# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2023:4732-1  
Rating: important  
References:

  * bsc#1207948
  * bsc#1210447
  * bsc#1212649
  * bsc#1214286
  * bsc#1214700
  * bsc#1214840
  * bsc#1214976
  * bsc#1215095
  * bsc#1215123
  * bsc#1215124
  * bsc#1215292
  * bsc#1215420
  * bsc#1215458
  * bsc#1215710
  * bsc#1215802
  * bsc#1215931
  * bsc#1216058
  * bsc#1216105
  * bsc#1216259
  * bsc#1216527
  * bsc#1216584
  * bsc#1216621
  * bsc#1216687
  * bsc#1216693
  * bsc#1216759
  * bsc#1216761
  * bsc#1216788
  * bsc#1216844
  * bsc#1216861
  * bsc#1216909
  * bsc#1216959
  * bsc#1216965
  * bsc#1216976
  * bsc#1217036
  * bsc#1217068
  * bsc#1217086
  * bsc#1217095
  * bsc#1217124
  * bsc#1217140
  * bsc#1217147
  * bsc#1217195
  * bsc#1217196
  * bsc#1217200
  * bsc#1217205
  * bsc#1217332
  * bsc#1217366
  * bsc#1217511
  * bsc#1217515
  * bsc#1217598
  * bsc#1217599
  * bsc#1217609
  * bsc#1217687
  * bsc#1217731
  * bsc#1217780
  * jsc#PED-3184
  * jsc#PED-5021
  * jsc#PED-7237

  
Cross-References:

  * CVE-2023-2006
  * CVE-2023-25775
  * CVE-2023-3777
  * CVE-2023-39197
  * CVE-2023-39198
  * CVE-2023-4244
  * CVE-2023-45863
  * CVE-2023-45871
  * CVE-2023-46813
  * CVE-2023-46862
  * CVE-2023-5158
  * CVE-2023-5633
  * CVE-2023-5717
  * CVE-2023-6039
  * CVE-2023-6176

  
CVSS scores:

  * CVE-2023-2006 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-2006 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-25775 ( SUSE ):  5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2023-25775 ( NVD ):  5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2023-3777 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-3777 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-39197 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-39198 ( SUSE ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2023-39198 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45863 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45863 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45871 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45871 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-46813 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-46813 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-46862 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-46862 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-5158 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-5158 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2023-5633 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-5633 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-5717 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-5717 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6039 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6039 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-6176 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6176 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro 6.0
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Real Time Module 15-SP5

  
  
An update that solves 15 vulnerabilities, contains three features and has 39
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  * CVE-2023-2006: Fixed a race condition in the RxRPC network protocol
    (bsc#1210447).
  * CVE-2023-25775: Fixed improper access control in the Intel Ethernet
    Controller RDMA driver (bsc#1216959).
  * CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables
    component can be exploited to achieve local privilege escalation.
    (bsc#1215095)
  * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet()
    (bsc#1216976).
  * CVE-2023-39198: Fixed a race condition leading to use-after-free in
    qxl_mode_dumb_create() (bsc#1216965).
  * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
    could be exploited to achieve local privilege escalation (bsc#1215420).
  * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path()
    (bsc#1216058).
  * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may
    not be adequate for frames larger than the MTU (bsc#1216259).
  * CVE-2023-46813: Fixed SEV-ES local priv escalation (bsc#1212649).
  * CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo()
    (bsc#1216693).
  * CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in
    drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
  * CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were
    handled when they were being used to store a surface (bsc#1216527).
  * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the
    Performance Events component (bsc#1216584).
  * CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in
    drivers/net/usb/lan78xx.c (bsc#1217068).
  * CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm
    scatterwalk functionality (bsc#1217332).

The following non-security bugs were fixed:

  * acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
  * acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
  * acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
  * acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
  * alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
  * alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes).
  * alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
  * alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes).
  * alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes).
  * alsa: hda/realtek: add quirks for hp laptops (git-fixes).
  * alsa: hda/realtek: add support dual speaker for dell (git-fixes).
  * alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
  * alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
  * alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git-
    fixes).
  * alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
  * alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
  * alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
  * alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
  * alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
  * alsa: info: fix potential deadlock at disconnection (git-fixes).
  * alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices
    (git-fixes).
  * arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
  * arm64: add cortex-a520 cpu part definition (git-fixes)
  * arm64: allow kprobes on el0 handlers (git-fixes)
  * arm64: armv8_deprecated move emulation functions (git-fixes)
  * arm64: armv8_deprecated: fix unused-function error (git-fixes)
  * arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
  * arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
  * arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
  * arm64: consistently pass esr_elx to die() (git-fixes)
  * arm64: die(): pass 'err' as long (git-fixes)
  * arm64: factor insn read out of call_undef_hook() (git-fixes)
  * arm64: factor out el1 ssbs emulation hook (git-fixes)
  * arm64: report el1 undefs better (git-fixes)
  * arm64: rework bti exception handling (git-fixes)
  * arm64: rework el0 mrs emulation (git-fixes)
  * arm64: rework fpac exception handling (git-fixes)
  * arm64: split el0/el1 undef handlers (git-fixes)
  * arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
  * asoc: ams-delta.c: use component after check (git-fixes).
  * asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix
    (git-fixes).
  * asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
  * asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
  * asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
  * asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not
    described (git-fixes).
  * asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
  * asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
  * asoc: rt5650: fix the wrong result of key button (git-fixes).
  * asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
  * asoc: sof: core: ensure sof_ops_free() is still called when probe never ran
    (git-fixes).
  * asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
  * ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
  * atl1c: work around the dma rx overflow issue (git-fixes).
  * atm: iphase: do pci error checks on own line (git-fixes).
  * blk-mq: do not clear driver tags own mapping (bsc#1217366).
  * blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()
    (bsc#1217366).
  * bluetooth: add device 0bda:887b to device tables (git-fixes).
  * bluetooth: add device 13d3:3571 to device tables (git-fixes).
  * bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
  * bluetooth: btusb: add date->evt_skb is null check (git-fixes).
  * bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-
    fixes).
  * bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-
    fixes).
  * btrfs: always log symlinks in full mode (bsc#1214840).
  * can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is
    accessed out of bounds (git-fixes).
  * can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
  * can: dev: can_restart(): fix race condition between controller restart and
    netif_carrier_on() (git-fixes).
  * can: isotp: add local echo tx processing for consecutive frames (git-fixes).
  * can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-
    fixes).
  * can: isotp: fix tx state handling for echo tx processing (git-fixes).
  * can: isotp: handle wait_event_interruptible() return values (git-fixes).
  * can: isotp: isotp_bind(): return -einval on incorrect can id formatting
    (git-fixes).
  * can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-
    fixes).
  * can: isotp: remove re-binding of bound socket (git-fixes).
  * can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
  * can: isotp: set max pdu size to 64 kbyte (git-fixes).
  * can: isotp: split tx timer into transmission and timeout (git-fixes).
  * can: sja1000: fix comment (git-fixes).
  * clk: imx: imx8mq: correct error handling path (git-fixes).
  * clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
  * clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
  * clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
  * clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
  * clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
  * clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
  * clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
  * clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
  * clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
  * clk: npcm7xx: fix incorrect kfree (git-fixes).
  * clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies
    (git-fixes).
  * clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
  * clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
  * clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-
    fixes).
  * clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-
    fixes).
  * clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
  * clk: sanitize possible_parent_show to handle return value of
    of_clk_get_parent_name (git-fixes).
  * clk: scmi: free scmi_clk allocated when the clocks with invalid info are
    skipped (git-fixes).
  * clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
  * clk: ti: change ti_clk_register_omap_hw api (git-fixes).
  * clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
  * clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
  * clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-
    fixes).
  * clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware
    (git-fixes).
  * clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes).
  * crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
  * crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
  * crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
  * disable loongson drivers loongson is a mips architecture, it does not make
    sense to build loongson drivers on other architectures.
  * dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-
    fixes).
  * dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-
    fixes).
  * dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
  * dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
  * docs: net: move the probe and open/close sections of driver.rst up
    (bsc#1215458).
  * docs: net: reformat driver.rst from a list to sections (bsc#1215458).
  * docs: net: use c syntax highlight in driver.rst (bsc#1215458).
  * documentation: networking: correct possessive "its" (bsc#1215458).
  * drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-
    fixes).
  * drm/amd/display: avoid null dereference of timing generator (git-fixes).
  * drm/amd/display: change the dmcub mailbox memory location from fb to inbox
    (git-fixes).
  * drm/amd/display: refactor dm_get_plane_scale helper (git-fixes).
  * drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
  * drm/amd/display: use full update for clip size increase of large plane
    source (git-fixes).
  * drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
  * drm/amd: disable aspm for vi w/ all intel systems (git-fixes).
  * drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-
    fixes).
  * drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
  * drm/amd: move helper for dynamic speed switch check out of smu13 (git-
    fixes).
  * drm/amd: update `update_pcie_parameters` functions to use uint8_t arguments
    (git-fixes).
  * drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes).
  * drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802).
  * drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-
    fixes).
  * drm/amdgpu: do not use atrm for external devices (git-fixes).
  * drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null
    (git-fixes).
  * drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
  * drm/amdgpu: fix potential null pointer derefernce (git-fixes).
  * drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
  * drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes).
  * drm/amdgpu: remove unnecessary domain argument (git-fixes).
  * drm/amdgpu: reserve fences for vm update (git-fixes).
  * drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802).
  * drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-
    fixes).
  * drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
  * drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code
    (git-fixes).
  * drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in
    drm_bridge_state (git-fixes).
  * drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
  * drm/bridge: lt8912b: fix bridge_detach (git-fixes).
  * drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
  * drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-
    fixes).
  * drm/bridge: lt8912b: register and attach our dsi device at probe (git-
    fixes).
  * drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
  * drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
  * drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-
    fixes).
  * drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
  * drm/bridge: tc358768: clean up clock period code (git-fixes).
  * drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
  * drm/bridge: tc358768: fix bit updates (git-fixes).
  * drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes).
  * drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
  * drm/bridge: tc358768: print logical values, not raw register values (git-
    fixes).
  * drm/bridge: tc358768: remove unused variable (git-fixes).
  * drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes).
  * drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes).
  * drm/bridge: tc358768: use struct videomode (git-fixes).
  * drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git-
    fixes).
  * drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes).
  * drm/gud: use size_add() in call to struct_size() (git-fixes).
  * drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
  * drm/i915: fix potential spectre vulnerability (git-fixes).
  * drm/i915: flush wc ggtt only on required platforms (git-fixes).
  * drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
  * drm/mediatek: fix iommu fault by swapping fbs after updating plane state
    (git-fixes).
  * drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
  * drm/mipi-dsi: create devm device attachment (git-fixes).
  * drm/mipi-dsi: create devm device registration (git-fixes).
  * drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
  * drm/msm/dsi: free tx buffer in unbind (git-fixes).
  * drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes).
  * drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-
    fixes).
  * drm/panel: fix a possible null pointer dereference (git-fixes).
  * drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
  * drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
  * drm/panel: st7703: pick different reset sequence (git-fixes).
  * drm/qxl: prevent memory leak (git-fixes).
  * drm/radeon: fix a possible null pointer dereference (git-fixes).
  * drm/radeon: possible buffer overflow (git-fixes).
  * drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-
    fixes).
  * drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-
    fixes).
  * drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
  * drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-
    fixes).
  * drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-
    fixes).
  * drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
  * drm/ttm: reorder sys manager cleanup step (git-fixes).
  * drm/vc4: fix typo (git-fixes).
  * drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527)
  * drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527)
  * drm: bridge: it66121: fix invalid connector dereference (git-fixes).
  * drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes).
  * drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
  * dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
  * dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
  * ensure ia32_emulation is always enabled for kernel-obs-build if
    ia32_emulation is disabled by default, ensure it is enabled back for obs
    kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the
    parameter, no need to grep through the config which may not be very
    reliable]
  * fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes).
  * fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
  * fbdev: imsttfb: fix a resource leak in probe (git-fixes).
  * fbdev: imsttfb: fix double free in probe() (git-fixes).
  * fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
  * fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-
    fixes).
  * fbdev: omapfb: drop unused remove function (git-fixes).
  * fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git-
    fixes).
  * firewire: core: fix possible memory leak in create_units() (git-fixes).
  * firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-
    fixes).
  * fix termination state for idr_for_each_entry_ul() (git-fixes).
  * fix x86/mm: print the encryption features in hyperv is disabled
  * gpio: mockup: fix kerneldoc (git-fixes).
  * gpio: mockup: remove unused field (git-fixes).
  * gpu: host1x: correct allocated size for contexts (git-fixes).
  * hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
  * hid: cp2112: fix duplicate workqueue initialization (git-fixes).
  * hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
  * hid: hyperv: remove unused struct synthhid_msg (git-fixes).
  * hid: hyperv: replace one-element array with flexible-array member (git-
    fixes).
  * hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround
    (git-fixes).
  * hid: logitech-hidpp: do not restart io, instead defer hid_connect() only
    (git-fixes).
  * hid: logitech-hidpp: move get_wireless_feature_index() check to
    hidpp_connect_event() (git-fixes).
  * hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
  * hid: logitech-hidpp: revert "do not restart communication if not necessary"
    (git-fixes).
  * hv: simplify sysctl registration (git-fixes).
  * hv_netvsc: fix netvsc_send_completion to avoid multiple message length
    checks (git-fixes).
  * hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
  * hv_netvsc: fix race of register_netdevice_notifier and vf register (git-
    fixes).
  * hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
  * hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-
    fixes).
  * i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
  * i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
  * i2c: designware: disable tx_empty irq while waiting for block length byte
    (git-fixes).
  * i2c: dev: copy userspace array safely (git-fixes).
  * i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-
    fixes).
  * i2c: iproc: handle invalid slave state (git-fixes).
  * i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
  * i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
  * i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
  * i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
  * i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
  * i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-
    fixes).
  * i3c: master: cdns: fix reading status register (git-fixes).
  * i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-
    fixes).
  * i3c: master: svc: fix check wrong status register in irq handler (git-
    fixes).
  * i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
  * i3c: master: svc: fix race condition in ibi work thread (git-fixes).
  * i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-
    fixes).
  * i3c: master: svc: fix wrong data return when ibi happen during start frame
    (git-fixes).
  * i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-
    fixes).
  * i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
  * idpf: add controlq init and reset checks (bsc#1215458).
  * idpf: add core init and interrupt request (bsc#1215458).
  * idpf: add create vport and netdev configuration (bsc#1215458).
  * idpf: add ethtool callbacks (bsc#1215458).
  * idpf: add module register and probe functionality (bsc#1215458).
  * idpf: add ptypes and mac filter support (bsc#1215458).
  * idpf: add rx splitq napi poll support (bsc#1215458).
  * idpf: add singleq start_xmit and napi poll (bsc#1215458).
  * idpf: add splitq start_xmit (bsc#1215458).
  * idpf: add sriov support and other ndo_ops (bsc#1215458).
  * idpf: add tx splitq napi poll support (bsc#1215458).
  * idpf: cancel mailbox work in error path (bsc#1215458).
  * idpf: configure resources for rx queues (bsc#1215458).
  * idpf: configure resources for tx queues (bsc#1215458).
  * idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
  * idpf: initialize interrupts and enable vport (bsc#1215458).
  * idpf: set scheduling mode for completion queue (bsc#1215458).
  * iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-
    fixes).
  * iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds
    (git-fixes).
  * iio: exynos-adc: request second interupt only when touchscreen mode is used
    (git-fixes).
  * input: synaptics-rmi4 - fix use after free in rmi_unregister_function()
    (git-fixes).
  * input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-
    fixes).
  * input: xpad - add vid for turtle beach controllers (git-fixes).
  * irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
  * kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is
    built since sle15-sp3 but it is not shipped as part of any sle product, only
    in leap (in kernel-*-optional).
  * kernel-binary: suse-module-tools is also required when installed
    requires(pre) adds dependency for the specific sciptlet. however, suse-
    module-tools also ships modprobe.d files which may be needed at posttrans
    time or any time the kernel is on the system for generating ramdisk. add
    plain requires as well.
  * kernel-source: move provides after sources
  * kernel/fork: beware of __put_task_struct() calling context (bsc#1216761).
  * leds: pwm: do not disable the pwm when the led should be off (git-fixes).
  * leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu'
    (git-fixes).
  * leds: turris-omnia: do not use smbus calls (git-fixes).
  * lsm: fix default return value for inode_getsecctx (git-fixes).
  * lsm: fix default return value for vm_enough_memory (git-fixes).
  * media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
  * media: ccs: correctly initialise try compose rectangle (git-fixes).
  * media: ccs: fix driver quirk struct documentation (git-fixes).
  * media: cedrus: fix clock/reset sequence (git-fixes).
  * media: cobalt: use field_get() to extract link width (git-fixes).
  * media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
  * media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
  * media: imon: fix access to invalid resource for the second interface (git-
    fixes).
  * media: lirc: drop trailing space from scancode transmit (git-fixes).
  * media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
  * media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
  * media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
  * media: qcom: camss: fix vfe_get() error jump (git-fixes).
  * media: sharp: fix sharp encoding (git-fixes).
  * media: siano: drop unnecessary error check for debugfs_create_dir/file()
    (git-fixes).
  * media: venus: hfi: add checks to handle capabilities from firmware (git-
    fixes).
  * media: venus: hfi: add checks to perform sanity on queue pointers (git-
    fixes).
  * media: venus: hfi: fix the check to handle session buffer requirement (git-
    fixes).
  * media: venus: hfi_parser: add check to keep the number of codecs within
    range (git-fixes).
  * media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
  * media: vidtv: psi: add check for kstrdup (git-fixes).
  * media: vivid: avoid integer overflow (git-fixes).
  * mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-
    fixes).
  * mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
  * mfd: dln2: fix double put in dln2_probe (git-fixes).
  * misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
  * misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-
    fixes).
  * mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237,
    git-fixes).
  * mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
  * mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
  * mmc: block: retry commands in cqe error recovery (git-fixes).
  * mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
  * mmc: cqhci: increase recovery halt timeout (git-fixes).
  * mmc: cqhci: warn of halt or task clear failure (git-fixes).
  * mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
  * mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-
    fixes).
  * mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-
    fixes).
  * mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
  * mmc: vub300: fix an error code (git-fixes).
  * modpost: fix tee module_device_table built on big-endian host (git-fixes).
  * mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes).
  * mtd: cfi_cmdset_0001: byte swap otp info (git-fixes).
  * mtd: rawnand: arasan: include ecc syndrome along with in-band data while
    checking for ecc failure (git-fixes).
  * net-memcg: fix scope of sockmem pressure indicators (bsc#1216759).
  * net: add macro netif_subqueue_completed_wake (bsc#1215458).
  * net: avoid address overwrite in kernel_connect (bsc#1216861).
  * net: fix use-after-free in tw_timer_handler (bsc#1217195).
  * net: ieee802154: adf7242: fix some potential buffer overflow in
    adf7242_stats_show() (git-fixes).
  * net: mana: fix return type of mana_start_xmit() (git-fixes).
  * net: piggy back on the memory barrier in bql when waking queues
    (bsc#1215458).
  * net: provide macros for commonly copied lockless queue stop/wake code
    (bsc#1215458).
  * net: usb: ax88179_178a: fix failed operations during ax88179_reset (git-
    fixes).
  * net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git-
    fixes).
  * nfs: fix access to page->mapping (bsc#1216788).
  * nvme: update firmware version after commit (bsc#1215292).
  * pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes).
  * pci/sysfs: protect driver's d3cold preference from user space (git-fixes).
  * pci: disable ats for specific intel ipu e2000 devices (bsc#1215458).
  * pci: extract ats disabling to a helper function (bsc#1215458).
  * pci: exynos: do not discard .remove() callback (git-fixes).
  * pci: keystone: do not discard .probe() callback (git-fixes).
  * pci: keystone: do not discard .remove() callback (git-fixes).
  * pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git-
    fixes).
  * pci: tegra194: use field_get()/field_prep() with link width fields (git-
    fixes).
  * pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes).
  * pci: use field_get() to extract link width (git-fixes).
  * pci: vmd: correct pci header type register's multi-function check (git-
    fixes).
  * pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes).
  * pcmcia: ds: fix possible name leak in error path in pcmcia_device_add()
    (git-fixes).
  * pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes).
  * pinctrl: avoid reload of p state in list iteration (git-fixes).
  * platform/x86/intel-uncore-freq: return error on write frequency
    (bsc#1217147).
  * platform/x86/intel-uncore-freq: split common and enumeration part
    (bsc#1217147).
  * platform/x86/intel-uncore-freq: support for cluster level controls
    (bsc#1217147).
  * platform/x86/intel-uncore-freq: tpmi: provide cluster level control
    (bsc#1217147).
  * platform/x86/intel-uncore-freq: uncore frequency control via tpmi
    (bsc#1217147).
  * platform/x86/intel/tpmi: add tpmi external interface for tpmi feature
    drivers (bsc#1217147).
  * platform/x86/intel/tpmi: fix double free reported by smatch (bsc#1217147).
  * platform/x86/intel/tpmi: process cpu package mapping (bsc#1217147).
  * platform/x86/intel/uncore-freq: display uncore current frequency
    (bsc#1217147).
  * platform/x86/intel/uncore-freq: move to uncore-frequency folder
    (bsc#1217147).
  * platform/x86/intel/uncore-freq: use sysfs api to create attributes
    (bsc#1217147).
  * platform/x86/intel/vsec: add tpmi id (bsc#1217147).
  * platform/x86/intel/vsec: enhance and export intel_vsec_add_aux()
    (bsc#1217147).
  * platform/x86/intel/vsec: support private data (bsc#1217147).
  * platform/x86/intel/vsec: use mutex for ida_alloc() and ida_free()
    (bsc#1217147).
  * platform/x86/intel: intel tpmi enumeration driver (bsc#1217147).
  * platform/x86/intel: tpmi: fix double free in tpmi_create_device()
    (bsc#1217147).
  * platform/x86: intel-uncore-freq: add client processors (bsc#1217147).
  * platform/x86: intel-uncore-freq: conditionally create attribute for read
    frequency (bsc#1217147).
  * platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes
    (bsc#1217147).
  * platform/x86: intel-uncore-freq: prevent driver loading in guests
    (bsc#1217147).
  * platform/x86: intel-uncore-freq: use sysfs_emit() to instead of scnprintf()
    (bsc#1217147).
  * platform/x86: intel-uncore-frequency: move to intel sub-directory
    (bsc#1217147).
  * platform/x86: intel-uncore-frequency: use default_groups in kobj_type
    (bsc#1217147).
  * platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git-
    fixes).
  * platform/x86: wmi: fix opening of char device (git-fixes).
  * platform/x86: wmi: fix probe failure when failing to register wmi devices
    (git-fixes).
  * platform/x86: wmi: remove unnecessary initializations (git-fixes).
  * pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes).
  * pm: hibernate: use __get_safe_page() rather than touching the list (git-
    fixes).
  * powerpc/perf/hv-24x7: update domain value check (bsc#1215931).
  * powerpc/vas: limit open window failure messages in log bufffer (bsc#1216687
    ltc#203927).
  * powerpc: do not clobber f0/vs0 during fp|altivec register save
    (bsc#1217780).
  * pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes).
  * pwm: fix double shift bug (git-fixes).
  * pwm: sti: reduce number of allocations and drop usage of chip_data (git-
    fixes).
  * quota: fix slow quotaoff (bsc#1216621).
  * r8152: cancel hw_phy_work if we have an error in probe (git-fixes).
  * r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes).
  * r8152: check for unplug in rtl_phy_patch_request() (git-fixes).
  * r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes).
  * r8152: release firmware if we have an error in probe (git-fixes).
  * r8152: run the unload routine if we have errors during probe (git-fixes).
  * regmap: debugfs: fix a erroneous check after snprintf() (git-fixes).
  * regmap: ensure range selector registers are updated after cache sync (git-
    fixes).
  * regmap: prevent noinc writes from clobbering cache (git-fixes).
  * revert "i2c: pxa: move to generic gpio recovery" (git-fixes).
  * revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes).
  * revert "tracing: fix warning in trace_buffered_event_disable()"
    (bsc#1217036)
  * revert amdgpu patches that caused a regression (bsc#1215802)
  * rpm/check-for-config-changes: add as_wruss to ignored_configs_re add
    as_wruss as an ignored_configs_re entry in check-for-config-changes to fix
    build on x86_32. there was a fix submitted to upstream but it was not
    accepted:
    https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.local/
    so carry this in ignored_configs_re instead.
  * rpm/check-for-config-changes: add have_shadow_call_stack to
    ignored_configs_re not supported by our compiler.
  * rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage
  * run scripts/renamepatches for sle15-sp4
  * s390/ap: fix ap bus crash on early config change callback invocation (git-
    fixes bsc#1217687).
  * s390/cio: unregister device when the only path is gone (git-fixes
    bsc#1217609).
  * s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086).
  * s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997
    bsc#1217086).
  * s390/cmma: fix initial kernel address space page table walk (ltc#203997
    bsc#1217086).
  * s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205).
  * s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629
    bsc#1215124).
  * s390/dasd: protect device queue against concurrent access (git-fixes
    bsc#1217515).
  * s390/dasd: use correct number of retries for erp requests (git-fixes
    bsc#1217598).
  * s390/ipl: add missing ipl_type_eckd_dump case to ipl_init() (git-fixes
    bsc#1217511).
  * s390/ipl: add missing secure/has_secure file to ipl type 'unknown'
    (bsc#1214976 git-fixes).
  * s390/mm: add missing arch_set_page_dat() call to gmap allocations
    (ltc#203997 bsc#1217086).
  * s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc()
    (ltc#203997 bsc#1217086).
  * s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200).
  * s390/ptrace: fix ptrace_get_last_break error handling (git-fixes
    bsc#1217599).
  * sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196).
  * sbitmap: fix up kabi for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196).
  * sbsa_gwdt: calculate timeout with 64-bit math (git-fixes).
  * scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731).
  * scsi: lpfc: correct maximum pci function value for ras fw logging
    (bsc#1217731).
  * scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss()
    (bsc#1217731).
  * scsi: lpfc: enhance driver logging for selected discovery events
    (bsc#1217731).
  * scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi()
    (bsc#1217731).
  * scsi: lpfc: fix possible file string name overflow when updating firmware
    (bsc#1217731).
  * scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124).
  * scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731).
  * scsi: lpfc: reject received prlis with only initiator fcn role for npiv
    ports (bsc#1217124).
  * scsi: lpfc: remove unnecessary zero return code assignment in
    lpfc_sli4_hba_setup (bsc#1217124).
  * scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading
    (bsc#1217731).
  * scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci
    offline (bsc#1217124).
  * scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124).
  * scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731).
  * scsi: lpfc: validate els ls_acc completion payload (bsc#1217124).
  * scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes).
  * scsi: qla2xxx: use field_get() to extract pcie capability fields (git-
    fixes).
  * selftests/efivarfs: create-read: fix a resource leak (git-fixes).
  * selftests/pidfd: fix ksft print formats (git-fixes).
  * selftests/resctrl: ensure the benchmark commands fits to its array (git-
    fixes).
  * selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git-
    fixes).
  * selftests/resctrl: remove duplicate feature check from cmt test (git-fixes).
  * seq_buf: fix a misleading comment (git-fixes).
  * serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial
    cards" (git-fixes).
  * serial: meson: use platform_get_irq() to get the interrupt (git-fixes).
  * soc: qcom: llcc: handle a second device without data corruption (git-fixes).
  * spi: nxp-fspi: use the correct ioremap function (git-fixes).
  * spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes).
  * spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes).
  * staging: media: ipu3: remove ftrace-like logging (git-fixes).
  * string.h: add array-wrappers for (v)memdup_user() (git-fixes).
  * supported.conf: marked idpf supported
  * thermal: core: prevent potential string overflow (git-fixes).
  * treewide: spelling fix in comment (git-fixes).
  * tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes).
  * tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes).
  * tty: 8250: add support for additional brainboxes px cards (git-fixes).
  * tty: 8250: add support for additional brainboxes uc cards (git-fixes).
  * tty: 8250: add support for brainboxes up cards (git-fixes).
  * tty: 8250: add support for intashield is-100 (git-fixes).
  * tty: 8250: add support for intashield ix cards (git-fixes).
  * tty: 8250: fix port count of px-257 (git-fixes).
  * tty: 8250: fix up px-803/px-857 (git-fixes).
  * tty: 8250: remove uc-257 and uc-431 (git-fixes).
  * tty: fix uninit-value access in ppp_sync_receive() (git-fixes).
  * tty: n_gsm: fix race condition in status line change on dead connections
    (git-fixes).
  * tty: serial: meson: fix hard lockup on crtscts mode (git-fixes).
  * tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes).
  * tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes).
  * update ath11k hibernation fix patch set (bsc#1207948)
  * update metadata s390-ipl-add-missing-secure-has_secure-file-to-ipl-type-
    unknown (bsc#1214976 git-fixes).
  * usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes).
  * usb: chipidea: fix dma overwrite for tegra (git-fixes).
  * usb: chipidea: simplify tegra dma alignment code (git-fixes).
  * usb: dwc2: fix possible null pointer dereference caused by driver
    concurrency (git-fixes).
  * usb: dwc2: write hcint with intmask applied (bsc#1214286).
  * usb: dwc3: fix default mode initialization (git-fixes).
  * usb: dwc3: qcom: fix acpi platform device leak (git-fixes).
  * usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes).
  * usb: dwc3: qcom: fix software node leak on probe errors (git-fixes).
  * usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes).
  * usb: dwc3: set the dma max_seg_size (git-fixes).
  * usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes).
  * usb: raw-gadget: properly handle interrupted requests (git-fixes).
  * usb: serial: option: add fibocom l7xx modules (git-fixes).
  * usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes).
  * usb: serial: option: fix fm101r-gl defines (git-fixes).
  * usb: storage: set 1.50 as the lower bcddevice for older "super top"
    compatibility (git-fixes).
  * usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git-
    fixes).
  * usb: typec: tcpm: skip hard reset when in error recovery (git-fixes).
  * usb: usbip: fix stub_dev hub disconnect (git-fixes).
  * virtchnl: add virtchnl version 2 ops (bsc#1215458).
  * wifi: ath10k: do not touch the ce interrupt registers after power up (git-
    fixes).
  * wifi: ath10k: fix clang-specific fortify warning (git-fixes).
  * wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes).
  * wifi: ath11k: fix dfs radar event locking (git-fixes).
  * wifi: ath11k: fix gtk offload status event locking (git-fixes).
  * wifi: ath11k: fix htt pktlog locking (git-fixes).
  * wifi: ath11k: fix temperature event locking (git-fixes).
  * wifi: ath9k: fix clang-specific fortify warnings (git-fixes).
  * wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git-
    fixes).
  * wifi: iwlwifi: empty overflow queue during flush (git-fixes).
  * wifi: iwlwifi: honor the enable_ini value (git-fixes).
  * wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes).
  * wifi: iwlwifi: use fw rate for non-data frames (git-fixes).
  * wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git-
    fixes).
  * wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes).
  * wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes).
  * wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes).
  * wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file()
    (git-fixes).
  * x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes).
  * x86/cpu: clear svm feature if disabled by bios (bsc#1214700).
  * x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes).
  * x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git-
    fixes).
  * x86/hyperv: add hv_expose_invariant_tsc define (git-fixes).
  * x86/hyperv: fix a warning in mshyperv.h (git-fixes).
  * x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes).
  * x86/hyperv: make hv_get_nmi_reason public (git-fixes).
  * x86/sev: do not try to parse for the cc blob on non-amd hardware (git-
    fixes).
  * x86/sev: fix calculation of end address based on number of pages (git-
    fixes).
  * x86/sev: use the ghcb protocol when available for snp cpuid requests (git-
    fixes).
  * x86: move gds_ucode_mitigated() declaration to header (git-fixes).
  * xfs: add attr state machine tracepoints (git-fixes).
  * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
  * xfs: constify btree function parameters that are not modified (git-fixes).
  * xfs: convert agf log flags to unsigned (git-fixes).
  * xfs: convert agi log flags to unsigned (git-fixes).
  * xfs: convert attr type flags to unsigned (git-fixes).
  * xfs: convert bmap extent type flags to unsigned (git-fixes).
  * xfs: convert bmapi flags to unsigned (git-fixes).
  * xfs: convert btree buffer log flags to unsigned (git-fixes).
  * xfs: convert buffer flags to unsigned (git-fixes).
  * xfs: convert buffer log item flags to unsigned (git-fixes).
  * xfs: convert da btree operations flags to unsigned (git-fixes).
  * xfs: convert dquot flags to unsigned (git-fixes).
  * xfs: convert inode lock flags to unsigned (git-fixes).
  * xfs: convert log item tracepoint flags to unsigned (git-fixes).
  * xfs: convert log ticket and iclog flags to unsigned (git-fixes).
  * xfs: convert quota options flags to unsigned (git-fixes).
  * xfs: convert scrub type flags to unsigned (git-fixes).
  * xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno"
    (git-fixes).
  * xfs: disambiguate units for ftrace fields tagged "count" (git-fixes).
  * xfs: disambiguate units for ftrace fields tagged "len" (git-fixes).
  * xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes).
  * xfs: make the key parameters to all btree key comparison functions const
    (git-fixes).
  * xfs: make the key parameters to all btree query range functions const (git-
    fixes).
  * xfs: make the keys and records passed to btree inorder functions const (git-
    fixes).
  * xfs: make the pointer passed to btree set_root functions const (git-fixes).
  * xfs: make the start pointer passed to btree alloc_block functions const
    (git-fixes).
  * xfs: make the start pointer passed to btree update_lastrec functions const
    (git-fixes).
  * xfs: mark the record passed into btree init_key functions as const (git-
    fixes).
  * xfs: mark the record passed into xchk_btree functions as const (git-fixes).
  * xfs: remove xfs_btree_cur_t typedef (git-fixes).
  * xfs: rename i_disk_size fields in ftrace output (git-fixes).
  * xfs: resolve fork names in trace output (git-fixes).
  * xfs: standardize ag block number formatting in ftrace output (git-fixes).
  * xfs: standardize ag number formatting in ftrace output (git-fixes).
  * xfs: standardize daddr formatting in ftrace output (git-fixes).
  * xfs: standardize inode generation formatting in ftrace output (git-fixes).
  * xfs: standardize inode number formatting in ftrace output (git-fixes).
  * xfs: standardize remaining xfs_buf length tracepoints (git-fixes).
  * xfs: standardize rmap owner number formatting in ftrace output (git-fixes).
  * xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes).
  * xhci: enable rpm on controllers that support low-power states (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2023-4732=1 openSUSE-SLE-15.5-2023-4732=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2023-4732=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2023-4732=1

  * SUSE Real Time Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2023-4732=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * kernel-source-rt-5.14.21-150500.13.27.2
    * kernel-devel-rt-5.14.21-150500.13.27.2
  * openSUSE Leap 15.5 (x86_64)
    * kernel-rt-optional-5.14.21-150500.13.27.2
    * kernel-rt_debug-vdso-5.14.21-150500.13.27.2
    * dlm-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt_debug-debuginfo-5.14.21-150500.13.27.2
    * reiserfs-kmp-rt-5.14.21-150500.13.27.2
    * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-vdso-5.14.21-150500.13.27.2
    * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * gfs2-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt-devel-debuginfo-5.14.21-150500.13.27.2
    * cluster-md-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt_debug-devel-5.14.21-150500.13.27.2
    * kernel-rt-extra-5.14.21-150500.13.27.2
    * dlm-kmp-rt-5.14.21-150500.13.27.2
    * kernel-livepatch-5_14_21-150500_13_27-rt-1-150500.11.3.2
    * kernel-rt-extra-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-vdso-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-livepatch-devel-5.14.21-150500.13.27.2
    * kernel-rt-optional-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.27.2
    * kernel-rt_debug-debugsource-5.14.21-150500.13.27.2
    * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.27.2
    * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-devel-5.14.21-150500.13.27.2
    * ocfs2-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt-debugsource-5.14.21-150500.13.27.2
    * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-syms-rt-5.14.21-150500.13.27.1
    * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-1-150500.11.3.2
    * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-1-150500.11.3.2
    * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.27.2
    * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-livepatch-5.14.21-150500.13.27.2
    * kselftests-kmp-rt-5.14.21-150500.13.27.2
  * openSUSE Leap 15.5 (nosrc x86_64)
    * kernel-rt_debug-5.14.21-150500.13.27.2
    * kernel-rt-5.14.21-150500.13.27.2
  * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
    * kernel-rt-5.14.21-150500.13.27.2
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-debugsource-5.14.21-150500.13.27.2
  * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
    * kernel-livepatch-5_14_21-150500_13_27-rt-1-150500.11.3.2
    * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-1-150500.11.3.2
    * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-1-150500.11.3.2
  * SUSE Real Time Module 15-SP5 (x86_64)
    * kernel-rt_debug-vdso-5.14.21-150500.13.27.2
    * dlm-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt_debug-debuginfo-5.14.21-150500.13.27.2
    * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-vdso-5.14.21-150500.13.27.2
    * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * gfs2-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt-devel-debuginfo-5.14.21-150500.13.27.2
    * cluster-md-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt_debug-devel-5.14.21-150500.13.27.2
    * dlm-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt-vdso-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt_debug-debugsource-5.14.21-150500.13.27.2
    * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.27.2
    * kernel-rt-debuginfo-5.14.21-150500.13.27.2
    * ocfs2-kmp-rt-5.14.21-150500.13.27.2
    * kernel-rt-devel-5.14.21-150500.13.27.2
    * kernel-rt-debugsource-5.14.21-150500.13.27.2
    * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.27.2
    * kernel-syms-rt-5.14.21-150500.13.27.1
    * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.27.2
  * SUSE Real Time Module 15-SP5 (noarch)
    * kernel-source-rt-5.14.21-150500.13.27.2
    * kernel-devel-rt-5.14.21-150500.13.27.2
  * SUSE Real Time Module 15-SP5 (nosrc x86_64)
    * kernel-rt_debug-5.14.21-150500.13.27.2
    * kernel-rt-5.14.21-150500.13.27.2

## References:

  * https://www.suse.com/security/cve/CVE-2023-2006.html
  * https://www.suse.com/security/cve/CVE-2023-25775.html
  * https://www.suse.com/security/cve/CVE-2023-3777.html
  * https://www.suse.com/security/cve/CVE-2023-39197.html
  * https://www.suse.com/security/cve/CVE-2023-39198.html
  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-45863.html
  * https://www.suse.com/security/cve/CVE-2023-45871.html
  * https://www.suse.com/security/cve/CVE-2023-46813.html
  * https://www.suse.com/security/cve/CVE-2023-46862.html
  * https://www.suse.com/security/cve/CVE-2023-5158.html
  * https://www.suse.com/security/cve/CVE-2023-5633.html
  * https://www.suse.com/security/cve/CVE-2023-5717.html
  * https://www.suse.com/security/cve/CVE-2023-6039.html
  * https://www.suse.com/security/cve/CVE-2023-6176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1207948
  * https://bugzilla.suse.com/show_bug.cgi?id=1210447
  * https://bugzilla.suse.com/show_bug.cgi?id=1212649
  * https://bugzilla.suse.com/show_bug.cgi?id=1214286
  * https://bugzilla.suse.com/show_bug.cgi?id=1214700
  * https://bugzilla.suse.com/show_bug.cgi?id=1214840
  * https://bugzilla.suse.com/show_bug.cgi?id=1214976
  * https://bugzilla.suse.com/show_bug.cgi?id=1215095
  * https://bugzilla.suse.com/show_bug.cgi?id=1215123
  * https://bugzilla.suse.com/show_bug.cgi?id=1215124
  * https://bugzilla.suse.com/show_bug.cgi?id=1215292
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1215458
  * https://bugzilla.suse.com/show_bug.cgi?id=1215710
  * https://bugzilla.suse.com/show_bug.cgi?id=1215802
  * https://bugzilla.suse.com/show_bug.cgi?id=1215931
  * https://bugzilla.suse.com/show_bug.cgi?id=1216058
  * https://bugzilla.suse.com/show_bug.cgi?id=1216105
  * https://bugzilla.suse.com/show_bug.cgi?id=1216259
  * https://bugzilla.suse.com/show_bug.cgi?id=1216527
  * https://bugzilla.suse.com/show_bug.cgi?id=1216584
  * https://bugzilla.suse.com/show_bug.cgi?id=1216621
  * https://bugzilla.suse.com/show_bug.cgi?id=1216687
  * https://bugzilla.suse.com/show_bug.cgi?id=1216693
  * https://bugzilla.suse.com/show_bug.cgi?id=1216759
  * https://bugzilla.suse.com/show_bug.cgi?id=1216761
  * https://bugzilla.suse.com/show_bug.cgi?id=1216788
  * https://bugzilla.suse.com/show_bug.cgi?id=1216844
  * https://bugzilla.suse.com/show_bug.cgi?id=1216861
  * https://bugzilla.suse.com/show_bug.cgi?id=1216909
  * https://bugzilla.suse.com/show_bug.cgi?id=1216959
  * https://bugzilla.suse.com/show_bug.cgi?id=1216965
  * https://bugzilla.suse.com/show_bug.cgi?id=1216976
  * https://bugzilla.suse.com/show_bug.cgi?id=1217036
  * https://bugzilla.suse.com/show_bug.cgi?id=1217068
  * https://bugzilla.suse.com/show_bug.cgi?id=1217086
  * https://bugzilla.suse.com/show_bug.cgi?id=1217095
  * https://bugzilla.suse.com/show_bug.cgi?id=1217124
  * https://bugzilla.suse.com/show_bug.cgi?id=1217140
  * https://bugzilla.suse.com/show_bug.cgi?id=1217147
  * https://bugzilla.suse.com/show_bug.cgi?id=1217195
  * https://bugzilla.suse.com/show_bug.cgi?id=1217196
  * https://bugzilla.suse.com/show_bug.cgi?id=1217200
  * https://bugzilla.suse.com/show_bug.cgi?id=1217205
  * https://bugzilla.suse.com/show_bug.cgi?id=1217332
  * https://bugzilla.suse.com/show_bug.cgi?id=1217366
  * https://bugzilla.suse.com/show_bug.cgi?id=1217511
  * https://bugzilla.suse.com/show_bug.cgi?id=1217515
  * https://bugzilla.suse.com/show_bug.cgi?id=1217598
  * https://bugzilla.suse.com/show_bug.cgi?id=1217599
  * https://bugzilla.suse.com/show_bug.cgi?id=1217609
  * https://bugzilla.suse.com/show_bug.cgi?id=1217687
  * https://bugzilla.suse.com/show_bug.cgi?id=1217731
  * https://bugzilla.suse.com/show_bug.cgi?id=1217780
  * https://jira.suse.com/login.jsp
  * https://jira.suse.com/login.jsp
  * https://jira.suse.com/login.jsp

SUSE: 2023:4732-1 important: the Linux Kernel

December 14, 2023
* bsc#1207948 * bsc#1210447 * bsc#1212649 * bsc#1214286 * bsc#1214700

Summary

## The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2006: Fixed a race condition in the RxRPC network protocol (bsc#1210447). * CVE-2023-25775: Fixed improper access control in the Intel Ethernet Controller RDMA driver (bsc#1216959). * CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095) * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). * CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). * CVE-2023-46813: Fixed SEV-ES local priv escalation (bsc#1212649). * CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo() (bsc#1216693). * CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710). * CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface (bsc#1216527). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). * CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in drivers/net/usb/lan78xx.c (bsc#1217068). * CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332). The following non-security bugs were fixed: * acpi: fpdt: properly handle invalid fpdt subtables (git-fixes). * acpi: resource: do irq override on tongfang gmxxgxx (git-fixes). * acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes). * acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes). * alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes). * alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes). * alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes). * alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes). * alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes). * alsa: hda/realtek: add quirks for hp laptops (git-fixes). * alsa: hda/realtek: add support dual speaker for dell (git-fixes). * alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes). * alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes). * alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git- fixes). * alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes). * alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes). * alsa: hda: disable power-save on kontron singlepc (bsc#1217140). * alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes). * alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes). * alsa: info: fix potential deadlock at disconnection (git-fixes). * alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices (git-fixes). * arm/xen: fix xen_vcpu_info allocation alignment (git-fixes). * arm64: add cortex-a520 cpu part definition (git-fixes) * arm64: allow kprobes on el0 handlers (git-fixes) * arm64: armv8_deprecated move emulation functions (git-fixes) * arm64: armv8_deprecated: fix unused-function error (git-fixes) * arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes) * arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes) * arm64: armv8_deprecated: rework deprected instruction handling (git-fixes) * arm64: consistently pass esr_elx to die() (git-fixes) * arm64: die(): pass 'err' as long (git-fixes) * arm64: factor insn read out of call_undef_hook() (git-fixes) * arm64: factor out el1 ssbs emulation hook (git-fixes) * arm64: report el1 undefs better (git-fixes) * arm64: rework bti exception handling (git-fixes) * arm64: rework el0 mrs emulation (git-fixes) * arm64: rework fpac exception handling (git-fixes) * arm64: split el0/el1 undef handlers (git-fixes) * arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes). * asoc: ams-delta.c: use component after check (git-fixes). * asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix (git-fixes). * asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes). * asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes). * asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes). * asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not described (git-fixes). * asoc: hdmi-codec: register hpd callback on component probe (git-fixes). * asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes). * asoc: rt5650: fix the wrong result of key button (git-fixes). * asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes). * asoc: sof: core: ensure sof_ops_free() is still called when probe never ran (git-fixes). * asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes). * ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes). * atl1c: work around the dma rx overflow issue (git-fixes). * atm: iphase: do pci error checks on own line (git-fixes). * blk-mq: do not clear driver tags own mapping (bsc#1217366). * blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() (bsc#1217366). * bluetooth: add device 0bda:887b to device tables (git-fixes). * bluetooth: add device 13d3:3571 to device tables (git-fixes). * bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes). * bluetooth: btusb: add date->evt_skb is null check (git-fixes). * bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git- fixes). * bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git- fixes). * btrfs: always log symlinks in full mode (bsc#1214840). * can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is accessed out of bounds (git-fixes). * can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes). * can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (git-fixes). * can: isotp: add local echo tx processing for consecutive frames (git-fixes). * can: isotp: fix race between isotp_sendsmg() and isotp_release() (git- fixes). * can: isotp: fix tx state handling for echo tx processing (git-fixes). * can: isotp: handle wait_event_interruptible() return values (git-fixes). * can: isotp: isotp_bind(): return -einval on incorrect can id formatting (git-fixes). * can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git- fixes). * can: isotp: remove re-binding of bound socket (git-fixes). * can: isotp: sanitize can id checks in isotp_bind() (git-fixes). * can: isotp: set max pdu size to 64 kbyte (git-fixes). * can: isotp: split tx timer into transmission and timeout (git-fixes). * can: sja1000: fix comment (git-fixes). * clk: imx: imx8mq: correct error handling path (git-fixes). * clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes). * clk: imx: select mxc_clk for clk_imx8qxp (git-fixes). * clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes). * clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes). * clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes). * clk: npcm7xx: fix incorrect kfree (git-fixes). * clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies (git-fixes). * clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes). * clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes). * clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git- fixes). * clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git- fixes). * clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes). * clk: sanitize possible_parent_show to handle return value of of_clk_get_parent_name (git-fixes). * clk: scmi: free scmi_clk allocated when the clocks with invalid info are skipped (git-fixes). * clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes). * clk: ti: change ti_clk_register_omap_hw api (git-fixes). * clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes). * clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes). * clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git- fixes). * clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware (git-fixes). * clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes). * crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes). * crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes). * crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes). * disable loongson drivers loongson is a mips architecture, it does not make sense to build loongson drivers on other architectures. * dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git- fixes). * dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git- fixes). * dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes). * dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes). * docs: net: move the probe and open/close sections of driver.rst up (bsc#1215458). * docs: net: reformat driver.rst from a list to sections (bsc#1215458). * docs: net: use c syntax highlight in driver.rst (bsc#1215458). * documentation: networking: correct possessive "its" (bsc#1215458). * drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git- fixes). * drm/amd/display: avoid null dereference of timing generator (git-fixes). * drm/amd/display: change the dmcub mailbox memory location from fb to inbox (git-fixes). * drm/amd/display: refactor dm_get_plane_scale helper (git-fixes). * drm/amd/display: remove useless check in should_enable_fbc() (git-fixes). * drm/amd/display: use full update for clip size increase of large plane source (git-fixes). * drm/amd/pm: handle non-terminated overdrive commands (git-fixes). * drm/amd: disable aspm for vi w/ all intel systems (git-fixes). * drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git- fixes). * drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes). * drm/amd: move helper for dynamic speed switch check out of smu13 (git- fixes). * drm/amd: update `update_pcie_parameters` functions to use uint8_t arguments (git-fixes). * drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes). * drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802). * drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git- fixes). * drm/amdgpu: do not use atrm for external devices (git-fixes). * drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null (git-fixes). * drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes). * drm/amdgpu: fix potential null pointer derefernce (git-fixes). * drm/amdgpu: fix software pci_unplug on some chips (git-fixes). * drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes). * drm/amdgpu: remove unnecessary domain argument (git-fixes). * drm/amdgpu: reserve fences for vm update (git-fixes). * drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802). * drm/amdkfd: fix a race condition of vram buffer unref in svm code (git- fixes). * drm/amdkfd: fix shift out-of-bounds issue (git-fixes). * drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (git-fixes). * drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in drm_bridge_state (git-fixes). * drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes). * drm/bridge: lt8912b: fix bridge_detach (git-fixes). * drm/bridge: lt8912b: fix crash on bridge detach (git-fixes). * drm/bridge: lt8912b: manually disable hpd only if it was enabled (git- fixes). * drm/bridge: lt8912b: register and attach our dsi device at probe (git- fixes). * drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes). * drm/bridge: lt9611uxc: fix the race in the error path (git-fixes). * drm/bridge: lt9611uxc: register and attach our dsi device at probe (git- fixes). * drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes). * drm/bridge: tc358768: clean up clock period code (git-fixes). * drm/bridge: tc358768: disable non-continuous clock mode (git-fixes). * drm/bridge: tc358768: fix bit updates (git-fixes). * drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes). * drm/bridge: tc358768: fix use of uninitialized variable (git-fixes). * drm/bridge: tc358768: print logical values, not raw register values (git- fixes). * drm/bridge: tc358768: remove unused variable (git-fixes). * drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes). * drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes). * drm/bridge: tc358768: use struct videomode (git-fixes). * drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git- fixes). * drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes). * drm/gud: use size_add() in call to struct_size() (git-fixes). * drm/i915/pmu: check if pmu is closed before stopping event (git-fixes). * drm/i915: fix potential spectre vulnerability (git-fixes). * drm/i915: flush wc ggtt only on required platforms (git-fixes). * drm/komeda: drop all currently held locks if deadlock happens (git-fixes). * drm/mediatek: fix iommu fault by swapping fbs after updating plane state (git-fixes). * drm/mediatek: fix iommu fault during crtc enabling (git-fixes). * drm/mipi-dsi: create devm device attachment (git-fixes). * drm/mipi-dsi: create devm device registration (git-fixes). * drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes). * drm/msm/dsi: free tx buffer in unbind (git-fixes). * drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes). * drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git- fixes). * drm/panel: fix a possible null pointer dereference (git-fixes). * drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes). * drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes). * drm/panel: st7703: pick different reset sequence (git-fixes). * drm/qxl: prevent memory leak (git-fixes). * drm/radeon: fix a possible null pointer dereference (git-fixes). * drm/radeon: possible buffer overflow (git-fixes). * drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git- fixes). * drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git- fixes). * drm/rockchip: vop: fix call to crtc reset helper (git-fixes). * drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git- fixes). * drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git- fixes). * drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes). * drm/ttm: reorder sys manager cleanup step (git-fixes). * drm/vc4: fix typo (git-fixes). * drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527) * drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527) * drm: bridge: it66121: fix invalid connector dereference (git-fixes). * drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes). * drm: vmwgfx_surface.c: copy user-array safely (git-fixes). * dt-bindings: usb: hcd: add missing phy name to example (git-fixes). * dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes). * ensure ia32_emulation is always enabled for kernel-obs-build if ia32_emulation is disabled by default, ensure it is enabled back for obs kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the parameter, no need to grep through the config which may not be very reliable] * fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes). * fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes). * fbdev: imsttfb: fix a resource leak in probe (git-fixes). * fbdev: imsttfb: fix double free in probe() (git-fixes). * fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes). * fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git- fixes). * fbdev: omapfb: drop unused remove function (git-fixes). * fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git- fixes). * firewire: core: fix possible memory leak in create_units() (git-fixes). * firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git- fixes). * fix termination state for idr_for_each_entry_ul() (git-fixes). * fix x86/mm: print the encryption features in hyperv is disabled * gpio: mockup: fix kerneldoc (git-fixes). * gpio: mockup: remove unused field (git-fixes). * gpu: host1x: correct allocated size for contexts (git-fixes). * hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes). * hid: cp2112: fix duplicate workqueue initialization (git-fixes). * hid: hyperv: avoid struct memcpy overrun warning (git-fixes). * hid: hyperv: remove unused struct synthhid_msg (git-fixes). * hid: hyperv: replace one-element array with flexible-array member (git- fixes). * hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround (git-fixes). * hid: logitech-hidpp: do not restart io, instead defer hid_connect() only (git-fixes). * hid: logitech-hidpp: move get_wireless_feature_index() check to hidpp_connect_event() (git-fixes). * hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes). * hid: logitech-hidpp: revert "do not restart communication if not necessary" (git-fixes). * hv: simplify sysctl registration (git-fixes). * hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (git-fixes). * hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes). * hv_netvsc: fix race of register_netdevice_notifier and vf register (git- fixes). * hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes). * hwmon: (coretemp) fix potentially truncated sysfs attribute name (git- fixes). * i2c: aspeed: fix i2c bus hang in slave read (git-fixes). * i2c: core: run atomic i2c xfer when !preemptible (git-fixes). * i2c: designware: disable tx_empty irq while waiting for block length byte (git-fixes). * i2c: dev: copy userspace array safely (git-fixes). * i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git- fixes). * i2c: iproc: handle invalid slave state (git-fixes). * i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes). * i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes). * i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes). * i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes). * i2c: sun6i-p2wi: prevent potential division by zero (git-fixes). * i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git- fixes). * i3c: master: cdns: fix reading status register (git-fixes). * i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git- fixes). * i3c: master: svc: fix check wrong status register in irq handler (git- fixes). * i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes). * i3c: master: svc: fix race condition in ibi work thread (git-fixes). * i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git- fixes). * i3c: master: svc: fix wrong data return when ibi happen during start frame (git-fixes). * i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git- fixes). * i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes). * idpf: add controlq init and reset checks (bsc#1215458). * idpf: add core init and interrupt request (bsc#1215458). * idpf: add create vport and netdev configuration (bsc#1215458). * idpf: add ethtool callbacks (bsc#1215458). * idpf: add module register and probe functionality (bsc#1215458). * idpf: add ptypes and mac filter support (bsc#1215458). * idpf: add rx splitq napi poll support (bsc#1215458). * idpf: add singleq start_xmit and napi poll (bsc#1215458). * idpf: add splitq start_xmit (bsc#1215458). * idpf: add sriov support and other ndo_ops (bsc#1215458). * idpf: add tx splitq napi poll support (bsc#1215458). * idpf: cancel mailbox work in error path (bsc#1215458). * idpf: configure resources for rx queues (bsc#1215458). * idpf: configure resources for tx queues (bsc#1215458). * idpf: fix potential use-after-free in idpf_tso() (bsc#1215458). * idpf: initialize interrupts and enable vport (bsc#1215458). * idpf: set scheduling mode for completion queue (bsc#1215458). * iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git- fixes). * iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds (git-fixes). * iio: exynos-adc: request second interupt only when touchscreen mode is used (git-fixes). * input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (git-fixes). * input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git- fixes). * input: xpad - add vid for turtle beach controllers (git-fixes). * irqchip/stm32-exti: add missing dt irq flag translation (git-fixes). * kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is built since sle15-sp3 but it is not shipped as part of any sle product, only in leap (in kernel-*-optional). * kernel-binary: suse-module-tools is also required when installed requires(pre) adds dependency for the specific sciptlet. however, suse- module-tools also ships modprobe.d files which may be needed at posttrans time or any time the kernel is on the system for generating ramdisk. add plain requires as well. * kernel-source: move provides after sources * kernel/fork: beware of __put_task_struct() calling context (bsc#1216761). * leds: pwm: do not disable the pwm when the led should be off (git-fixes). * leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu' (git-fixes). * leds: turris-omnia: do not use smbus calls (git-fixes). * lsm: fix default return value for inode_getsecctx (git-fixes). * lsm: fix default return value for vm_enough_memory (git-fixes). * media: bttv: fix use after free error due to btv->timeout timer (git-fixes). * media: ccs: correctly initialise try compose rectangle (git-fixes). * media: ccs: fix driver quirk struct documentation (git-fixes). * media: cedrus: fix clock/reset sequence (git-fixes). * media: cobalt: use field_get() to extract link width (git-fixes). * media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes). * media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes). * media: imon: fix access to invalid resource for the second interface (git- fixes). * media: lirc: drop trailing space from scancode transmit (git-fixes). * media: qcom: camss: fix missing vfe_lite clocks check (git-fixes). * media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes). * media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes). * media: qcom: camss: fix vfe_get() error jump (git-fixes). * media: sharp: fix sharp encoding (git-fixes). * media: siano: drop unnecessary error check for debugfs_create_dir/file() (git-fixes). * media: venus: hfi: add checks to handle capabilities from firmware (git- fixes). * media: venus: hfi: add checks to perform sanity on queue pointers (git- fixes). * media: venus: hfi: fix the check to handle session buffer requirement (git- fixes). * media: venus: hfi_parser: add check to keep the number of codecs within range (git-fixes). * media: vidtv: mux: add check and kfree for kstrdup (git-fixes). * media: vidtv: psi: add check for kstrdup (git-fixes). * media: vivid: avoid integer overflow (git-fixes). * mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git- fixes). * mfd: core: ensure disabled devices are skipped without aborting (git-fixes). * mfd: dln2: fix double put in dln2_probe (git-fixes). * misc: fastrpc: clean buffers on remote invocation failures (git-fixes). * misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git- fixes). * mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237, git-fixes). * mmc: block: be sure to wait while busy in cqe error recovery (git-fixes). * mmc: block: do not lose cache flush during cqe error recovery (git-fixes). * mmc: block: retry commands in cqe error recovery (git-fixes). * mmc: cqhci: fix task clearing in cqe error recovery (git-fixes). * mmc: cqhci: increase recovery halt timeout (git-fixes). * mmc: cqhci: warn of halt or task clear failure (git-fixes). * mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes). * mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git- fixes). * mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git- fixes). * mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes). * mmc: vub300: fix an error code (git-fixes). * modpost: fix tee module_device_table built on big-endian host (git-fixes). * mt76: dma: use kzalloc instead of devm_kzalloc for txwi (git-fixes). * mtd: cfi_cmdset_0001: byte swap otp info (git-fixes). * mtd: rawnand: arasan: include ecc syndrome along with in-band data while checking for ecc failure (git-fixes). * net-memcg: fix scope of sockmem pressure indicators (bsc#1216759). * net: add macro netif_subqueue_completed_wake (bsc#1215458). * net: avoid address overwrite in kernel_connect (bsc#1216861). * net: fix use-after-free in tw_timer_handler (bsc#1217195). * net: ieee802154: adf7242: fix some potential buffer overflow in adf7242_stats_show() (git-fixes). * net: mana: fix return type of mana_start_xmit() (git-fixes). * net: piggy back on the memory barrier in bql when waking queues (bsc#1215458). * net: provide macros for commonly copied lockless queue stop/wake code (bsc#1215458). * net: usb: ax88179_178a: fix failed operations during ax88179_reset (git- fixes). * net: usb: smsc95xx: fix uninit-value access in smsc95xx_read_reg (git- fixes). * nfs: fix access to page->mapping (bsc#1216788). * nvme: update firmware version after commit (bsc#1215292). * pci/aspm: fix l1 substate handling in aspm_attr_store_common() (git-fixes). * pci/sysfs: protect driver's d3cold preference from user space (git-fixes). * pci: disable ats for specific intel ipu e2000 devices (bsc#1215458). * pci: extract ats disabling to a helper function (bsc#1215458). * pci: exynos: do not discard .remove() callback (git-fixes). * pci: keystone: do not discard .probe() callback (git-fixes). * pci: keystone: do not discard .remove() callback (git-fixes). * pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git- fixes). * pci: tegra194: use field_get()/field_prep() with link width fields (git- fixes). * pci: use field_get() in sapphire rx 5600 xt pulse quirk (git-fixes). * pci: use field_get() to extract link width (git-fixes). * pci: vmd: correct pci header type register's multi-function check (git- fixes). * pcmcia: cs: fix possible hung task and memory leak pccardd() (git-fixes). * pcmcia: ds: fix possible name leak in error path in pcmcia_device_add() (git-fixes). * pcmcia: ds: fix refcount leak in pcmcia_device_add() (git-fixes). * pinctrl: avoid reload of p state in list iteration (git-fixes). * platform/x86/intel-uncore-freq: return error on write frequency (bsc#1217147). * platform/x86/intel-uncore-freq: split common and enumeration part (bsc#1217147). * platform/x86/intel-uncore-freq: support for cluster level controls (bsc#1217147). * platform/x86/intel-uncore-freq: tpmi: provide cluster level control (bsc#1217147). * platform/x86/intel-uncore-freq: uncore frequency control via tpmi (bsc#1217147). * platform/x86/intel/tpmi: add tpmi external interface for tpmi feature drivers (bsc#1217147). * platform/x86/intel/tpmi: fix double free reported by smatch (bsc#1217147). * platform/x86/intel/tpmi: process cpu package mapping (bsc#1217147). * platform/x86/intel/uncore-freq: display uncore current frequency (bsc#1217147). * platform/x86/intel/uncore-freq: move to uncore-frequency folder (bsc#1217147). * platform/x86/intel/uncore-freq: use sysfs api to create attributes (bsc#1217147). * platform/x86/intel/vsec: add tpmi id (bsc#1217147). * platform/x86/intel/vsec: enhance and export intel_vsec_add_aux() (bsc#1217147). * platform/x86/intel/vsec: support private data (bsc#1217147). * platform/x86/intel/vsec: use mutex for ida_alloc() and ida_free() (bsc#1217147). * platform/x86/intel: intel tpmi enumeration driver (bsc#1217147). * platform/x86/intel: tpmi: fix double free in tpmi_create_device() (bsc#1217147). * platform/x86: intel-uncore-freq: add client processors (bsc#1217147). * platform/x86: intel-uncore-freq: conditionally create attribute for read frequency (bsc#1217147). * platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (bsc#1217147). * platform/x86: intel-uncore-freq: prevent driver loading in guests (bsc#1217147). * platform/x86: intel-uncore-freq: use sysfs_emit() to instead of scnprintf() (bsc#1217147). * platform/x86: intel-uncore-frequency: move to intel sub-directory (bsc#1217147). * platform/x86: intel-uncore-frequency: use default_groups in kobj_type (bsc#1217147). * platform/x86: thinkpad_acpi: add battery quirk for thinkpad x120e (git- fixes). * platform/x86: wmi: fix opening of char device (git-fixes). * platform/x86: wmi: fix probe failure when failing to register wmi devices (git-fixes). * platform/x86: wmi: remove unnecessary initializations (git-fixes). * pm / devfreq: rockchip-dfi: make pmu regmap mandatory (git-fixes). * pm: hibernate: use __get_safe_page() rather than touching the list (git- fixes). * powerpc/perf/hv-24x7: update domain value check (bsc#1215931). * powerpc/vas: limit open window failure messages in log bufffer (bsc#1216687 ltc#203927). * powerpc: do not clobber f0/vs0 during fp|altivec register save (bsc#1217780). * pwm: brcmstb: utilize appropriate clock apis in suspend/resume (git-fixes). * pwm: fix double shift bug (git-fixes). * pwm: sti: reduce number of allocations and drop usage of chip_data (git- fixes). * quota: fix slow quotaoff (bsc#1216621). * r8152: cancel hw_phy_work if we have an error in probe (git-fixes). * r8152: check for unplug in r8153b_ups_en() / r8153c_ups_en() (git-fixes). * r8152: check for unplug in rtl_phy_patch_request() (git-fixes). * r8152: increase usb control msg timeout to 5000ms as per spec (git-fixes). * r8152: release firmware if we have an error in probe (git-fixes). * r8152: run the unload routine if we have errors during probe (git-fixes). * regmap: debugfs: fix a erroneous check after snprintf() (git-fixes). * regmap: ensure range selector registers are updated after cache sync (git- fixes). * regmap: prevent noinc writes from clobbering cache (git-fixes). * revert "i2c: pxa: move to generic gpio recovery" (git-fixes). * revert "mmc: core: capture correct oemid-bits for emmc cards" (git-fixes). * revert "tracing: fix warning in trace_buffered_event_disable()" (bsc#1217036) * revert amdgpu patches that caused a regression (bsc#1215802) * rpm/check-for-config-changes: add as_wruss to ignored_configs_re add as_wruss as an ignored_configs_re entry in check-for-config-changes to fix build on x86_32. there was a fix submitted to upstream but it was not accepted: https://lore.kernel.org/all/20231031140504.gczuejkmpxsredh3ma@fat_crate.local/ so carry this in ignored_configs_re instead. * rpm/check-for-config-changes: add have_shadow_call_stack to ignored_configs_re not supported by our compiler. * rpm/mkspec-dtb: add riscv64 dtb-allwinner subpackage * run scripts/renamepatches for sle15-sp4 * s390/ap: fix ap bus crash on early config change callback invocation (git- fixes bsc#1217687). * s390/cio: unregister device when the only path is gone (git-fixes bsc#1217609). * s390/cmma: fix detection of dat pages (ltc#203997 bsc#1217086). * s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (ltc#203997 bsc#1217086). * s390/cmma: fix initial kernel address space page table walk (ltc#203997 bsc#1217086). * s390/crashdump: fix tod programmable field size (git-fixes bsc#1217205). * s390/dasd: fix hanging device after request requeue (git-fixes ltc#203629 bsc#1215124). * s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217515). * s390/dasd: use correct number of retries for erp requests (git-fixes bsc#1217598). * s390/ipl: add missing ipl_type_eckd_dump case to ipl_init() (git-fixes bsc#1217511). * s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (bsc#1214976 git-fixes). * s390/mm: add missing arch_set_page_dat() call to gmap allocations (ltc#203997 bsc#1217086). * s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (ltc#203997 bsc#1217086). * s390/pkey: fix/harmonize internal keyblob headers (git-fixes bsc#1217200). * s390/ptrace: fix ptrace_get_last_break error handling (git-fixes bsc#1217599). * sbitmap: fix batched wait_cnt accounting (bsc#1217095 bsc#1217196). * sbitmap: fix up kabi for sbitmap_queue_wake_up() (bsc#1217095 bsc#1217196). * sbsa_gwdt: calculate timeout with 64-bit math (git-fixes). * scsi: lpfc: copyright updates for 14.2.0.16 patches (bsc#1217731). * scsi: lpfc: correct maximum pci function value for ras fw logging (bsc#1217731). * scsi: lpfc: eliminate unnecessary relocking in lpfc_check_nlp_post_devloss() (bsc#1217731). * scsi: lpfc: enhance driver logging for selected discovery events (bsc#1217731). * scsi: lpfc: fix list_entry null check warning in lpfc_cmpl_els_plogi() (bsc#1217731). * scsi: lpfc: fix possible file string name overflow when updating firmware (bsc#1217731). * scsi: lpfc: introduce log_node_verbose messaging flag (bsc#1217124). * scsi: lpfc: refactor and clean up mailbox command memory free (bsc#1217731). * scsi: lpfc: reject received prlis with only initiator fcn role for npiv ports (bsc#1217124). * scsi: lpfc: remove unnecessary zero return code assignment in lpfc_sli4_hba_setup (bsc#1217124). * scsi: lpfc: return early in lpfc_poll_eratt() when the driver is unloading (bsc#1217731). * scsi: lpfc: treat ioerr_sli_down i/o completion status the same as pci offline (bsc#1217124). * scsi: lpfc: update lpfc version to 14.2.0.15 (bsc#1217124). * scsi: lpfc: update lpfc version to 14.2.0.16 (bsc#1217731). * scsi: lpfc: validate els ls_acc completion payload (bsc#1217124). * scsi: qla2xxx: fix double free of dsd_list during driver load (git-fixes). * scsi: qla2xxx: use field_get() to extract pcie capability fields (git- fixes). * selftests/efivarfs: create-read: fix a resource leak (git-fixes). * selftests/pidfd: fix ksft print formats (git-fixes). * selftests/resctrl: ensure the benchmark commands fits to its array (git- fixes). * selftests/resctrl: reduce failures due to outliers in mba/mbm tests (git- fixes). * selftests/resctrl: remove duplicate feature check from cmt test (git-fixes). * seq_buf: fix a misleading comment (git-fixes). * serial: exar: revert "serial: exar: add support for sealevel 7xxxc serial cards" (git-fixes). * serial: meson: use platform_get_irq() to get the interrupt (git-fixes). * soc: qcom: llcc: handle a second device without data corruption (git-fixes). * spi: nxp-fspi: use the correct ioremap function (git-fixes). * spi: spi-zynq-qspi: add spi-mem to driver kconfig dependencies (git-fixes). * spi: tegra: fix missing irq check in tegra_slink_probe() (git-fixes). * staging: media: ipu3: remove ftrace-like logging (git-fixes). * string.h: add array-wrappers for (v)memdup_user() (git-fixes). * supported.conf: marked idpf supported * thermal: core: prevent potential string overflow (git-fixes). * treewide: spelling fix in comment (git-fixes). * tty/sysrq: replace smp_processor_id() with get_cpu() (git-fixes). * tty: 8250: add brainboxes oxford semiconductor-based quirks (git-fixes). * tty: 8250: add support for additional brainboxes px cards (git-fixes). * tty: 8250: add support for additional brainboxes uc cards (git-fixes). * tty: 8250: add support for brainboxes up cards (git-fixes). * tty: 8250: add support for intashield is-100 (git-fixes). * tty: 8250: add support for intashield ix cards (git-fixes). * tty: 8250: fix port count of px-257 (git-fixes). * tty: 8250: fix up px-803/px-857 (git-fixes). * tty: 8250: remove uc-257 and uc-431 (git-fixes). * tty: fix uninit-value access in ppp_sync_receive() (git-fixes). * tty: n_gsm: fix race condition in status line change on dead connections (git-fixes). * tty: serial: meson: fix hard lockup on crtscts mode (git-fixes). * tty: tty_jobctrl: fix pid memleak in disassociate_ctty() (git-fixes). * tty: vcc: add check for kstrdup() in vcc_probe() (git-fixes). * update ath11k hibernation fix patch set (bsc#1207948) * update metadata s390-ipl-add-missing-secure-has_secure-file-to-ipl-type- unknown (bsc#1214976 git-fixes). * usb: cdnsp: fix deadlock issue during using ncm gadget (git-fixes). * usb: chipidea: fix dma overwrite for tegra (git-fixes). * usb: chipidea: simplify tegra dma alignment code (git-fixes). * usb: dwc2: fix possible null pointer dereference caused by driver concurrency (git-fixes). * usb: dwc2: write hcint with intmask applied (bsc#1214286). * usb: dwc3: fix default mode initialization (git-fixes). * usb: dwc3: qcom: fix acpi platform device leak (git-fixes). * usb: dwc3: qcom: fix resource leaks on probe deferral (git-fixes). * usb: dwc3: qcom: fix software node leak on probe errors (git-fixes). * usb: dwc3: qcom: fix wakeup after probe deferral (git-fixes). * usb: dwc3: set the dma max_seg_size (git-fixes). * usb: gadget: f_ncm: always set current gadget in ncm_bind() (git-fixes). * usb: raw-gadget: properly handle interrupted requests (git-fixes). * usb: serial: option: add fibocom l7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for zte mf290 (git-fixes). * usb: serial: option: fix fm101r-gl defines (git-fixes). * usb: storage: set 1.50 as the lower bcddevice for older "super top" compatibility (git-fixes). * usb: typec: tcpm: fix null pointer dereference in tcpm_pd_svdm() (git- fixes). * usb: typec: tcpm: skip hard reset when in error recovery (git-fixes). * usb: usbip: fix stub_dev hub disconnect (git-fixes). * virtchnl: add virtchnl version 2 ops (bsc#1215458). * wifi: ath10k: do not touch the ce interrupt registers after power up (git- fixes). * wifi: ath10k: fix clang-specific fortify warning (git-fixes). * wifi: ath11k: debugfs: fix to work with multiple pci devices (git-fixes). * wifi: ath11k: fix dfs radar event locking (git-fixes). * wifi: ath11k: fix gtk offload status event locking (git-fixes). * wifi: ath11k: fix htt pktlog locking (git-fixes). * wifi: ath11k: fix temperature event locking (git-fixes). * wifi: ath9k: fix clang-specific fortify warnings (git-fixes). * wifi: iwlwifi: call napi_synchronize() before freeing rx/tx queues (git- fixes). * wifi: iwlwifi: empty overflow queue during flush (git-fixes). * wifi: iwlwifi: honor the enable_ini value (git-fixes). * wifi: iwlwifi: pcie: synchronize irqs before napi (git-fixes). * wifi: iwlwifi: use fw rate for non-data frames (git-fixes). * wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (git- fixes). * wifi: mac80211: fix # of msdu in a-msdu calculation (git-fixes). * wifi: mt76: mt7603: rework/fix rx pse hang check (git-fixes). * wifi: rtlwifi: fix edca limit set by bt coexistence (git-fixes). * wifi: rtw88: debug: fix the null vs is_err() bug for debugfs_create_file() (git-fixes). * x86/alternative: add a __alt_reloc_selftest() prototype (git-fixes). * x86/cpu: clear svm feature if disabled by bios (bsc#1214700). * x86/cpu: fix amd erratum #1485 on zen4-based cpus (git-fixes). * x86/fpu: set x86_feature_osxsave feature after enabling osxsave in cr4 (git- fixes). * x86/hyperv: add hv_expose_invariant_tsc define (git-fixes). * x86/hyperv: fix a warning in mshyperv.h (git-fixes). * x86/hyperv: improve code for referencing hyperv_pcpu_input_arg (git-fixes). * x86/hyperv: make hv_get_nmi_reason public (git-fixes). * x86/sev: do not try to parse for the cc blob on non-amd hardware (git- fixes). * x86/sev: fix calculation of end address based on number of pages (git- fixes). * x86/sev: use the ghcb protocol when available for snp cpuid requests (git- fixes). * x86: move gds_ucode_mitigated() declaration to header (git-fixes). * xfs: add attr state machine tracepoints (git-fixes). * xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909). * xfs: constify btree function parameters that are not modified (git-fixes). * xfs: convert agf log flags to unsigned (git-fixes). * xfs: convert agi log flags to unsigned (git-fixes). * xfs: convert attr type flags to unsigned (git-fixes). * xfs: convert bmap extent type flags to unsigned (git-fixes). * xfs: convert bmapi flags to unsigned (git-fixes). * xfs: convert btree buffer log flags to unsigned (git-fixes). * xfs: convert buffer flags to unsigned (git-fixes). * xfs: convert buffer log item flags to unsigned (git-fixes). * xfs: convert da btree operations flags to unsigned (git-fixes). * xfs: convert dquot flags to unsigned (git-fixes). * xfs: convert inode lock flags to unsigned (git-fixes). * xfs: convert log item tracepoint flags to unsigned (git-fixes). * xfs: convert log ticket and iclog flags to unsigned (git-fixes). * xfs: convert quota options flags to unsigned (git-fixes). * xfs: convert scrub type flags to unsigned (git-fixes). * xfs: disambiguate units for ftrace fields tagged "blkno", "block", or "bno" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "count" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "len" (git-fixes). * xfs: disambiguate units for ftrace fields tagged "offset" (git-fixes). * xfs: make the key parameters to all btree key comparison functions const (git-fixes). * xfs: make the key parameters to all btree query range functions const (git- fixes). * xfs: make the keys and records passed to btree inorder functions const (git- fixes). * xfs: make the pointer passed to btree set_root functions const (git-fixes). * xfs: make the start pointer passed to btree alloc_block functions const (git-fixes). * xfs: make the start pointer passed to btree update_lastrec functions const (git-fixes). * xfs: mark the record passed into btree init_key functions as const (git- fixes). * xfs: mark the record passed into xchk_btree functions as const (git-fixes). * xfs: remove xfs_btree_cur_t typedef (git-fixes). * xfs: rename i_disk_size fields in ftrace output (git-fixes). * xfs: resolve fork names in trace output (git-fixes). * xfs: standardize ag block number formatting in ftrace output (git-fixes). * xfs: standardize ag number formatting in ftrace output (git-fixes). * xfs: standardize daddr formatting in ftrace output (git-fixes). * xfs: standardize inode generation formatting in ftrace output (git-fixes). * xfs: standardize inode number formatting in ftrace output (git-fixes). * xfs: standardize remaining xfs_buf length tracepoints (git-fixes). * xfs: standardize rmap owner number formatting in ftrace output (git-fixes). * xhci: Loosen RPM as default policy to cover for AMD xHC 1.1 (git-fixes). * xhci: enable rpm on controllers that support low-power states (git-fixes).

References

* bsc#1207948

* bsc#1210447

* bsc#1212649

* bsc#1214286

* bsc#1214700

* bsc#1214840

* bsc#1214976

* bsc#1215095

* bsc#1215123

* bsc#1215124

* bsc#1215292

* bsc#1215420

* bsc#1215458

* bsc#1215710

* bsc#1215802

* bsc#1215931

* bsc#1216058

* bsc#1216105

* bsc#1216259

* bsc#1216527

* bsc#1216584

* bsc#1216621

* bsc#1216687

* bsc#1216693

* bsc#1216759

* bsc#1216761

* bsc#1216788

* bsc#1216844

* bsc#1216861

* bsc#1216909

* bsc#1216959

* bsc#1216965

* bsc#1216976

* bsc#1217036

* bsc#1217068

* bsc#1217086

* bsc#1217095

* bsc#1217124

* bsc#1217140

* bsc#1217147

* bsc#1217195

* bsc#1217196

* bsc#1217200

* bsc#1217205

* bsc#1217332

* bsc#1217366

* bsc#1217511

* bsc#1217515

* bsc#1217598

* bsc#1217599

* bsc#1217609

* bsc#1217687

* bsc#1217731

* bsc#1217780

* jsc#PED-3184

* jsc#PED-5021

* jsc#PED-7237

Cross-

* CVE-2023-2006

* CVE-2023-25775

* CVE-2023-3777

* CVE-2023-39197

* CVE-2023-39198

* CVE-2023-4244

* CVE-2023-45863

* CVE-2023-45871

* CVE-2023-46813

* CVE-2023-46862

* CVE-2023-5158

* CVE-2023-5633

* CVE-2023-5717

* CVE-2023-6039

* CVE-2023-6176

CVSS scores:

* CVE-2023-2006 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-2006 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-25775 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2023-25775 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2023-3777 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-3777 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

* CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

* CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-46862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-46862 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-5158 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

* CVE-2023-5158 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

* CVE-2023-5633 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-5633 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-6039 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-6039 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-6176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-6176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5

* SUSE Linux Enterprise High Performance Computing 15 SP5

* SUSE Linux Enterprise Live Patching 15-SP5

* SUSE Linux Enterprise Micro 5.5

* SUSE Linux Enterprise Micro 6.0

* SUSE Linux Enterprise Real Time 15 SP5

* SUSE Linux Enterprise Server 15 SP5

* SUSE Linux Enterprise Server for SAP Applications 15 SP5

* SUSE Real Time Module 15-SP5

An update that solves 15 vulnerabilities, contains three features and has 39

security fixes can now be installed.

##

* https://www.suse.com/security/cve/CVE-2023-2006.html

* https://www.suse.com/security/cve/CVE-2023-25775.html

* https://www.suse.com/security/cve/CVE-2023-3777.html

* https://www.suse.com/security/cve/CVE-2023-39197.html

* https://www.suse.com/security/cve/CVE-2023-39198.html

* https://www.suse.com/security/cve/CVE-2023-4244.html

* https://www.suse.com/security/cve/CVE-2023-45863.html

* https://www.suse.com/security/cve/CVE-2023-45871.html

* https://www.suse.com/security/cve/CVE-2023-46813.html

* https://www.suse.com/security/cve/CVE-2023-46862.html

* https://www.suse.com/security/cve/CVE-2023-5158.html

* https://www.suse.com/security/cve/CVE-2023-5633.html

* https://www.suse.com/security/cve/CVE-2023-5717.html

* https://www.suse.com/security/cve/CVE-2023-6039.html

* https://www.suse.com/security/cve/CVE-2023-6176.html

* https://bugzilla.suse.com/show_bug.cgi?id=1207948

* https://bugzilla.suse.com/show_bug.cgi?id=1210447

* https://bugzilla.suse.com/show_bug.cgi?id=1212649

* https://bugzilla.suse.com/show_bug.cgi?id=1214286

* https://bugzilla.suse.com/show_bug.cgi?id=1214700

* https://bugzilla.suse.com/show_bug.cgi?id=1214840

* https://bugzilla.suse.com/show_bug.cgi?id=1214976

* https://bugzilla.suse.com/show_bug.cgi?id=1215095

* https://bugzilla.suse.com/show_bug.cgi?id=1215123

* https://bugzilla.suse.com/show_bug.cgi?id=1215124

* https://bugzilla.suse.com/show_bug.cgi?id=1215292

* https://bugzilla.suse.com/show_bug.cgi?id=1215420

* https://bugzilla.suse.com/show_bug.cgi?id=1215458

* https://bugzilla.suse.com/show_bug.cgi?id=1215710

* https://bugzilla.suse.com/show_bug.cgi?id=1215802

* https://bugzilla.suse.com/show_bug.cgi?id=1215931

* https://bugzilla.suse.com/show_bug.cgi?id=1216058

* https://bugzilla.suse.com/show_bug.cgi?id=1216105

* https://bugzilla.suse.com/show_bug.cgi?id=1216259

* https://bugzilla.suse.com/show_bug.cgi?id=1216527

* https://bugzilla.suse.com/show_bug.cgi?id=1216584

* https://bugzilla.suse.com/show_bug.cgi?id=1216621

* https://bugzilla.suse.com/show_bug.cgi?id=1216687

* https://bugzilla.suse.com/show_bug.cgi?id=1216693

* https://bugzilla.suse.com/show_bug.cgi?id=1216759

* https://bugzilla.suse.com/show_bug.cgi?id=1216761

* https://bugzilla.suse.com/show_bug.cgi?id=1216788

* https://bugzilla.suse.com/show_bug.cgi?id=1216844

* https://bugzilla.suse.com/show_bug.cgi?id=1216861

* https://bugzilla.suse.com/show_bug.cgi?id=1216909

* https://bugzilla.suse.com/show_bug.cgi?id=1216959

* https://bugzilla.suse.com/show_bug.cgi?id=1216965

* https://bugzilla.suse.com/show_bug.cgi?id=1216976

* https://bugzilla.suse.com/show_bug.cgi?id=1217036

* https://bugzilla.suse.com/show_bug.cgi?id=1217068

* https://bugzilla.suse.com/show_bug.cgi?id=1217086

* https://bugzilla.suse.com/show_bug.cgi?id=1217095

* https://bugzilla.suse.com/show_bug.cgi?id=1217124

* https://bugzilla.suse.com/show_bug.cgi?id=1217140

* https://bugzilla.suse.com/show_bug.cgi?id=1217147

* https://bugzilla.suse.com/show_bug.cgi?id=1217195

* https://bugzilla.suse.com/show_bug.cgi?id=1217196

* https://bugzilla.suse.com/show_bug.cgi?id=1217200

* https://bugzilla.suse.com/show_bug.cgi?id=1217205

* https://bugzilla.suse.com/show_bug.cgi?id=1217332

* https://bugzilla.suse.com/show_bug.cgi?id=1217366

* https://bugzilla.suse.com/show_bug.cgi?id=1217511

* https://bugzilla.suse.com/show_bug.cgi?id=1217515

* https://bugzilla.suse.com/show_bug.cgi?id=1217598

* https://bugzilla.suse.com/show_bug.cgi?id=1217599

* https://bugzilla.suse.com/show_bug.cgi?id=1217609

* https://bugzilla.suse.com/show_bug.cgi?id=1217687

* https://bugzilla.suse.com/show_bug.cgi?id=1217731

* https://bugzilla.suse.com/show_bug.cgi?id=1217780

* https://jira.suse.com/login.jsp

* https://jira.suse.com/login.jsp

* https://jira.suse.com/login.jsp

Severity
Announcement ID: SUSE-SU-2023:4732-1
Rating: important

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo