: prevent a UAF when log IO errors race with unmount (git-fixes). - xfs: use kmem_cache_free() for kmem_cache objects (git-fixes). - xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).

References

#1023051 #1065729 #1156395 #1179722 #1179723

#1181862 #1191662 #1191667 #1191881 #1192594

#1192968 #1194272 #1194535 #1197158 #1197755

#1197756 #1197757 #1197760 #1197763 #1197920

#1198971 #1199291 #1200431 #1200845 #1200868

#1200869 #1200870 #1200871 #1200872 #1200873

#1201019 #1201420 #1201610 #1201705 #1201726

#1201948 #1202096 #1202097 #1202346 #1202347

#1202393 #1202396 #1202447 #1202564 #1202577

#1202636 #1202672 #1202701 #1202708 #1202709

#1202710 #1202711 #1202712 #1202713 #1202714

#1202715 #1202716 #1202717 #1202718 #1202720

#1202722 #1202745 #1202756 #1202810 #1202811

#1202860 #1202895 #1202898 #1203063 #1203098

#1203107 #1203116 #1203117 #1203135 #1203136

#1203137 SLE-24635

Cross- CVE-2016-3695 CVE-2020-27784 CVE-2021-4155

CVE-2021-4203 CVE-2022-20368 CVE-2022-20369

CVE-2022-2588 CVE-2022-26373 CVE-2022-2663

CVE-2022-2905 CVE-2022-2977 CVE-2022-3028

CVE-2022-36879 CVE-2022-39188 CVE-2022-39190

CVSS scores:

CVE-2016-3695 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2016-3695 (SUSE): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

CVE-2020-27784 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-27784 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

CVE-2021-4155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CVE-2021-4203 (SUSE): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L

CVE-2022-20368 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20368 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-20369 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-20369 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-2588 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-26373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-2663 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVE-2022-2663 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CVE-2022-2905 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2022-2977 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

CVE-2022-3028 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-3028 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-36879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-36879 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

CVE-2022-39188 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-39188 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-39190 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-39190 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Linux Enterprise Desktop 15-SP3

SUSE Linux Enterprise High Availability 15-SP3

SUSE Linux Enterprise High Performance Computing

SUSE Linux Enterprise High Performance Computing 15-SP3

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Module for Basesystem 15-SP3

SUSE Linux Enterprise Module for Development Tools 15-SP3

SUSE Linux Enterprise Module for Legacy Software 15-SP3

SUSE Linux Enterprise Module for Live Patching 15-SP3

SUSE Linux Enterprise Server

SUSE Linux Enterprise Server 15-SP3

SUSE Linux Enterprise Server for SAP Applications

SUSE Linux Enterprise Server for SAP Applications 15-SP3

SUSE Linux Enterprise Storage 7.1

SUSE Linux Enterprise Workstation Extension 15-SP3

SUSE Manager Proxy 4.2

SUSE Manager Retail Branch Server 4.2

SUSE Manager Server 4.2

openSUSE Leap 15.3

openSUSE Leap 15.4

openSUSE Leap Micro 5.2

https://www.suse.com/security/cve/CVE-2016-3695.html

https://www.suse.com/security/cve/CVE-2020-27784.html

https://www.suse.com/security/cve/CVE-2021-4155.html

https://www.suse.com/security/cve/CVE-2021-4203.html

https://www.suse.com/security/cve/CVE-2022-20368.html

https://www.suse.com/security/cve/CVE-2022-20369.html

https://www.suse.com/security/cve/CVE-2022-2588.html

https://www.suse.com/security/cve/CVE-2022-26373.html

https://www.suse.com/security/cve/CVE-2022-2663.html

https://www.suse.com/security/cve/CVE-2022-2905.html

https://www.suse.com/security/cve/CVE-2022-2977.html

https://www.suse.com/security/cve/CVE-2022-3028.html

https://www.suse.com/security/cve/CVE-2022-36879.html

https://www.suse.com/security/cve/CVE-2022-39188.html

https://www.suse.com/security/cve/CVE-2022-39190.html

https://bugzilla.suse.com/1023051

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1179722

https://bugzilla.suse.com/1179723

https://bugzilla.suse.com/1181862

https://bugzilla.suse.com/1191662

https://bugzilla.suse.com/1191667

https://bugzilla.suse.com/1191881

https://bugzilla.suse.com/1192594

https://bugzilla.suse.com/1192968

https://bugzilla.suse.com/1194272

https://bugzilla.suse.com/1194535

https://bugzilla.suse.com/1197158

https://bugzilla.suse.com/1197755

https://bugzilla.suse.com/1197756

https://bugzilla.suse.com/1197757

https://bugzilla.suse.com/1197760

https://bugzilla.suse.com/1197763

https://bugzilla.suse.com/1197920

https://bugzilla.suse.com/1198971

https://bugzilla.suse.com/1199291

https://bugzilla.suse.com/1200431

https://bugzilla.suse.com/1200845

https://bugzilla.suse.com/1200868

https://bugzilla.suse.com/1200869

https://bugzilla.suse.com/1200870

https://bugzilla.suse.com/1200871

https://bugzilla.suse.com/1200872

https://bugzilla.suse.com/1200873

https://bugzilla.suse.com/1201019

https://bugzilla.suse.com/1201420

https://bugzilla.suse.com/1201610

https://bugzilla.suse.com/1201705

https://bugzilla.suse.com/1201726

https://bugzilla.suse.com/1201948

https://bugzilla.suse.com/1202096

https://bugzilla.suse.com/1202097

https://bugzilla.suse.com/1202346

https://bugzilla.suse.com/1202347

https://bugzilla.suse.com/1202393

https://bugzilla.suse.com/1202396

https://bugzilla.suse.com/1202447

https://bugzilla.suse.com/1202564

https://bugzilla.suse.com/1202577

https://bugzilla.suse.com/1202636

https://bugzilla.suse.com/1202672

https://bugzilla.suse.com/1202701

https://bugzilla.suse.com/1202708

https://bugzilla.suse.com/1202709

https://bugzilla.suse.com/1202710

https://bugzilla.suse.com/1202711

https://bugzilla.suse.com/1202712

https://bugzilla.suse.com/1202713

https://bugzilla.suse.com/1202714

https://bugzilla.suse.com/1202715

https://bugzilla.suse.com/1202716

https://bugzilla.suse.com/1202717

https://bugzilla.suse.com/1202718

https://bugzilla.suse.com/1202720

https://bugzilla.suse.com/1202722

https://bugzilla.suse.com/1202745

https://bugzilla.suse.com/1202756

https://bugzilla.suse.com/1202810

https://bugzilla.suse.com/1202811

https://bugzilla.suse.com/1202860

https://bugzilla.suse.com/1202895

https://bugzilla.suse.com/1202898

https://bugzilla.suse.com/1203063

https://bugzilla.suse.com/1203098

https://bugzilla.suse.com/1203107

https://bugzilla.suse.com/1203116

https://bugzilla.suse.com/1203117

https://bugzilla.suse.com/1203135

https://bugzilla.suse.com/1203136

https://bugzilla.suse.com/1203137

Severity
Announcement ID: SUSE-SU-2022:3264-1
Rating: important

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.