Stay Vigilant with Timely Linux Security Advisories

security advisorysoftware updateglibc

openSUSE 15.6: 2025:0582-1 low: MySQL glibc security fix

An update that solves one vulnerability can now be installed.. # Security update for glibc Announcement ID: SUSE-SU-2025:0582-1 Release Date: 2025-02-18T14:55:38Z Rating: low References: * bsc#1236282 Cross-References: * CVE-2025-0395 CVSS scores: * CVE-2025-0395 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-0395 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-0395 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-582=1 SUSE-2025-582=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-582=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-582=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-locale-base-debuginfo-2.38-150600.14.23.1 * glibc-devel-debuginfo-2.38-150600.14.23.1 * glibc-profile-2.38-150600.14.23.1 * glibc-debugsource-2.38-150600.14.23.1 * libnsl1-2.38-150600.14.23.1 * libnsl1-debuginfo-2.38-150600.14.23.1 * glibc-debuginfo-2.38-150600.14.23.1 * glibc-locale-base-2.38-150600.14.23.1 * glibc-devel-2.38-150600.14.23.1 *glibc-devel-static-2.38-150600.14.23.1 * glibc-locale-2.38-150600.14.23.1 * glibc-2.38-150600.14.23.1 * openSUSE Leap 15.6 (x86_64) * glibc-utils-32bit-debuginfo-2.38-150600.14.23.1 * glibc-devel-32bit-2.38-150600.14.23.1 * glibc-32bit-debuginfo-2.38-150600.14.23.1 * libnsl1-32bit-2.38-150600.14.23.1 * libnsl1-32bit-debuginfo-2.38-150600.14.23.1 * glibc-locale-base-32bit-2.38-150600.14.23.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1 * glibc-profile-32bit-2.38-150600.14.23.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1 * glibc-32bit-2.38-150600.14.23.1 * glibc-devel-static-32bit-2.38-150600.14.23.1 * glibc-utils-32bit-2.38-150600.14.23.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * glibc-utils-debuginfo-2.38-150600.14.23.1 * nscd-debuginfo-2.38-150600.14.23.1 * nscd-2.38-150600.14.23.1 * glibc-extra-2.38-150600.14.23.1 * glibc-utils-2.38-150600.14.23.1 * glibc-extra-debuginfo-2.38-150600.14.23.1 * glibc-utils-src-debugsource-2.38-150600.14.23.1 * openSUSE Leap 15.6 (noarch) * glibc-lang-2.38-150600.14.23.1 * glibc-info-2.38-150600.14.23.1 * glibc-i18ndata-2.38-150600.14.23.1 * glibc-html-2.38-150600.14.23.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glibc-devel-static-64bit-2.38-150600.14.23.1 * glibc-utils-64bit-debuginfo-2.38-150600.14.23.1 * glibc-64bit-debuginfo-2.38-150600.14.23.1 * libnsl1-64bit-debuginfo-2.38-150600.14.23.1 * glibc-locale-base-64bit-debuginfo-2.38-150600.14.23.1 * glibc-profile-64bit-2.38-150600.14.23.1 * glibc-utils-64bit-2.38-150600.14.23.1 * glibc-locale-base-64bit-2.38-150600.14.23.1 * glibc-devel-64bit-2.38-150600.14.23.1 * glibc-64bit-2.38-150600.14.23.1 * libnsl1-64bit-2.38-150600.14.23.1 * glibc-devel-64bit-debuginfo-2.38-150600.14.23.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glibc-locale-base-debuginfo-2.38-150600.14.23.1 * nscd-debuginfo-2.38-150600.14.23.1 *glibc-devel-debuginfo-2.38-150600.14.23.1 * glibc-profile-2.38-150600.14.23.1 * glibc-debugsource-2.38-150600.14.23.1 * nscd-2.38-150600.14.23.1 * glibc-extra-2.38-150600.14.23.1 * libnsl1-2.38-150600.14.23.1 * libnsl1-debuginfo-2.38-150600.14.23.1 * glibc-debuginfo-2.38-150600.14.23.1 * glibc-locale-base-2.38-150600.14.23.1 * glibc-extra-debuginfo-2.38-150600.14.23.1 * glibc-devel-2.38-150600.14.23.1 * glibc-locale-2.38-150600.14.23.1 * glibc-2.38-150600.14.23.1 * Basesystem Module 15-SP6 (noarch) * glibc-lang-2.38-150600.14.23.1 * glibc-i18ndata-2.38-150600.14.23.1 * glibc-info-2.38-150600.14.23.1 * Basesystem Module 15-SP6 (x86_64) * glibc-32bit-debuginfo-2.38-150600.14.23.1 * libnsl1-32bit-2.38-150600.14.23.1 * libnsl1-32bit-debuginfo-2.38-150600.14.23.1 * glibc-locale-base-32bit-2.38-150600.14.23.1 * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1 * glibc-32bit-2.38-150600.14.23.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glibc-utils-debuginfo-2.38-150600.14.23.1 * glibc-debugsource-2.38-150600.14.23.1 * glibc-debuginfo-2.38-150600.14.23.1 * glibc-utils-2.38-150600.14.23.1 * glibc-devel-static-2.38-150600.14.23.1 * glibc-utils-src-debugsource-2.38-150600.14.23.1 * Development Tools Module 15-SP6 (x86_64) * glibc-devel-32bit-2.38-150600.14.23.1 * glibc-32bit-debuginfo-2.38-150600.14.23.1 * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0395.html * https://bugzilla.suse.com/show_bug.cgi?id=1236282 . openSUSE has issued a low severity security update for glibc addressing CVE-2025-0395 to strengthen system security and mitigate risks.. openSUSE Security, glibc Update, Linux Advisory, SUSE Vulnerability Fix, Software Update. . Severity: Low. LinuxSecurity.com Team

Feb 18, 2025 •Low OpenSUSE

security advisorysystem updateSUSE Linux

SUSE: 2025:0252-1 important: kernel live patch fixes 34 issues

* bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 . # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:0252-1 Release Date: 2025-01-27T13:03:54Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229275 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2022-48956 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-40954 * CVE-2024-41057 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 34 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-> trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev-> mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha-> vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-> mac_header (bsc#1223514). * CVE-2023-52502: Fixed a racecondition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-252=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-252=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-11-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 *https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229275 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 . SUSE Linux Kernel Live Patch 11 has released an essential security update that rectifies 34 high-priority vulnerabilities, enhancing overall system integrity and protection.. SUSE Linux Kernel, Important Security Fix, Live Patch Update, System Vulnerabilities, Patch Management. . Severity: Important. LinuxSecurity.com Team

Jan 27, 2025 •Important SuSE

security advisorykernel updateSUSE

openSUSE: 2025:0202-1 important: Updated Kernel Security Advisory

An update that solves 18 vulnerabilities and has two security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0202-1 Release Date: 2025-01-21T12:52:58Z Rating: important References: * bsc#1215304 * bsc#1220927 * bsc#1220937 * bsc#1230697 * bsc#1232436 * bsc#1234281 * bsc#1234690 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234963 * bsc#1235004 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235246 * bsc#1235480 * bsc#1235584 Cross-References: * CVE-2022-49035 * CVE-2023-52524 * CVE-2024-53142 * CVE-2024-53144 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56631 * CVE-2024-56704 * CVE-2024-8805 CVSS scores: * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56631 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 18 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (bsc#1215304). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-listPCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480). * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584). The following non-security bugs were fixed: * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-202=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-202=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-202=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-202=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-202=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-202=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-202=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patchSUSE-SLE-Product-HPC-15-SP3-LTSS-2025-202=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-202=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-202=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.188.1 * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) *kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (noarch) * kernel-macros-5.3.18-150300.59.188.1 * kernel-source-5.3.18-150300.59.188.1 * kernel-docs-html-5.3.18-150300.59.188.1 * kernel-source-vanilla-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.188.1 * kernel-kvmsmall-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-debug-debugsource-5.3.18-150300.59.188.1 * kernel-debug-devel-5.3.18-150300.59.188.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.188.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.188.1 * kernel-kvmsmall-devel-5.3.18-150300.59.188.1 * kernel-debug-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) *kernel-default-base-rebuild-5.3.18-150300.59.188.1.150300.18.111.1 * kernel-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-5.3.18-150300.59.188.1 * kselftests-kmp-default-5.3.18-150300.59.188.1 * ocfs2-kmp-default-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-optional-5.3.18-150300.59.188.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.188.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-qa-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-extra-5.3.18-150300.59.188.1 * kernel-default-livepatch-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-default-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_188-default-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_52-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_188-preempt-1-150300.7.3.1 *kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-extra-5.3.18-150300.59.188.1 * cluster-md-kmp-preempt-5.3.18-150300.59.188.1 * dlm-kmp-preempt-5.3.18-150300.59.188.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * reiserfs-kmp-preempt-5.3.18-150300.59.188.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * gfs2-kmp-preempt-5.3.18-150300.59.188.1 * kernel-preempt-optional-5.3.18-150300.59.188.1 * ocfs2-kmp-preempt-5.3.18-150300.59.188.1 * kselftests-kmp-preempt-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.188.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64) * reiserfs-kmp-64kb-5.3.18-150300.59.188.1 * dtb-xilinx-5.3.18-150300.59.188.1 * dtb-allwinner-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.188.1 * dtb-amd-5.3.18-150300.59.188.1 * dtb-exynos-5.3.18-150300.59.188.1 * gfs2-kmp-64kb-5.3.18-150300.59.188.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-al-5.3.18-150300.59.188.1 * kernel-64kb-optional-5.3.18-150300.59.188.1 * dtb-freescale-5.3.18-150300.59.188.1 * dtb-arm-5.3.18-150300.59.188.1 * dtb-rockchip-5.3.18-150300.59.188.1 * kselftests-kmp-64kb-5.3.18-150300.59.188.1 * cluster-md-kmp-64kb-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-marvell-5.3.18-150300.59.188.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.188.1 * dtb-mediatek-5.3.18-150300.59.188.1 * dtb-nvidia-5.3.18-150300.59.188.1 * dtb-socionext-5.3.18-150300.59.188.1 * dtb-broadcom-5.3.18-150300.59.188.1 * dtb-apm-5.3.18-150300.59.188.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-cavium-5.3.18-150300.59.188.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-zte-5.3.18-150300.59.188.1 * ocfs2-kmp-64kb-5.3.18-150300.59.188.1 * dtb-renesas-5.3.18-150300.59.188.1 * kernel-64kb-extra-5.3.18-150300.59.188.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-lg-5.3.18-150300.59.188.1 * dtb-hisilicon-5.3.18-150300.59.188.1 * dtb-amlogic-5.3.18-150300.59.188.1 * dtb-sprd-5.3.18-150300.59.188.1 * dlm-kmp-64kb-5.3.18-150300.59.188.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * dtb-qcom-5.3.18-150300.59.188.1 * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * dtb-altera-5.3.18-150300.59.188.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.188.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-default-livepatch-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-livepatch-5.3.18-150300.59.188.1 *kernel-livepatch-5_3_18-150300_59_188-default-1-150300.7.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.188.1 * dlm-kmp-default-5.3.18-150300.59.188.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * gfs2-kmp-default-5.3.18-150300.59.188.1 * cluster-md-kmp-default-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * ocfs2-kmp-default-5.3.18-150300.59.188.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.188.1 * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 *kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.188.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-debuginfo-5.3.18-150300.59.188.1 * kernel-64kb-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 *SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.188.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-debuginfo-5.3.18-150300.59.188.1 * kernel-obs-build-5.3.18-150300.59.188.1 * kernel-obs-build-debugsource-5.3.18-150300.59.188.1 * kernel-syms-5.3.18-150300.59.188.1 * reiserfs-kmp-default-5.3.18-150300.59.188.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-default-devel-5.3.18-150300.59.188.1 * kernel-default-debugsource-5.3.18-150300.59.188.1 * kernel-default-base-5.3.18-150300.59.188.1.150300.18.111.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.188.1 * kernel-macros-5.3.18-150300.59.188.1 * kernel-devel-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.188.1 * kernel-preempt-devel-5.3.18-150300.59.188.1 * kernel-preempt-debugsource-5.3.18-150300.59.188.1 * kernel-preempt-debuginfo-5.3.18-150300.59.188.1 ## References: *https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53144.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56631.html * https://www.suse.com/security/cve/CVE-2024-56704.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234690 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 *https://bugzilla.suse.com/show_bug.cgi?id=1235480 * https://bugzilla.suse.com/show_bug.cgi?id=1235584 . Stay informed about crucial changes for the Linux kernel, tackling various vulnerabilities and improving overall system security protocols.. Linux Kernel Security, OpenSUSE Update, SUSE Security Advisory, Linux Vulnerability Fixes. . Severity: Important. LinuxSecurity.com Team

Jan 21, 2025 •Important OpenSUSE

security advisorysecurity issuekernel update

Oracle Linux 8 ELSA-2025-20018: Important Kernel Security Advisory

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20018 http://linux.oracle.com/errata/ELSA-2025-20018.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-core-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-304.171.4.el8uek.noarch.rpm kernel-uek-modules-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-container-5.15.0-304.171.4.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-304.171.4.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-core-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-304.171.4.el8uek.noarch.rpm kernel-uek-modules-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-container-5.15.0-304.171.4.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-304.171.4.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-304.171.4.el8uek.src.rpm RelatedCVEs: CVE-2024-46770 CVE-2024-53060 CVE-2024-53070 CVE-2024-53097 CVE-2024-53206 CVE-2024-53226 Description of changes: [5.15.0-304.171.4.el8uek] - Revert "unicode: Don't special case ignorable code points" (Linus Torvalds) - Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno) - tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Kuniyuki Iwashima) - lib/buildid: Fix build ID parsing logic (Jiri Olsa) - powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy) - mm: krealloc: Fix MTE false alarm in __do_krealloc (Qun-Wei Lin) - Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (JarosÅaw Janik) - usb: dwc3: fix fault at system suspend if device was already runtime suspended (Roger Quadros) - ACPI: PRM: Clean up guid type in struct prm_handler_info (Dan Carpenter) - RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (Junxian Huang) - mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton) - ACPI: CPPC: Fix _CPC register setting issue (Lifeng Zheng) - scsi: qla2xxx: Fix abort in bsg timeout (Quinn Tran) - drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (Antonio Quartulli) - RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai) - vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393531] - vhost-scsi: protect vq-> log_base with vq-> mutex (Dongli Zhang) [Orabug: 37393531] [5.15.0-304.171.3.el8uek] - build: populate modules_thick.builtin for dirs containing only modules (Nick Alcock) [Orabug: 37381702] - mtd: fix use-after-free in mtd release (Alexander Usyskin) [Orabug: 37371929] - mtd: Clean refcounting with MTD_PARTITIONED_MASTER (Miquel Raynal) [Orabug: 37371929] - mtd: call external _get and _put in right order (Alexander Usyskin) [Orabug: 37371929] - nvmem: core: Check input parameter for NULL in nvmem_unregister() (Andy Shevchenko) [Orabug: 37371929] - Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (SherryYang) [Orabug: 37364544] - x86/pkeys: Ensure updated PKRU value is XRSTOR'd (Aruna Ramakrishna) [Orabug: 37361290] - x86/pkeys: Change caller of update_pkru_in_sigframe() (Aruna Ramakrishna) [Orabug: 37361290] - cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Vishal Verma) [Orabug: 37347419] - mm/memcontrol: Fix memcg stat calculation (Aruna Ramakrishna) [Orabug: 37306542] [5.15.0-304.171.2.el8uek] - uek-rpm: Add mstflint_access module to the core list (Thomas Tai) [Orabug: 37345530] - uek-rpm/ol8/config-aarch64-emb3: Enable CONFIG_ARM_SDE_INTERFACE (Thomas Tai) [Orabug: 37345530] - sunrpc: fix a NULL deref in svc_process() when -> sv_stats doesn't exist (Calum Mackay) [Orabug: 37329531] - Partial revert "rds: Add inc/frag cache statistics" (Hans Westgaard Ry) [Orabug: 37232315] [5.15.0-304.171.1.el8uek] - kpcimgr: assign CPU to handle PCIE transactions during kexec (Joe Dobosenski) [Orabug: 37295980] - kexec: update start address for LPI table data (Joe Dobosenski) [Orabug: 37295980] - kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37295980] - embedded2: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Joe Dobosenski) [Orabug: 37295980] - embedded2: Support booting an encrypted root filesystem (Joe Dobosenski) [Orabug: 37295980] - Update embedded2 config for UEK7 (Joe Dobosenski) [Orabug: 37295980] - Pensando: kernel config changes for kdump (Rob Gardner) [Orabug: 34091165] [Orabug: 37295980] - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Joe Dobosenski) [Orabug: 37295980] - arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32549965] [Orabug: 37295980] - drivers/soc/pensando/cap_mem.c: Support DM region mapping. (David Clear) [Orabug: 37295980] - drivers/edac: elba: Support multiple DDR bypass ranges. (David Clear) [Orabug: 37295980] - mmc: sdhci-cadence: Enable host driver defined bounce buffer (Brad Larson) [Orabug: 37295980] - Fix NULL pointer dereference in cn_filter() (Anjali Kulkarni) [Orabug:37280567] - selftests: connector: Fix input argument error paths to skip (Shuah Khan) [Orabug: 37280567] - connector/cn_proc: Selftest for proc connector (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Allow non-root users access (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Performance improvements (Anjali Kulkarni) [Orabug: 37280567] - connector/cn_proc: Add filtering to fix some bugs (Anjali Kulkarni) [Orabug: 37280567] - netlink: Add new netlink_release function (Anjali Kulkarni) [Orabug: 37280567] - ice: Add netif_device_attach/detach into PF reset flow (Dawid Osuchowski) [Orabug: 37214589] {CVE-2024-46770} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 kernel enhancements tackle critical security advisory ELSA-2025-20018 along with associated vulnerabilities, providing essential patches and performance improvements.. Oracle Linux, kernel security, advisory update, security patching. . Severity: Important. LinuxSecurity.com Team

Jan 17, 2025 •Important Oracle

security advisorykernel patchimportant update

Oracle Linux 7 ELSA-2023-13001 Important: Critical Kernel Issues

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-13001 https://linux.oracle.com/errata/ELSA-2023-13001.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-container-5.4.17-2136.325.5.el7.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.325.5.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-container-5.4.17-2136.325.5.el7.src.rpm Related CVEs: CVE-2023-1989 Description of changes: [5.4.17-2136.325.5.el7] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext (Krister Johansen) [Orabug: 35905508] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 (D Scott Phillips) [Orabug: 35905508] - perf/arm-cmn: Fix invalid pointer when access dtc object sharing the same IRQ number (Tuan Phan) [Orabug: 35905508] - char: misc: increase DYNAMIC_MINORS value (Sangmoon Kim) [Orabug: 35905508] [5.4.17-2136.325.4.el7] - net: nfc: llcp: Add lock when modifying device list (Jeremy Cline) - net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent (Fabio Estevam) - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig (Oleksandr Tymoshenko) - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (Pin-yen Lin) - Revert "PCI: qcom: Disable write access to read only registers for IP v2.3.3" (Greg Kroah-Hartman) - rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) - rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) - rbd: decouple header read-in from updating rbd_dev-> header (Ilya Dryomov) - rbd: move rbd_dev_refresh() definition (Ilya Dryomov) - MIPS: Alchemy: only build mmc support helpers if au1xmmc is enabled (Christoph Hellwig) - netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP (Jozsef Kadlecsik) - dccp: fixdccp_v4_err()/dccp_v6_err() again (Eric Dumazet) - fix breakage in do_rmdir() (Al Viro) [Orabug: 35722671] - scsi: target: core: Fix deadlock due to recursive locking (Junxiao Bi) [Orabug: 35761341] - rds: Add proper refcnt when an RDS MR references an RDS Socket (HÃ¥kon Bugge) [Orabug: 35836949] - rds: Check for UAF in rds_destroy_mr (HÃ¥kon Bugge) [Orabug: 35836949] - i2c: designware: Fix corrupted memory seen in the ISR (Jan Bottorff) [Orabug: 35857601] - xfs: reserve less log space when recovering log intent items (Darrick J. Wong) [Orabug: 35871840] - octeontx_edac: Fix mcc_edac failure at boot (Thomas Tai) [Orabug: 35895526] - bpf: bpf_check() must fail when btf_linux is null (Dave Kleikamp) [Orabug: 35899889] [5.4.17-2136.325.3.el7] - LTS tag: v5.4.257 (Sherry Yang) - drm/amdgpu: fix amdgpu_cs_p1_user_fence (Christian KÃ¶nig) - mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller (William Zhang) - ext4: fix rec_len verify error (Shida Zhang) - i2c: aspeed: Reset the i2c controller when timeout occurs (Tommy Huang) - tracefs: Add missing lockdown check to tracefs_create_dir() (Steven Rostedt (Google)) - nfsd: fix change_info in NFSv4 RENAME replies (Jeff Layton) - tracing: Have option files inc the trace array ref count (Steven Rostedt (Google)) - tracing: Have current_trace inc the trace array ref count (Steven Rostedt (Google)) - btrfs: fix lockdep splat and potential deadlock after failure running delayed items (Filipe Manana) - attr: block mode changes of symlinks (Christian Brauner) - md/raid1: fix error: ISO C90 forbids mixed declarations (Nigel Croxon) - selftests: tracing: Fix to unmount tracefs for recovering environment (Masami Hiramatsu (Google)) - btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (Anand Jain) - btrfs: add a helper to read the superblock metadata_uuid (Anand Jain) - btrfs: move btrfs_pinned_by_swapfile prototype into volumes.h (Josef Bacik) - perf tools: Add an option to build without libbfd (IanRogers) - perf jevents: Make build dependency on test JSONs (John Garry) - tools features: Add feature test to check if libbfd has buildid support (Arnaldo Carvalho de Melo) - kobject: Add sanity check for kset-> kobj.ktype in kset_register() (Zhen Lei) - media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (Sakari Ailus) - serial: cpm_uart: Avoid suspicious locking (Christophe Leroy) - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (Konstantin Shelekhin) - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (Ma Ke) - media: pci: cx23885: replace BUG with error return (Hans Verkuil) - media: tuners: qt1010: replace BUG_ON with a regular error (Hans Verkuil) - media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() (Zhang Shurong) - media: anysee: fix null-ptr-deref in anysee_master_xfer (Zhang Shurong) - media: af9005: Fix null-ptr-deref in af9005_i2c_xfer (Zhang Shurong) - media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() (Zhang Shurong) - media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer (Zhang Shurong) - powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (ruanjinjie) - jfs: fix invalid free of JFS_IP(ipimap)-> i_imap in diUnmount (Liu Shixin via Jfs-discussion) - fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (Andrew Kanner) - ext2: fix datatype of block number in ext2_xattr_set2() (Georg Ottinger) - md: raid1: fix potential OOB in raid1_remove_disk() (Zhang Shurong) - bus: ti-sysc: Configure uart quirks for k3 SoC (Tony Lindgren) - drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (Tuo Li) - wifi: mac80211_hwsim: drop short frames (Johannes Berg) - alx: fix OOB-read compiler warning (GONG, Ruiqi) - mmc: sdhci-esdhc-imx: improve ESDHC_FLAG_ERR010450 (Giulio Benetti) - tpm_tis: Resend command to recover from data transfer errors (Alexander Steffen) - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()(Mark O'Donovan) - wifi: mwifiex: fix fortify warning (Dmitry Antipov) - wifi: ath9k: fix printk specifier (Dongliang Mu) - devlink: remove reload failed checks in params get/set callbacks (Jiri Pirko) - hw_breakpoint: fix single-stepping when using bpf_overflow_handler (Tomislav Novak) - perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (Yicong Yang) - ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (Jiri Slaby (SUSE)) - kernel/fork: beware of __put_task_struct() calling context (Wander Lairson Costa) - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (Abhishek Mainkar) - locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (Will Shiu) - btrfs: output extra debug info if we failed to find an inline backref (Qu Wenruo) - autofs: fix memory leak of waitqueues in autofs_catatonic_mode (Fedor Pchelkin) - parisc: Drop loops_per_jiffy from per_cpu struct (Helge Deller) - drm/amd/display: Fix a bug when searching for insert_above_mpcc (Wesley Chalmers) - kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). (Kuniyuki Iwashima) - ixgbe: fix timestamp configuration code (Vadim Fedorenko) - net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() (Liu Jian) - platform/mellanox: mlxbf-tmfifo: Drop jumbo frames (Liming Sun) - platform/mellanox: mlxbf-tmfifo: Drop the Rx packet if no more descriptors (Liming Sun) - kcm: Fix memory leak in error path of kcm_sendmsg() (Shigeru Yoshida) - r8152: check budget for r8152_poll() (Hayes Wang) - net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() (Hangyu Hua) - net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc() (Hangyu Hua) - net: ipv4: fix one memleak in __inet_del_ifa() (Liu Jian) - clk: imx8mm: Move 1443X/1416X PLL clock structure to common place (Anson Huang) - ARM: dts: BCM5301X: Extend RAM to full 256MB for Linksys EA6500 V2 (Aleksey Nasibulin) - usb: typec: bus: verify partner exists intypec_altmode_attention (RD Babiera) - usb: typec: tcpm: Refactor tcpm_handle_vdm_request (Hans de Goede) - usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (Hans de Goede) - perf tools: Handle old data in PERF_RECORD_ATTR (Namhyung Kim) - perf hists browser: Fix hierarchy mode header (Namhyung Kim) - mtd: rawnand: brcmnand: Fix potential false time out warning (William Zhang) - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write (William Zhang) - mtd: rawnand: brcmnand: Fix crash during the panic_write (William Zhang) - btrfs: use the correct superblock to compare fsid in btrfs_validate_super (Anand Jain) - btrfs: don't start transaction when joining with TRANS_JOIN_NOSTART (Filipe Manana) - fuse: nlookup missing decrement in fuse_direntplus_link (ruanmeisi) - ata: pata_ftide010: Add missing MODULE_DESCRIPTION (Damien Le Moal) - ata: sata_gemini: Add missing MODULE_DESCRIPTION (Damien Le Moal) - sh: boards: Fix CEU buffer size passed to dma_declare_coherent_memory() (Petr Tesarik) - net: hns3: fix the port information display when sfp is absent (Yisen Zhuang) - ip_tunnels: use DEV_STATS_INC() (Eric Dumazet) - idr: fix param name in idr_alloc_cyclic() doc (Ariel Marcovitch) - s390/zcrypt: don't leak memory if dev_set_name() fails (Andy Shevchenko) - igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (Olga Zaborska) - igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (Olga Zaborska) - igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (Olga Zaborska) - kcm: Destroy mutex in kcm_exit_net() (Shigeru Yoshida) - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (valis) - af_unix: Fix data race around sk-> sk_err. (Kuniyuki Iwashima) - af_unix: Fix data-races around sk-> sk_shutdown. (Kuniyuki Iwashima) - af_unix: Fix data-race around unix_tot_inflight. (Kuniyuki Iwashima) - af_unix: Fix data-races around user-> unix_inflight. (Kuniyuki Iwashima) - net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr(Alex Henrie) - veth: Fixing transmit return status for dropped packets (Liang Chen) - igb: disable virtualization features on 82580 (Corinna Vinschen) - net: read sk-> sk_family once in sk_mc_loop() (Eric Dumazet) - ipv4: annotate data-races around fi-> fib_dead (Eric Dumazet) - sctp: annotate data-races around sk-> sk_wmem_queued (Eric Dumazet) - pwm: lpc32xx: Remove handling of PWM channels (Vladimir Zapolskiy) - watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load (Raag Jadav) - perf top: Don't pass an ERR_PTR() directly to perf_session__delete() (Arnaldo Carvalho de Melo) - x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() (Sean Christopherson) - perf annotate bpf: Don't enclose non-debug code with an assert() (Arnaldo Carvalho de Melo) - kconfig: fix possible buffer overflow (Konstantin Meskhidze) - NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info (Fedor Pchelkin) - soc: qcom: qmi_encdec: Restrict string length in decode (Chris Lew) - clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock (Dmitry Baryshkov) - parisc: led: Reduce CPU overhead for disk & lan LED computation (Helge Deller) - parisc: led: Fix LAN receive and transmit LEDs (Helge Deller) - lib/test_meminit: allocate pages up to order MAX_ORDER (Andrew Donnellan) - drm/ast: Fix DRAM init on AST2200 (Thomas Zimmermann) - fbdev/ep93xx-fb: Do not assign to struct fb_info.dev (Thomas Zimmermann) - scsi: qla2xxx: Remove unsupported ql2xenabledif option (Manish Rangankar) - scsi: qla2xxx: Turn off noisy message log (Quinn Tran) - scsi: qla2xxx: Fix erroneous link up failure (Quinn Tran) - scsi: qla2xxx: fix inconsistent TMF timeout (Quinn Tran) - net/ipv6: SKB symmetric hash should incorporate transport ports (Quan Tian) - drm: fix double free for gbo in drm_gem_vram_init and drm_gem_vram_create (Jia Yang) - udf: initialize newblock to 0 (Tom Rix) - usb: typec: tcpci: clear the fault status bit (Marco Felsch) - serial: sc16is7xx: fix broken port 0 uart init (HugoVilleneuve) - sc16is7xx: Set iobase to device index (Daniel Mack) - cpufreq: brcmstb-avs-cpufreq: Fix -Warray-bounds bug (Gustavo A. R. Silva) - crypto: stm32 - fix loop iterating through scatterlist for DMA (Thomas Bourgoin) - s390/ipl: add missing secure/has_secure file to ipl type 'unknown' (Sven Schnelle) - pstore/ram: Check start of empty przs during init (Enlin Mu) - fsverity: skip PKCS#7 parser when keyring is empty (Eric Biggers) - net: handle ARPHRD_PPP in dev_is_mac_header_xmit() (Nicolas Dichtel) - X.509: if signature is unsupported skip validation (Thore Sommer) - dccp: Fix out of bounds access in DCCP error handler (Jann Horn) - parisc: Fix /proc/cpuinfo output for lscpu (Helge Deller) - procfs: block chmod on /proc/thread-self/comm (Aleksa Sarai) - Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset" (Bjorn Helgaas) - ntb: Fix calculation ntb_transport_tx_free_entry() (Dave Jiang) - ntb: Clean up tx tail index on link down (Dave Jiang) - ntb: Drop packets when qp link is down (Dave Jiang) - media: dvb: symbol fixup for dvb_attach() (Greg Kroah-Hartman) - xtensa: PMU: fix base address for the newer hardware (Max Filippov) - backlight/lv5207lp: Compare against struct fb_info.device (Thomas Zimmermann) - backlight/bd6107: Compare against struct fb_info.device (Thomas Zimmermann) - backlight/gpio_backlight: Compare against struct fb_info.device (Thomas Zimmermann) - ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch() (Gustavo A. R. Silva) - ipmi_si: fix a memleak in try_smi_init() (Yi Yang) - ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl (Takashi Iwai) - PM / devfreq: Fix leak in devfreq_dev_release() (Boris Brezillon) - igb: set max size RX buffer when store bad packet is enabled (Radoslaw Tyl) - skbuff: skb_segment, Call zero copy functions before using skbuff frags (Mohamed Khalfella) - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU (Eric Dumazet) - virtio_ring: fix avail_wrap_counter in virtqueue_add_packed (Yuan Yao) - cpufreq: Fixthe race condition while updating the transition_task of policy (Liao Chang) - dmaengine: ste_dma40: Add missing IRQ check in d40_probe (ruanjinjie) - um: Fix hostaudio build errors (Randy Dunlap) - mtd: rawnand: fsmc: handle clk prepare error in fsmc_nand_resume() (Yi Yang) - rpmsg: glink: Add check for kstrdup (Jiasheng Jiang) - phy/rockchip: inno-hdmi: do not power on rk3328 post pll on reg write (Jonas Karlman) - phy/rockchip: inno-hdmi: round fractal pixclock in rk3328 recalc_rate (Zheng Yang) - phy/rockchip: inno-hdmi: use correct vco_div_5 macro on rk3328 (Jonas Karlman) - tracing: Fix race issue between cpu buffer write and swap (Zheng Yejian) - HID: multitouch: Correct devm device reference for hidinput input_dev name (Rahul Rameshbabu) - HID: logitech-dj: Fix error handling in logi_dj_recv_switch_to_dj_mode() (Nikita Zhandarovich) - RDMA/siw: Correct wrong debug message (Guoqing Jiang) - RDMA/siw: Balance the reference of cep-> kref in the error path (Guoqing Jiang) - amba: bus: fix refcount leak (Peng Fan) - serial: tegra: handle clk prepare error in tegra_uart_hw_init() (Yi Yang) - scsi: fcoe: Fix potential deadlock on &fip-> ctlr_lock (Chengfeng Ye) - scsi: core: Use 32-bit hostnum in scsi_host_lookup() (Tony Battersby) - media: ov2680: Fix regulators being left enabled on ov2680_power_on() errors (Hans de Goede) - media: ov2680: Fix vflip / hflip set functions (Hans de Goede) - media: ov2680: Fix ov2680_bayer_order() (Hans de Goede) - media: ov2680: Remove auto-gain and auto-exposure controls (Hans de Goede) - media: i2c: ov2680: Set V4L2_CTRL_FLAG_MODIFY_LAYOUT on flips (Dave Stevenson) - media: ov5640: Enable MIPI interface in ov5640_set_power_mipi() (Marek Vasut) - media: i2c: ov5640: Configure HVP lines in s_power callback (Lad Prabhakar) - USB: gadget: f_mass_storage: Fix unused variable warning (Alan Stern) - media: go7007: Remove redundant if statement (Colin Ian King) - iommu/vt-d: Fix to flush cache of PASID directory table (Yanfei Xu) - IB/uverbs: Fix anpotential error pointer dereference (Xiang Yang) - driver core: test_async: fix an error code (Dan Carpenter) - dma-buf/sync_file: Fix docs syntax (Rob Clark) - coresight: tmc: Explicit type conversions to prevent integer overflow (Ruidong Tian) - scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (Oleksandr Natalenko) - scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (Oleksandr Natalenko) - scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (Oleksandr Natalenko) - x86/APM: drop the duplicate APM_MINOR_DEV macro (Randy Dunlap) - serial: sprd: Fix DMA buffer leak issue (Chunyan Zhang) - serial: sprd: Assign sprd_port after initialized to avoid wrong access (Chunyan Zhang) - serial: sprd: remove redundant sprd_port cleanup (Chunyan Zhang) - serial: sprd: getting port index via serial aliases only (Chunyan Zhang) - scsi: qla4xxx: Add length check when parsing nlattrs (Lin Ma) - scsi: be2iscsi: Add length check when parsing nlattrs (Lin Ma) - scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (Lin Ma) - usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host() (Xu Yang) - media: mediatek: vcodec: Return NULL if no vdec_fb is found (Irui Wang) - media: cx24120: Add retval check for cx24120_message_send() (Daniil Dulov) - media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (Christophe JAILLET) - media: dib7000p: Fix potential division by zero (Daniil Dulov) - drivers: usb: smsusb: fix error handling code in smsusb_init_device (Dongliang Mu) - media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() (Christophe JAILLET) - media: v4l2-fwnode: simplify v4l2_fwnode_parse_link (Marco Felsch) - media: v4l2-fwnode: fix v4l2_fwnode_parse_link handling (Marco Felsch) - NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN (Benjamin Coddington) - NFSD: da_addr_body field missing in some GETDEVICEINFO replies (Chuck Lever) - fs: lockd:avoid possible wrong NULL parameter (Su Hui) - jfs: validate max amount of blocks before allocation. (Alexei Filippov) - powerpc/iommu: Fix notifiers being shared by PCI and VIO buses (Russell Currey) - nfs/blocklayout: Use the passed in gfp flags (Dan Carpenter) - wifi: ath10k: Use RMW accessors for changing LNKCTL (Ilpo JÃ¤rvinen) - drm/radeon: Use RMW accessors for changing LNKCTL (Ilpo JÃ¤rvinen) - drm/radeon: Prefer pcie_capability_read_word() (Frederick Lawler) - drm/radeon: Replace numbers with PCI_EXP_LNKCTL2 definitions (Bjorn Helgaas) - drm/radeon: Correct Transmit Margin masks (Bjorn Helgaas) - drm/amdgpu: Use RMW accessors for changing LNKCTL (Ilpo JÃ¤rvinen) - drm/amdgpu: Prefer pcie_capability_read_word() (Frederick Lawler) - drm/amdgpu: Replace numbers with PCI_EXP_LNKCTL2 definitions (Bjorn Helgaas) - drm/amdgpu: Correct Transmit Margin masks (Bjorn Helgaas) - PCI: Add #defines for Enter Compliance, Transmit Margin (Bjorn Helgaas) - powerpc/fadump: reset dump area size if fadump memory reserve fails (Sourabh Jain) - clk: imx: composite-8m: fix clock pauses when set_rate would be a no-op (Ahmad Fatoum) - PCI/ASPM: Use RMW accessors for changing LNKCTL (Ilpo JÃ¤rvinen) - PCI: pciehp: Use RMW accessors for changing LNKCTL (Ilpo JÃ¤rvinen) - clk: sunxi-ng: Modify mismatched function name (Zhang Jianhua) - drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init() (Minjie Du) - ipmi:ssif: Fix a memory leak when scanning for an adapter (Corey Minyard) - ipmi:ssif: Add check for kstrdup (Jiasheng Jiang) - of: unittest: Fix overlay type in apply/revert check (Geert Uytterhoeven) - drm/mediatek: Fix potential memory leak if vmap() fail (Sui Jingfeng) - audit: fix possible soft lockup in __audit_inode_child() (Gaosheng Cui) - smackfs: Prevent underflow in smk_set_cipso() (Dan Carpenter) - drm/msm/mdp5: Don't leak some plane state (Daniel Vetter) - ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig (Nayna Jain) - drm/panel: simple: Add missing connector typeand pixel format for AUO T215HVN01 (Marek Vasut) - drm/armada: Fix off-by-one error in armada_overlay_get_property() (Geert Uytterhoeven) - of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() (Ruan Jinjie) - drm/tegra: dpaux: Fix incorrect return value of platform_get_irq (Yangtao Li) - drm/tegra: Remove superfluous error messages around platform_get_irq() (Tan Zhongjun) - md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (Yu Kuai) - md/bitmap: don't set max_write_behind if there is no write mostly device (Guoqing Jiang) - drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (Srinivasan Shanmugam) - arm64: dts: qcom: sdm845: Add missing RPMh power domain to GCC (Manivannan Sadhasivam) - ARM: dts: BCM53573: Fix Ethernet info for Luxul devices (RafaÅ MiÅecki) - drm: adv7511: Fix low refresh rate register for ADV7533/5 (Bogdan Togorean) - ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split) (Krzysztof Kozlowski) - ARM: dts: s5pv210: add dummy 5V regulator for backlight on SMDKv210 (Krzysztof Kozlowski) - ARM: dts: s5pv210: correct ethernet unit address in SMDKV210 (Krzysztof Kozlowski) - ARM: dts: s5pv210: use defines for IRQ flags in SMDKV210 (Krzysztof Kozlowski) - ARM: dts: s5pv210: add RTC 32 KHz clock in SMDKV210 (Krzysztof Kozlowski) - ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split) (Krzysztof Kozlowski) - ARM: dts: s3c64xx: align pinctrl with dtschema (Krzysztof Kozlowski) - ARM: dts: s3c6410: align node SROM bus node name with dtschema in Mini6410 (Krzysztof Kozlowski) - ARM: dts: s3c6410: move fixed clocks under root node in Mini6410 (Krzysztof Kozlowski) - drm/etnaviv: fix dumping of active MMU context (Lucas Stach) - ARM: dts: BCM53573: Use updated "spi-gpio" binding properties (RafaÅ MiÅecki) - ARM: dts: BCM53573: Add cells sizes to PCIe node (RafaÅ MiÅecki) - ARM: dts: BCM53573: Drop nonexistent "default-off" LED trigger (RafaÅ MiÅecki) - drm/amdgpu: avoid integeroverflow warning in amdgpu_device_resize_fb_bar() (Arnd Bergmann) - quota: fix dqput() to follow the guarantees dquot_srcu should provide (Baokun Li) - quota: add new helper dquot_active() (Baokun Li) - quota: rename dquot_active() to inode_quota_active() (Baokun Li) - quota: factor out dquot_write_dquot() (Baokun Li) - quota: avoid increasing DQST_LOOKUPS when iterating over dirty/inuse list (Chengguang Xu) - drm/bridge: tc358764: Fix debug print parameter order (Marek Vasut) - netrom: Deny concurrent connect(). (Kuniyuki Iwashima) - net/sched: sch_hfsc: Ensure inner classes have fsc curve (Budimir Markovic) - mlxsw: i2c: Limit single transaction buffer size (Vadim Pasternak) - mlxsw: i2c: Fix chunk size setting in output mailbox buffer (Vadim Pasternak) - net: arcnet: Do not call kfree_skb() under local_irq_disable() (Jinjie Ruan) - wifi: ath9k: use IS_ERR() with debugfs_create_dir() (Wang Ming) - wifi: mwifiex: avoid possible NULL skb pointer dereference (Dmitry Antipov) - wifi: ath9k: protect WMI command response buffer replacement with a lock (Fedor Pchelkin) - wifi: ath9k: fix races between ath9k_wmi_cmd and ath9k_wmi_ctrl_rx (Fedor Pchelkin) - wifi: mwifiex: Fix missed return in oob checks failed path (Polaris Pi) - wifi: mwifiex: fix memory leak in mwifiex_histogram_read() (Dmitry Antipov) - fs: ocfs2: namei: check return value of ocfs2_add_entry() (Artem Chernyshev) - lwt: Check LWTUNNEL_XMIT_CONTINUE strictly (Yan Zhai) - lwt: Fix return values of BPF xmit ops (Yan Zhai) - hwrng: iproc-rng200 - Implement suspend and resume calls (Florian Fainelli) - hwrng: iproc-rng200 - use semicolons rather than commas to separate statements (Julia Lawall) - crypto: caam - fix unchecked return value error (Gaurav Jain) - Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe() (Yuanjun Gong) - crypto: stm32 - Properly handle pm_runtime_get failing (Uwe Kleine-KÃ¶nig) - wifi: mwifiex: fix error recovery in PCIE buffer descriptor management (Dmitry Antipov) - mwifiex: switch from'pci_' to 'dma_' API (Christophe JAILLET) - wifi: mwifiex: Fix OOB and integer underflow when rx packets (Polaris Pi) - can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM (Marc Kleine-Budde) - spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() (Zhang Shurong) - regmap: rbtree: Use alloc_flags for memory allocations (Dan Carpenter) - tcp: tcp_enter_quickack_mode() should be static (Eric Dumazet) - bpf: Clear the probe_addr for uprobe (Yafang Shao) - cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit() (Liao Chang) - perf/imx_ddr: don't enable counter0 if none of 4 counters are used (Xu Yang) - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved (Ard Biesheuvel) - x86/boot: Annotate local functions (Jiri Slaby) - x86/asm: Make more symbols local (Jiri Slaby) - OPP: Fix passing 0 to PTR_ERR in _opp_attach_genpd() (Manivannan Sadhasivam) - tmpfs: verify {g,u}id mount options correctly (Christian Brauner) - fs: Fix error checking for d_hash_and_lookup() (Wang Ming) - new helper: lookup_positive_unlocked() (Al Viro) - eventfd: prevent underflow for eventfd semaphores (Wen Yang) - eventfd: Export eventfd_ctx_do_read() (David Woodhouse) - reiserfs: Check the return value from __getblk() (Matthew Wilcox) - Revert "net: macsec: preserve ingress frame ordering" (Sabrina Dubroca) - Revert "net: macsec: Severe performance regression in "...preserve ordering"" (Sherry Yang) - udf: Handle error when adding extent to a file (Jan Kara) - udf: Check consistency of Space Bitmap Descriptor (Vladislav Efanov) - powerpc/32s: Fix assembler warning about r0 (Christophe Leroy) - net: Avoid address overwrite in kernel_connect (Jordan Rife) - platform/mellanox: Fix mlxbf-tmfifo not handling all virtio CONSOLE notifications (Shih-Yi Chen) - ALSA: seq: oss: Fix racy open/close of MIDI devices (Takashi Iwai) - scsi: storvsc: Always set no_report_opcodes (Michael Kelley) - cifs: add a warning whenthe in-flight count goes negative (Shyam Prasad N) - sctp: handle invalid error codes without calling BUG() (Dan Carpenter) - bnx2x: fix page fault following EEH recovery (David Christensen) - netlabel: fix shift wrapping bug in netlbl_catmap_setlong() (Dmitry Mastykin) - scsi: qedi: Fix potential deadlock on &qedi_percpu-> p_work_lock (Chengfeng Ye) - idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM (Baoquan He) - net: usb: qmi_wwan: add Quectel EM05GV2 (Martin Kohn) - clk: fixed-mmio: make COMMON_CLK_FIXED_MMIO depend on HAS_IOMEM (Baoquan He) - security: keys: perform capable check only on privileged operations (Christian GÃ¶ttsche) - platform/x86: huawei-wmi: Silence ambient light sensor (Konstantin Shelekhin) - platform/x86: intel: hid: Always call BTNL ACPI method (Hans de Goede) - ASoC: atmel: Fix the 8K sample parameter in I2SC master (Guiting Shen) - ASoc: codecs: ES8316: Fix DMIC config (Edgar) - fs/nls: make load_nls() take a const parameter (Winston Wen) - s390/dasd: fix hanging device after request requeue (Stefan Haberland) - s390/dasd: use correct number of retries for ERP requests (Stefan Haberland) - m68k: Fix invalid .section syntax (Ben Hutchings) - vxlan: generalize vxlan_parse_gpe_hdr and remove unused args (Jiri Benc) - ethernet: atheros: fix return value check in atl1c_tso_csum() (Yuanjun Gong) - ASoC: da7219: Check for failure reading AAD IRQ events (Dmytro Maluka) - ASoC: da7219: Flush pending AAD IRQ when suspending (Dmytro Maluka) - 9p: virtio: make sure 'offs' is initialized in zc_request (Dominique Martinet) - nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse (Ryusuke Konishi) - nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers() (Ryusuke Konishi) - fsi: master-ast-cf: Add MODULE_FIRMWARE macro (Juerg Haefliger) - serial: sc16is7xx: fix bug when first setting GPIO direction (Hugo Villeneuve) - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition (Zheng Wang) {CVE-2023-1989} - staging: rtl8712: fix race condition (Nam Cao) - HID: wacom: remove the battery when the EKR is off (Aaron Armstrong Skomra) - USB: serial: option: add FOXCONN T99W368/T99W373 product (Slark Xiao) - USB: serial: option: add Quectel EM05G variant (0x030e) (Martin Kohn) - modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules (Christoph Hellwig) - rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff (Christoph Hellwig) - net: enetc: use EXPORT_SYMBOL_GPL for enetc_phc_index (Christoph Hellwig) - mmc: au1xmmc: force non-modular build and remove symbol_get usage (Christoph Hellwig) - ARM: pxa: remove use of symbol_get() (Arnd Bergmann) - erofs: ensure that the post-EOF tails are all zeroed (Gao Xiang) [5.4.17-2136.325.2.el7] - Pensando: kpcimgr: Decouple kstate addr from shmem addr (Rob Gardner) [Orabug: 35842998] - bnxt_en: fix NULL dereference in bnxt_flash_package_from_file() (Samasth Norway Ananda) [Orabug: 35844212] - uek-rpm: aarch64: embedded: Fix a typo when enabling CONFIG_STACKTRACE (Thomas Tai) [Orabug: 35858089] - ocfs2: ocfs2 crash due to invalid h_next_leaf_blk value in extent block (Gautham Ananthakrishna) [Orabug: 35859331] [5.4.17-2136.325.1.el7] - uek-rpm: aarch64: embedded: Enable CONFIG_STACKTRACE and CONFIG_FTRACE (Thomas Tai) [Orabug: 35818484] - io_uring: add a sysctl to disable io_uring system-wide (Matteo Rizzo) [Orabug: 35819375] - KVM: SVM: Set target pCPU during IRTE update if target vCPU is running (Sean Christopherson) [Orabug: 35827614] - KVM: SVM: Take and hold ir_list_lock when updating vCPU's Physical ID entry (Sean Christopherson) [Orabug: 35827614] - Pensando: kpcimgr: Zero out mod pointer unconditionally (Rob Gardner) [Orabug: 35842963] - pensando: kpcimgr: Flush i-cache before calling any pciesvc code (Rob Gardner) [Orabug: 35842972] [5.4.17-2136.324.5.el7] - netfilter: nfnetlink_osf: avoid OOB read (Wander Lairson Costa) - dlm: fix plock lookup when using multiple lockspaces (Alexander Aring) -x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (Dave Hansen) - Revert "IB/isert: Fix incorrect release of isert connection" (Leon Romanovsky) - ALSA: ac97: Fix possible error value of *rac97 (Su Hui) - pinctrl: amd: Don't show Invalid config param errors (Mario Limonciello) - netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) - netfilter: xt_u32: validate user space input (Wander Lairson Costa) - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng) [Orabug: 35824287] {CVE-2023-42753} [5.4.17-2136.324.4.el7] - kernfs: fix missing kernfs_iattr_rwsem locking (Ian Kent) [Orabug: 35796771] - x86/microcode: Stop reprobing mitigations after late microcode load (Boris Ostrovsky) [Orabug: 35818857] {CVE-2023-20569} - objtool/x86: Fix SRSO mess (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Correct the mitigation status when SMT is disabled (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - objtool/x86: Fixup frame-pointer vs rethunk (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Disable the mitigation on unaffected configurations (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Sean Christopherson) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Explain the untraining sequences a bit more (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Cleanup the untrain mess (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Rename original retbleed methods (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Clean up SRSO return thunk mess (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/alternative: Make custom return thunk unconditional (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Fix up srso_safe_ret() and__x86_return_thunk() (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/cpu: Fix __x86_return_thunk symbol type (Peter Zijlstra) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Fix build breakage with the LLVM linker (Nick Desaulniers) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Tie SBPB bit setting to microcode patch detection (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Fix return thunks in generated code (Josh Poimboeuf) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Add IBPB on VMEXIT (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Add SRSO_NO support (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Add IBPB_BRTYPE support (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - x86/srso: Add a Speculative RAS Overflow mitigation (Borislav Petkov (AMD)) [Orabug: 35818857] {CVE-2023-20569} - scsi: megaraid_sas: Fix deadlock on firmware crashdump (Junxiao Bi) [Orabug: 35819593] - rds: Fix lack of reentrancy for connection reset with dst addr zero (HÃ¥kon Bugge) [Orabug: 35819522] {CVE-2023-22024} [5.4.17-2136.324.3.el7] - uek-rpm: aarch64: enable ACPI_AGDI (Mihai Carabas) [Orabug: 34833165] - arm64: sdei: abort running SDEI handlers during crash (D Scott Phillips) [Orabug: 34833165] - ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init() (Ilkka Koskinen) [Orabug: 34833165] - ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and Reset device (Ilkka Koskinen) [Orabug: 34833165] - ACPI: tables: Add AGDI to the list of known table signatures (Ilkka Koskinen) [Orabug: 34833165] - ACPICA: iASL: Add suppport for AGDI table (Ilkka Koskinen) [Orabug: 34833165] - ACPI: APEI: explicit init of HEST and GHES in apci_init() (Shuai Xue) [Orabug: 34833165] - x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Borislav Petkov (AMD)) [Orabug: 35776936] {CVE-2023-20588} - x86/CPU/AMD: Do not leak quotient data after a division by 0 (Borislav Petkov (AMD)) [Orabug: 35776936] {CVE-2023-20588} - uek-rpm: Pensando: enable PENSANDO_SOC_BSM_ENABLE in the config (Dave Kleikamp) [Orabug: 35787554] [5.4.17-2136.324.2.el7] - LTS tag: v5.4.256 (Sherry Yang) - Revert "MIPS: Alchemy: fix dbdma2" (Greg Kroah-Hartman) - powerpc/pmac/smp: Drop unnecessary volatile qualifier (YueHaibing) - powerpc/pmac/smp: Avoid unused-variable warnings (Ilie Halip) - LTS tag: v5.4.255 (Sherry Yang) - dma-buf/sw_sync: Avoid recursive lock during fence signal (Rob Clark) - pinctrl: renesas: rza2: Add lock around pinctrl_generic{{add,remove}_group,{add,remove}_function} (Biju Das) - clk: Fix undefined reference to clk_rate_exclusive_{get,put}' (Biju Das) - scsi: core: raid_class: Remove raid_component_add() (Zhu Wang) - scsi: snic: Fix double free in snic_tgt_create() (Zhu Wang) - irqchip/mips-gic: Don't touch vl_map if a local interrupt is not routable (Jiaxun Yang) - Documentation/sysctl: document page_lock_unfairness (Joel Savitz) - ALSA: pcm: Check for null pointer of pointer substream before dereferencing it (Colin Ian King) - interconnect: Do not skip aggregation for disabled paths (Georgi Djakov) - Revert "ALSA: pcm: Use SG-buffer only when direct DMA is available" (Takashi Iwai) - ALSA: pcm: Fix build error on m68k and others (Takashi Iwai) - rtnetlink: Reject negative ifindexes in RTM_NEWLINK (Ido Schimmel) - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (Feng Tang) - drm/display/dp: Fix the DP DSC Receiver cap size (Ankit Nautiyal) - PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus (Igor Mammedov) - media: vcodec: Fix potential array out-of-bounds in encoder queue_setup (Wei Chen) - radix tree: remove unused variable (Arnd Bergmann) - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels (Helge Deller) - batman-adv: Hold rtnl lock during MTU update via netlink (Sven Eckelmann) - batman-adv: Fix batadv_v_ogm_aggr_send memory leak (Remi Pommarel) - batman-adv: Fix TT global entry leak when client roamed back(Remi Pommarel) - batman-adv: Do not get eth header before batadv_check_management_packet (Remi Pommarel) - batman-adv: Don't increase MTU when set by user (Sven Eckelmann) - batman-adv: Trigger events for auto adjusted MTU (Sven Eckelmann) - nfsd: Fix race to FREE_STATEID and cl_revoked (Benjamin Coddington) - clk: Fix slab-out-of-bounds error in devm_clk_release() (Andrey Skvortsov) - NFSv4: Fix dropped lock for racing OPEN and delegation return (Benjamin Coddington) - ibmveth: Use dcbf rather than dcbfl (Michael Ellerman) - bonding: fix macvlan over alb bond support (Hangbin Liu) - net: remove bond_slave_has_mac_rcu() (Jakub Kicinski) - net/sched: fix a qdisc modification with ambiguous command request (Jamal Hadi Salim) - igb: Avoid starting unnecessary workqueues (Alessio Igor Bogani) - net: validate veth and vxcan peer ifindexes (Jakub Kicinski) - net: bcmgenet: Fix return value check for fixed_phy_register() (Ruan Jinjie) - net: bgmac: Fix return value check for fixed_phy_register() (Ruan Jinjie) - ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() (Lu Wei) - dccp: annotate data-races in dccp_poll() (Eric Dumazet) - sock: annotate data-races around prot-> memory_pressure (Eric Dumazet) - octeontx2-af: SDP: fix receive link config (Hariprasad Kelam) - tracing: Fix memleak due to race between current_tracer and trace (Zheng Yejian) - drm/amd/display: check TG is non-null before checking if enabled (Taimur Hassan) - drm/amd/display: do not wait for mpc idle if tg is disabled (Josip Pavic) - ASoC: fsl_sai: Disable bit clock with transmitter (Matus Gajdos) - ASoC: fsl_sai: Add new added registers and new bit definition (Shengjiu Wang) - ASoC: fsl_sai: Refine enable/disable TE/RE sequence in trigger() (Shengjiu Wang) - regmap: Account for register length in SMBus I/O limits (Mark Brown) - ALSA: pcm: Fix potential data race at PCM memory allocation helpers (Takashi Iwai) - ALSA: pcm: Set per-card upper limit of PCM buffer allocations (Takashi Iwai) - dm integrity: reducevmalloc space footprint on 32-bit architectures (Mikulas Patocka) - dm integrity: increase RECALC_SECTORS to improve recalculate speed (Mikulas Patocka) - fbdev: fix potential OOB read in fast_imageblit() (Zhang Shurong) - fbdev: Fix sys_imageblit() for arbitrary image widths (Thomas Zimmermann) - fbdev: Improve performance of sys_imageblit() (Thomas Zimmermann) - MIPS: cpu-features: Use boot_cpu_type for CPU type based features (Jiaxun Yang) - MIPS: cpu-features: Enable octeon_cache by cpu_type (Jiaxun Yang) - fs: dlm: fix mismatch of plock results from userspace (Alexander Aring) - fs: dlm: use dlm_plock_info for do_unlock_close (Alexander Aring) - fs: dlm: change plock interrupted message to debug again (Alexander Aring) - fs: dlm: add pid to debug log (Alexander Aring) - dlm: replace usage of found with dedicated list iterator variable (Jakob Koschel) - dlm: improve plock logging if interrupted (Alexander Aring) - PCI: acpiphp: Reassign resources on bridge if necessary (Igor Mammedov) - net: phy: broadcom: stub c45 read/write for 54810 (Justin Chen) - mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove (Yangtao Li) - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure (Lin Ma) - net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled (Jason Xing) - virtio-net: set queues after driver_ok (Jason Wang) - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima) - netfilter: set default timeout to 3 secs for sctp shutdown send and recv state (Xin Long) - mmc: block: Fix in_flight[issue_type] value error (Yibin Ding) - mmc: wbsd: fix double mmc_free_host() in wbsd_init() (Yang Yingliang) - cifs: Release folio lock on fscache read hit. (Russell Harmon via samba-technical) - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. (dengxiang) - serial: 8250: Fix oops for port-> pm on uart_change_pm() (Tony Lindgren) - ASoC: meson: axg-tdm-formatter: fix channel slot allocation (Jerome Brunet) - ASoC: rt5665:add missed regulator_bulk_disable (Zhang Shurong) - ARM: dts: imx: Set default tuning step for imx6sx usdhc (Xiaolei Wang) - ARM: dts: imx: Set default tuning step for imx7d usdhc (Xiaolei Wang) - ARM: dts: imx: Adjust dma-apbh node name (Stefan Wahren) - ARM: dts: imx7s: Drop dma-apb interrupt-names (Marek Vasut) - bus: ti-sysc: Flush posted write on enable before reset (Tony Lindgren) - bus: ti-sysc: Improve reset to work with modules with no sysconfig (Tony Lindgren) - net: do not allow gso_size to be set to GSO_BY_FRAGS (Eric Dumazet) - sock: Fix misuse of sk_under_memory_pressure() (Abel Wu) - net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset (Alfred Lee) - i40e: fix misleading debug logs (Andrii Staikov) - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) - netfilter: nft_dynset: disallow object maps (Pablo Neira Ayuso) - ipvs: fix racy memcpy in proc_do_sync_threshold (Sishuai Gong) - selftests: mirror_gre_changes: Tighten up the TTL test match (Petr Machata) - xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) {CVE-2023-3772} - ip_vti: fix potential slab-use-after-free in decode_session6 (Zhengchao Shao) - ip6_vti: fix slab-use-after-free in decode_session6 (Zhengchao Shao) - xfrm: fix slab-use-after-free in decode_session6 (Zhengchao Shao) - xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c (Eyal Birger) - net: af_key: fix sadb_x_filter validation (Lin Ma) - net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma) - btrfs: fix BUG_ON condition in btrfs_cancel_balance (xiaoshoukui) - tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms (Sherry Sun) - powerpc/rtas_flash: allow user copy to flash block cache objects (Nathan Lynch) - fbdev: mmp: fix value check in mmphw_probe() (Yuanjun Gong) - i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue (Chengfeng Ye) - virtio-mmio: don't break lifecycle of vm_dev (Wolfram Sang) - virtio-mmio: Use to_virtio_mmio_device() to simply code (TangBin) - virtio-mmio: convert to devm_platform_ioremap_resource (Yangtao Li) - nfsd: Remove incorrect check in nfsd4_validate_stateid (Trond Myklebust) - nfsd4: kill warnings on testing stateids with mismatched clientids (J. Bruce Fields) - net/ncsi: Fix gma flag setting after response (Vijay Khemka) - tracing/probes: Fix to update dynamic data counter if fetcharg uses it (Masami Hiramatsu (Google)) - tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs (Steven Rostedt (VMware)) - leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename (Christian Marangi) - mmc: sunxi: fix deferred probing (Sergey Shtylyov) - mmc: bcm2835: fix deferred probing (Sergey Shtylyov) - USB: dwc3: qcom: fix NULL-deref on suspend (Johan Hovold) - usb: dwc3: qcom: Add helper functions to enable,disable wake irqs (Sandeep Maheswaram) - interconnect: Add helpers for enabling/disabling a path (Georgi Djakov) - interconnect: Move internal structs into a separate file (Georgi Djakov) - irqchip/mips-gic: Use raw spinlock for gic_lock (Jiaxun Yang) - irqchip/mips-gic: Get rid of the reliance on irq_cpu_online() (Marc Zyngier) - ALSA: hda: Fix unhandled register update during auto-suspend period (Takashi Iwai) - PM: runtime: Add pm_runtime_get_if_active() (Sakari Ailus) - PM-runtime: add tracepoints for usage_count changes (MichaÅ MirosÅaw) - iio: addac: stx104: Fix race condition when converting analog-to-digital (William Breathitt Gray) - iio: addac: stx104: Fix race condition for stx104_write_raw() (William Breathitt Gray) - iio: stx104: Move to addac subdirectory (William Breathitt Gray) - iio: adc: stx104: Implement and utilize register structures (William Breathitt Gray) - iio: adc: stx104: Utilize iomap interface (William Breathitt Gray) - iio: add addac subdirectory (Cosmin Tanislav) - IMA: allow/fix UML builds (Randy Dunlap) - powerpc/kasan: Disable KCOV in KASAN code (Benjamin Gray) - ALSA: hda: fix a possible null-pointer dereference due to data race insnd_hdac_regmap_sync() (Tuo Li) - ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 (dengxiang) - drm/amdgpu: Fix potential fence use-after-free v2 (shanzhulig) - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (Armin Wolf) - gfs2: Fix possible data races in gfs2_show_options() (Tuo Li) - usb: chipidea: imx: don't request QoS for imx8ulp (Xu Yang) - media: platform: mediatek: vpu: fix NULL ptr dereference (Hans Verkuil) - media: v4l2-mem2mem: add lock to protect parameter num_rdy (Yunfei Dong) - FS: JFS: Check for read-only mounted filesystem in txBegin (Immad Mir) - FS: JFS: Fix null-ptr-deref Read in txBegin (Immad Mir) - MIPS: dec: prom: Address -Warray-bounds warning (Gustavo A. R. Silva) - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (Yogesh) - udf: Fix uninitialized array access for some pathnames (Jan Kara) - ovl: check type and offset of struct vfsmount in ovl_entry (Christian Brauner) - HID: add quirk for 03f0:464a HP Elite Presenter Mouse (Marco Morandini) - quota: fix warning in dqgrab() (Ye Bin) - quota: Properly disable quotas when add_dquot_ref() fails (Jan Kara) - ALSA: emu10k1: roll up loops in DSP setup code for Audigy (Oswald Buddenhagen) - drm/radeon: Fix integer overflow in radeon_cs_parser_init (hackyzh002) - macsec: use DEV_STATS_INC() (Eric Dumazet) - macsec: Fix traffic counters/statistics (Clayton Yager) - selftests: forwarding: tc_flower: Relax success criterion (Ido Schimmel) - mmc: sdhci-f-sdh30: Replace with sdhci_pltfm (Kunihiko Hayashi) - mmc: sdhci_f_sdh30: convert to devm_platform_ioremap_resource (Yangtao Li) - LTS tag: v5.4.254 (Sherry Yang) - sch_netem: fix issues in netem_change() vs get_dist_table() (Eric Dumazet) - alpha: remove __init annotation from exported page_is_ram() (Masahiro Yamada) - scsi: core: Fix possible memory leak if device_add() fails (Zhu Wang) - scsi: snic: Fix possible memory leak if device_add() fails (Zhu Wang) - scsi: 53c700: Check that command slot is not NULL(Alexandra Diupina) - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Michael Kelley) - scsi: core: Fix legacy /proc parsing buffer overflow (Tony Battersby) - netfilter: nf_tables: report use refcount overflow (Pablo Neira Ayuso) - nvme-rdma: fix potential unbalanced freeze & unfreeze (Ming Lei) - nvme-tcp: fix potential unbalanced freeze & unfreeze (Ming Lei) - btrfs: set cache_block_group_error if we find an error (Josef Bacik) - btrfs: don't stop integrity writeback too early (Christoph Hellwig) - ibmvnic: Handle DMA unmapping of login buffs in release functions (Nick Child) - net/mlx5: Allow 0 for total host VFs (Daniel Jurgens) - dmaengine: mcf-edma: Fix a potential un-allocated memory access (Christophe JAILLET) - wifi: cfg80211: fix sband iftype data lookup for AP_VLAN (Felix Fietkau) - IB/hfi1: Fix possible panic during hotplug remove (Douglas Miller) - drivers: net: prevent tun_build_skb() to exceed the packet size limit (Andrew Kanner) - dccp: fix data-race around dp-> dccps_mss_cache (Eric Dumazet) - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) - net/packet: annotate data-races around tp-> status (Eric Dumazet) - mISDN: Update parameter type of dsp_cmx_send() (Nathan Chancellor) - selftests/rseq: Fix build with undefined __weak (Mark Brown) - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (Karol Herbst) - x86: Move gds_ucode_mitigated() declaration to header (Arnd Bergmann) - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Kirill A. Shutemov) - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Cristian Ciocaltea) - usb: common: usb-conn-gpio: Prevent bailing out if initial role is none (Prashanth K) - usb: dwc3: Properly handle processing of pending events (Elson Roy Serrao) - usb-storage: alauda: Fix uninit-value in alauda_check_media() (Alan Stern) - binder: fix memory leak in binder_init() (Qi Zheng) - iio: cros_ec: Fix the allocation size for cros_ec_command(Yiyuan Guo) - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (Ryusuke Konishi) - radix tree test suite: fix incorrect allocation size for pthreads (Colin Ian King) - drm/nouveau/gr: enable memory loads on helper invocation on all channels (Karol Herbst) - dmaengine: pl330: Return DMA_PAUSED when transaction is paused (Ilpo JÃ¤rvinen) - ipv6: adjust ndisc_is_useropt() to also return true for PIO (Maciej Å»enczykowski) - mmc: moxart: read scr register without changing byte order (Sergei Antonov) - LTS tag: v5.4.253 (Sherry Yang) - Revert "driver core: Annotate dev_err_probe() with __must_check" (Greg Kroah-Hartman) - drivers: core: fix kernel-doc markup for dev_err_probe() (Mauro Carvalho Chehab) - driver code: print symbolic error code (MichaÅ MirosÅaw) - ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node (Xu Yang) - ARM: dts: imx6sll: fixup of operating points (Andreas Kemnade) - ARM: dts: imx: add usb alias (Peng Fan) - ARM: dts: imx: Align L2 cache-controller nodename with dtschema (Krzysztof Kozlowski) - ARM: dts: imx6sll: Make ssi node name same as other platforms (Shengjiu Wang) - arm64: dts: stratix10: fix incorrect I2C property for SCL signal (Dinh Nguyen) - ceph: defer stopping mdsc delayed_work (Xiubo Li) - ceph: use kill_anon_super helper (Jeff Layton) - ceph: show tasks waiting on caps in debugfs caps file (Jeff Layton) - PM: sleep: wakeirq: fix wake irq arming (Johan Hovold) - PM / wakeirq: support enabling wake-up irq after runtime_suspend called (Chunfeng Yun) - selftests/rseq: Play nice with binaries statically linked against glibc 2.35+ (Sean Christopherson) - selftests/rseq: check if libc rseq support is registered (Michael Jeanson) - powerpc/mm/altmap: Fix altmap boundary check (Aneesh Kumar K.V) - mtd: rawnand: omap_elm: Fix incorrect type in assignment (Roger Quadros) - test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (Mirsad Goran Todorovac) - test_firmware: prevent race conditions by a correctimplementation of locking (Mirsad Goran Todorovac) - ext2: Drop fragment support (Jan Kara) - fs: Protect reconfiguration of sb read-write from racing writes (Jan Kara) - net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb (Alan Stern) - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim) - fs/sysv: Null check to prevent null-ptr-deref bug (Prince Kumar Maurya) - net: tap_open(): set sk_uid from current_fsuid() (Laszlo Ersek) {CVE-2023-1076} - net: tun_chr_open(): set sk_uid from current_fsuid() (Laszlo Ersek) {CVE-2023-1076} - mtd: rawnand: meson: fix OOB available bytes for ECC (Arseniy Krasnov) - mtd: spinand: toshiba: Fix ecc_get_status (Olivier Maignial) - USB: zaurus: Add ID for A-300/B-500/C-700 (Ross Maynard) - libceph: fix potential hang in ceph_osdc_notify() (Ilya Dryomov) - scsi: zfcp: Defer fc_rport blocking until after ADISC response (Steffen Maier) - tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen (Eric Dumazet) - tcp_metrics: annotate data-races around tm-> tcpm_net (Eric Dumazet) - tcp_metrics: annotate data-races around tm-> tcpm_vals[] (Eric Dumazet) - tcp_metrics: annotate data-races around tm-> tcpm_lock (Eric Dumazet) - tcp_metrics: annotate data-races around tm-> tcpm_stamp (Eric Dumazet) - tcp_metrics: fix addr_same() helper (Eric Dumazet) - ip6mr: Fix skb_under_panic in ip6mr_cache_report() (Yue Haibing) - net: dcb: choose correct policy to parse DCB_ATTR_BCN (Lin Ma) - net: ll_temac: fix error checking of irq_of_parse_and_map() (Dan Carpenter) - net: ll_temac: Switch to use dev_err_probe() helper (Yang Yingliang) - driver core: add device probe log helper (Andrzej Hajda) - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) - net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis) - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis) - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (valis) -net: add missing data-race annotation for sk_ll_usec (Eric Dumazet) - net: add missing data-race annotations around sk-> sk_peek_off (Eric Dumazet) - net: add missing READ_ONCE(sk-> sk_rcvbuf) annotation (Eric Dumazet) - net: add missing READ_ONCE(sk-> sk_sndbuf) annotation (Eric Dumazet) - net: add missing READ_ONCE(sk-> sk_rcvlowat) annotation (Eric Dumazet) - net: annotate data-races around sk-> sk_max_pacing_rate (Eric Dumazet) - mISDN: hfcpci: Fix potential deadlock on &hc-> lock (Chengfeng Ye) - net: sched: cls_u32: Fix match key mis-addressing (Jamal Hadi Salim) - perf test uprobe_from_different_cu: Skip if there is no gcc (Georg MÃ¼ller) - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length (Lin Ma) - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() (Yuanjun Gong) - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx (Zhengchao Shao) - KVM: s390: fix sthyi error handling (Heiko Carstens) - word-at-a-time: use the same return type for has_zero regardless of endianness (ndesaulniers@google.com) - loop: Select I/O scheduler 'none' from inside add_disk() (Bart Van Assche) - perf: Fix function pointer case (Peter Zijlstra) - arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro (D Scott Phillips) - ASoC: cs42l51: fix driver to properly autoload with automatic module loading (Thomas Petazzoni) - net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela) {CVE-2023-31436} - btrfs: fix race between quota disable and quota assign ioctls (Filipe Manana) - btrfs: qgroup: return ENOTCONN instead of EINVAL when quotas are not enabled (Marcos Paulo de Souza) - btrfs: qgroup: remove one-time use variables for quota_root checks (Marcos Paulo de Souza) - cpufreq: intel_pstate: Drop ACPI _PSS states table patching (Rafael J. Wysocki) - ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily (Rafael J. Wysocki) - ACPI: processor: perflib: Use the "no limit" frequency QoS (Rafael J. Wysocki) - dm cache policy smq: ensureIO doesn't prevent cleaner policy progress (Joe Thornber) - ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register (Mark Brown) - s390/dasd: fix hanging device after quiesce/resume (Stefan Haberland) - virtio-net: fix race between set queues and probe (Jason Wang) - btrfs: check if the transaction was aborted at btrfs_wait_for_commit() (Filipe Manana) - irq-bcm6345-l1: Do not assume a fixed block to cpu mapping (Jonas Gorski) - tpm_tis: Explicitly check for error code (Alexander Steffen) - btrfs: check for commit error at btrfs_attach_transaction_barrier() (Filipe Manana) - hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled (Gilles Buloz) - staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (Zhang Shurong) - Documentation: security-bugs.rst: clarify CVE handling (Greg Kroah-Hartman) - Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group (Greg Kroah-Hartman) - Revert "usb: xhci: tegra: Fix error check" (Dan Carpenter) - usb: xhci-mtk: set the dma max_seg_size (Ricardo Ribalda) - USB: quirks: add quirk for Focusrite Scarlett (Åukasz Bartosik) - usb: ohci-at91: Fix the unhandle interrupt when resume (Guiting Shen) - usb: dwc3: don't reset device side if dwc3 was configured as host-only (Jisheng Zhang) - usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy (Gratian Crisan) - Revert "usb: dwc3: core: Enable AutoRetry feature in the controller" (Jakub Vanek) - can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED (Marc Kleine-Budde) - USB: serial: simple: sort driver entries (Johan Hovold) - USB: serial: simple: add Kaufmann RKS+CAN VCP (Oliver Neukum) - USB: serial: option: add Quectel EC200A module support (Mohsen Tahmasebi) - USB: serial: option: support Quectel EM060K_128 (Jerry Meng) - serial: sifive: Fix sifive_serial_console_setup() section (Samuel Holland) - serial: 8250_dw: Preserve original value of DLF register (Ruihong Luo) - tracing: Fix warning intrace_buffered_event_disable() (Zheng Yejian) - ring-buffer: Fix wrong stat of cpu_buffer-> read (Zheng Yejian) - ata: pata_ns87415: mark ns87560_tf_read static (Arnd Bergmann) - dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (Yu Kuai) - block: Fix a source code comment in include/uapi/linux/blkzoned.h (Bart Van Assche) - ASoC: fsl_spdif: Silence output on stop (Matus Gajdos) - drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb() (Gaosheng Cui) - drm/msm/adreno: Fix snapshot BINDLESS_DATA size (Rob Clark) - drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (Dmitry Baryshkov) - RDMA/mlx4: Make check for invalid flags stricter (Dan Carpenter) - benet: fix return value check in be_lancer_xmit_workarounds() (Yuanjun Gong) - net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64 (Lin Ma) - net/sched: mqprio: add extack to mqprio_parse_nlattr() (Vladimir Oltean) - net/sched: mqprio: refactor nlattr parsing to a separate function (Vladimir Oltean) - platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 (Maxim Mikityanskiy) - team: reset team's flags when down link is P2P device (Hangbin Liu) - bonding: reset bond's flags when down link is P2P device (Hangbin Liu) - tcp: Reduce chance of collisions in inet6_hashfn(). (Stewart Smith) - ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address (Maciej Å»enczykowski) - ethernet: atheros: fix return value check in atl1e_tso_csum() (Yuanjun Gong) - phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() (Harshit Mogalapalli) - vxlan: calculate correct header length for GPE (Jiri Benc) - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (Wang Ming) - ext4: fix to check return value of freeze_bdev() in ext4_shutdown() (Chao Yu) - keys: Fix linking a duplicate key to a keyring's assoc_array (Petr Pavlu) - uapi: General notification queue definitions (David Howells) - scsi: qla2xxx: Array index may go out of bound (Nilesh Javali) - pwm: meson:fix handling of period/duty if greater than UINT_MAX (Heiner Kallweit) - pwm: meson: Simplify duplicated per-channel tracking (Uwe Kleine-KÃ¶nig) - pwm: meson: Remove redundant assignment to variable fin_freq (Colin Ian King) - ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() (Zheng Yejian) - ftrace: Store the order of pages allocated in ftrace_page (Linus Torvalds) - ftrace: Check if pages were allocated before calling free_pages() (Steven Rostedt (VMware)) - ftrace: Add information on number of page groups allocated (Steven Rostedt (VMware)) - fs: dlm: interrupt posix locks only when process is killed (Alexander Aring) - dlm: rearrange async condition return (Alexander Aring) - dlm: cleanup plock_op vs plock_xop (Alexander Aring) - PCI/ASPM: Avoid link retraining race (Ilpo JÃ¤rvinen) - PCI/ASPM: Factor out pcie_wait_for_retrain() (Ilpo JÃ¤rvinen) - PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() (Bjorn Helgaas) - ext4: Fix reusing stale buffer heads from last failed mounting (Zhihao Cheng) - ext4: rename journal_dev to s_journal_dev inside ext4_sb_info (Chunguang Xu) - btrfs: fix extent buffer leak after tree mod log failure at split_node() (Filipe Manana) - btrfs: fix race between quota disable and relocation (Filipe Manana) - btrfs: qgroup: catch reserved space leaks at unmount time (Qu Wenruo) - bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (Zheng Wang) - bcache: remove 'int n' from parameter list of bch_bucket_alloc_set() (Coly Li) - gpio: tps68470: Make tps68470_gpio_output() always set the initial value (Hans de Goede) - jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (Zhihao Cheng) - jbd2: recheck chechpointing non-dirty buffer (Zhang Yi) - jbd2: remove redundant buffer io error checks (Zhang Yi) - jbd2: fix kernel-doc markups (Mauro Carvalho Chehab) - jbd2: fix incorrect code style (Xianting Tian) - LTS tag: v5.4.252 (Sherry Yang) - x86: fix backwards merge of GDS/SRSObit (Greg Kroah-Hartman) - xen/netback: Fix buffer overrun triggered by unusual packet (Ross Lagerwall) {CVE-2023-34319} - x86/cpu, kvm: Add support for CPUID_80000021_EAX (Kim Phillips) - x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX] (Sean Christopherson) - x86/cpu: Add VM page flush MSR availablility as a CPUID feature (Tom Lendacky) - x86/cpufeatures: Add SEV-ES CPU feature (Tom Lendacky) - x86/mm: fix poking_init() for Xen PV guests (Juergen Gross) [5.4.17-2136.324.1.el7] - io_uring: add support for registering ring file descriptors (Jens Axboe) [Orabug: 35485491] - mm,shmem,thp: limit shmem THP allocations to requested zones (Rik van Riel) [Orabug: 35655117] - mm,thp,shm: limit gfp mask to no more than specified (Rik van Riel) [Orabug: 35655117] - mm,thp,shmem: limit shmem THP alloc gfp_mask (Rik van Riel) [Orabug: 35655117] - uek-rpm: Removing pre scriptlet to not allow firmware downgrade (Samasth Norway Ananda) [Orabug: 35741866] - rds: Remove gratuitous include of time.h from rds.h (Mark Haywood) [Orabug: 35742761] - RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (Shay Drory) [Orabug: 35750824] - smp: Reduce NMI traffic from CSD waiters to CSD destination (Imran Khan) [Orabug: 35752501] - smp: Reduce logging due to dump_stack of CSD waiters (Imran Khan) [Orabug: 35752501] [5.4.17-2136.323.8.el7] - vhost-scsi: Fix alignment handling with windows (Mike Christie) [Orabug: 35769318] - Revert "vhost/scsi: support non zerocopy iovecs" (Rajan Shanmugavelu) [Orabug: 35769318] [5.4.17-2136.323.7.el7] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl (Andrea Arcangeli) [Orabug: 35725160] - KVM: SVM: Add support for Virtual SPEC_CTRL (Babu Moger) [Orabug: 35725160] - x86/cpufeatures: Add the Virtual SPEC_CTRL feature (Babu Moger) [Orabug: 35725160] - x86/mm: Initialize text poking earlier (Peter Zijlstra) [Orabug: 35744495] - mm: Move mm_cachep initialization to mm_init() (Peter Zijlstra) [Orabug:35744495] - x86/mm: Use mm_alloc() in poking_init() (Peter Zijlstra) [Orabug: 35744495] - mips: add support for TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35749111] [5.4.17-2136.323.6.el7] - ek-rpm: Update kernel's linux-firmware dependency. (Brian Maly) [Orabug: 35742717] - nbd: make sure request completion won't concurrent (Yu Kuai) [Orabug: 35339589] - nbd: don't handle response without a corresponding request message (Yu Kuai) [Orabug: 35339589] - nvme: handle effects after freeing the request (Alan Adamson) [Orabug: 35411534] - x86/pkeys: Revert a5eff7259790 ("x86/pkeys: Add PKRU value to init_fpstate") (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - Documentation/x86: Fix backwards on/off logic about YMM support (Dave Hansen) [Orabug: 35714800] {CVE-2022-40982} - x86/xen: Fix secondary processors' FPU initialization (Juergen Gross) [Orabug: 35714800] {CVE-2022-40982} - KVM: Add GDS_NO support to KVM (Daniel Sneddon) [Orabug: 35714800] {CVE-2022-40982} - x86/speculation: Add Kconfig option for GDS (Daniel Sneddon) [Orabug: 35714800] {CVE-2022-40982} - x86/speculation: Add force option to GDS mitigation (Daniel Sneddon) [Orabug: 35714800] {CVE-2022-40982} - x86/speculation: Add Gather Data Sampling mitigation (Daniel Sneddon) [Orabug: 35714800] {CVE-2022-40982} - x86/fpu: Move FPU initialization into arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - x86/fpu: Mark init functions __init (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - x86/fpu: Remove cpuinfo argument from init functions (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - init: Invoke arch_cpu_finalize_init() earlier (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - init: Remove check_bugs() leftovers (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - um/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - sparc/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - sh/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - mips/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - m68k/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - ia64/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - ARM: cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - x86/cpu: Switch to arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - init: Provide arch_cpu_finalize_init() (Thomas Gleixner) [Orabug: 35714800] {CVE-2022-40982} - scsi: lpfc: Fix null pointer dereference due to prematurely released ndlp (Ketan Mukadam) [Orabug: 35729915] [5.4.17-2136.323.5.el7] - io_uring/net: save msghdr-> msg_control for retries (Jens Axboe) [Orabug: 35495339] - io_uring/net: clear msg_controllen on partial sendmsg retry (Jens Axboe) [Orabug: 35495339] - io_uring/net: disable partial retries for recvmsg with cmsg (Jens Axboe) [Orabug: 35495339] - io_uring: hold uring mutex around poll removal (Jens Axboe) [Orabug: 35495339] - io_uring: avoid null-ptr-deref in io_arm_poll_handler (Fedor Pchelkin) [Orabug: 35495339] - io_uring/poll: allow some retries for poll triggering spuriously (Jens Axboe) [Orabug: 35495339] - io_uring: remove MSG_NOSIGNAL from recvmsg (David Lamparter) [Orabug: 35495339] - io_uring/rsrc: disallow multi-source reg buffers (Pavel Begunkov) [Orabug: 35495339] - io_uring: add a conditional reschedule to the IOPOLL cancelation loop (Jens Axboe) [Orabug: 35495339] - io_uring: mark task TASK_RUNNING before handling resume/task work (Jens Axboe) [Orabug: 35495339] - io_uring: handle TIF_NOTIFY_RESUME when checking for task_work (Jens Axboe) [Orabug: 35495339] -io_uring: ensure that io_init_req() passes in the right issue_flags (Jens Axboe) [Orabug: 35495339] - io_uring: add missing lock in io_get_file_fixed (Bing-Jhong Billy Jheng) [Orabug: 35495339] - io_uring/rw: remove leftover debug statement (Jens Axboe) [Orabug: 35495339] - io_uring/rw: ensure kiocb_end_write() is always called (Jens Axboe) [Orabug: 35495339] - io_uring: fix double poll leak on repolling (Pavel Begunkov) [Orabug: 35495339] - io_uring: Clean up a false-positive warning from GCC 9.3.0 (Alviro Iskandar Setiawan) [Orabug: 35495339] - io_uring/net: fix fast_iov assignment in io_setup_async_msg() (Stefan Metzmacher) [Orabug: 35495339] - io_uring: io_kiocb_update_pos() should not touch file for non -1 offset (Jens Axboe) [Orabug: 35495339] - io_uring/rw: defer fsnotify calls to task context (Jens Axboe) [Orabug: 35495339] - io_uring: do not recalculate ppos unnecessarily (Dylan Yudaken) [Orabug: 35495339] - io_uring: update kiocb-> ki_pos at execution time (Dylan Yudaken) [Orabug: 35495339] - io_uring: remove duplicated calls to io_kiocb_ppos (Dylan Yudaken) [Orabug: 35495339] - io_uring: ensure that cached task references are always put on exit (Jens Axboe) [Orabug: 35495339] - io_uring: fix CQ waiting timeout handling (Pavel Begunkov) [Orabug: 35495339] - io_uring: lock overflowing for IOPOLL (Pavel Begunkov) [Orabug: 35495339] - io_uring: check for valid register opcode earlier (Jens Axboe) [Orabug: 35495339] - io_uring: fix async accept on O_NONBLOCK sockets (Dylan Yudaken) [Orabug: 35495339] - io_uring: allow re-poll if we made progress (Jens Axboe) [Orabug: 35495339] - io_uring: support MSG_WAITALL for IORING_OP_SEND(MSG) (Jens Axboe) [Orabug: 35495339] - io_uring: add flag for disabling provided buffer recycling (Jens Axboe) [Orabug: 35495339] - io_uring: ensure recv and recvmsg handle MSG_WAITALL correctly (Jens Axboe) [Orabug: 35495339] - io_uring: improve send/recv error handling (Pavel Begunkov) [Orabug: 35495339] - io_uring: don't gate task_workrun on TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35495339] - io_uring/io-wq: only free worker if it was allocated for creation (Jens Axboe) [Orabug: 35495339] - io_uring/io-wq: free worker if task_work creation is canceled (Jens Axboe) [Orabug: 35495339] - io_uring: Fix unsigned 'res' comparison with zero in io_fixup_rw_res() (Harshit Mogalapalli) [Orabug: 35495339] - io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups (Jens Axboe) [Orabug: 35495339] - eventpoll: add EPOLL_URING_WAKE poll wakeup flag (Jens Axboe) [Orabug: 35495339] - epoll: simplify ep_poll_safewake() for CONFIG_DEBUG_LOCK_ALLOC (Jason Baron) [Orabug: 35495339] - eventfd: provide a eventfd_signal_mask() helper (Jens Axboe) [Orabug: 35495339] - signal: kill JOBCTL_TASK_WORK (Jens Axboe) [Orabug: 35495339] - net: remove cmsg restriction from io_uring based send/recvmsg calls (Jens Axboe) [Orabug: 35495339] - io_uring: import 5.15-stable io_uring (Jens Axboe) [Orabug: 35495339] - fs: provide locked helper variant of close_fd_get_file() (Jens Axboe) [Orabug: 35495339] - file: Rename __close_fd_get_file close_fd_get_file (Eric W. Biederman) [Orabug: 35495339] - fs: push the getname from do_rmdir into the callers (Christoph Hellwig) [Orabug: 35495339] - task_work: unconditionally run task_work from get_signal() (Jens Axboe) [Orabug: 35495339] - Revert "proc: don't allow async path resolution of /proc/self components" (Jens Axboe) [Orabug: 35495339] - tools headers UAPI: Sync openat2.h with the kernel sources (Arnaldo Carvalho de Melo) [Orabug: 35495339] - fs: expose LOOKUP_CACHED through openat2() RESOLVE_CACHED (Jens Axboe) [Orabug: 35495339] - fix handling of nd-> depth on LOOKUP_CACHED failures in try_to_unlazy* (Al Viro) [Orabug: 35495339] - fs: add support for LOOKUP_CACHED (Jens Axboe) [Orabug: 35495339] - x86/process: setup io_threads more like normal user space threads (Stefan Metzmacher) [Orabug: 35495339] - arch: setup PF_IO_WORKER threads like PF_KTHREAD (Jens Axboe) [Orabug:35495339] - task_work: remove legacy TWA_SIGNAL path (Jens Axboe) [Orabug: 35495339] - Make sure nd-> path.mnt and nd-> path.dentry are always valid pointers (Al Viro) [Orabug: 35495339] - fs: make do_renameat2() take struct filename (Jens Axboe) [Orabug: 35495339] - kernel: allow fork with TIF_NOTIFY_SIGNAL pending (Jens Axboe) [Orabug: 35495339] - coredump: Limit what can interrupt coredumps (Eric W. Biederman) [Orabug: 35495339] - arm64: add support for TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35495339] - arm: add support for TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35495339] - task_work: Use TIF_NOTIFY_SIGNAL if available (Jens Axboe) [Orabug: 35495339] - entry: Add support for TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35495339] - x86: Wire up TIF_NOTIFY_SIGNAL (Jens Axboe) [Orabug: 35495339] - signal: Add task_sigpending() helper (Jens Axboe) [Orabug: 35495339] - net: add accept helper not installing fd (Pavel Begunkov) [Orabug: 35495339] - net: provide __sys_shutdown_sock() that takes a socket (Jens Axboe) [Orabug: 35495339] - task_work: add helper for more targeted task_work canceling (Jens Axboe) [Orabug: 35495339] - kernel: don't call do_exit() for PF_IO_WORKER threads (Jens Axboe) [Orabug: 35495339] - kernel: stop masking signals in create_io_thread() (Jens Axboe) [Orabug: 35495339] - iov_iter: add helper to save iov_iter state (Jens Axboe) [Orabug: 35495339] - kernel: provide create_io_thread() helper (Jens Axboe) [Orabug: 35495339] - io_uring: add missing item types for splice request (Bing-Jhong Billy Jheng) [Orabug: 35495339] - io_uring: don't hold uring_lock when calling io_run_task_work* (Hao Xu) [Orabug: 35495339] - io_uring: kill goto error handling in io_sqpoll_wait_sq() (Jens Axboe) [Orabug: 35495339] - io_uring: correct pinned_vm accounting (Pavel Begunkov) [Orabug: 35495339] - io_uring: Use original task for req identity in io_identity_cow() (Lee Jones) [Orabug: 35495339] - io_uring: ensure that send/sendmsg and recv/recvmsg check sqe-> ioprio(Jens Axboe) [Orabug: 35495339] - io_uring: use separate list entry for iopoll requests (Jens Axboe) [Orabug: 35495339] - io_uring: add missing item types for various requests (Jens Axboe) [Orabug: 35495339] - io_uring: fix using under-expanded iters (Pavel Begunkov) [Orabug: 35495339] - io_uring: don't re-import iovecs from callbacks (Pavel Begunkov) [Orabug: 35495339] - arm64: Remove TIF_NOHZ (Frederic Weisbecker) [Orabug: 35495339] - arm: Remove TIF_NOHZ (Frederic Weisbecker) [Orabug: 35495339] - x86: Remove TIF_NOHZ (Frederic Weisbecker) [Orabug: 35495339] - context-tracking: Introduce CONFIG_HAVE_TIF_NOHZ (Frederic Weisbecker) [Orabug: 35495339] - x86/entry: Remove _TIF_NOHZ from _TIF_WORK_SYSCALL_ENTRY (Thomas Gleixner) [Orabug: 35495339] - mm: allow a controlled amount of unfairness in the page lock (Linus Torvalds) [Orabug: 35565406] [5.4.17-2136.323.4.el7] - uek-rpm: Disable cls_tcindex in file tcindex-disable.conf (Sherry Yang) [Orabug: 35676248] - uek-rpm: Update kernel's linux-firmware dependency. (Somasundaram Krishnasamy) [Orabug: 35678692] - Revert "sched/fair: sanitize vruntime of entity being placed" (Saeed Mirzamohammadi) [Orabug: 35683806] - Revert "sched/fair: Sanitize vruntime of entity being migrated" (Saeed Mirzamohammadi) [Orabug: 35683806] [5.4.17-2136.323.3.el7] - LTS tag: v5.4.251 (Sherry Yang) - tracing/histograms: Return an error if we fail to add histogram to hist_vars list (Mohamed Khalfella) - tcp: annotate data-races around fastopenq.max_qlen (Eric Dumazet) - tcp: annotate data-races around tp-> notsent_lowat (Eric Dumazet) - tcp: annotate data-races around rskq_defer_accept (Eric Dumazet) - tcp: annotate data-races around tp-> linger2 (Eric Dumazet) - net: Replace the limit of TCP_LINGER2 with TCP_FIN_TIMEOUT_MAX (Cambda Zhu) - tcp: annotate data-races around tp-> tcp_tx_delay (Eric Dumazet) - netfilter: nf_tables: can't schedule in nft_chain_validate (Florian Westphal) - netfilter: nf_tables: fix spurious set element insertionfailure (Florian Westphal) - llc: Don't drop packet from non-root netns. (Kuniyuki Iwashima) - fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe (Zhang Shurong) - Revert "tcp: avoid the lookup process failing to get sk in ehash table" (Kuniyuki Iwashima) - net:ipv6: check return value of pskb_trim() (Yuanjun Gong) - iavf: Fix use-after-free in free_netdev (Ding Hui) - net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field() (Tanmay Patil) - pinctrl: amd: Use amd_pinconf_set() for all config options (Mario Limonciello) - fbdev: imxfb: warn about invalid left/right margin (Martin Kaiser) - spi: bcm63xx: fix max prepend length (Jonas Gorski) - igb: Fix igb_down hung on surprise removal (Ying Hsu) - wifi: iwlwifi: mvm: avoid baid size integer overflow (Johannes Berg) - wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() (Gustavo A. R. Silva) - devlink: report devlink_port_type_warn source device (Petr Oros) - bpf: Address KCSAN report on bpf_lru_list (Martin KaFai Lau) - sched/fair: Don't balance task to its current running CPU (Yicong Yang) - arm64: mm: fix VA-range sanity check (Mark Rutland) - posix-timers: Ensure timer ID search-loop limit is valid (Thomas Gleixner) - md/raid10: prevent soft lockup while flush writes (Yu Kuai) - md: fix data corruption for raid456 when reshape restart while grow up (Yu Kuai) - nbd: Add the maximum limit of allocated index in nbd_dev_add (Zhong Jinghua) - debugobjects: Recheck debug_objects_enabled before reporting (Tetsuo Handa) - ext4: correct inline offset when handling xattrs in inode body (Eric Whitney) - drm/client: Fix memory leak in drm_client_modeset_probe (Jocelyn Falempe) - drm/client: Fix memory leak in drm_client_target_cloned (Jocelyn Falempe) - can: bcm: Fix UAF in bcm_proc_show() (YueHaibing) - selftests: tc: set timeout to 15 minutes (Matthieu Baerts) - fuse: revalidate: don't invalidate if interrupted (Miklos Szeredi) - btrfs: fix warning when putting transaction with qgroupsenabled after abort (Filipe Manana) - perf probe: Add test for regression introduced by switch to die_get_decl_file() (Georg MÃ¼ller) - drm/atomic: Fix potential use-after-free in nonblocking commits (Daniel Vetter) - scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue (Manish Rangankar) - scsi: qla2xxx: Pointer may be dereferenced (Shreyas Deodhar) - scsi: qla2xxx: Correct the index of array (Bikash Hazarika) - scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() (Nilesh Javali) - scsi: qla2xxx: Fix potential NULL pointer dereference (Bikash Hazarika) - scsi: qla2xxx: Wait for io return on terminate rport (Quinn Tran) - tracing/probes: Fix not to count error code to total length (Masami Hiramatsu (Google)) - tracing: Fix null pointer dereference in tracing_err_log_open() (Mateusz Stachyra) - xtensa: ISS: fix call to split_if_spec (Max Filippov) - ring-buffer: Fix deadloop issue on reading trace_pipe (Zheng Yejian) - tracing/histograms: Add histograms to hist_vars if they have referenced variables (Mohamed Khalfella) - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk (Christophe JAILLET) - tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error (Christophe JAILLET) - Revert "8250: add support for ASIX devices with a FIFO bug" (Jiaqing Zhao) - meson saradc: fix clock divider mask length (George Stark) - ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) - hwrng: imx-rngc - fix the timeout for init and self check (Martin Kaiser) - firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool() (Christophe JAILLET) - serial: atmel: don't enable IRQs prematurely (Dan Carpenter) - drm/rockchip: vop: Leave vblank enabled in self-refresh (Brian Norris) - drm/atomic: Allow vblank-enabled + self-refresh "disable" (Brian Norris) - fs: dlm: return positive pid value for F_GETLK (Alexander Aring) - md/raid0: add discard support for the 'original' layout (Jason Baron) -misc: pci_endpoint_test: Re-init completion for every test (Damien Le Moal) - misc: pci_endpoint_test: Free IRQs before removing the device (Damien Le Moal) - PCI: rockchip: Set address alignment for endpoint mode (Damien Le Moal) - PCI: rockchip: Use u32 variable to access 32-bit registers (Rick Wertenbroek) - PCI: rockchip: Fix legacy IRQ generation for RK3399 PCIe endpoint core (Rick Wertenbroek) - PCI: rockchip: Add poll and timeout to wait for PHY PLLs to be locked (Rick Wertenbroek) - PCI: rockchip: Write PCI Device ID to correct register (Rick Wertenbroek) - PCI: rockchip: Assert PCI Configuration Enable bit after probe (Rick Wertenbroek) - PCI: qcom: Disable write access to read only registers for IP v2.3.3 (Manivannan Sadhasivam) - PCI: Add function 1 DMA alias quirk for Marvell 88SE9235 (Robin Murphy) - PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold (Ondrej Zary) - jfs: jfs_dmap: Validate db_l2nbperpage while mounting (Siddh Raman Pant) - ext4: only update i_reserved_data_blocks on successful block allocation (Baokun Li) - ext4: fix wrong unit use in ext4_mb_clear_bb (Kemeng Shi) - erofs: fix compact 4B support for 16k block size (Gao Xiang) - SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (Ding Hui) - misc: fastrpc: Create fastrpc scalar with correct buffer count (Ekansh Gupta) - powerpc: Fail build if using recordmcount with binutils v2.37 (Naveen N Rao) - net: bcmgenet: Ensure MDIO unregistration has clocks enabled (Florian Fainelli) - mtd: rawnand: meson: fix unaligned DMA buffers handling (Arseniy Krasnov) - tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (Jarkko Sakkinen) - pinctrl: amd: Only use special debounce behavior for GPIO 0 (Mario Limonciello) - pinctrl: amd: Detect internal GPIO0 debounce handling (Mario Limonciello) - pinctrl: amd: Fix mistake in handling clearing pins at startup (Mario Limonciello) - net/sched: make psched_mtu() RTNL-less safe (Pedro Tammela) - net/sched: flower: Ensure both minimum and maximum ports are specified(Ido Schimmel) - cls_flower: Add extack support for src and dst port range options (Guillaume Nault) - wifi: airo: avoid uninitialized warning in airo_get_rate() (Randy Dunlap) - erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (Chunhai Guo) - platform/x86: wmi: Break possible infinite loop when parsing GUID (Andy Shevchenko) - platform/x86: wmi: move variables (BarnabÃ¡s PÅcze) - platform/x86: wmi: use guid_t and guid_equal() (BarnabÃ¡s PÅcze) - platform/x86: wmi: remove unnecessary argument (BarnabÃ¡s PÅcze) - platform/x86: wmi: Fix indentation in some cases (Andy Shevchenko) - platform/x86: wmi: Replace UUID redefinitions by their originals (Andy Shevchenko) - ipv6/addrconf: fix a potential refcount underflow for idev (Ziyang Xuan) - NTB: ntb_tool: Add check for devm_kcalloc (Jiasheng Jiang) - NTB: ntb_transport: fix possible memory leak while device_register() fails (Yang Yingliang) - ntb: intel: Fix error handling in intel_ntb_pci_driver_init() (Yuan Can) - NTB: amd: Fix error handling in amd_ntb_pci_driver_init() (Yuan Can) - ntb: idt: Fix error handling in idt_pci_driver_init() (Yuan Can) - udp6: fix udp6_ehashfn() typo (Eric Dumazet) - icmp6: Fix null-ptr-deref of ip6_null_entry-> rt6i_idev in icmp6_dev(). (Kuniyuki Iwashima) - ionic: remove WARN_ON to prevent panic_on_warn (Nitya Sunkad) - net/sched: cls_fw: Fix improper refcount update leads to use-after-free (M A Ramdhan) - net: mvneta: fix txq_map in case of txq_number==1 (Klaus Kudielka) - scsi: qla2xxx: Fix error code in qla2x00_start_sp() (Dan Carpenter) - igc: set TP bit in 'supported' and 'advertising' fields of ethtool_link_ksettings (Prasad Koya) - igc: Remove delay during TX ring configuration (Muhammad Husaini Zulkifli) - drm/panel: simple: Add connector_type for innolux_at043tn24 (Fabio Estevam) - drm/panel: Add and fill drm_panel type field (Laurent Pinchart) - drm/panel: Initialise panel dev and funcs through drm_panel_init() (Laurent Pinchart) - workqueue: clean upWORK_* constant types, clarify masking (Linus Torvalds) - net: lan743x: Don't sleep in atomic context (Moritz Fischer) - block/partition: fix signedness issue for Amiga partitions (Michael Schmitz) - tty: serial: fsl_lpuart: add earlycon for imx8ulp platform (Sherry Sun) - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Thadeu Lima de Souza Cascardo) - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (Florent Revest) - netfilter: nf_tables: fix scheduling-while-atomic splat (Florian Westphal) - netfilter: nf_tables: unbind non-anonymous set if rule construction fails (Pablo Neira Ayuso) - netfilter: nf_tables: reject unbound anonymous set before commit phase (Pablo Neira Ayuso) - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain (Pablo Neira Ayuso) - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE (Pablo Neira Ayuso) - netfilter: nf_tables: add rescheduling points during loop detection walks (Florian Westphal) - netfilter: nf_tables: use net_generic infra for transaction data (Florian Westphal) - netfilter: add helper function to set up the nfnetlink header and use it (Pablo Neira Ayuso) - netfilter: nftables: add helper function to set the base sequence number (Pablo Neira Ayuso) - netfilter: nf_tables: fix nat hook table deletion (Florian Westphal) - block: add overflow checks for Amiga partition support (Michael Schmitz) - fanotify: disallow mount/sb marks on kernel internal pseudo fs (Amir Goldstein) - fs: no need to check source (Jan Kara) - ARM: orion5x: fix d2net gpio initialization (Arnd Bergmann) - btrfs: fix race when deleting quota root from the dirty cow roots list (Filipe Manana) - fs: Lock moved directories (Jan Kara) - fs: Establish locking order for unrelated directories (Jan Kara) - Revert "f2fs: fix potential corruption when moving a directory" (Jan Kara) - ext4: Remove ext4 locking of moved directory (Jan Kara) - fs: avoid empty option when generating legacy mount string (ThomasWeiÃschuh) - jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (Fabian Frederick) - integrity: Fix possible multiple allocation in integrity_inode_get() (Tianjia Zhang) - bcache: Remove unnecessary NULL point check in node allocations (Zheng Wang) - mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is used. (Chevron Li) - mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M (Robert Marko) - mmc: core: disable TRIM on Kingston EMMC04G-M627 (Robert Marko) - NFSD: add encoding of op_recall flag for write delegation (Dai Ngo) - ALSA: jack: Fix mutex call in snd_jack_report() (Takashi Iwai) - i2c: xiic: Don't try to handle more interrupt events after error (Robert Hancock) - i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process() (Marek Vasut) - sh: dma: Fix DMA channel offset calculation (Artur Rojek) - net: dsa: tag_sja1105: fix MAC DA patching from meta frames (Vladimir Oltean) - net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX (Lin Ma) - xsk: Honor SO_BINDTODEVICE on bind (Ilya Maximets) - xsk: Improve documentation for AF_XDP (Magnus Karlsson) - tcp: annotate data races in __tcp_oow_rate_limited() (Eric Dumazet) - net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode (Vladimir Oltean) - powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y (Randy Dunlap) - f2fs: fix error path handling in truncate_dnode() (Chao Yu) - mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0 (Nishanth Menon) - spi: bcm-qspi: return error if neither hif_mspi nor mspi is available (Jonas Gorski) - Add MODULE_FIRMWARE() for FIRMWARE_TG357766. (Tobias Heider) - sctp: fix potential deadlock on &net-> sctp.addr_wq_lock (Chengfeng Ye) - rtc: st-lpc: Release some resources in st_rtc_probe() in case of error (Christophe JAILLET) - pwm: sysfs: Do not apply state to already disabled PWMs (Marek Vasut) - pwm: imx-tpm: force 'real_period' to be zero in suspend (Fancy Fang) - mfd: stmpe: Only disable the regulators if they are enabled(Christophe JAILLET) - KVM: s390: vsie: fix the length of APCB bitmap (Pierre Morel) - mfd: stmfx: Fix error path in stmfx_chip_init (Amelie Delaunay) - serial: 8250_omap: Use force_suspend and resume for system suspend (Tony Lindgren) - mfd: intel-lpss: Add missing check for platform_get_resource (Jiasheng Jiang) - usb: dwc3: qcom: Release the correct resources in dwc3_qcom_remove() (Christophe JAILLET) - KVM: s390: fix KVM_S390_GET_CMMA_BITS for GFNs in memslot holes (Nico Boehr) - mfd: rt5033: Drop rt5033-battery sub-device (Stephan Gerhold) - usb: hide unused usbfs_notify_suspend/resume functions (Arnd Bergmann) - usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() (Li Yang) - extcon: Fix kernel doc of property capability fields to avoid warnings (Andy Shevchenko) - extcon: Fix kernel doc of property fields to avoid warnings (Andy Shevchenko) - usb: dwc3: qcom: Fix potential memory leak (Vladislav Efanov) - media: usb: siano: Fix warning due to null work_func_t function pointer (Duoming Zhou) - media: videodev2.h: Fix struct v4l2_input tuner index comment (Marek Vasut) - media: usb: Check az6007_read() return value (Daniil Dulov) - sh: j2: Use ioremap() to translate device tree address into kernel memory (John Paul Adrian Glaubitz) - w1: fix loop in w1_fini() (Dan Carpenter) - block: change all __u32 annotations to __be32 in affs_hardblocks.h (Michael Schmitz) - block: fix signed int overflow in Amiga partition support (Michael Schmitz) - usb: dwc3: gadget: Propagate core init errors to UDC during pullup (Krishna Kurapati) - USB: serial: option: add LARA-R6 01B PIDs (Davide Tronchin) - hwrng: st - keep clock enabled while hwrng is registered (Martin Kaiser) - hwrng: st - Fix W=1 unused variable warning (Herbert Xu) - NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION (Olga Kornievskaia) - ARC: define ASM_NL and __ALIGN(_STR) outside #ifdef __ASSEMBLY__ guard (Masahiro Yamada) - modpost: fix off by one in is_executable_section() (Dan Carpenter) - crypto:marvell/cesa - Fix type mismatch warning (Arnd Bergmann) - modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24} (Masahiro Yamada) - modpost: fix section mismatch message for R_ARM_ABS32 (Masahiro Yamada) - crypto: nx - fix build warnings when DEBUG_FS is not enabled (Randy Dunlap) - hwrng: virtio - Fix race on data_avail and actual data (Herbert Xu) - hwrng: virtio - always add a pending request (Laurent Vivier) - hwrng: virtio - don't waste entropy (Laurent Vivier) - hwrng: virtio - don't wait on cleanup (Laurent Vivier) - hwrng: virtio - add an internal buffer (Laurent Vivier) - powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary (Aneesh Kumar K.V) - pinctrl: at91-pio4: check return value of devm_kasprintf() (Claudiu Beznea) - perf dwarf-aux: Fix off-by-one in die_get_varname() (Namhyung Kim) - pinctrl: cherryview: Return correct value if pin in push-pull mode (Andy Shevchenko) - PCI: Add pci_clear_master() stub for non-CONFIG_PCI (Sui Jingfeng) - PCI: ftpci100: Release the clock resources (Junyan Ye) - PCI: pciehp: Cancel bringup sequence if card is not present (Rongguang Wei) - scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (Yuchen Yang) - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free (Ding Hui) - scsi: qedf: Fix NULL dereference in error handling (Jinhong Zhu) - ASoC: imx-audmix: check return value of devm_kasprintf() (Claudiu Beznea) - clk: keystone: sci-clk: check return value of kasprintf() (Claudiu Beznea) - clk: cdce925: check return value of kasprintf() (Claudiu Beznea) - ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer (Su Hui) - clk: tegra: tegra124-emc: Fix potential memory leak (Yuan Can) - drm/radeon: fix possible division-by-zero errors (Nikita Zhandarovich) - drm/amdkfd: Fix potential deallocation of previously deallocated memory. (Daniil Dulov) - fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() (Christophe JAILLET) - arm64: dts:renesas: ulcb-kf: Remove flow control for SCIF1 (Wolfram Sang) - IB/hfi1: Fix sdma.h tx-> num_descs off-by-one errors (Patrick Kelsey) - soc/fsl/qe: fix usb.c build errors (Randy Dunlap) - ASoC: es8316: Do not set rate constraints for unsupported MCLKs (Cristian Ciocaltea) - ASoC: es8316: Increment max value for ALC Capture Target Volume control (Cristian Ciocaltea) - memory: brcmstb_dpfe: fix testing array offset after use (Krzysztof Kozlowski) - ARM: ep93xx: fix missing-prototype warnings (Arnd Bergmann) - drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H (Dario Binacchi) - arm64: dts: qcom: msm8916: correct camss unit address (Krzysztof Kozlowski) - ARM: dts: gta04: Move model property out of pinctrl node (Tony Lindgren) - RDMA/bnxt_re: Fix to remove an unnecessary log (Kalesh AP) - drm: sun4i_tcon: use devm_clk_get_enabled in sun4i_tcon_init_clocks (XuDong Liu) - Input: adxl34x - do not hardcode interrupt trigger type (Marek Vasut) - ARM: dts: BCM5301X: Drop "clock-names" from the SPI node (RafaÅ MiÅecki) - Input: drv260x - sleep between polling GO bit (Luca Weiss) - radeon: avoid double free in ci_dpm_init() (Nikita Zhandarovich) - netlink: Add __sock_i_ino() for __netlink_diag_dump(). (Kuniyuki Iwashima) - ipvlan: Fix return value of ipvlan_queue_xmit() (Cambda Zhu) - netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value. (Ilia.Gavrilov) - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one (Florian Westphal) - lib/ts_bm: reset initial match offset for every block of text (Jeremy Sowden) - net: nfc: Fix use-after-free caused by nfc_llcp_find_local (Lin Ma) - nfc: llcp: simplify llcp_sock_connect() error paths (Krzysztof Kozlowski) - gtp: Fix use-after-free in __gtp_encap_destroy(). (Kuniyuki Iwashima) - selftests: rtnetlink: remove netdevsim device after ipsec offload test (Sabrina Dubroca) - netlink: do not hard code device address lenth in fdb dumps (Eric Dumazet) - netlink: fix potential deadlockin netlink_set_err() (Eric Dumazet) - wifi: ath9k: convert msecs to jiffies where needed (Dmitry Antipov) - wifi: cfg80211: rewrite merging of inherited elements (Benjamin Berg) - wifi: iwlwifi: pull from TXQs with softirqs disabled (Johannes Berg) - rtnetlink: extend RTEXT_FILTER_SKIP_STATS to IFLA_VF_INFO (Edwin Peer) - wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key() (Remi Pommarel) - memstick r592: make memstick_debug_get_tpc_name() static (Arnd Bergmann) - kexec: fix a memory leak in crash_shrink_memory() (Zhen Lei) - watchdog/perf: more properly prevent false positives with turbo modes (Douglas Anderson) - watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config (Douglas Anderson) - wifi: rsi: Do not set MMC_PM_KEEP_POWER in shutdown (Marek Vasut) - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (Fedor Pchelkin) - wifi: ray_cs: Fix an error handling path in ray_probe() (Christophe JAILLET) - wifi: ray_cs: Drop useless status variable in parse_addr() (Andy Shevchenko) - wifi: ray_cs: Utilize strnlen() in parse_addr() (Andy Shevchenko) - wifi: wl3501_cs: Fix an error handling path in wl3501_probe() (Christophe JAILLET) - wl3501_cs: use eth_hw_addr_set() (Jakub Kicinski) - net: create netdev-> dev_addr assignment helpers (Jakub Kicinski) - wl3501_cs: Fix misspelling and provide missing documentation (Lee Jones) - wl3501_cs: Remove unnecessary NULL check (Alex Dewar) - wl3501_cs: Fix a bunch of formatting issues related to function docs (Lee Jones) - wifi: atmel: Fix an error handling path in atmel_probe() (Christophe JAILLET) - wifi: orinoco: Fix an error handling path in orinoco_cs_probe() (Christophe JAILLET) - wifi: orinoco: Fix an error handling path in spectrum_cs_probe() (Christophe JAILLET) - regulator: core: Streamline debugfs operations (Geert Uytterhoeven) - regulator: core: Fix more error checking for debugfs_create_dir() (Geert Uytterhoeven) - nfc: llcp: fix possible use of uninitialized variable in nfc_llcp_send_connect()(Krzysztof Kozlowski) - nfc: constify several pointers to u8, char and sk_buff (Krzysztof Kozlowski) - wifi: mwifiex: Fix the size of a memory allocation in mwifiex_ret_802_11_scan() (Christophe JAILLET) - spi: spi-geni-qcom: Correct CS_TOGGLE bit in SPI_TRANS_CFG (Vijaya Krishna Nivarthi) - samples/bpf: Fix buffer overflow in tcp_basertt (Pengcheng Yang) - wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx (Fedor Pchelkin) - wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation (Peter Seiderer) - ima: Fix build warnings (Roberto Sassu) - pstore/ram: Add check for kstrdup (Jiasheng Jiang) - evm: Complete description of evm_inode_setattr() (Roberto Sassu) - ARM: 9303/1: kprobes: avoid missing-declaration warnings (Arnd Bergmann) - powercap: RAPL: Fix CONFIG_IOSF_MBI dependency (Zhang Rui) - PM: domains: fix integer overflow issues in genpd_parse_state() (Nikita Zhandarovich) - clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe (Feng Mingxi) - clocksource/drivers/cadence-ttc: Use ttc driver as platform driver (Rajan Vaja) - tracing/timer: Add missing hrtimer modes to decode_hrtimer_mode(). (Sebastian Andrzej Siewior) - irqchip/jcore-aic: Fix missing allocation of IRQ descriptors (John Paul Adrian Glaubitz) - irqchip/jcore-aic: Kill use of irq_create_strict_mappings() (Marc Zyngier) - md/raid10: fix io loss while replacement replace rdev (Li Nan) - md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (Li Nan) - md/raid10: fix wrong setting of max_corr_read_errors (Li Nan) - md/raid10: fix overflow of md/safe_mode_delay (Li Nan) - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (Li Nan) - x86/resctrl: Only show tasks' pid in current pid namespace (Shawn Wang) - x86/resctrl: Use is_closid_match() in more places (James Morse) - bgmac: fix *initial* chip reset to support BCM5358 (RafaÅ MiÅecki) - drm/amdgpu: Validate VM ioctl flags. (Bas Nieuwenhuizen) - scripts/tags.sh: Resolve gtags empty index generation(Ahmed S. Darwish) - drm/i915: Initialise outparam for error return from wait_for_register (Chris Wilson) - HID: wacom: Use ktime_t rather than int when dealing with timestamps (Jason Gerecke) - fbdev: imsttfb: Fix use after free bug in imsttfb_probe (Zheng Wang) - video: imsttfb: check for ioremap() failures (Greg Kroah-Hartman) - x86/smp: Use dedicated cache-line for mwait_play_dead() (Thomas Gleixner) - gfs2: Don't deref jdesc in evict (Bob Peterson) - LTS tag: v5.4.250 (Sherry Yang) [5.4.17-2136.323.2.el7] - x86/cpu/amd: Add a Zenbleed fix (Borislav Petkov (AMD)) [Orabug: 35641578] - x86/cpu/amd: Move the errata checking functionality up (Borislav Petkov (AMD)) [Orabug: 35641578] - ocfs2: always read both high and low parts of dinode link count (Alexey Asemov) [Orabug: 35643003] - ovl: Always reevaluate the file signature for IMA (Eric Snowberg) [Orabug: 35646439] - bpf: fix NULL pointer dereferences when vmlinux BTF is absent (Alan Maguire) [Orabug: 35623657] - SUNRPC: Ensure the transport backchannel association (Benjamin Coddington) [Orabug: 35643879] [5.4.17-2136.323.1.el7] - uek-rpm: Change the toolchain version in OL8 (Jack Vogel) [Orabug: 35378775] - net/rds: Allow MSG_NOSIGNAL in sendmsg (Gerd Rausch) [Orabug: 35640816] [5.4.17-2136.322.6.el7] - uek-rpm: Add netfilter modules to nano rpm (Samasth Norway Ananda) [Orabug: 35552175] - scsi: target: iscsi: Fix hang in the iSCSI login code (Maurizio Lombardi) [Orabug: 35484554] - scsi: target: iscsi: Fix a race condition between login_work and the login thread (Maurizio Lombardi) [Orabug: 35484554] - scsi: target: iscsi: Fix login error when receiving (Hou Pu) [Orabug: 35484554] - uek-rpm: Prevent cls_tcindex module to be loaded on demand (Sherry Yang) [Orabug: 35616810] [5.4.17-2136.322.5.el7] - cpufreq: intel_pstate: Adjust balance_performance EPP for Sapphire Rapids (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Update EPP for AlderLake mobile (Srinivas Pandruvada) [Orabug:35524050] - cpufreq: intel_pstate: Fix active mode offline/online EPP handling (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Clear HWP Status during HWP Interrupt enable (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Fix unchecked MSR 0x773 access (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Clear HWP desired on suspend/shutdown and offline (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Process HWP Guaranteed change notification (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Override parameters if HWP forced by BIOS (Doug Smythies) [Orabug: 35524050] - cpufreq: intel_pstate: Use HWP if enabled by platform firmware (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Take CPUFREQ_GOV_STRICT_TARGET into account (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: Add strict_target to struct cpufreq_policy (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: Introduce CPUFREQ_GOV_STRICT_TARGET (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: Introduce governor flags (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Avoid missing HWP max updates in passive mode (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: Introduce CPUFREQ_NEED_UPDATE_LIMITS driver flag (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Add -> offline and -> online callbacks (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Tweak the EPP sysfs interface (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Update cached EPP in the active mode (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Implement passive mode with HWP enabled (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Rearrange the storing of new EPP values (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Avoid enabling HWP if EPP is not supported (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Clean up aperf_mperf_shift description(Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Supply struct attribute description for get_aperf_mperf_shift() (Lee Jones) [Orabug: 35524050] - cpufreq: intel_pstate: Fix active mode setting from command line (Rafael J. Wysocki) [Orabug: 35524050] - cpufreq: intel_pstate: Fix static checker warning for epp variable (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Allow raw energy performance preference value (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Allow enable/disable energy efficiency (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Add one more OOB control bit (Srinivas Pandruvada) [Orabug: 35524050] - cpufreq: intel_pstate: Use passive mode by default without HWP (Rafael J. Wysocki) [Orabug: 35524050] [5.4.17-2136.322.4.el7] - tools/resolve_btfids: Use pkg-config to locate libelf (Shen Jiamin) [Orabug: 35110384] - tools resolve_btfids: Always force HOSTARCH (Jiri Olsa) [Orabug: 35110384] - bpf: Fix cross build for CONFIG_DEBUG_INFO_BTF option (Jiri Olsa) [Orabug: 35110384] - bpf: Add BPF_FUNC_jiffies64 (Martin KaFai Lau) [Orabug: 35110384] - selftests/bpf: Add Userspace tests for TCP_WINDOW_CLAMP (Prankur gupta) [Orabug: 35110384] - bpf: Support bitfield read access in btf_struct_access (Martin KaFai Lau) [Orabug: 35110384] - bpf: Enable bpf_skc_to_* sock casting helper to networking prog type (Martin KaFai Lau) [Orabug: 35110384] - bpf: Add bpf_skc_to_{tcp, tcp_timewait, tcp_request}_sock() helpers (Yonghong Song) [Orabug: 35110384] - bpf: Add bpf_skc_to_tcp6_sock() helper (Alan Maguire) [Orabug: 35110384] - bpf: Fix race in btf_resolve_helper_id() (Alexei Starovoitov) [Orabug: 35110384] - bpf: Add PTR_TO_BTF_ID_OR_NULL support (Alan Maguire) [Orabug: 35110384] - bpf: Compile resolve_btfids tool at kernel compilation start (Jiri Olsa) [Orabug: 35110384] - bpf: Resolve BTF IDs in vmlinux image (Jiri Olsa) [Orabug: 35110384] - bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object(Jiri Olsa) [Orabug: 35110384] - bpf: Add BTF_ID_LIST/BTF_ID/BTF_ID_UNUSED macros (Jiri Olsa) [Orabug: 35110384] - bpf: Replace prog_raw_tp+btf_id with prog_tracing (Alexei Starovoitov) [Orabug: 35110384] - bpf: Fix bpf_attr.attach_btf_id check (Alexei Starovoitov) [Orabug: 35110384] - bpf: Prepare btf_ctx_access for non raw_tp use case (Martin KaFai Lau) [Orabug: 35110384] - bpf: Enforce 'return 0' in BTF-enabled raw_tp programs (Alexei Starovoitov) [Orabug: 35110384] - libbpf: Update BTF reloc support to latest Clang format (Andrii Nakryiko) [Orabug: 35110384] - bpf: Add array support to btf_struct_access (Martin KaFai Lau) [Orabug: 35110384] - bpf: Check types of arguments passed into helpers (Alexei Starovoitov) [Orabug: 35110384] - bpf: Add support for BTF pointers to x86 JIT (Alan Maguire) [Orabug: 35110384] - bpf: Add support for BTF pointers to interpreter (Alexei Starovoitov) [Orabug: 35110384] - bpf: Attach raw_tp program with BTF via type name (Alexei Starovoitov) [Orabug: 35110384] - bpf: Implement accurate raw_tp context access via BTF (Alexei Starovoitov) [Orabug: 35110384] - libbpf: Fix strncat bounds error in libbpf_prog_type_by_name (KP Singh) [Orabug: 35110384] - libbpf: Auto-detect btf_id of BTF-based raw_tracepoints (Alexei Starovoitov) [Orabug: 35110384] - bpf: Add attach_btf_id attribute to program load (Alexei Starovoitov) [Orabug: 35110384] - bpf: Process in-kernel BTF (Alexei Starovoitov) [Orabug: 35110384] - bpf: Add typecast to bpf helpers to help BTF generation (Alexei Starovoitov) [Orabug: 35110384] - bpf: Add typecast to raw_tracepoints to help BTF generation (Alexei Starovoitov) [Orabug: 35110384] - RDMA/restrack: Release MR restrack when delete (Mark Zhang) [Orabug: 35256660] [5.4.17-2136.322.3.el7] - xfs: don't drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 35389985] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 35389985] [5.4.17-2136.322.2.el7] - LTS tag: v5.4.249(Sherry Yang) - xfs: verify buffer contents when we skip log replay (Darrick J. Wong) - mm: make wait_on_page_writeback() wait for multiple pending writebacks (Linus Torvalds) - mm: fix VM_BUG_ON(PageTail) and BUG_ON(PageWriteback) (Hugh Dickins) - i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle (Clark Wang) - x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (Dheeraj Kumar Srivastava) - drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl (Min Li) - drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl (Min Li) - drm/exynos: vidi: fix a wrong error return (Inki Dae) - ARM: dts: Fix erroneous ADS touchscreen polarities (Linus Walleij) - ASoC: nau8824: Add quirk to active-high jack-detect (Edson Juliano Drosdeck) - s390/cio: unregister device when the only path is gone (Vineeth Vijayan) - usb: gadget: udc: fix NULL dereference in remove() (Dan Carpenter) - nfcsim.c: Fix error checking for debugfs_create_dir (Osama Muhammad) - media: cec: core: don't set last_initiator if tx in progress (Hans Verkuil) - arm64: Add missing Set/Way CMO encodings (Marc Zyngier) - HID: wacom: Add error check to wacom_parse_and_register() (Denis Arefev) - scsi: target: iscsi: Prevent login threads from racing between each other (Maurizio Lombardi) - sch_netem: acquire qdisc lock in netem_change() (Eric Dumazet) - Revert "net: phy: dp83867: perform soft reset and retain established link" (Francesco Dolcini) - netfilter: nfnetlink_osf: fix module autoload (Pablo Neira Ayuso) - netfilter: nf_tables: disallow element updates of bound anonymous sets (Pablo Neira Ayuso) - be2net: Extend xmit workaround to BE3 chip (Ross Lagerwall) - net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch (ArÄ±nÃ§ ÃNAL) - ipvs: align inner_mac_header for encapsulation (Terin Stock) - mmc: usdhi60rol0: fix deferred probing (Sergey Shtylyov) - mmc: sh_mmcif: fix deferred probing (Sergey Shtylyov) - mmc: sdhci-acpi: fix deferred probing(Sergey Shtylyov) - mmc: omap_hsmmc: fix deferred probing (Sergey Shtylyov) - mmc: omap: fix deferred probing (Sergey Shtylyov) - mmc: mvsdio: fix deferred probing (Sergey Shtylyov) - mmc: mvsdio: convert to devm_platform_ioremap_resource (Yangtao Li) - mmc: mtk-sd: fix deferred probing (Sergey Shtylyov) - net: qca_spi: Avoid high load if QCA7000 is not available (Stefan Wahren) - xfrm: Linearize the skb after offloading if needed. (Sebastian Andrzej Siewior) - ieee802154: hwsim: Fix possible memory leaks (Chen Aotian) - x86/mm: Avoid using set_pgd() outside of real PGD pages (Lee Jones) - nilfs2: prevent general protection fault in nilfs_clear_dirty_page() (Ryusuke Konishi) - writeback: fix dereferencing NULL mapping-> host on writeback_page_template (Rafael Aquini) - ip_tunnels: allow VXLAN/GENEVE to inherit TOS/TTL from VLAN (Matthias May) - mmc: meson-gx: remove redundant mmc_request_done() call from irq context (Martin HundebÃ¸ll) - cgroup: Do not corrupt task iteration when rebinding subsystem (Xiu Jianfeng) - PCI: hv: Fix a race condition bug in hv_pci_query_relations() (Dexuan Cui) - Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs (Michael Kelley) - nilfs2: fix buffer corruption due to concurrent device reads (Ryusuke Konishi) - media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Hyunwoo Kim) - media: dvbdev: fix error logic at dvb_register_device() (Mauro Carvalho Chehab) - media: dvbdev: Fix memleak in dvb_register_device (Dinghao Liu) - x86/purgatory: remove PGO flags (Ricardo Ribalda) - tracing: Add tracing_reset_all_online_cpus_unlocked() function (Steven Rostedt (Google)) - epoll: ep_autoremove_wake_function should use list_del_init_careful (Benjamin Segall) - list: add "list_del_init_careful()" to go with "list_empty_careful()" (Linus Torvalds) - mm: rewrite wait_on_page_bit_common() logic (Linus Torvalds) - nilfs2: reject devices with insufficient block count (Ryusuke Konishi) - LTS tag: v5.4.248 (Sherry Yang) - mmc: block:ensure error propagation for non-blk (Christian Loehle) - drm/nouveau/kms: Fix NULL pointer dereference in nouveau_connector_detect_depth (Alexander Kapshuk) - neighbour: delete neigh_lookup_nodev as not used (Leon Romanovsky) - net: Remove unused inline function dst_hold_and_use() (Gaosheng Cui) - neighbour: Remove unused inline function neigh_key_eq16() (Gaosheng Cui) - afs: Fix vlserver probe RTT handling (David Howells) - selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET (Alex Maftei) - net: tipc: resize nlattr array to correct size (Lin Ma) - net: lapbether: only support ethernet devices (Eric Dumazet) - net/sched: cls_api: Fix lockup on flushing explicitly created chain (Vlad Buslov) - drm/nouveau: add nv_encoder pointer check for NULL (Natalia Petrova) - drm/nouveau/kms: Don't change EDID when it hasn't actually changed (Lyude Paul) - drm/nouveau/dp: check for NULL nv_connector-> native_mode (Natalia Petrova) - igb: fix nvm.ops.read() error handling (Aleksandr Loktionov) - sctp: fix an error code in sctp_sf_eat_auth() (Dan Carpenter) - ipvlan: fix bound dev checking for IPv6 l3s mode (Hangbin Liu) - IB/isert: Fix incorrect release of isert connection (Saravanan Vajravel) - IB/isert: Fix possible list corruption in CMA handler (Saravanan Vajravel) - IB/isert: Fix dead lock in ib_isert (Saravanan Vajravel) - IB/uverbs: Fix to consider event queue closing also upon non-blocking mode (Yishai Hadas) - iavf: remove mask from iavf_irq_enable_queues() (Ahmed Zaki) - RDMA/rxe: Fix the use-before-initialization error of resp_pkts (Zhu Yanjun) - RDMA/rxe: Removed unused name from rxe_task struct (Bob Pearson) - RDMA/rxe: Remove the unused variable obj (Zhu Yanjun) - net/sched: cls_u32: Fix reference counter leak leading to overflow (Lee Jones) - ping6: Fix send to link-local addresses with VRF. (Guillaume Nault) - netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM (Pablo Neira Ayuso) - spi: fsl-dspi: avoid SCK glitches with continuous transfers (VladimirOltean) - spi: spi-fsl-dspi: Remove unused chip-> void_write_data (Vladimir Oltean) - usb: dwc3: gadget: Reset num TRBs before giving back the request (Elson Roy Serrao) - serial: lantiq: add missing interrupt ack (Bernhard Seibold) - USB: serial: option: add Quectel EM061KGL series (Jerry Meng) - Remove DECnet support from kernel (Stephen Hemminger) - ALSA: hda/realtek: Add a quirk for Compaq N14JP6 (Edson Juliano Drosdeck) - net: usb: qmi_wwan: add support for Compal RXM-G1 (Wes Huang) - RDMA/uverbs: Restrict usage of privileged QKEYs (Edward Srouji) - nouveau: fix client work fence deletion race (Dave Airlie) - powerpc/purgatory: remove PGO flags (Ricardo Ribalda) - kexec: support purgatories with .text.hot sections (Ricardo Ribalda) - nilfs2: fix possible out-of-bounds segment allocation in resize ioctl (Ryusuke Konishi) - nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key() (Ryusuke Konishi) - nios2: dts: Fix tse_mac "max-frame-size" property (Janne Grunau) - ocfs2: check new file size on fallocate call (LuÃs Henriques) - ocfs2: fix use-after-free when unmounting read-only filesystem (LuÃs Henriques) - drm:amd:amdgpu: Fix missing buffer object unlock in failure path (Sukrut Bellary) - xen/blkfront: Only check REQ_FUA for writes (Ross Lagerwall) - mips: Move initrd_start check after initrd address sanitisation. (Liviu Dudau) - MIPS: Alchemy: fix dbdma2 (Manuel Lauss) - parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory() (Helge Deller) - parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu() (Helge Deller) - btrfs: handle memory allocation failure in btrfs_csum_one_bio (Johannes Thumshirn) - power: supply: Fix logic checking if system is running from battery (Mario Limonciello) - irqchip/meson-gpio: Mark OF related data as maybe unused (Krzysztof Kozlowski) - regulator: Fix error checking for debugfs_create_dir (Osama Muhammad) - platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0 (Alexandru Sorodoc) - power:supply: Ratelimit no data debug output (Marek Vasut) - ARM: dts: vexpress: add missing cache properties (Krzysztof Kozlowski) - power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule() (Hans de Goede) - power: supply: sc27xx: Fix external_power_changed race (Hans de Goede) - power: supply: ab8500: Fix external_power_changed race (Hans de Goede) - s390/dasd: Use correct lock while counting channel queue length (Jan HÃ¶ppner) - dasd: refactor dasd_ioctl_information (Christoph Hellwig) - KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() (Roberto Sassu) - test_firmware: fix a memory leak with reqs buffer (Mirsad Goran Todorovac) - LTS tag: v5.4.247 (Sherry Yang) - mtd: spinand: macronix: Add support for MX35LFxGE4AD (YouChing Lin) - btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() (Zixuan Fu) - btrfs: check return value of btrfs_commit_transaction in relocation (Josef Bacik) - rbd: get snapshot context after exclusive lock is ensured to be held (Ilya Dryomov) - drm/atomic: Don't pollute crtc_state-> mode_blob with error pointers (Ville SyrjÃ¤lÃ¤) - ext4: only check dquot_initialize_needed() when debugging (Theodore Ts'o) - eeprom: at24: also select REGMAP (Randy Dunlap) - i2c: sprd: Delete i2c adapter in .remove's error path (Uwe Kleine-KÃ¶nig) - bonding (gcc13): synchronize bond_{a,t}lb_xmit() types (Jiri Slaby (SUSE)) - usb: usbfs: Use consistent mmap functions (Ruihan Li) - usb: usbfs: Enforce page requirements for mmap (Ruihan Li) - pinctrl: meson-axg: add missing GPIOA_18 gpio group (Martin HundebÃ¸ll) - rbd: move RBD_OBJ_FLAG_COPYUP_ENABLED flag setting (Ilya Dryomov) - Bluetooth: Fix use-after-free in hci_remove_ltk/hci_remove_irk (Luiz Augusto von Dentz) - ceph: fix use-after-free bug for inodes when flushing capsnaps (Xiubo Li) - can: j1939: avoid possible use-after-free when j1939_can_rx_register fails (Fedor Pchelkin) - can: j1939: change j1939_netdev_lock type to mutex (Fedor Pchelkin) - can:j1939: j1939_sk_send_loop_abort(): improved error queue handling in J1939 Socket (Oleksij Rempel) - drm/amdgpu: fix xclk freq on CHIP_STONEY (Chia-I Wu) - ALSA: hda/realtek: Add Lenovo P3 Tower platform (RenHai) - ALSA: hda/realtek: Add a quirk for HP Slim Desktop S01 (Ai Chao) - Input: psmouse - fix OOB access in Elantech protocol (Dmitry Torokhov) - Input: xpad - delete a Razer DeathAdder mouse VID/PID entry (Ismael Ferreras Morezuelas) - batman-adv: Broken sync while rescheduling delayed work (Vladislav Efanov) - bnxt_en: Query default VLAN before VNIC setup on a VF (Somnath Kotur) - net: sched: fix possible refcount leak in tc_chain_tmplt_add() (Hangyu Hua) - net: sched: move rtm_tca_policy declaration to include file (Eric Dumazet) - rfs: annotate lockless accesses to RFS sock flow table (Eric Dumazet) - rfs: annotate lockless accesses to sk-> sk_rxhash (Eric Dumazet) - netfilter: ipset: Add schedule point in call_ad(). (Kuniyuki Iwashima) - netfilter: conntrack: fix NULL pointer dereference in nf_confirm_cthelper (Tijs Van Buggenhout) - Bluetooth: L2CAP: Add missing checks for invalid DCID (Sungwoo Kim) - Bluetooth: Fix l2cap_disconnect_req deadlock (Ying Hsu) - net: dsa: lan9303: allow vid != 0 in port_fdb_{add|del} methods (Alexander Sverdlin) - neighbour: fix unaligned access to pneigh_entry (Qingfang DENG) - neighbour: Replace zero-length array with flexible-array member (Gustavo A. R. Silva) - spi: qup: Request DMA before enabling clocks (Stephan Gerhold) - i40e: fix build warnings in i40e_alloc.h (Greg Kroah-Hartman) - i40iw: fix build warning in i40iw_manage_apbvt() (Greg Kroah-Hartman) - block/blk-iocost (gcc13): keep large values in a new enum (Jiri Slaby (SUSE)) - blk-iocost: avoid 64-bit division in ioc_timer_fn (Arnd Bergmann) - LTS tag: v5.4.246 (Sherry Yang) - drm/edid: fix objtool warning in drm_cvt_modes() (Linus Torvalds) - wifi: rtlwifi: 8192de: correct checking of IQK reload (Ping-Ke Shih) - drm/edid: Fix uninitialized variable in drm_cvt_modes() (LyudePaul) - RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds (Selvin Xavier) - scsi: dpt_i2o: Do not process completions with invalid addresses (Ben Hutchings) - scsi: dpt_i2o: Remove broken pass-through ioctl (I2OUSERCMD) (Ben Hutchings) - regmap: Account for register length when chunking (Jim Wylder) - test_firmware: fix the memory leak of the allocated firmware buffer (Mirsad Goran Todorovac) - fbcon: Fix null-ptr-deref in soft_cursor (Helge Deller) - ext4: add lockdep annotations for i_data_sem for ea_inode's (Theodore Ts'o) - ext4: disallow ea_inodes with extended attributes (Theodore Ts'o) - ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find() (Theodore Ts'o) - ext4: add EA_INODE checking to ext4_iget() (Theodore Ts'o) - tracing/probe: trace_probe_primary_from_call(): checked list_first_entry (Pietro Borrello) - tty: serial: fsl_lpuart: use UARTCTRL_TXINV to send break instead of UARTCTRL_SBK (Sherry Sun) - mmc: vub300: fix invalid response handling (Deren Wu) - wifi: rtlwifi: remove always-true condition pointed out by GCC 12 (Jakub Kicinski) - lib/dynamic_debug.c: use address-of operator on section symbols (Nathan Chancellor) - treewide: Remove uninitialized_var() usage (Kees Cook) - kernel/extable.c: use address-of operator on section symbols (Nathan Chancellor) - eth: sun: cassini: remove dead code (Martin LiÅ¡ka) - gcc-12: disable '-Wdangling-pointer' warning for now (Linus Torvalds) - ACPI: thermal: drop an always true check (Adam Borowski) - x86/boot: Wrap literal addresses in absolute_pointer() (Kees Cook) - flow_dissector: work around stack frame size warning (Arnd Bergmann) - ata: libata-scsi: Use correct device no in ata_find_dev() (Damien Le Moal) - scsi: stex: Fix gcc 13 warnings (Bart Van Assche) - misc: fastrpc: reject new invocations during device removal (Richard Acayan) - misc: fastrpc: return -EPIPE to invocations on device removal (Richard Acayan) - usb: gadget: f_fs: Add unbind event before functionfs_unbind(Uttkarsh Aggarwal) - net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 (Sebastian Krzyszkowiak) - iio: dac: build ad5758 driver when AD5758 is selected (Lukas Bulwahn) - iio: dac: mcp4725: Fix i2c_master_send() return value handling (Marek Vasut) - iio: light: vcnl4035: fixed chip ID check (Frank Li) - HID: wacom: avoid integer overflow in wacom_intuos_inout() (Nikita Zhandarovich) - HID: google: add jewel USB id (Sung-Chi Li) - iio: adc: mxs-lradc: fix the order of two cleanup operations (Jiakai Luo) - mailbox: mailbox-test: fix a locking issue in mbox_test_message_write() (Dan Carpenter) - atm: hide unused procfs functions (Arnd Bergmann) - ALSA: oss: avoid missing-prototype warnings (Arnd Bergmann) - netfilter: conntrack: define variables exp_nat_nla_policy and any_addr with CONFIG_NF_NAT (Tom Rix) - wifi: b43: fix incorrect __packed annotation (Arnd Bergmann) - scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (Wenchao Hao) - arm64/mm: mark private VM_FAULT_X defines as vm_fault_t (Min-Hua Chen) - ARM: dts: stm32: add pin map for CAN controller on stm32f7 (Dario Binacchi) - wifi: rtl8xxxu: fix authentication timeout due to incorrect RCR value (Yun Lu) - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Hyunwoo Kim) - media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() (Takashi Iwai) {CVE-2023-31084} - media: dvb-core: Fix use-after-free due on race condition at dvb_net (Hyunwoo Kim) - media: mn88443x: fix !CONFIG_OF error by drop of_match_ptr from ID table (Krzysztof Kozlowski) - media: ttusb-dec: fix memory leak in ttusb_dec_exit_dvb() (Hyunwoo Kim) - media: dvb_ca_en50221: fix a size write bug (YongSu Yoo) - media: netup_unidvb: fix irq init by register it at the end of probe (Wei Chen) - media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address (Wei Chen) - media: dvb-usb: digitv: fix null-ptr-deref in digitv_i2c_xfer() (Wei Chen) - media: dvb-usb-v2: rtl28xxu: fix null-ptr-deref inrtl28xxu_i2c_xfer (Zhang Shurong) - media: dvb-usb-v2: ce6230: fix null-ptr-deref in ce6230_i2c_master_xfer() (Wei Chen) - media: dvb-usb-v2: ec168: fix null-ptr-deref in ec168_i2c_xfer() (Wei Chen) - media: dvb-usb: az6027: fix three null-ptr-deref in az6027_i2c_xfer() (Wei Chen) - media: dvb_demux: fix a bug for the continuity counter (YongSu Yoo) - ASoC: ssm2602: Add workaround for playback distortions (PaweÅ Anikiel) - xfrm: Check if_id in inbound policy/secpath match (Benedict Wong) - ASoC: dwc: limit the number of overrun messages (Maxim Kochetkov) - nbd: Fix debugfs_create_dir error checking (Ivan Orlov) - fbdev: stifb: Fix info entry in sti_struct on error path (Helge Deller) - fbdev: modedb: Add 1920x1080 at 60 Hz video mode (Helge Deller) - media: rcar-vin: Select correct interrupt mode for V4L2_FIELD_ALTERNATE (Niklas SÃ¶derlund) - ARM: 9295/1: unwind:fix unwind abort for uleb128 case (Haibo Li) - mailbox: mailbox-test: Fix potential double-free in mbox_test_message_write() (Lee Jones) - watchdog: menz069_wdt: fix watchdog initialisation (Johannes Thumshirn) - mtd: rawnand: marvell: don't set the NAND frequency select (Chris Packham) - mtd: rawnand: marvell: ensure timing values are written (Chris Packham) - net: dsa: mv88e6xxx: Increase wait after reset deactivation (Andreas Svensson) - net/sched: flower: fix possible OOB write in fl_set_geneve_opt() (Hangyu Hua) - udp6: Fix race condition in udp6_sendmsg & connect (Vladislav Efanov) - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report (Pedro Tammela) - ocfs2/dlm: move BITS_TO_BYTES() to bitops.h for wider use (Andy Shevchenko) - net: sched: fix NULL pointer dereference in mq_attach (Zhengchao Shao) - net/sched: Prohibit regrafting ingress or clsact Qdiscs (Peilin Ye) - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs (Peilin Ye) - net/sched: sch_clsact: Only create under TC_H_CLSACT (Peilin Ye) - net/sched: sch_ingress: Only create under TC_H_INGRESS (Peilin Ye) - tcp: Return user_mss forTCP_MAXSEG in CLOSE/LISTEN state if user_mss set (Cambda Zhu) - tcp: deny tcp_disconnect() when threads are waiting (Eric Dumazet) - af_packet: do not use READ_ONCE() in packet_bind() (Eric Dumazet) - mtd: rawnand: ingenic: fix empty stub helper definitions (Arnd Bergmann) - amd-xgbe: fix the false linkup in xgbe_phy_status (Raju Rangoju) - af_packet: Fix data-races of pkt_sk(sk)-> num. (Kuniyuki Iwashima) - netrom: fix info-leak in nr_write_internal() (Eric Dumazet) - net/mlx5: fw_tracer, Fix event handling (Shay Drory) - dmaengine: pl330: rename _start to prevent build error (Randy Dunlap) - iommu/rockchip: Fix unwind goto issue (Chao Wang) - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx (Kalesh AP) - RDMA/efa: Fix unsupported page sizes in device (Yonatan Nachum) [5.4.17-2136.322.1.el7] - EDAC/i10nm: Add driver decoder for Sapphire Rapids server (Youquan Song) [Orabug: 35524077] - EDAC/i10nm: Add driver decoder for Ice Lake and Tremont CPUs (Youquan Song) [Orabug: 35524077] - EDAC/i10nm: Retrieve and print retry_rd_err_log registers (Youquan Song) [Orabug: 35524077] - EDAC, skx: Retrieve and print retry_rd_err_log registers (Tony Luck) [Orabug: 35524077] - EDAC/i10nm: Release mdev/mbase when failing to detect HBM (Qiuxu Zhuo) [Orabug: 35524077] - EDAC/i10nm: Add support for high bandwidth memory (Qiuxu Zhuo) [Orabug: 35524077] - EDAC: Replace EDAC_DIMM_PTR() macro with edac_get_dimm() function (Robert Richter) [Orabug: 35524077] [5.4.17-2136.321.4.el7] - tick/common: Align tick period during sched_timer setup (Thomas Gleixner) [Orabug: 35520079] - net/rds: Fix endless rds_send_xmit() loop if cp_index > 0 (Gerd Rausch) [Orabug: 35510149] [5.4.17-2136.321.3.el7] - selinux: don't use make's grouped targets feature yet (Paul Moore) - lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() (Ben Hutchings) - Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE" (Greg Kroah-Hartman) - iommu/amd: Fix compile error for unusedfunction (Joerg Roedel) [Orabug: 35070061] - iommu/amd: Do not Invalidate IRT when IRTE caching is disabled (Suravee Suthikulpanit) [Orabug: 35070061] - iommu/amd: Introduce Disable IRTE Caching Support (Suravee Suthikulpanit) [Orabug: 35070061] - iommu/amd: Remove the unused struct amd_ir_data.ref (Suravee Suthikulpanit) [Orabug: 35070061] - iommu/amd: Switch amd_iommu_update_ga() to use modify_irte_ga() (Joao Martins) [Orabug: 35070061] - iommu/amd: Handle GALog overflows (Joao Martins) [Orabug: 35070061] - iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE (Kishon Vijay Abraham I) [Orabug: 35070061] - KVM: x86: ioapic: Fix level-triggered EOI and userspace I/OAPIC reconfigure race (Adamos Ttofari) [Orabug: 35070061] - xfs: fix AGFL allocation deadlock (Wengang Wang) [Orabug: 35159734] - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON() (Toke HÃ¸iland-JÃ¸rgensen) [Orabug: 35152388] - crypto: qat - drop log level of msg in get_instance_node() (Giovanni Cabiddu) [Orabug: 35152388] - crypto: algapi - make unregistration functions return void (Eric Biggers) [Orabug: 35152388] - bnxt_en: Clear DEFRAG flag in firmware message when retry flashing. (Pavan Chebbi) [Orabug: 35365203] - bnxt_en: Enable batch mode when using HWRM_NVM_MODIFY to flash packages. (Michael Chan) [Orabug: 35365203] - bnxt_en: Retry installing FW package under NO_SPACE error condition. (Pavan Chebbi) [Orabug: 35365203] - bnxt_en: Restructure bnxt_flash_package_from_fw_obj() to execute in a loop. (Pavan Chebbi) [Orabug: 35365203] - bnxt_en: Rearrange the logic in bnxt_flash_package_from_fw_obj(). (Michael Chan) [Orabug: 35365203] - bnxt_en: Refactor bnxt_flash_nvram. (Pavan Chebbi) [Orabug: 35365203] [5.4.17-2136.321.2.el7] - LTS tag: v5.4.245 (Sherry Yang) - netfilter: ctnetlink: Support offloaded conntrack entry deletion (Paul Blakey) - ipv{4,6}/raw: fix output xfrm lookup wrt protocol (Nicolas Dichtel) - binder: fix UAF caused by faulty buffer cleanup(Carlos Llamas) - bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() (Ruihan Li) - cdc_ncm: Fix the build warning (Alexander Bersenev) - net/mlx5: Devcom, serialize devcom registration (Shay Drory) - net/mlx5: devcom only supports 2 ports (Mark Bloch) - fs: fix undefined behavior in bit shift for SB_NOUSER (Hao Ge) - power: supply: bq24190: Call power_supply_changed() after updating input current (Hans de Goede) - power: supply: core: Refactor power_supply_set_input_current_limit_from_supplier() (Hans de Goede) - power: supply: bq27xxx: After charger plug in/out wait 0.5s for things to stabilize (Hans de Goede) - net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (Tudor Ambarus) - cdc_ncm: Implement the 32-bit version of NCM Transfer Block (Alexander Bersenev) - LTS tag: v5.4.244 (Sherry Yang) - 3c589_cs: Fix an error handling path in tc589_probe() (Christophe JAILLET) - net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device (Shay Drory) - net/mlx5: Fix error message when failing to allocate device memory (Roi Dayan) - forcedeth: Fix an error handling path in nv_probe() (Christophe JAILLET) - ASoC: Intel: Skylake: Fix declaration of enum skl_ch_cfg (Cezary Rojewski) - x86/show_trace_log_lvl: Ensure stack pointer is aligned, again (Vernon Lovejoy) - xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (Dan Carpenter) - coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet() (Dan Carpenter) - power: supply: sbs-charger: Fix INHIBITED bit for Status reg (Daisuke Nojiri) - power: supply: bq27xxx: Fix poll_interval handling and races on remove (Hans de Goede) - power: supply: bq27xxx: Fix I2C IRQ race on remove (Hans de Goede) - power: supply: bq27xxx: Fix bq27xxx_battery_update() race condition (Hans de Goede) - power: supply: leds: Fix blink to LED on transition (Hans de Goede) - ipv6: Fix out-of-bounds access in ipv6_find_tlv() (Gavrilov Ilia) - bpf: Fix mask generation for 32-bit narrow loads of 64-bit fields (Will Deacon) -net: fix skb leak in __skb_tstamp_tx() (Pratyush Yadav) - media: radio-shark: Add endpoint checks (Alan Stern) - USB: sisusbvga: Add endpoint checks (Alan Stern) - USB: core: Add routines for endpoint checks in old drivers (Alan Stern) - udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). (Kuniyuki Iwashima) - net: fix stack overflow when LRO is disabled for virtual interfaces (Taehee Yoo) - fbdev: udlfb: Fix endpoint check (Alan Stern) - debugobjects: Don't wake up kswapd from fill_pool() (Tetsuo Handa) - x86/topology: Fix erroneous smp_num_siblings on Intel Hybrid platforms (Zhang Rui) - parisc: Fix flush_dcache_page() for usage from irq context (Helge Deller) - selftests/memfd: Fix unknown type name build failure (Hardik Garg) - x86/mm: Avoid incomplete Global INVLPG flushes (Dave Hansen) - btrfs: use nofs when cleaning up aborted transactions (Josef Bacik) - gpio: mockup: Fix mode of debugfs files (Zev Weiss) - parisc: Allow to reboot machine after system halt (Helge Deller) - parisc: Handle kgdb breakpoints only in kernel context (Helge Deller) - m68k: Move signal frame following exception on 68020/030 (Finn Thain) - ALSA: hda/realtek: Enable headset onLenovo M70/M90 (Bin Li) - ALSA: hda/ca0132: add quirk for EVGA X299 DARK (Adam Stylinski) - mt76: mt7615: Fix build with older compilers (Pablo Greco) - spi: fsl-cpm: Use 16 bit mode for large transfers with even size (Christophe Leroy) - spi: fsl-spi: Re-organise transfer bits_per_word adaptation (Christophe Leroy) - watchdog: sp5100_tco: Immediately trigger upon starting. (Gregory Oakes) - s390/qdio: fix do_sqbs() inline assembly constraint (Heiko Carstens) - s390/qdio: get rid of register asm (Heiko Carstens) - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF (George Kennedy) - vc_screen: rewrite vcs_size to accept vc, not inode (Jiri Slaby) - usb: gadget: u_ether: Fix host MAC address case (Konrad GrÃ¤fe) - usb: gadget: u_ether: Convert prints to device prints (Jon Hunter) -lib/string_helpers: Introduce string_upper() and string_lower() helpers (Vadim Pasternak) - HID: wacom: add three styli to wacom_intuos_get_tool_type (Ping Cheng) - HID: wacom: Add new Intuos Pro Small (PTH-460) device IDs (Ping Cheng) - HID: wacom: Force pen out of prox if no events have been received in a while (Jason Gerecke) - netfilter: nf_tables: hold mutex on netns pre_exit path (Pablo Neira Ayuso) - netfilter: nf_tables: validate NFTA_SET_ELEM_OBJREF based on NFT_SET_OBJECT flag (Pablo Neira Ayuso) - netfilter: nf_tables: stricter validation of element data (Pablo Neira Ayuso) - netfilter: nf_tables: allow up to 64 bytes in the set element data area (Pablo Neira Ayuso) - netfilter: nf_tables: add nft_setelem_parse_key() (Pablo Neira Ayuso) - netfilter: nf_tables: validate registers coming from userspace. (Pablo Neira Ayuso) - netfilter: nftables: statify nft_parse_register() (Pablo Neira Ayuso) - netfilter: nftables: add nft_parse_register_store() and use it (Pablo Neira Ayuso) - netfilter: nftables: add nft_parse_register_load() and use it (Pablo Neira Ayuso) - nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() (Ryusuke Konishi) - powerpc/64s/radix: Fix soft dirty tracking (Michael Ellerman) - tpm/tpm_tis: Disable interrupts for more Lenovo devices (Jerry Snitselaar) - ceph: force updating the msg pointer in non-split case (Xiubo Li) - serial: Add support for Advantech PCI-1611U card (Vitaliy Tomin) - statfs: enforce statfs[64] structure initialization (Ilya Leoshkevich) - KVM: x86: do not report a vCPU as preempted outside instruction boundaries (Paolo Bonzini) - can: kvaser_pciefd: Disable interrupts in probe error path (Jimmy Assarsson) - can: kvaser_pciefd: Do not send EFLUSH command on TFD interrupt (Jimmy Assarsson) - can: kvaser_pciefd: Clear listen-only bit if not explicitly requested (Jimmy Assarsson) - can: kvaser_pciefd: Empty SRB buffer in probe (Jimmy Assarsson) - can: kvaser_pciefd: Call request_irq() before enabling interrupts (Jimmy Assarsson) -can: kvaser_pciefd: Set CAN_STATE_STOPPED in kvaser_pciefd_stop() (Jimmy Assarsson) - can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag (Oliver Hartkopp) - ALSA: hda/realtek: Add quirk for 2nd ASUS GU603 (Luke D. Jones) - ALSA: hda/realtek: Add a quirk for HP EliteDesk 805 (Ai Chao) - ALSA: hda: Add NVIDIA codec IDs a3 through a7 to patch table (Nikhil Mahale) - ALSA: hda: Fix Oops by 9.1 surround channel names (Takashi Iwai) - usb: typec: altmodes/displayport: fix pin_assignment_show (Badhri Jagan Sridharan) - usb: dwc3: debugfs: Resume dwc3 before accessing registers (Udipto Goswami) - USB: UHCI: adjust zhaoxin UHCI controllers OverCurrent bit value (Weitao Wang) - usb-storage: fix deadlock when a scsi command timeouts more than once (Maxime Bizon) - USB: usbtmc: Fix direction for 0-length ioctl control messages (Alan Stern) - vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() (Eric Dumazet) - igb: fix bit_shift to be in [1..8] range (Aleksandr Loktionov) - cassini: Fix a memory leak in the error handling path of cas_init_one() (Christophe JAILLET) - wifi: iwlwifi: mvm: don't trust firmware n_channels (Johannes Berg) - net: bcmgenet: Restore phy_stop() depending upon suspend/close (Florian Fainelli) - net: bcmgenet: Remove phy_stop() from bcmgenet_netif_stop() (Florian Fainelli) - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Dong Chenchen) - drm/exynos: fix g2d_open/close helper function definitions (Arnd Bergmann) - media: netup_unidvb: fix use-after-free at del_timer() (Duoming Zhou) - net: hns3: fix reset delay time to avoid configuration timeout (Jie Wang) - net: hns3: fix sending pfc frames after reset issue (Jijie Shao) - erspan: get the proto with the md version for collect_md (Xin Long) - ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode (Peilin Ye) - ip6_gre: Make o_seqno start from 0 in native mode (Peilin Ye) - ip6_gre: Fix skb_under_panic in __gre6_xmit() (Peilin Ye) - serial: arc_uart: fix of_iomap leak inarc_serial_probe (Ke Zhang) - vsock: avoid to close connected socket after the timeout (Zhuang Shengen) - ALSA: firewire-digi00x: prevent potential use after free (Dan Carpenter) - net: fec: Better handle pm_runtime_get() failing in .remove() (Uwe Kleine-KÃ¶nig) - af_key: Reject optional tunnel/BEET mode templates in outbound policies (Tobias Brunner) - cpupower: Make TSC read per CPU for Mperf monitor (Wyes Karny) - ASoC: fsl_micfil: register platform component before registering cpu dai (Shengjiu Wang) - btrfs: fix space cache inconsistency after error loading it from disk (Filipe Manana) - btrfs: replace calls to btrfs_find_free_ino with btrfs_find_free_objectid (Nikolay Borisov) - mfd: dln2: Fix memory leak in dln2_probe() (Qiang Ning) - phy: st: miphy28lp: use _poll_timeout functions for waits (Alain Volmat) - Input: xpad - add constants for GIP interface numbers (Vicki Pfau) - iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (Tomas Krcka) - clk: tegra20: fix gcc-7 constant overflow warning (Arnd Bergmann) - RDMA/core: Fix multiple -Warray-bounds warnings (Gustavo A. R. Silva) - recordmcount: Fix memory leaks in the uwrite function (Hao Zeng) - sched: Fix KCSAN noinstr violation (Josh Poimboeuf) - mcb-pci: Reallocate memory region to avoid memory overlapping (RodrÃguez Barbarin, JosÃ© Javier) - serial: 8250: Reinit port-> pm on port specific driver unbind (Tony Lindgren) - usb: typec: tcpm: fix multiple times discover svids error (Frank Wang) - HID: wacom: generic: Set battery quirk only when we see battery data (Jason Gerecke) - spi: spi-imx: fix MX51_ECSPI_* macros when cs > 3 (Kevin Groeneveld) - HID: logitech-hidpp: Reconcile USB and Unifying serials (Bastien Nocera) - HID: logitech-hidpp: Don't use the USB serial for USB devices (Bastien Nocera) - staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE (Philipp Hortmann) - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp (Min Li) - wifi: iwlwifi: dvm: Fix memcpy: detectedfield-spanning write backtrace (Hans de Goede) - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf (Hyunwoo Kim) - wifi: iwlwifi: pcie: fix possible NULL pointer dereference (Daniel Gabay) - samples/bpf: Fix fout leak in hbm's run_bpf_prog (Hao Zeng) - f2fs: fix to drop all dirty pages during umount() if cp_error is set (Chao Yu) - ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa() (Ojaswin Mujoo) - ext4: set goal start correctly in ext4_mb_normalize_request (Kemeng Shi) - gfs2: Fix inode height consistency check (Andreas Gruenbacher) - scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition (Zheng Wang) - lib: cpu_rmap: Avoid use after free on rmap-> obj array entries (Eli Cohen) - net: Catch invalid index in XPS mapping (Nick Child) - net: pasemi: Fix return type of pasemi_mac_start_tx() (Nathan Chancellor) - scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow (Justin Tee) - ext2: Check block size validity during mount (Jan Kara) - wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex (Hector Martin) - ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects (void0red) - ACPICA: Avoid undefined behavior: applying zero offset to null pointer (Tamir Duberstein) - drm/tegra: Avoid potential 32-bit integer overflow (Nur Hussein) - ACPI: EC: Fix oops when removing custom query handlers (Armin Wolf) - firmware: arm_sdei: Fix sleep from invalid context BUG (Sherry Yang) - memstick: r592: Fix UAF bug in r592_remove due to race condition (Zheng Wang) - regmap: cache: Return error in cache sync operations for REGCACHE_NONE (Alexander Stein) - drm/amd/display: Use DC_LOG_DC in the trasform pixel function (Rodrigo Siqueira) - fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (Tetsuo Handa) - af_unix: Fix data races around sk-> sk_shutdown. (Kuniyuki Iwashima) - af_unix: Fix a data race of sk-> sk_receive_queue-> qlen. (Kuniyuki Iwashima) - net: datagram: fixdata-races in datagram_poll() (Eric Dumazet) - ipvlan:Fix out-of-bounds caused by unclear skb-> cb (t.feng) - net: add vlan_get_protocol_and_depth() helper (Eric Dumazet) - net: tap: check vlan with eth_type_vlan() method (Menglong Dong) - net: annotate sk-> sk_err write from do_recvmmsg() (Eric Dumazet) - netlink: annotate accesses to nlk-> cb_running (Eric Dumazet) - netfilter: conntrack: fix possible bug_on with enable_hooks=1 (Florian Westphal) - net: Fix load-tearing on sk-> sk_stamp in sock_recv_cmsgs(). (Kuniyuki Iwashima) - linux/dim: Do nothing if no time delta between samples (Roy Novich) - ARM: 9296/1: HP Jornada 7XX: fix kernel-doc warnings (Randy Dunlap) - drm/mipi-dsi: Set the fwnode for mipi_dsi_device (Saravana Kannan) - driver core: add a helper to setup both the of_node and fwnode of a device (Ioana Ciornei) - LTS tag: v5.4.243 (Sherry Yang) - drm/amd/display: Fix hang when skipping modeset (Aurabindo Pillai) - mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock (Tetsuo Handa) - drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag (Tian Tao) - drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() (Akhil P Oommen) - firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (Yang Yingliang) - drm/msm: Fix double pm_runtime_disable() call (Maximilian Luz) - PM: domains: Restore comment indentation for generic_pm_domain.child_links (Geert Uytterhoeven) - printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h (Tetsuo Handa) - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (Lukas Wunner) - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors (Hans de Goede) - drbd: correctly submit flush bio on barrier (Christoph BÃ¶hmwalder) - serial: 8250: Fix serial8250_tx_empty() race with DMA Tx (Ilpo JÃ¤rvinen) - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH (Ilpo JÃ¤rvinen) - ext4: fix invalid free tracking in ext4_xattr_move_to_block() (Theodore Ts'o) - ext4:remove a BUG_ON in ext4_mb_release_group_pa() (Theodore Ts'o) - ext4: bail out of ext4_xattr_ibody_get() fails for any reason (Theodore Ts'o) - ext4: add bounds checking in get_max_inline_xattr_value_size() (Theodore Ts'o) - ext4: fix deadlock when converting an inline directory in nojournal mode (Theodore Ts'o) - ext4: improve error recovery code paths in __ext4_remount() (Theodore Ts'o) - ext4: fix data races when using cached status extents (Jan Kara) - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum (Tudor Ambarus) - ext4: fix WARNING in mb_find_extent (Ye Bin) - HID: wacom: insert timestamp to packed Bluetooth (BT) events (Ping Cheng) - HID: wacom: Set a default resolution for older tablets (Ping Cheng) - drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend (Guchun Chen) - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras (Guchun Chen) - drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini() (Hamza Mahfooz) - drm/panel: otm8009a: Set backlight parent to panel device (James Cowgill) - f2fs: fix potential corruption when moving a directory (Jaegeuk Kim) - ARM: dts: s5pv210: correct MIPI CSIS clock name (Krzysztof Kozlowski) - ARM: dts: exynos: fix WM8960 clock name in Itop Elite (Krzysztof Kozlowski) - remoteproc: st: Call of_node_put() on iteration error (Mathieu Poirier) - remoteproc: stm32: Call of_node_put() on iteration error (Mathieu Poirier) - sh: nmi_debug: fix return value of __setup handler (Randy Dunlap) - sh: init: use OF_EARLY_FLATTREE for early init (Randy Dunlap) - sh: math-emu: fix macro redefined warning (Randy Dunlap) - inotify: Avoid reporting event with invalid wd (Jan Kara) - platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i (Andrey Avdeev) - cifs: fix pcchunk length type in smb2_copychunk_range (Pawel Witek) - btrfs: print-tree: parent bytenr must be aligned to sector size (Anastasia Belova) - btrfs: don't free qgroup space unless specified (Josef Bacik) - btrfs: fixbtrfs_prev_leaf() to not return the same key twice (Filipe Manana) - perf symbols: Fix return incorrect build_id size in elf_read_build_id() (Yang Jihong) - perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp() (Markus Elfring) - perf vendor events power9: Remove UTF-8 characters from JSON files (Kajol Jain) - virtio_net: suppress cpu stall when free_unused_bufs (Wenliang Wang) - virtio_net: split free_unused_bufs() (Xuan Zhuo) - net: dsa: mt7530: fix corrupt frames using trgmii on 40 MHz XTAL MT7621 (ArÄ±nÃ§ ÃNAL) - ALSA: caiaq: input: Add error handling for unsupported input methods in snd_usb_caiaq_input_init (Ruliang Lin) - drm/amdgpu: add a missing lock for AMDGPU_SCHED (Chia-I Wu) - af_packet: Don't send zero-byte data in packet_sendmsg_spkt(). (Kuniyuki Iwashima) - ionic: remove noise from ethtool rxnfc error msg (Shannon Nelson) - rxrpc: Fix hard call timeout units (David Howells) - net/sched: act_mirred: Add carrier check (Victor Nogueira) - writeback: fix call of incorrect macro (Maxim Korotkov) - net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu (Angelo Dureghello) - sit: update dev-> needed_headroom in ipip6_tunnel_bind_dev() (Cong Wang) - net/sched: cls_api: remove block_cb from driver_list before freeing (Vlad Buslov) - net/ncsi: clear Tx enable mode when handling a Config required AEN (Cosmo Chou) - relayfs: fix out-of-bounds access in relay_file_read (Zhang Zhengming) - kernel/relay.c: fix read_pos error when multiple readers (Pengcheng Yang) - crypto: safexcel - Cleanup ring IRQ workqueues on load failure (Jonathan McDowell) - crypto: inside-secure - irq balance (Sven Auhagen) - dm verity: fix error handling for check_at_most_once on FEC (Yeongjin Gil) - dm verity: skip redundant verity_handle_err() on I/O errors (Akilesh Kailash) - mailbox: zynqmp: Fix counts of child nodes (Tanmay Shah) - mailbox: zynq: Switch to flexible array to simplify code (Christophe JAILLET) - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohzsubsystem (Joel Fernandes (Google)) - nohz: Add TICK_DEP_BIT_RCU (Frederic Weisbecker) - debugobject: Ensure pool refill (again) (Thomas Gleixner) - perf intel-pt: Fix CYC timestamps after standalone CBR (Adrian Hunter) - perf auxtrace: Fix address filter entire kernel size (Adrian Hunter) - dm ioctl: fix nested locking in table_clear() to remove deadlock concern (Mike Snitzer) - dm flakey: fix a crash with invalid table line (Mikulas Patocka) - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (Mike Snitzer) - dm clone: call kmem_cache_destroy() in dm_clone_init() error path (Mike Snitzer) - s390/dasd: fix hanging blockdevice after request requeue (Stefan Haberland) - btrfs: scrub: reject unsupported scrub flags (Qu Wenruo) - scripts/gdb: fix lx-timerlist for Python3 (Peng Liu) - clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent (Quentin Schulz) - wifi: rtl8xxxu: RTL8192EU always needs full init (Bitterblue Smith) - mailbox: zynqmp: Fix typo in IPI documentation (Tanmay Shah) - mailbox: zynqmp: Fix IPI isr handling (Tanmay Shah) - md/raid10: fix null-ptr-deref in raid10_sync_request (Li Nan) - nilfs2: fix infinite loop in nilfs_mdt_get_block() (Ryusuke Konishi) - nilfs2: do not write dirty data after degenerating to read-only (Ryusuke Konishi) - parisc: Fix argument pointer in real64_call_asm() (Helge Deller) - afs: Fix updating of i_size with dv jump from server (Marc Dionne) - dmaengine: at_xdmac: do not enable all cyclic channels (Claudiu Beznea) - dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing (Shunsuke Mie) - dmaengine: dw-edma: Fix to change for continuous transfer (Shunsuke Mie) - phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port (Gaosheng Cui) - pwm: mtk-disp: Disable shadow registers before setting backlight values (AngeloGioacchino Del Regno) - pwm: mtk-disp: Adjust the clocks to avoid them mismatch (Jitao Shi) - pwm: mtk-disp: Don't check the return code ofpwmchip_remove() (Uwe Kleine-KÃ¶nig) - dmaengine: mv_xor_v2: Fix an error code. (Christophe JAILLET) - leds: TI_LMU_COMMON: select REGMAP instead of depending on it (Randy Dunlap) - ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline (Ye Bin) - openrisc: Properly store r31 to pt_regs on unhandled exceptions (Stafford Horne) - clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails (Qinrun Dai) - clocksource: davinci: axe a pointless __GFP_NOFAIL (Christophe JAILLET) - clocksource/drivers/davinci: Avoid trailing '\n' hidden in pr_fmt() (Christophe JAILLET) - RDMA/mlx5: Use correct device num_ports when modify DC (Mark Zhang) - Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe (Miaoqian Lin) - input: raspberrypi-ts: Release firmware handle when not needed (Nicolas Saenz Julienne) - firmware: raspberrypi: Introduce devm_rpi_firmware_get() (Nicolas Saenz Julienne) - firmware: raspberrypi: Keep count of all consumers (Nicolas Saenz Julienne) - NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease (Trond Myklebust) - IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order (Patrick Kelsey) - RDMA/siw: Remove namespace check from siw_netdev_event() (Tetsuo Handa) - clk: add missing of_node_put() in "assigned-clocks" property parsing (ClÃ©ment LÃ©ger) - power: supply: generic-adc-battery: fix unit scaling (Sebastian Reichel) - rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time (Martin Blumenstingl) - RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() (Dan Carpenter) - rtc: omap: include header for omap_rtc_power_off_program prototype (Krzysztof Kozlowski) - RDMA/rdmavt: Delete unnecessary NULL check (Natalia Petrova) - RDMA/siw: Fix potential page_array out of range access (Daniil Dulov) - perf/core: Fix hardlockup failure caused by perf throttle (Yang Jihong) - powerpc/rtas: use memmove for potentially overlapping buffer copy (Nathan Lynch) - macintosh: via-pmu-led: requires ATA to be set (RandyDunlap) - powerpc/sysdev/tsi108: fix resource printk format warnings (Randy Dunlap) - powerpc/wii: fix resource printk format warnings (Randy Dunlap) - powerpc/mpc512x: fix resource printk format warning (Randy Dunlap) - macintosh/windfarm_smu_sat: Add missing of_node_put() (Liang He) - spmi: Add a check for remove callback when removing a SPMI driver (Jishnu Prakash) - staging: rtl8192e: Fix W_DISABLE# does not work after stop/start (Philipp Hortmann) - serial: 8250: Add missing wakeup event reporting (Florian Fainelli) - tty: serial: fsl_lpuart: adjust buffer length to the intended size (Shenwei Wang) - firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe (Dan Carpenter) - usb: mtu3: fix kernel panic at qmu transfer done irq handler (Chunfeng Yun) - usb: chipidea: fix missing goto in ci_hdrc_probe (Yinhao Hu) - sh: sq: Fix incorrect element size for allocating bitmap buffer (John Paul Adrian Glaubitz) - uapi/linux/const.h: prefer ISO-friendly __typeof__ (Kevin Brodsky) - spi: cadence-quadspi: fix suspend-resume implementations (Dhruva Gole) - mtd: spi-nor: cadence-quadspi: Handle probe deferral while requesting DMA channel (Vignesh Raghavendra) - mtd: spi-nor: cadence-quadspi: Don't initialize rx_dma_complete on failure (Vignesh Raghavendra) - mtd: spi-nor: cadence-quadspi: Make driver independent of flash geometry (Vignesh Raghavendra) - scripts/gdb: bail early if there are no generic PD (Florian Fainelli) - PM: domains: Fix up terminology with parent/child (Kees Cook) - scripts/gdb: bail early if there are no clocks (Florian Fainelli) - ia64: salinfo: placate defined-but-not-used warning (Randy Dunlap) - ia64: mm/contig: fix section mismatch warning/error (Randy Dunlap) - of: Fix modalias string generation (Miquel Raynal) - vmci_host: fix a race condition in vmci_host_poll() causing GPF (Dae R. Jeong) - spi: fsl-spi: Fix CPM/QE mode Litte Endian (Christophe Leroy) - spi: qup: Don't skip cleanup in remove's error path (Uwe Kleine-KÃ¶nig) - linux/vt_buffer.h: allow eitherbuiltin or modular for macros (Randy Dunlap) - ASoC: es8316: Handle optional IRQ assignment (Cristian Ciocaltea) - ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ (Hans de Goede) - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() (Barry Song) - PCI: imx6: Install the fault handler only on compatible match (H. Nikolaus Schaller) - usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition (Zheng Wang) - iio: light: max44009: add missing OF device matching (Krzysztof Kozlowski) - fpga: bridge: fix kernel-doc parameter description (Marco Pagani) - usb: host: xhci-rcar: remove leftover quirk handling (Wolfram Sang) - pstore: Revert pmsg_lock back to a normal mutex (John Stultz) - tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. (Kuniyuki Iwashima) - net: amd: Fix link leak when verifying config failed (Gencen Gan) - netlink: Use copy_to_user() for optval in netlink_getsockopt(). (Kuniyuki Iwashima) - ipv4: Fix potential uninit variable access bug in __ip_make_skb() (Ziyang Xuan) - netfilter: nf_tables: don't write table validation state without mutex (Florian Westphal) - bpf: Don't EFAULT for getsockopt with optval=NULL (Stanislav Fomichev) - ixgbe: Enable setting RSS table to default values (Joe Damato) - ixgbe: Allow flow hash to be set via ethtool (Joe Damato) - wifi: iwlwifi: mvm: check firmware response size (Johannes Berg) - wifi: iwlwifi: make the loop for card preparation effective (Emmanuel Grumbach) - md/raid10: fix memleak of md thread (Yu Kuai) - md: update the optimal I/O size on reshape (Christoph Hellwig) - md/raid10: fix memleak for 'conf-> bio_split' (Yu Kuai) - md/raid10: fix leak of 'r10bio-> remaining' for recovery (Yu Kuai) - bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap (Daniel Borkmann) - nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage" (Ming Lei) - nvme: fix async event trace event (Keith Busch) - nvme: handle the persistent internal error AER (MichaelKelley) - bpf, sockmap: fix deadlocks in the sockhash and sockmap (Xin Liu) - scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() (Shuchang Li) - crypto: drbg - Only fail when jent is unavailable in FIPS mode (Herbert Xu) - crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors (Nicolai Stange) - bpftool: Fix bug for long instructions in program CFG dumps (Quentin Monnet) - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() (Wei Chen) - wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() (Wei Chen) - rtlwifi: Replace RT_TRACE with rtl_dbg (Larry Finger) - rtlwifi: Start changing RT_TRACE into rtl_dbg (Larry Finger) - f2fs: handle dqget error in f2fs_transfer_project_quota() (Yangtao Li) - scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS (Danila Chernetsov) - net/packet: convert po-> auxdata to an atomic flag (Eric Dumazet) - net/packet: convert po-> origdev to an atomic flag (Eric Dumazet) - net/packet: annotate accesses to po-> xmit (Eric Dumazet) - vlan: partially enable SIOCSHWTSTAMP in container (Vadim Fedorenko) - scm: fix MSG_CTRUNC setting condition for SO_PASSSEC (Alexander Mikhalitsyn) - wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() (Martin Blumenstingl) - wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() (Martin Blumenstingl) - tools: bpftool: Remove invalid \' json escape (Luis Gerhorst) - wifi: ath6kl: reduce WARN to dev_dbg() in callback (Fedor Pchelkin) - wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() (Dan Carpenter) - wifi: ath9k: hif_usb: fix memory leak of remain_skbs (Fedor Pchelkin) - wifi: ath6kl: minor fix for allocation size (Alexey V. Vissarionov) - tick/common: Align tick period with the HZ tick. (Sebastian Andrzej Siewior) - tick: Get rid of tick_period (Thomas Gleixner) - tick/sched: Optimize tick_do_update_jiffies64() further (Thomas Gleixner) - tick/sched: Reduce seqcount held scope in tick_do_update_jiffies64() (YunfengYe) - tick/sched: Use tick_next_period for lockless quick check (Thomas Gleixner) - timekeeping: Split jiffies seqlock (Thomas Gleixner) - debugobject: Prevent init race with static objects (Thomas Gleixner) - arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step (Sumit Garg) - x86/ioapic: Don't return 0 from arch_dynirq_lower_bound() (Saurabh Sengar) - regulator: stm32-pwr: fix of_iomap leak (YAN SHI) - media: rc: gpio-ir-recv: Fix support for wake-up (Florian Fainelli) - media: rcar_fdp1: Fix refcount leak in probe and remove function (Miaoqian Lin) - media: rcar_fdp1: Fix the correct variable assignments (Tang Bin) - media: rcar_fdp1: Make use of the helper function devm_platform_ioremap_resource() (Cai Huoqing) - media: rcar_fdp1: fix pm_runtime_get_sync() usage count (Mauro Carvalho Chehab) - media: rcar_fdp1: simplify error check logic at fdp_open() (Mauro Carvalho Chehab) - media: saa7134: fix use after free bug in saa7134_finidev due to race condition (Zheng Wang) - media: dm1105: Fix use after free bug in dm1105_remove due to race condition (Zheng Wang) - x86/apic: Fix atomic update of offset in reserve_eilvt_offset() (Uros Bizjak) - regulator: core: Avoid lockdep reports when resolving supplies (Douglas Anderson) - regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() (Douglas Anderson) - drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() (Harshit Mogalapalli) - mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data (Georgii Kruglov) - drm/msm/adreno: drop bogus pm_runtime_set_active() (Johan Hovold) - drm/msm/adreno: Defer enabling runpm until hw_init() (Rob Clark) - drm/msm: fix unbalanced pm_runtime_enable in adreno_gpu_{init, cleanup} (Jonathan Marek) - firmware: qcom_scm: Clear download bit during reboot (Mukesh Ojha) - media: av7110: prevent underflow in write_ts_to_decoder() (Dan Carpenter) - media: uapi: add MEDIA_BUS_FMT_METADATA_FIXED media bus format. (Dafna Hirschfeld) - media: bdisp: Add missing check forcreate_workqueue (Jiasheng Jiang) - ARM: dts: qcom: ipq8064: Fix the PCI I/O port range (Manivannan Sadhasivam) - ARM: dts: qcom: ipq8064: reduce pci IO size to 64K (Christian Marangi) - ARM: dts: qcom: ipq4019: Fix the PCI I/O port range (Manivannan Sadhasivam) - EDAC/skx: Fix overflows on the DRAM row address mapping arrays (Qiuxu Zhuo) - arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table (Geert Uytterhoeven) - arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table (Geert Uytterhoeven) - drm/probe-helper: Cancel previous job before starting new one (Dom Cobley) - drm/vgem: add missing mutex_destroy (MaÃra Canal) - drm/rockchip: Drop unbalanced obj unref (Rob Clark) - erofs: fix potential overflow calculating xattr_isize (Jingbo Xu) - erofs: stop parsing non-compact HEAD index if clusterofs is invalid (Gao Xiang) - tpm, tpm_tis: Do not skip reset of original interrupt vector (Lino Sanfilippo) - selinux: ensure av_permissions.h is built when needed (Paul Moore) - selinux: fix Makefile dependencies of flask.h (Ondrej Mosnacek) - ubifs: Free memory for tmpfile name (MÃ¥rten Lindahl) - ubi: Fix return value overwrite issue in try_write_vid_and_data() (Wang YanQing) - ubifs: Fix memleak when insert_old_idx() failed (Zhihao Cheng) - i2c: omap: Fix standard mode false ACK readings (Reid Tonking) - KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted (Sean Christopherson) - reiserfs: Add security prefix to xattr name in reiserfs_security_write() (Roberto Sassu) - ring-buffer: Sync IRQ works before buffer destruction (Johannes Berg) - pwm: meson: Fix g12a ao clk81 name (Heiner Kallweit) - pwm: meson: Fix axg ao mux parents (Heiner Kallweit) - kheaders: Use array declaration instead of char (Kees Cook) - ipmi: fix SSIF not responding under certain cond. (Zhang Yuchen) - MIPS: fw: Allow firmware to pass a empty env (Jiaxun Yang) - xhci: fix debugfs register accesses while suspended (Johan Hovold) - debugfs: regset32: Add Runtime PM support (GeertUytterhoeven) - staging: iio: resolver: ads1210: fix config mode (Nuno SÃ¡) - perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE) (Arnaldo Carvalho de Melo) - USB: dwc3: fix runtime pm imbalance on unbind (Johan Hovold) - USB: dwc3: fix runtime pm imbalance on probe errors (Johan Hovold) - asm-generic/io.h: suppress endianness warnings for readq() and writeq() (Vladimir Oltean) - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750 (Hans de Goede) - iio: adc: palmas_gpadc: fix NULL dereference on rmmod (Patrik DahlstrÃ¶m) - USB: serial: option: add UNISOC vendor and TOZED LT70C product (ArÄ±nÃ§ ÃNAL) - bluetooth: Perform careful capability checks in hci_sock_ioctl() (Ruihan Li) - drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var (Daniel Vetter) - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (Jisoo Jang) - counter: 104-quad-8: Fix race condition between FLAG and CNTR reads (William Breathitt Gray) [5.4.17-2136.321.1.el7] - uek-rpm: Blacklist cls_tcindex module (Somasundaram Krishnasamy) [Orabug: 35408335] - uek_kabi: Add UEK_KABI_DEPRECATE_ENUM (Sherry Yang) [Orabug: 35469883] - perf kvm: Add kvm-stat for arm64 (Sergey Senozhatsky) [Orabug: 35415996] - dsc-drivers: update ionic drivers to 23.04.1-001 (Dave Kleikamp) [Orabug: 35416310] - dsc-drivers: update ionic drivers to 22.11.1-001 (Dave Kleikamp) [Orabug: 35416310] - dsc-drivers: update drivers for 1.15.9-C-100 (Dave Kleikamp) [Orabug: 35416310] - elba.dtsi: Improved sdclk and sdclk-hsmmc timing. (David Clear) [Orabug: 35416310] - drivers/i2c: Fix Lattice RD1173 interrupt handling (Hiren Mehta) [Orabug: 35416310] - defconfig: cleanup elba_defconfig (Hiren Mehta) [Orabug: 35416310] [5.4.17-2136.320.7.el7] - selftests: fib_tests: mute cleanup error message (Po-Hsu Lin) - KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Filter out v8.1+events on v8.0 HW (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Add kvm_vcpu_has_pmu() helper (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Fix some documentation build warnings (Mauro Carvalho Chehab) [Orabug: 35449815] - KVM: arm64: Document PMU filtering API (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Mask out filtered events in PCMEID{0,1}_EL1 (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Add PMU event filtering infrastructure (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Use event mask matching architecture revision (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Refactor PMU attribute error handling (Marc Zyngier) [Orabug: 35449815] - KVM: arm64: Move virt/kvm/arm to arch/arm64 (Marc Zyngier) [Orabug: 35449815] - KVM: arm/arm64: Fix up includes for trace.h (Jeremy Cline) [Orabug: 35449815] - perf/core: Optimize perf_init_event() for TYPE_SOFTWARE (Liang, Kan) [Orabug: 35449815] - Revert "net/mlx5: Fix unpublish devlink parameters" (Si-Wei Liu) [Orabug: 35431929] - Revert "net/mlx5: Support enable_eth devlink dev param" (Si-Wei Liu) [Orabug: 35431929] - Revert "net/mlx5: Support enable_rdma devlink dev param" (Si-Wei Liu) [Orabug: 35431929] - Revert "net/mlx5: Support enable_vnet devlink dev param" (Si-Wei Liu) [Orabug: 35431929] [5.4.17-2136.320.6.el7] - ipmi:ssif: Add send_retries increment (Corey Minyard) - Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path" (Zhihao Cheng) - Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" (Liu Jian) - scsi: target: iscsi: Handle abort for WRITE_PENDING cmds (Dmitry Bogdanov) [Orabug: 34136927] - scsi: target: iscsit: Fix TAS handling during conn cleanup (Mike Christie) [Orabug: 34136927] - scsi: target: Fix multiple LUN_RESET handling (Mike Christie) [Orabug: 34136927] - scsi: target: iscsit: Free cmds before session free (Dmitry Bogdanov) [Orabug: 34136927] - scsi: target: iscsit: Stop/wait on cmds during conn close (Mike Christie) [Orabug: 34136927] -scsi: target: iscsit: isert: Alloc per conn cmd counter (Mike Christie) [Orabug: 34136927] - scsi: target: Pass in cmd counter to use during cmd setup (Mike Christie) [Orabug: 34136927] - scsi: target: Move cmd counter allocation (Mike Christie) [Orabug: 34136927] - scsi: target: Move sess cmd counter to new struct (Mike Christie) [Orabug: 34136927] - kernfs: change kernfs_rename_lock into a read-write lock. (Imran Khan) [Orabug: 35257585] - kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info. (Imran Khan) [Orabug: 35257585] - kernfs: Introduce separate rwsem to protect inode attributes. (Imran Khan) [Orabug: 35257585] - debugfs: allow access blktrace trace files in lockdown mode (Junxiao Bi) [Orabug: 35262590] - rds: Add time_spent and payload info for send_cqe handler (Rohit Nair) [Orabug: 35302535] - netfilter: nf_tables: deactivate anonymous set from preparation phase (Pablo Neira Ayuso) [Orabug: 35382084] {CVE-2023-32233} - SUNRPC: remove the maximum number of retries in call_bind_status (Dai Ngo) [Orabug: 35397526] - net/rds: Fix copy&paste error (Gerd Rausch) [Orabug: 35416948] - rds: Fix incorrect error pointer reference (William Kucharski) [Orabug: 35315450] [5.4.17-2136.320.5.el7] - vdpa/mlx5: Extend driver support for new features (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Make VIRTIO_NET_F_MRG_RXBUF off by default (Eli Cohen) [Orabug: 35210546] - vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready (Eugenio PÃ©rez) [Orabug: 35210546] - vhost-vdpa: free iommu domain after last use during cleanup (Gautam Dawar) [Orabug: 35210546] - vdpa/mlx5: should not activate virtq object when suspended (Si-Wei Liu) [Orabug: 35210546] - vp_vdpa: fix the crash in hot unplug with vp_vdpa (Cindy Lu) [Orabug: 35210546] - vdpa/mlx5: support device features provisioning (Si-Wei Liu) [Orabug: 35210546] - vdpa/mlx5: make MTU/STATUS presence conditional on feature bits (Si-Wei Liu) [Orabug: 35210546] - vdpa: validate device featureprovisioning against supported class (Si-Wei Liu) [Orabug: 35210546] - vdpa: validate provisioned device features against specified attribute (Si-Wei Liu) [Orabug: 35210546] - vdpa: conditionally read STATUS in config space (Si-Wei Liu) [Orabug: 35210546] - vdpa: fix improper error message when adding vdpa dev (Si-Wei Liu) [Orabug: 35210546] - vdpa/mlx5: Initialize CVQ iotlb spinlock (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Don't clear mr struct on destroy MR (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Directly assign memory key (Eli Cohen) [Orabug: 35210546] - vhost-vdpa: print warning when vhost_vdpa_alloc_domain fails (Alvaro Karsz) [Orabug: 35210546] - vdpa: Fix a couple of spelling mistakes in some messages (Colin Ian King) [Orabug: 35210546] - vdpa: mlx5: support per virtqueue dma device (Jason Wang) [Orabug: 35210546] - vdpa: set dma mask for vDPA device (Jason Wang) [Orabug: 35210546] - virtio-vdpa: support per vq dma device (Jason Wang) [Orabug: 35210546] - vdpa: introduce get_vq_dma_device() (Jason Wang) [Orabug: 35210546] - virtio_ring: per virtqueue dma device (Jason Wang) [Orabug: 35210546] - vdpa_sim: get rid of DMA ops (Jason Wang) [Orabug: 35210546] - vdpa_sim_net: vendor satistics (Jason Wang) [Orabug: 35210546] - vdpa_sim: support vendor statistics (Jason Wang) [Orabug: 35210546] - vdpasim: customize allocation size (Jason Wang) [Orabug: 35210546] - vdpa_sim: switch to use __vdpa_alloc_device() (Jason Wang) [Orabug: 35210546] - vdpa_sim: use weak barriers (Jason Wang) [Orabug: 35210546] - vdpa_sim: Implement resume vdpa op (Sebastien Boeuf) [Orabug: 35210546] - vhost-vdpa: uAPI to resume the device (Sebastien Boeuf) [Orabug: 35210546] - vhost-vdpa: Introduce RESUME backend feature bit (Sebastien Boeuf) [Orabug: 35210546] - vdpa: Add resume operation (Sebastien Boeuf) [Orabug: 35210546] - vdpa_sim_net: Offer VIRTIO_NET_F_STATUS (Eugenio PÃ©rez) [Orabug: 35210546] - vdpa/mlx5: Move some definitions to a new header file (Eli Cohen) [Orabug:35210546] - vdpa_sim: not reset state in vdpasim_queue_ready (Eugenio PÃ©rez) [Orabug: 35210546] - vdpa_sim_net: should not drop the multicast/broadcast packet (Cindy Lu) [Orabug: 35210546] - vdpasim: fix memory leak when freeing IOTLBs (Jason Wang) [Orabug: 35210546] - vdpa: conditionally fill max max queue pair for stats (Jason Wang) [Orabug: 35210546] - vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove (Rong Wang) [Orabug: 35210546] - vhost_vdpa: fix the crash in unmap a large memory (Cindy Lu) [Orabug: 35210546] - vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (Stefano Garzarella) [Orabug: 35210546] - vhost-vdpa: fix an iotlb memory leak (Stefano Garzarella) [Orabug: 35210546] - vringh: fix range used in iotlb_translate() (Stefano Garzarella) [Orabug: 35210546] - vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (ruanjinjie) [Orabug: 35210546] - RDMA/mlx5: remove variable i (Colin Ian King) [Orabug: 35210546] - vdpa/mlx5: Avoid overwriting CVQ iotlb (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Avoid using reslock in event_handler (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Fix wrong mac address deletion (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Return error on vlan ctrl commands if not supported (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Fix rule forwarding VLAN to TIR (Eli Cohen) [Orabug: 35210546] - vdpa: merge functionally duplicated dev_features attributes (Si-Wei Liu) [Orabug: 35210546] - vDPA: conditionally read MTU and MAC in dev cfg space (Zhu Lingshan) [Orabug: 35210546] - vDPA: fix spars cast warning in vdpa_dev_net_mq_config_fill (Zhu Lingshan) [Orabug: 35210546] - vDPA: check virtio device features to detect MQ (Zhu Lingshan) [Orabug: 35210546] - vDPA: check VIRTIO_NET_F_RSS for max_virtqueue_paris's presence (Zhu Lingshan) [Orabug: 35210546] - vDPA: only report driver features if FEATURES_OK is set (Zhu Lingshan) [Orabug: 35210546] - vDPA: allow userspace to query features of a vDPA device (ZhuLingshan) [Orabug: 35210546] - vp_vdpa: support feature provisioning (Jason Wang) [Orabug: 35210546] - vdpa_sim_net: support feature provisioning (Jason Wang) [Orabug: 35210546] - vdpa: device feature provisioning (Jason Wang) [Orabug: 35210546] - virtio: drop vp_legacy_set_queue_size (Michael S. Tsirkin) [Orabug: 35210546] - vdpa/mlx5: Fix MQ to support non power of two num queues (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Fix possible uninitialized return value (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Support different address spaces for control and data (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Implement susupend virtqueue callback (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Use eth_broadcast_addr() to assign broadcast address (Xu Qiang) [Orabug: 35210546] - vdpa_sim: Implement suspend vdpa op (Eugenio PÃ©rez) [Orabug: 35210546] - vhost-vdpa: uAPI to suspend the device (Eugenio PÃ©rez) [Orabug: 35210546] - vhost-vdpa: introduce SUSPEND backend feature bit (Eugenio PÃ©rez) [Orabug: 35210546] - vdpa: Add suspend operation (Eugenio PÃ©rez) [Orabug: 35210546] - vhost-vdpa: Call ida_simple_remove() when failed (Bo Liu) [Orabug: 35210546] - vDPA: fix 'cast to restricted le16' warnings in vdpa.c (Zhu Lingshan) [Orabug: 35210546] - vDPA: !FEATURES_OK should not block querying device config space (Zhu Lingshan) [Orabug: 35210546] - vdpa_sim: use max_iotlb_entries as a limit in vhost_iotlb_init (Stefano Garzarella) [Orabug: 35210546] - vringh: iterate on iotlb_translate to handle large translations (Stefano Garzarella) [Orabug: 35210546] - vhost-vdpa: call vhost_vdpa_cleanup during the release (Stefano Garzarella) [Orabug: 35210546] - vdpa/mlx5: Initialize CVQ vringh only once (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Update Control VQ callback information (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Add RX MAC VLAN filter support (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Remove flow counter from steering (Eli Cohen) [Orabug: 35210546] - vhost-vdpa:return -EFAULT on copy_to_user() failure (Dan Carpenter) [Orabug: 35210546] - vdpasim: Off by one in vdpasim_set_group_asid() (Dan Carpenter) [Orabug: 35210546] - vdpasim: allow to enable a vq repeatedly (Eugenio PÃ©rez) [Orabug: 35210546] - vdpa/vp_vdpa : add vdpa tool support in vp_vdpa (Cindy Lu) [Orabug: 35210546] - virtio: pci: Fix an error handling path in vp_modern_probe() (Christophe JAILLET) [Orabug: 35210546] - vdpasim: control virtqueue support (Gautam Dawar) [Orabug: 35210546] - vdpa_sim: filter destination mac address (Gautam Dawar) [Orabug: 35210546] - vdpa_sim: factor out buffer completion logic (Gautam Dawar) [Orabug: 35210546] - vdpa_sim: advertise VIRTIO_NET_F_MTU (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: support ASID based IOTLB API (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: introduce uAPI to set group ASID (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: uAPI to get virtqueue group id (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: introduce uAPI to get the number of address spaces (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: introduce uAPI to get the number of virtqueue groups (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: introduce asid based IOTLB (Gautam Dawar) [Orabug: 35210546] - vhost: support ASID in IOTLB API (Gautam Dawar) [Orabug: 35210546] - vhost_iotlb: split out IOTLB initialization (Gautam Dawar) [Orabug: 35210546] - vdpa: introduce config operations for associating ASID to a virtqueue group (Gautam Dawar) [Orabug: 35210546] - vdpa: multiple address spaces support (Gautam Dawar) [Orabug: 35210546] - vdpa: introduce virtqueue groups (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: switch to use vhost-vdpa specific IOTLB (Gautam Dawar) [Orabug: 35210546] - vhost-vdpa: passing iotlb to IOMMU mapping helpers (Gautam Dawar) [Orabug: 35210546] - virtio-vdpa: don't set callback if virtio doesn't need it (Gautam Dawar) [Orabug: 35210546] - vhost: move the backend feature bits to vhost_types.h (Gautam Dawar) [Orabug:35210546] - vdpa/mlx5: Use readers/writers semaphore instead of mutex (Eli Cohen) [Orabug: 35210546] - vdpa/mlx5: Add support for reading descriptor statistics (Eli Cohen) [Orabug: 35210546] - net/vdpa: Use readers/writers semaphore instead of cf_mutex (Eli Cohen) [Orabug: 35210546] - net/vdpa: Use readers/writers semaphore instead of vdpa_dev_mutex (Eli Cohen) [Orabug: 35210546] - vdpa: Add support for querying vendor statistics (Eli Cohen) [Orabug: 35210546] - vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit (Eli Cohen) [Orabug: 35210546] - net/mlx5: Support enable_vnet devlink dev param (Parav Pandit) [Orabug: 35210546] - net/mlx5: Support enable_rdma devlink dev param (Parav Pandit) [Orabug: 35210546] - net/mlx5: Support enable_eth devlink dev param (Parav Pandit) [Orabug: 35210546] - net/mlx5: Fix unpublish devlink parameters (Parav Pandit) [Orabug: 35210546] - devlink: Add APIs to publish, unpublish individual parameter (Parav Pandit) [Orabug: 35210546] - devlink: Add API to register and unregister single parameter (Parav Pandit) [Orabug: 35210546] - devlink: Create a helper function for one parameter registration (Parav Pandit) [Orabug: 35210546] - devlink: Add new "enable_vnet" generic device param (Parav Pandit) [Orabug: 35210546] - devlink: Add new "enable_rdma" generic device param (Parav Pandit) [Orabug: 35210546] - devlink: Add new "enable_eth" generic device param (Parav Pandit) [Orabug: 35210546] - virtio-net: Introduce hash report feature (Yuri Benditovich) [Orabug: 35210546] - virtio-net: Introduce RSS receive steering feature (Yuri Benditovich) [Orabug: 35210546] - virtio-net: Introduce extended RSC feature (Yuri Benditovich) [Orabug: 35210546] - kprobes: Free kretprobe_instance with RCU callback (Masami Hiramatsu) [Orabug: 35333569] - kprobes: Remove NMI context check (Masami Hiramatsu) [Orabug: 35333569] - sparc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - sh: kprobes: Use generic kretprobe trampolinehandler (Masami Hiramatsu) [Orabug: 35333569] - s390: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - powerpc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - parisc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - mips: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - arm64: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - arm: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - x86/kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - kprobes: Add generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569] - uek-rpm: Install dtb files under /lib/modules (Dave Kleikamp) [Orabug: 35338877] - Revert "rds: ib: Fix non-parenthetical mutex/semaphore use" (HÃ¥kon Bugge) [Orabug: 35377400] - net: rtnetlink: add linkprop commands to add and delete alternative ifnames (Samasth Norway Ananda) [Orabug: 33664332] - rds: slight code cleanup of RDS checksum code (William Kucharski) [Orabug: 35262486] [Orabug: 35262487] - uek-rds: Add csum to protect bcopy payload end-to-end (William Kucharski) [Orabug: 33579925] [Orabug: 35206620] - Revert "scsi: megaraid_sas: Skip syncing the RAID map on older controllers" (Sherry Yang) [Orabug: 35285969] - uek-rpm: aarch64: embedded: Disable MARVELL_FWLOG (Henry Willard) [Orabug: 35369953] - iommu/vt-d: Simplify check in identity_mapping() (Joerg Roedel) [Orabug: 35379426] - iommu/vt-d: Remove deferred_attach_domain() (Joerg Roedel) [Orabug: 35379426] - iommu/vt-d: Do deferred attachment in iommu_need_mapping() (Joerg Roedel) [Orabug: 35379426] - iommu/vt-d: Move deferred device attachment into helper function (Joerg Roedel) [Orabug: 35379426] - iommu/vt-d: Add attach_deferred() helper (Joerg Roedel) [Orabug: 35379426] - iommu/vt-d: Refactor find_domain()helper (Lu Baolu) [Orabug: 35379426] - Revert "cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset" (Tom Hromatka) [Orabug: 35365180] [5.4.17-2136.320.4.el7] - LTS tag: v5.4.242 (Sherry Yang) - ASN.1: Fix check for strdup() success (Ekaterina Orlova) - iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (Dan Carpenter) - pwm: meson: Explicitly set .polarity in .get_state() (Uwe Kleine-KÃ¶nig) - xfs: fix forkoff miscalculation related to XFS_LITINO(mp) (Gao Xiang) - sctp: Call inet6_destroy_sock() via sk-> sk_destruct(). (Kuniyuki Iwashima) - dccp: Call inet6_destroy_sock() via sk-> sk_destruct(). (Kuniyuki Iwashima) - inet6: Remove inet6_destroy_sock() in sk-> sk_prot-> destroy(). (Kuniyuki Iwashima) - tcp/udp: Call inet6_destroy_sock() in IPv6 sk-> sk_destruct(). (Kuniyuki Iwashima) - udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). (Kuniyuki Iwashima) - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() (Ritesh Harjani) - Revert "ext4: fix use-after-free in ext4_xattr_set_entry" (Tudor Ambarus) - x86/purgatory: Don't generate debug info for purgatory.ro (Pingfan Liu) - MIPS: Define RUNTIME_DISCARD_EXIT in LD script (Jiaxun Yang) - mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (Bhavya Kapoor) - memstick: fix memory leak if card device is never registered (Greg Kroah-Hartman) - nilfs2: initialize unused bytes in segment summary blocks (Ryusuke Konishi) - iio: light: tsl2772: fix reading proximity-diodes from device tree (Brian Masney) - xen/netback: use same error messages for same errors (Juergen Gross) - nvme-tcp: fix a possible UAF when failing to allocate an io queue (Sagi Grimberg) - s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (Heiko Carstens) - net: dsa: b53: mmap: add phy ops (Ãlvaro FernÃ¡ndez Rojas) - scsi: core: Improve scsi_vpd_inquiry() checks (Damien Le Moal) - scsi: megaraid_sas: Fix fw_crash_buffer_show() (Tomas Henzl) - selftests: sigaltstack: fix -Wuninitialized (NickDesaulniers) - Input: i8042 - add quirk for Fujitsu Lifebook A574/H (Jonathan Denose) - f2fs: Fix f2fs_truncate_partial_nodes ftrace event (Douglas Raillard) - e1000e: Disable TSO on i219-LM card to increase speed (Sebastian Basierski) - bpf: Fix incorrect verifier pruning due to missing register precision taints (Daniel Borkmann) - mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() (Nikita Zhandarovich) - i40e: fix i40e_setup_misc_vector() error handling (Aleksandr Loktionov) - i40e: fix accessing vsi-> active_filters without holding lock (Aleksandr Loktionov) - netfilter: nf_tables: fix ifdef to also consider nf_tables=m (Florian Westphal) - virtio_net: bugfix overflow inside xdp_linearize_page() (Xuan Zhuo) - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (Gwangun Jung) - regulator: fan53555: Explicitly include bits header (Cristian Ciocaltea) - netfilter: br_netfilter: fix recent physdev match breakage (Florian Westphal) - arm64: dts: meson-g12-common: specify full DMC range (Marc Gonzalez) - ARM: dts: rockchip: fix a typo error for rk3288 spdif node (Jianqun Xu) - LTS tag: v5.4.241 (Sherry Yang) - xfs: force log and push AIL to clear pinned inodes when aborting mount (Darrick J. Wong) - xfs: consider shutdown in bmapbt cursor delete assert (Brian Foster) - xfs: shut down the filesystem if we screw up quota reservation (Darrick J. Wong) - xfs: report corruption only as a regular error (Darrick J. Wong) - xfs: set inode size after creating symlink (Jeffrey Mitchell) - xfs: fix up non-directory creation in SGID directories (Christoph Hellwig) - xfs: remove the di_version field from struct icdinode (Christoph Hellwig) - xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize (Christoph Hellwig) - xfs: simplify di_flags2 inheritance in xfs_ialloc (Christoph Hellwig) - xfs: only check the superblock version for dinode size calculation (Christoph Hellwig) - xfs: add a new xfs_sb_version_has_v3inode helper (Christoph Hellwig) - xfs: remove the kuid/kgid conversionwrappers (Christoph Hellwig) - xfs: remove the icdinode di_uid/di_gid members (Christoph Hellwig) - xfs: ensure that the inode uid/gid match values match the icdinode ones (Christoph Hellwig) - xfs: merge the projid fields in struct xfs_icdinode (Christoph Hellwig) - coresight-etm4: Fix for() loop drvdata-> nr_addr_cmp range bug (Steve Clevenger) - watchdog: sbsa_wdog: Make sure the timeout programming is within the limits (George Cherian) - i2c: ocores: generate stop condition after timeout in polling mode (Gregor Herburger) - ubi: Fix deadlock caused by recursively holding work_sem (ZhaoLong Wang) - mtd: ubi: wl: Fix a couple of kernel-doc issues (Lee Jones) - asymmetric_keys: log on fatal failures in PE/pkcs7 (Robbie Harwood) - verify_pefile: relax wrapper length check (Robbie Harwood) - drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (Hans de Goede) - efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (Hans de Goede) - i2c: imx-lpi2c: clean rx/tx buffers upon new message (Alexander Stein) - power: supply: cros_usbpd: reclassify "default case!" as debug (Grant Grundler) - net: macb: fix a memory corruption in extended buffer descriptor mode (Roman Gushchin) - udp6: fix potential access to stale information (Eric Dumazet) - RDMA/core: Fix GID entry ref leak when create_ah fails (Saravanan Vajravel) - sctp: fix a potential overflow in sctp_ifwdtsn_skip (Xin Long) - qlcnic: check pci_reset_function result (Denis Plotnikov) - niu: Fix missing unwind goto in niu_alloc_channels() (Harshit Mogalapalli) - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition (Zheng Wang) - mtd: rawnand: stm32_fmc2: remove unsupported EDO mode (Christophe Kerello) - mtd: rawnand: meson: fix bitmask for length in command word (Arseniy Krasnov) - mtdblock: tolerate corrected bit-flips (Bang Li) - btrfs: fix fast csum implementation detection (Christoph Hellwig) - btrfs: print checksum type and implementation at mount time (David Sterba) - Bluetooth: Fix racecondition in hidp_session_thread (Min Li) - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (Luiz Augusto von Dentz) - ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (Oswald Buddenhagen) - ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (Xu Biang) - ALSA: i2c/cs8427: fix iec958 mixer control deactivation (Oswald Buddenhagen) - ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (Oswald Buddenhagen) - ALSA: emu10k1: fix capture interrupt handler unlinking (Oswald Buddenhagen) - Revert "pinctrl: amd: Disable and mask interrupts on resume" (Kornel DulÄba) - irqdomain: Fix mapping-creation race (Johan Hovold) - irqdomain: Refactor __irq_domain_alloc_irqs() (Johan Hovold) - irqdomain: Look for existing mapping only once (Johan Hovold) - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() (Rongwei Wang) - ring-buffer: Fix race while reader and writer are on the same page (Zheng Yejian) - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path (Boris Brezillon) - tracing: Free error logs of tracing instances (Steven Rostedt (Google)) - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access (Oleksij Rempel) - ftrace: Mark get_lock_parent_ip() __always_inline (John Keeping) - perf/core: Fix the same task check in perf_event_set_output (Kan Liang) - ALSA: hda/realtek: Add quirk for Clevo X370SNW (Jeremy Soller) - nilfs2: fix sysfs interface lifetime (Ryusuke Konishi) - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (Ryusuke Konishi) - tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty (Sherry Sun) - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI (Biju Das) - tty: serial: sh-sci: Fix transmit end interrupt handler (Biju Das) - iio: dac: cio-dac: Fix max DAC write value check for 12-bit (William Breathitt Gray) - iio: adc: ti-ads7950: Set can_sleep flag for GPIO chip (Lars-Peter Clausen) -USB: serial: option: add Quectel RM500U-CN modem (BjÃ¸rn Mork) - USB: serial: option: add Telit FE990 compositions (Enrico Sau) - usb: typec: altmodes/displayport: Fix configure initial pin assignment (RD Babiera) - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (Kees Jan Koster) - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (D Scott Phillips) - NFSD: callback request does not use correct credential for AUTH_SYS (Dai Ngo) - sunrpc: only free unix grouplist after RCU settles (Jeff Layton) - gpio: davinci: Add irq chip flag to skip set wake (Dhruva Gole) - ipv6: Fix an uninit variable access bug in __ip6_make_skb() (Ziyang Xuan) - sctp: check send stream number after wait_for_sndbuf (Xin Long) - net: don't let netpoll invoke NAPI if in xmit context (Jakub Kicinski) - icmp: guard against too small mtu (Eric Dumazet) - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (Felix Fietkau) - pwm: sprd: Explicitly set .polarity in .get_state() (Uwe Kleine-KÃ¶nig) - pwm: cros-ec: Explicitly set .polarity in .get_state() (Uwe Kleine-KÃ¶nig) - pinctrl: amd: disable and mask interrupts on probe (Sachi King) - pinctrl: amd: Use irqchip template (Linus Walleij) - smb3: fix problem with null cifs super block with previous patch (Steve French) - treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() (Kees Cook) - Revert "treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()" (Tom Saeger) - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (Waiman Long) - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (Basavaraj Natikar) - ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (Zhihao Cheng) - net_sched: prevent NULL dereference if default qdisc setup failed (Pratyush Yadav) - scsi: ses: Handle enclosure with just a primary component gracefully (Jiri Kosina) - LTS tag: v5.4.240 (Sherry Yang) - gfs2: Always check inode size of inline inodes (AndreasGruenbacher) - firmware: arm_scmi: Fix device node validation for mailbox transport (Cristian Marussi) - net: sched: fix race condition in qdisc_graft() (Eric Dumazet) - net_sched: add __rcu annotation to netdev-> qdisc (Eric Dumazet) - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Ye Bin) - btrfs: scan device in non-exclusive mode (Anand Jain) - s390/uaccess: add missing earlyclobber annotations to __clear_user() (Heiko Carstens) - drm/etnaviv: fix reference leak when mmaping imported buffer (Lucas Stach) - ALSA: usb-audio: Fix regression on detection of Roland VS-100 (Takashi Iwai) - ALSA: hda/conexant: Partial revert of a quirk for Lenovo (Takashi Iwai) - NFSv4: Fix hangs when recovering open state after a server reboot (Trond Myklebust) - pinctrl: at91-pio4: fix domain name assignment (Johan Hovold) - xen/netback: don't do grant copy across page boundary (Juergen Gross) - Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table (Hans de Goede) - cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL (David Disseldorp) - cifs: prevent infinite recursion in CIFSGetDFSRefer() (Paulo Alcantara) - Input: focaltech - use explicitly signed char type (Jason A. Donenfeld) - Input: alps - fix compatibility with -funsigned-char (msizanoen) - pinctrl: ocelot: Fix alt mode for ocelot (Horatiu Vultur) - net: mvneta: make tx buffer array agnostic (Lorenzo Bianconi) - net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only (Steffen BÃ¤tz) - bnxt_en: Fix typo in PCI id to device description string mapping (Kalesh AP) - i40e: fix registers dump after run ethtool adapter self test (Radoslaw Tyl) - s390/vfio-ap: fix memory leak in vfio_ap device driver (Tony Krowiak) - can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write (Ivan Orlov) - net/net_failover: fix txq exceeding warning (Faicker Mo) - regulator: Handle deferred clk (Christophe JAILLET) - regulator: fix spelling mistake "Cant" -> "Can't" (Colin Ian King) - ptp_qoriq: fix memory leak in probe()(SongJingyi) - scsi: megaraid_sas: Fix crash after a double completion (Tomas Henzl) - mtd: rawnand: meson: invalidate cache on polling ECC bit (Arseniy Krasnov) - mips: bmips: BCM6358: disable RAC flush for TP1 (Ãlvaro FernÃ¡ndez Rojas) - dma-mapping: drop the dev argument to arch_sync_dma_for_* (Christoph Hellwig) - ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() (Harshit Mogalapalli) - fbdev: au1200fb: Fix potential divide by zero (Wei Chen) - fbdev: lxfb: Fix potential divide by zero (Wei Chen) - fbdev: intelfb: Fix potential divide by zero (Wei Chen) - fbdev: nvidia: Fix potential divide by zero (Wei Chen) - sched_getaffinity: don't assume 'cpumask_size()' is fully initialized (Linus Torvalds) - fbdev: tgafb: Fix potential divide by zero (Wei Chen) - ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (Kuninori Morimoto) - ALSA: asihpi: check pao in control_message() (Kuninori Morimoto) - md: avoid signed overflow in slot_store() (NeilBrown) - bus: imx-weim: fix branch condition evaluates to a garbage value (Ivan Bornyakov) - fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY (Eric Biggers) - ocfs2: fix data corruption after failed write (Jan Kara via Ocfs2-devel) - tun: avoid double free in tun_free_netdev (George Kennedy) - sched/fair: Sanitize vruntime of entity being migrated (Vincent Guittot) - sched/fair: sanitize vruntime of entity being placed (Zhang Qiao) - dm crypt: add cond_resched() to dmcrypt_write() (Mikulas Patocka) - dm stats: check for and propagate alloc_percpu failure (Jiasheng Jiang) - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (Wei Chen) - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() (Ryusuke Konishi) - wifi: mac80211: fix qos on mesh interfaces (Felix Fietkau) - usb: chipidea: core: fix possible concurrent when switch role (Xu Yang) - usb: chipdea: core: fix return -EINVAL if request role is the same with current role (Xu Yang) - usb: cdns3: Fix issue with using incorrect PCIdevice function (Pawel Laszczak) - dm thin: fix deadlock when swapping to thin device (Coly Li) - igb: revert rtnl_lock() that causes deadlock (Lin Ma) - fsverity: Remove WQ_UNBOUND from fsverity read workqueue (Nathan Huckleberry) - usb: gadget: u_audio: don't let userspace block driver unbind (Alvin Å ipraga) - scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (Joel Selvaraj) - cifs: empty interface list when server doesn't support query interfaces (Shyam Prasad N) - sh: sanitize the flags on sigreturn (Al Viro) - net: usb: qmi_wwan: add Telit 0x1080 composition (Enrico Sau) - net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 (Enrico Sau) - scsi: lpfc: Avoid usage of list iterator variable after loop (Jakob Koschel) - scsi: ufs: core: Add soft dependency on governor_simpleondemand (Adrien Thierry) - scsi: target: iscsi: Fix an error message in iscsi_check_key() (Maurizio Lombardi) - selftests/bpf: check that modifier resolves after pointer (Lorenz Bauer) - m68k: Only force 030 bus error if PC not in exception table (Michael Schmitz) - ca8210: fix mac_len negative array access (Alexander Aring) - riscv: Bump COMMAND_LINE_SIZE value to 1024 (Alexandre Ghiti) - thunderbolt: Use const qualifier for ring_interrupt_index (Mario Limonciello) - uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (Yaroslav Furman) - scsi: qla2xxx: Perform lockless command completion in abort path (Nilesh Javali) - hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs (Frank Crawford) - platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl (Tzung-Bi Shih) - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (Zheng Wang) - Bluetooth: btqcomsmd: Fix command timeout after setting BD address (Stephan Gerhold) - net: mdio: thunder: Add missing fwnode_handle_put() (Liang He) - hvc/xen: prevent concurrent accesses to the shared ring (Roger Pau Monne) - nvme-tcp: fix nvme_tcp_term_pdu to match spec (Caleb Sander) - net/sonic: usedma_mapping_error() for error check (Zhang Changzhong) - erspan: do not use skb_mac_header() in ndo_start_xmit() (Eric Dumazet) - atm: idt77252: fix kmemleak when rmmod idt77252 (Li Zetao) - net/mlx5: Read the TC mapping of all priorities on ETS query (Maher Sanalla) - bpf: Adjust insufficient default bpf_jit_limit (Daniel Borkmann) - keys: Do not cache key in task struct if key is requested from kernel thread (David Howells) - net/ps3_gelic_net: Use dma_mapping_error (Geoff Levand) - net/ps3_gelic_net: Fix RX sk_buff length (Geoff Levand) - net: qcom/emac: Fix use after free bug in emac_remove due to race condition (Zheng Wang) - xirc2ps_cs: Fix use after free bug in xirc2ps_detach (Zheng Wang) - qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (Daniil Tatianin) - net: usb: smsc95xx: Limit packet length to skb-> len (Szymon Heidrich) - scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (Yu Kuai) - i2c: imx-lpi2c: check only for enabled interrupt flags (Alexander Stein) - igbvf: Regard vf reset nack as success (Akihiko Odaki) - intel/igbvf: free irq on the error path in igbvf_request_msix() (Gaosheng Cui) - iavf: fix non-tunneled IPv6 UDP packet type and hashing (Alexander Lobakin) - iavf: fix inverted Rx hash condition leading to disabled hash (Alexander Lobakin) - power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (Zheng Wang) - net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() (Hangyu Hua) - LTS tag: v5.4.239 (Sherry Yang) - selftests: Fix the executable permissions for fib_tests.sh (Rishabh Bhatnagar) - LTS tag: v5.4.238 (Sherry Yang) - HID: uhid: Over-ride the default maximum data buffer value with our own (Lee Jones) - HID: core: Provide new max_buffer_size attribute to over-ride the default (Lee Jones) - PCI: Unify delay handling for reset and resume (Lukas Wunner) - s390/ipl: add missing intersection check to ipl_report handling (Sven Schnelle) - serial:8250_em: Fix UART port type (Biju Das) - drm/i915: Don't use stolen memory for ring buffers with LLC (John Harrison) - x86/mm: Fix use of uninitialized buffer in sme_enable() (Nikita Zhandarovich) - fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks (Helge Deller) - ftrace: Fix invalid address access in lookup_rec() when index is 0 (Chen Zhongjin) - tracing: Make tracepoint lockdep check actually test something (Steven Rostedt (Google)) - tracing: Check field value in hist_field_name() (Steven Rostedt (Google)) - interconnect: fix mem leak when freeing nodes (Johan Hovold) - tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted (Sherry Sun) - ext4: fix possible double unlock when moving a directory (Theodore Ts'o) - sh: intc: Avoid spurious sizeof-pointer-div warning (Michael Karcher) - drm/amdkfd: Fix an illegal memory access (Qu Huang) - ext4: fix task hung in ext4_xattr_delete_inode (Baokun Li) - ext4: fail ext4_iget if special inode unallocated (Baokun Li) - jffs2: correct logic when creating a hole in jffs2_write_begin (Yifei Liu) - mmc: atmel-mci: fix race between stop command and start of next command (Tobias Schramm) - media: m5mols: fix off-by-one loop termination error (Linus Torvalds) - hwmon: (ina3221) return prober error code (Marcus Folkesson) - hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition (Zheng Wang) - hwmon: (adt7475) Fix masking of hysteresis registers (Tony O'Brien) - hwmon: (adt7475) Display smoothing attributes in correct order (Tony O'Brien) - ethernet: sun: add check for the mdesc_grab() (Liang He) - net/iucv: Fix size of interrupt data (Alexandra Winter) - net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (Szymon Heidrich) - block: sunvdc: add check for mdesc_grab() returning NULL (Liang He) - nvmet: avoid potential UAF in nvmet_req_complete() (Damien Le Moal) - net: usb: smsc75xx: Limit packet length to skb-> len (Szymon Heidrich) - nfc:st-nci: Fix use after free bug in ndlc_remove due to race condition (Zheng Wang) - net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails (Heiner Kallweit) - net: tunnels: annotate lockless accesses to dev-> needed_headroom (Eric Dumazet) - qed/qed_dev: guard against a possible division by zero (Daniil Tatianin) - i40e: Fix kernel crash during reboot when adapter is in recovery mode (Ivan Vecera) - ipvlan: Make skb-> skb_iif track skb-> dev for l3s mode (Jianguo Wu) - nfc: pn533: initialize struct pn533_out_arg properly (Fedor Pchelkin) - tcp: tcp_make_synack() can be called from process context (Breno Leitao) - scsi: core: Fix a procfs host directory removal regression (Bart Van Assche) - scsi: core: Fix a comment in function scsi_host_dev_release() (Xiang Chen) - netfilter: nft_redir: correct value of inet type .maxattrs (Jeremy Sowden) - ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU() (Bjorn Helgaas) - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid (Kai Vehmanen) - ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid (Kai Vehmanen) - ALSA: hda - controller is in GPU on the DG1 (Kai Vehmanen) - ALSA: hda - add Intel DG1 PCI and HDMI ids (Kai Vehmanen) - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (Wenchao Hao) - docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate (Glenn Washburn) - clk: HI655X: select REGMAP instead of depending on it (Randy Dunlap) - drm/meson: fix 1px pink line on GXM when scaling video overlay (Christian Hewitt) - cifs: Move the in_send statistic to __smb_send_rqst() (Zhang Xiaoxu) - drm/panfrost: Don't sync rpm suspension after mmu flushing (Dmitry Osipenko) - xfrm: Allow transport-mode states with AF_UNSPEC selector (Herbert Xu) - ext4: fix cgroup writeback accounting with fs-layer encryption (Eric Biggers) - LTS tag: v5.4.237 (Sherry Yang) - s390/dasd: add missing discipline function (Stefan Haberland) - UML: define RUNTIME_DISCARD_EXIT (Masahiro Yamada) - sh: defineRUNTIME_DISCARD_EXIT (Tom Saeger) - s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 (Masahiro Yamada) - powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds (Michael Ellerman) - powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT (Michael Ellerman) - arch: fix broken BuildID for arm64 and riscv (Masahiro Yamada) - x86, vmlinux.lds: Add RUNTIME_DISCARD_EXIT to generic DISCARDS (H.J. Lu) - drm/i915: Don't use BAR mappings for ring buffers with LLC (John Harrison) - ipmi:watchdog: Set panic count to proper value on a panic (Corey Minyard) - ipmi/watchdog: replace atomic_add() and atomic_sub() (Yejune Deng) - media: ov5640: Fix analogue gain control (Paul Elder) - PCI: Add SolidRun vendor ID (Alvaro Karsz) - macintosh: windfarm: Use unsigned type for 1-bit bitfields (Nathan Chancellor) - alpha: fix R_ALPHA_LITERAL reloc for large modules (Edward Humes) - MIPS: Fix a compilation issue (xurui) - ext4: Fix deadlock during directory rename (Jan Kara) - riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode (Alexandre Ghiti) - net/smc: fix fallback failed while sendmsg with fastopen (D. Wythe) - scsi: megaraid_sas: Update max supported LD IDs to 240 (Chandrakanth Patil) - btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR (Lorenz Bauer) - netfilter: tproxy: fix deadlock due to missing BH disable (Florian Westphal) - bnxt_en: Avoid order-5 memory allocation for TPA data (Michael Chan) - net: caif: Fix use-after-free in cfusbl_device_notify() (Shigeru Yoshida) - net: lan78xx: fix accessing the LAN7800's internal phy specific registers from the MAC driver (Yuiko Oshino) - net: usb: lan78xx: Remove lots of set but unused 'ret' variables (Lee Jones) - selftests: nft_nat: ensuring the listening side is up before starting the client (Hangbin Liu) - ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (Eric Dumazet) - nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (Kang Chen) - drm/msm/a5xx: fixsetting of the CP_PREEMPT_ENABLE_LOCAL register (Dmitry Baryshkov) - ext4: Fix possible corruption when moving a directory (Jan Kara) - scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (Bart Van Assche) - cifs: Fix uninitialized memory read in smb3_qfs_tcon() (Volker Lendecke) - SMB3: Backup intent flag missing from some more ops (Amir Goldstein) - iommu/vt-d: Fix PASID directory pointer coherency (Jacob Pan) - irqdomain: Fix domain registration race (Marc Zyngier) - irqdomain: Change the type of 'size' in __irq_domain_add() to be consistent (Bixuan Cui) - ipmi:ssif: Add a timer between request retries (Corey Minyard) - ipmi:ssif: Increase the message retry time (Corey Minyard) - ipmi:ssif: Remove rtc_us_timer (Corey Minyard) - ipmi:ssif: resend_msg() cannot fail (Corey Minyard) - ipmi:ssif: make ssif_i2c_send() void (Liguang Zhang) - iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (Gavrilov Ilia) - iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (Kim Phillips) - iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid] commands (Suravee Suthikulpanit) - nfc: change order inside nfc_se_io error path (Fedor Pchelkin) - ext4: zero i_disksize when initializing the bootloader inode (Zhihao Cheng) - ext4: fix WARNING in ext4_update_inline_data (Ye Bin) - ext4: move where set the MAY_INLINE_DATA flag is set (Ye Bin) - ext4: fix another off-by-one fsmap error on 1k block filesystems (Darrick J. Wong) - ext4: fix RENAME_WHITEOUT handling for inline directories (Eric Whitney) - drm/connector: print max_requested_bpc in state debugfs (Harry Wentland) - x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (Andrew Cooper) - fs: prevent out-of-bounds array speculation when closing a file descriptor (Theodore Ts'o) - LTS tag: v5.4.236 (Sherry Yang) - staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh (Philipp Hortmann) - staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script (PhilippHortmann) - wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" (Hector Martin) - LTS tag: v5.4.235 (Sherry Yang) - dt-bindings: rtc: sun6i-a31-rtc: Loosen the requirements on the clocks (Maxime Ripard) - media: uvcvideo: Fix race condition with usb_kill_urb (Ricardo Ribalda) - media: uvcvideo: Provide sync and async uvc_ctrl_status_event (Ricardo Ribalda) - tcp: Fix listen() regression in 5.4.229. (Kuniyuki Iwashima) - Bluetooth: hci_sock: purge socket queues in the destruct() callback (Nguyen Dinh Phi) - x86/resctl: fix scheduler confusion with 'current' (Linus Torvalds) - x86/resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid} (Valentin Schneider) - net: tls: avoid hanging tasks on the tx_lock (Jakub Kicinski) - phy: rockchip-typec: Fix unsigned comparison with less than zero (Jiapeng Chong) - PCI: Add ACS quirk for Wangxun NICs (Mengyuan Lou) - kernel/fail_function: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman) - usb: uvc: Enumerate valid values for color matching (Daniel Scally) - USB: ene_usb6250: Allocate enough memory for full object (Kees Cook) - usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math (Kees Cook) - iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() (Harshit Mogalapalli) - iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() (Harshit Mogalapalli) - tools/iio/iio_utils:fix memory leak (Yulong Zhang) - mei: bus-fixup:upon error print return values of send and receive (Alexander Usyskin) - tty: serial: fsl_lpuart: disable the CTS when send break signal (Sherry Sun) - tty: fix out-of-bounds access in tty_driver_lookup_tty() (Sven Schnelle) - staging: emxx_udc: Add checks for dma_alloc_coherent() (Yuan Can) - media: uvcvideo: Silence memcpy() run-time false positive warnings (Kees Cook) - media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 (Ricardo Ribalda) - media: uvcvideo: Handle errors from calls tousb_string (Guenter Roeck) - media: uvcvideo: Handle cameras with invalid descriptors (Ricardo Ribalda) - mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak (Liang He) - firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 (Darrell Kavanagh) - tracing: Add NULL checks for buffer in ring_buffer_free_read_page() (Jia-Ju Bai) - thermal: intel: BXT_PMIC: select REGMAP instead of depending on it (Randy Dunlap) - thermal: intel: quark_dts: fix error pointer dereference (Dan Carpenter) - scsi: ipr: Work around fortify-string warning (Arnd Bergmann) - rtc: sun6i: Always export the internal oscillator (Samuel Holland) - rtc: sun6i: Make external 32k oscillator optional (Jernej Skrabec) - tcp: tcp_check_req() can be called from process context (Eric Dumazet) - ARM: dts: spear320-hmi: correct STMPE GPIO compatible (Krzysztof Kozlowski) - net/sched: act_sample: fix action bind logic (Pedro Tammela) - nfc: fix memory leak of se_io context in nfc_genl_se_io (Fedor Pchelkin) - net/mlx5: Geneve, Fix handling of Geneve object id as error code (Maor Dickman) - 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() (Zhengchao Shao) - 9p/xen: fix connection sequence (Juergen Gross) - 9p/xen: fix version parsing (Juergen Gross) - net: fix __dev_kfree_skb_any() vs drop monitor (Eric Dumazet) - sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop (Xin Long) - ipv6: Add lwtunnel encap size of all siblings in nexthop calculation (Lu Wei) - netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() (Hangyu Hua) - watchdog: pcwd_usb: Fix attempting to access uninitialized memory (Li Hua) - watchdog: Fix kmemleak in watchdog_cdev_register (Chen Jun) - watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path (ruanjinjie) - x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list (Ammar Faizi) - ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed (Zhihao Cheng) - ubi: Fix UAF wear-levelingentry in eraseblk_count_seq_show() (Zhihao Cheng) - ubifs: ubifs_writepage: Mark page dirty after writing inode failed (Zhihao Cheng) - ubifs: dirty_cow_znode: Fix memleak in error handling path (Zhihao Cheng) - ubifs: Re-statistic cleaned znode count if commit failed (Zhihao Cheng) - ubi: Fix possible null-ptr-deref in ubi_free_volume() (Yang Yingliang) - ubifs: Fix memory leak in alloc_wbufs() (Li Zetao) - ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (Li Zetao) - ubi: Fix use-after-free when volume resizing failed (Li Zetao) - ubifs: Reserve one leb for each journal head while doing budget (Zhihao Cheng) - ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (Zhihao Cheng) - ubifs: Fix wrong dirty space budget for dirty inode (Zhihao Cheng) - ubifs: Rectify space budget for ubifs_xrename() (Zhihao Cheng) - ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted (Zhihao Cheng) - ubifs: Fix build errors as symbol undefined (Li Hua) - ubi: ensure that VID header offset + VID header size gpio_mutex locked in aureon_add_controls() (Dmitry Fomin) - irqdomain: Drop bogus fwspec-mapping error handling (Johan Hovold) - irqdomain: Fix disassociation race (Johan Hovold) - irqdomain: Fix association race (Johan Hovold) - ima: Align ima_file_mmap() parameters with mmap_file LSM hook (Roberto Sassu) - Documentation/hw-vuln: Document the interaction between IBRS and STIBP (KP Singh) - x86/microcode/AMD: Fix mixed steppings support (Borislav Petkov (AMD)) - x86/microcode/AMD: Add a @cpu parameter to the reloading functions (Borislav Petkov (AMD)) - x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter (Borislav Petkov (AMD)) - x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range (Yang Jihong) - x86/kprobes: Fix __recover_optprobed_insn check optimizing logic (Yang Jihong) - x86/reboot: Disable SVM, not just VMX, when stopping CPUs (Sean Christopherson) - x86/reboot: Disable virtualization in anemergency if SVM is supported (Sean Christopherson) - x86/crash: Disable virt in core NMI crash handler to avoid double shootdown (Sean Christopherson) - x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson) - x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) (Sean Christopherson) - KVM: s390: disable migration mode when dirty tracking is disabled (Nico Boehr) - KVM: Destroy target device if coalesced MMIO unregistration fails (Sean Christopherson) - udf: Detect system inodes linked into directory hierarchy (Jan Kara) - udf: Preserve link count of system files (Jan Kara) - udf: Do not update file length for failed writes to inline files (Jan Kara) - udf: Do not bother merging very long extents (Jan Kara) - udf: Truncate added extents on failed expansion (Jan Kara) - ocfs2: fix non-auto defrag path not working issue (Heming Zhao via Ocfs2-devel) - ocfs2: fix defrag path triggering jbd2 ASSERT (Heming Zhao via Ocfs2-devel) - f2fs: fix cgroup writeback accounting with fs-layer encryption (Eric Biggers) - f2fs: fix information leak in f2fs_move_inline_dirents() (Eric Biggers) - fs: hfsplus: fix UAF issue in hfsplus_put_super (Dongliang Mu) - hfs: fix missing hfs_bnode_get() in __hfs_bnode_create (Liu Shixin) - ARM: dts: exynos: correct HDMI phy compatible in Exynos4 (Krzysztof Kozlowski) - s390/kprobes: fix current_kprobe never cleared after kprobes reenter (Vasily Gorbik) - s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler (Vasily Gorbik) - s390: discard .interp section (Ilya Leoshkevich) - ipmi_ssif: Rename idle state and check (Corey Minyard) - rtc: pm8xxx: fix set-alarm race (Johan Hovold) - firmware: coreboot: framebuffer: Ignore reserved pixel color bits (Alper Nebi Yasak) - wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu (Jun ASAKA) - nfsd: zero out pointers after putting nfsd_files on COPY setup error (Jeff Layton) - dm cache: add cond_resched() to various workqueue loops (Mike Snitzer) - dm thin: addcond_resched() to various workqueue loops (Mike Snitzer) - drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5 (Darrell Kavanagh) - pinctrl: at91: use devm_kasprintf() to avoid potential leaks (Claudiu Beznea) - hwmon: (coretemp) Simplify platform device handling (Robin Murphy) - regulator: s5m8767: Bounds check id indexing into arrays (Kees Cook) - regulator: max77802: Bounds check regulator id against opmode (Kees Cook) - ASoC: kirkwood: Iterate over array indexes instead of using pointer math (Kees Cook) - docs/scripts/gdb: add necessary make scripts_gdb step (Jakob Koschel) - drm/msm/dsi: Add missing check for alloc_ordered_workqueue (Jiasheng Jiang) - drm/radeon: free iio for atombios when driver shutdown (Liwei Song) - HID: Add Mapping for System Microphone Mute (Jingyuan Liang) - drm/omap: dsi: Fix excessive stack usage (Tomi Valkeinen) - drm/amd/display: Fix potential null-deref in dm_resume (Roman Li) - uaccess: Add minimum bounds check on kernel buffer size (Kees Cook) [5.4.17-2136.320.3.el7] - pensando: kpcimgr: avoid panic when device tree is corrupt (Rob Gardner) [Orabug: 35079751] - net: mana: Fix accessing freed irq affinity_hint (Haiyang Zhang) [Orabug: 35085105] - net: mana: Assign interrupts to CPUs based on NUMA nodes (Saurabh Sengar) [Orabug: 35085105] - net: mana: Add rmb after checking owner bits (Haiyang Zhang) [Orabug: 35085105] - IB/mad: Don't call to function that might sleep while in atomic context (Leonid Ravich) [Orabug: 35072250] Full Advisory . Red Hat Enterprise Linux 7 has an essential kernel patch introduced to fix security flaws. Ensure your system is current and protected.. kernel security, Oracle Linux vulnerabilities, Linux kernel update. . Severity: Important. LinuxSecurity.com Team

Nov 23, 2023 •Important Oracle

security advisorysecurity issueimportant update

openSUSE: 2023:0134-1 Important: Kernel Security Issues Addressed

An update that solves 11 vulnerabilities and has 11 fixes is now available.. SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2023:0134-1 Rating: important References: #1151927 #1157049 #1190969 #1203183 #1204171 #1204250 #1204693 #1205256 #1206113 #1206114 #1206174 #1206175 #1206176 #1206177 #1206178 #1206179 #1206389 #1206394 #1206395 #1206397 #1206398 #1206664 Cross-References: CVE-2019-19083 CVE-2022-3105 CVE-2022-3106 CVE-2022-3107 CVE-2022-3108 CVE-2022-3111 CVE-2022-3435 CVE-2022-3643 CVE-2022-42328 CVE-2022-42329 CVE-2022-4662 CVSS scores: CVE-2019-19083 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-19083 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3105 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3105 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3106 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3106 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3107 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3107 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3108 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3108 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3111 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3111 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-3435 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2022-3435 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2022-3643 (NVD) : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2022-3643 (SUSE): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-42328 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-42328 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-42329 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-42329 (SUSE): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-4662 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2022-4662 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Realtime 15-SP3 SUSE Linux Enterprise Real Time 15-SP3 openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that solves 11 vulnerabilities and has 11 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3435: Fixed an out-of-bounds read in fib_nh_match() of the file net/ipv4/fib_semantics.c (bsc#1204171). - CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. (bsc#1206664) - CVE-2022-3105: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc_array. (bsc#1206398) - CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the return value of kmemdup() could lead to a NULL pointer dereference. (bsc#1206389) -CVE-2022-3106: Fixed a null pointer dereference caused by a missing check of the return value of kmalloc. (bsc#1206397) - CVE-2022-3107: Fixed a null pointer dereference caused by a missing check of the return value of kvmalloc_array. (bsc#1206395) - CVE-2022-3111: Fixed a missing release of resource after effective lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in wm8350_init_charger. (bsc#1206394) - CVE-2022-42328: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206114). - CVE-2022-42329: Fixed a bug which could allow guests to trigger denial of service via the netback driver (bsc#1206113). - CVE-2022-3643: Fixed a bug which could allow guests to trigger NIC interface reset/abort/crash via netback driver (bsc#1206113). - CVE-2019-19083: Fixed a memory leaks in clock_source_create that could allow attackers to cause a denial of service (bsc#1157049). The following non-security bugs were fixed: - afs: Fix some tracing details (git-fixes). - block: Do not reread partition table on exclusively open device (bsc#1190969). - cuse: prevent clone (bsc#1206177). - dt-bindings: clocks: imx8mp: Add ID for usb suspend clock (git-fixes). - efi: Add iMac Pro 2017 to uefi skip cert quirk (git-fixes). - fuse: do not check refcount after stealing page (bsc#1206174). - fuse: fix the -> direct_IO() treatment of iov_iter (bsc#1206176). - fuse: fix use after free in fuse_read_interrupt() (bsc#1206178). - fuse: lock inode unconditionally in fuse_fallocate() (bsc#1206179). - fuse: update attr_version counter on fuse_notify_inval_inode() (bsc#1206175). - ipv6: ping: fix wrong checksum for large frames (bsc#1203183). - kbuild: Unify options for BTF generation for vmlinux and modules (bsc#1204693). - mm, page_alloc: avoid expensive reclaim when compaction may not succeed (bsc#1204250). - net: mana: Fix race on per-CQ variable napi work_done(git-fixes). - net: usb: cdc_ncm: do not spew notifications (git-fixes). - net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes). - rtc: pcf85063: Fix reading alarm (git-fixes). - s390/boot: add secure boot trailer (bsc#1205256 LTC#1205256). - tracing: Add tracing_reset_all_online_cpus_unlocked() function (git-fixes). - tracing: Delete all matched events (git-fixes). - tracing: Free buffers when a used dynamic event is removed (git-fixes). - usb: host: xhci-hub: fix extra endianness conversion (git-fixes). - usbnet: move new members to end (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2023-134=1 - SUSE Linux Enterprise Module for Realtime 15-SP3: zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2023-134=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-134=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-134=1 Package List: - openSUSE Leap Micro 5.2 (x86_64): kernel-rt-5.3.18-150300.115.1 kernel-rt-debuginfo-5.3.18-150300.115.1 kernel-rt-debugsource-5.3.18-150300.115.1 - SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch): kernel-devel-rt-5.3.18-150300.115.1 kernel-source-rt-5.3.18-150300.115.1 - SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64): cluster-md-kmp-rt-5.3.18-150300.115.1 cluster-md-kmp-rt-debuginfo-5.3.18-150300.115.1 dlm-kmp-rt-5.3.18-150300.115.1 dlm-kmp-rt-debuginfo-5.3.18-150300.115.1 gfs2-kmp-rt-5.3.18-150300.115.1 gfs2-kmp-rt-debuginfo-5.3.18-150300.115.1 kernel-rt-5.3.18-150300.115.1 kernel-rt-debuginfo-5.3.18-150300.115.1 kernel-rt-debugsource-5.3.18-150300.115.1 kernel-rt-devel-5.3.18-150300.115.1 kernel-rt-devel-debuginfo-5.3.18-150300.115.1 kernel-rt_debug-debuginfo-5.3.18-150300.115.1 kernel-rt_debug-debugsource-5.3.18-150300.115.1 kernel-rt_debug-devel-5.3.18-150300.115.1 kernel-rt_debug-devel-debuginfo-5.3.18-150300.115.1 kernel-syms-rt-5.3.18-150300.115.1 ocfs2-kmp-rt-5.3.18-150300.115.1 ocfs2-kmp-rt-debuginfo-5.3.18-150300.115.1 - SUSE Linux Enterprise Micro 5.2 (x86_64): kernel-rt-5.3.18-150300.115.1 kernel-rt-debuginfo-5.3.18-150300.115.1 kernel-rt-debugsource-5.3.18-150300.115.1 - SUSE Linux Enterprise Micro 5.1 (x86_64): kernel-rt-5.3.18-150300.115.1 kernel-rt-debuginfo-5.3.18-150300.115.1 kernel-rt-debugsource-5.3.18-150300.115.1 References: https://www.suse.com/security/cve/CVE-2019-19083.html https://www.suse.com/security/cve/CVE-2022-3105.html https://www.suse.com/security/cve/CVE-2022-3106.html https://www.suse.com/security/cve/CVE-2022-3107.html https://www.suse.com/security/cve/CVE-2022-3108.html https://www.suse.com/security/cve/CVE-2022-3111.html https://www.suse.com/security/cve/CVE-2022-3435.html https://www.suse.com/security/cve/CVE-2022-3643.html https://www.suse.com/security/cve/CVE-2022-42328.html https://www.suse.com/security/cve/CVE-2022-42329.html https://www.suse.com/security/cve/CVE-2022-4662.html https://bugzilla.suse.com/1151927 https://bugzilla.suse.com/1157049 https://bugzilla.suse.com/1190969 https://bugzilla.suse.com/1203183 https://bugzilla.suse.com/1204171 https://bugzilla.suse.com/1204250 https://bugzilla.suse.com/1204693 https://bugzilla.suse.com/1205256 https://bugzilla.suse.com/1206113 https://bugzilla.suse.com/1206114 https://bugzilla.suse.com/1206174 https://bugzilla.suse.com/1206175 https://bugzilla.suse.com/1206176 https://bugzilla.suse.com/1206177 https://bugzilla.suse.com/1206178 https://bugzilla.suse.com/1206179 https://bugzilla.suse.com/1206389 https://bugzilla.suse.com/1206394 https://bugzilla.suse.com/1206395 https://bugzilla.suse.com/1206397 https://bugzilla.suse.com/1206398 https://bugzilla.suse.com/1206664 . A new version tackling 10 vulnerabilities in the Linux Kernel has been released for Fedora, necessitating a reboot after installation.. openSUSE Kernel Fix, Linux Kernel Update, Security Advisory, System Reboot, Important Update. . Severity: Important. LinuxSecurity.com Team

Jan 25, 2023 •Important OpenSUSE

security advisorymoderatesecurity update

SUSE Linux Enterprise Server 12-SP5: Updates for Moderate Threat Issues

An update that solves three vulnerabilities and has three fixes is now available. . SUSE Security Update: Security update for rpm ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3939-1 Rating: moderate References: #1183543 #1183545 #1183632 #1183659 #1185299 #996280 Cross-References: CVE-2021-20266 CVE-2021-20271 CVE-2021-3421 CVSS scores: CVE-2021-20266 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2021-20266 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2021-20271 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-20271 (SUSE): 3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L CVE-2021-3421 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-3421 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that solves three vulnerabilities and has three fixes is now available. Description: This update for rpm fixes the following issues: - Fixed PGP parsing bugs (bsc#1185299). - Fixed various format handling bugs (bsc#996280). - CVE-2021-3421: Fixed vulnerability where unsigned headers could be injected into the rpm database (bsc#1183543). - CVE-2021-20271: Fixed vulnerability where a corrupted rpm could corrupt the rpm database (bsc#1183545). - CVE-2021-20266: Fixed missing bounds check in hdrblobInit (bsc#1183632). Bugfixes: - Fixed deadlock when multiple rpm processes tried to acquire the database lock (bsc#1183659). Patch Instructions: Toinstall this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3939=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3939=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): rpm-debuginfo-4.11.2-16.26.1 rpm-debugsource-4.11.2-16.26.1 rpm-devel-4.11.2-16.26.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): python3-rpm-4.11.2-16.26.1 python3-rpm-debuginfo-4.11.2-16.26.1 python3-rpm-debugsource-4.11.2-16.26.1 rpm-4.11.2-16.26.1 rpm-build-4.11.2-16.26.1 rpm-build-debuginfo-4.11.2-16.26.1 rpm-debuginfo-4.11.2-16.26.1 rpm-debugsource-4.11.2-16.26.1 rpm-python-4.11.2-16.26.1 rpm-python-debuginfo-4.11.2-16.26.1 rpm-python-debugsource-4.11.2-16.26.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): rpm-32bit-4.11.2-16.26.1 rpm-debuginfo-32bit-4.11.2-16.26.1 References: https://www.suse.com/security/cve/CVE-2021-20266.html https://www.suse.com/security/cve/CVE-2021-20271.html https://www.suse.com/security/cve/CVE-2021-3421.html https://bugzilla.suse.com/1183543 https://bugzilla.suse.com/1183545 https://bugzilla.suse.com/1183632 https://bugzilla.suse.com/1183659 https://bugzilla.suse.com/1185299 https://bugzilla.suse.com/996280 . SUSE Linux Enterprise Server 15-SP4 has rolled out a critical rpm patch that resolves several vulnerabilities.. SUSE Linux Enterprise,rpm update,security fixes,threat management. . LinuxSecurity.com Team

Nov 10, 2022 SuSE

security advisorydenial of serviceimportant advisory

Red Hat JBoss 7.4 Important: RHSA-2022-6825-01 DoS Vulnerability Fixes

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update Advisory ID: RHSA-2022:6825-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2022:6825 Issue date: 2022-10-05 CVE Names: CVE-2022-1259 CVE-2022-2053 CVE-2022-25857 ==================================================================== 1. Summary: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * undertow: Large AJP request may cause DoS (CVE-2022-2053) * undertow: potential security issue in flow control over HTTP/2 may lead to DOS. Incomplete fix for CVE-2021-3629 (CVE-2022-1259) * snakeyaml: Denial of Service due missing to nested depth limitation for collections. (CVE-2022-25857) 3. Solution: Beforeapplying this update, ensure all previously released errata relevant to your system have been applied. For details about how to apply this update, see: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2072339 - CVE-2022-1259 undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) 2095862 - CVE-2022-2053 undertow: Large AJP request may cause DoS 2126789 - CVE-2022-25857 snakeyaml: Denial of Service due to missing nested depth limitation for collections 5. JIRA issues fixed (https://redhat.atlassian.net/jira/projects): JBEAP-23687 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP1-redhat-00001 to 1.5.3.SP2-redhat-00001 JBEAP-23738 - (7.4.z) Upgrade jastow from 2.0.9.Final-redhat-00001 to 2.0.11.Final-redhat-00001 JBEAP-23741 - [GSS](7.4.z) Upgrade Undertow from 2.2.18.SP2-redhat-00001 to 2.2.19.SP2-redhat-00001 JBEAP-23753 - (7.4.z) Upgrade HAL from 3.3.13.Final-redhat-00001 to 3.3.14.Final-redhat-00001 JBEAP-23772 - [GSS](7.4.z) Upgrade Mojarra from 2.3.14.SP05-redhat-00001 to 2.3.14.SP06-redhat-00001 JBEAP-23794 - (7.4.z) Upgrade Elytron from 1.15.13.Final-redhat-00001 to 1.15.14.Final-redhat-00001 JBEAP-23802 - (7.4.z) Upgrade WildFly Core from 15.0.15.Final-redhat-00001 to 15.0.17.Final-redhat-00001 JBEAP-23803 - (7.4.z) Upgrade Artemis from 2.16.0.redhat-00042 to 2.16.0.redhat-00045 JBEAP-23805 - (7.4.z) Upgrade jboss-ejb-client from 4.0.44.Final-redhat-00001 to 4.0.45.Final-redhat-00001 JBEAP-23816 - (7.4.z) Upgrade RESTEasy from 3.15.3.Final-redhat-00001 to 3.15.4.Final-redhat-00001 JBEAP-23818 - [GSS](7.4.z) WFLY-16607 - Application deployment fails with EJB components in EAP 7.4 Update 5 and works fine with Update 1 JBEAP-23869 - [GSS](7.4.z) Upgrade JBoss VFS from 3.2.16.Final-redhat-00001 to 3.2.17.Final-redhat-00001 JBEAP-23881 - [GSS](7.4.z) Upgrade Hibernate ORM from 5.3.27.Final-redhat-00001 to 5.3.28.Final-redhat-00001 JBEAP-23912 - (7.4.z) Upgrade WildFly Core from 15.0.17.Final-redhat-00001 to15.0.18.Final-redhat-00001 6. References: https://access.redhat.com/security/cve/CVE-2022-1259 https://access.redhat.com/security/cve/CVE-2022-2053 https://access.redhat.com/security/cve/CVE-2022-25857 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/ 7. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYz3vdNzjgjWX9erEAQgtEQ/7Bzis0w+Ck4RVXnVw7Dfwq7uH7aNyMe0n BPFVToHW+HebABZ5C1VsRgFcBJApAs+1Al/+o3yOQkBNrUPTl7NamBowoVGTsihV 7gSYN/DuJB6WGwJaOZh2Tdg1LdGilnmqu74/+zNrmcX/xC2bEEpDrTPE/EGXeiTR +dgAvcPQBbtVy4x5tV1DiwsvPqBxsFmIcFa0YVqKh6xiDbDwtdLyv/2dELfzPDEC 8yQeQMrgwkvvr4ovknHzboHMCM8hCqWW4zgEN9dx3x9RUEl0OBYBOHBnYg2oeIVB 5QdkRHIlmRGkqLFpJ0YiPGHFKRCb+sDhgjfoOy6XSzLjEVReswXBBKphXKMI//Zg RD3crnHXpM+hUbZOwb9fL0v9C5AN8Rv0vh3dzbAa7A5gAyRWgtOm1/VtE/3NHmTV QtEWJMYjx1DyciefOShBsBp/u9oOGRp9oId305P432JGoYbnh/tgSMVNgI5pROL5 otAlDVYaCsGV3J9WyBzqQYd5kaWUez36ZHF9Q1vjHu/p7wILQrZjUaf0WUoxVsHc y7VVcpn8rOhtynunlzANpoEDrEqTgeEdv+/crARN01VFRdM+nRU3BVo3VFr25DXt 2frF8ZEeCy/fHWJXEh6nH96qyi0Z3XVhkwX3xDbDV2fy3CZQkNDWMJZ7rA1LDqM0 jC3oICzd/QA=HC+w -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Vital security notice regarding Red Hat JBoss Enterprise Application Platform 7.4. Encompasses essential patches.. Red Hat JBoss, Java App Security, Denial of Service Fixes. . Severity: Important. LinuxSecurity.com Team

Oct 05, 2022 •Important Red Hat

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

openSUSE 15.6: 2025:0582-1 low: MySQL glibc security fix

SUSE: 2025:0252-1 important: kernel live patch fixes 34 issues

openSUSE: 2025:0202-1 important: Updated Kernel Security Advisory

Oracle Linux 8 ELSA-2025-20018: Important Kernel Security Advisory

Oracle Linux 7 ELSA-2023-13001 Important: Critical Kernel Issues

openSUSE: 2023:0134-1 Important: Kernel Security Issues Addressed

SUSE Linux Enterprise Server 12-SP5: Updates for Moderate Threat Issues

Red Hat JBoss 7.4 Important: RHSA-2022-6825-01 DoS Vulnerability Fixes

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!