- 000release-packages:SL-Micro-release
-
n/a
- catatonit
-
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
- chrony
-
- bsc#1225362, chrony-124-tai.patch: make 124-tai more reliable
- curl
-
- Security fix: [bsc#1234068, CVE-2024-11053]
* curl could leak the password used for the first host to the
followed-to host under certain circumstances.
* netrc: address several netrc parser flaws
* Add curl-CVE-2024-11053.patch
- Security fix: [bsc#1232528, CVE-2024-9681]
* HSTS subdomain overwrites parent cache entry
* Add curl-CVE-2024-9681.patch
- glib2
-
- Add glib2-CVE-2024-52533.patch: fix a single byte buffer overflow
(boo#1233282 CVE-2024-52533 glgo#GNOME/glib#3461).
- iptables
-
- Add iptables-1.8.9-fix-checking-existence-of-rule.patch
* Fixes checking existence of rules. Fixes issues with rule creation
with podman/netavark. (bsc#1235088, bsc#1234996)
- kernel-source:kernel-default
-
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post()
(stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360
(NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook
430 G8 (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80
(stable-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue
(stable-fixes).
- commit 8c25a0a
- drm/v3d: Enable Performance Counters before clearing them
(git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path
(git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec
(git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in
sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove
(git-fixes).
- mmc: core: Further prevent card detect during shutdown
(git-fixes).
- commit 87e627e
- net/mlx5e: kTLS, Fix incorrect page refcounting (CVE-2024-53138
bsc#1234223).
- ice: protect XDP configuration with a mutex (CVE-2024-46765
bsc#1230807).
- sch/netem: fix use after free in netem_dequeue (CVE-2024-46800
bsc#1230827).
- commit c9f3783
- vp_vdpa: fix id_table array not null terminated error
(CVE-2024-53110 bsc#1234085).
- commit ffc9457
- net/mlx5: fs, lock FTE when checking if active (CVE-2024-53121
bsc#1234078).
- mlxsw: spectrum_ipip: Fix memory leak when changing remote
IPv6 address (CVE-2024-50252 bsc#1233201).
- commit 06c045b
- netdevsim: copy addresses for both in and out paths (git-fixes).
- commit daf115e
- can: j1939: j1939_session_new(): fix skb reference counting
(git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum
DS80000789E 6 (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics
(git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics
(git-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics
(git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics
(git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors
statistics (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors
statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free
(git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state()
even if cf is NULL (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb
allocation fails (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs
(git-fixes).
- HID: wacom: fix when get product name maybe null pointer
(git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in
mtk_wdt_restart() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog
restart (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call
(git-fixes).
- commit 535e699
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- commit ed87dba
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- commit cb47197
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- commit 3817c3a
- drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (CVE-2024-53051 bsc#1233547)
- commit 5262489
- mctp i2c: handle NULL header address (CVE-2024-53043 bsc#1233523)
- commit 5a81634
- wifi: iwlwifi: mvm: fix 6 GHz scan construction (CVE-2024-53055 bsc#1233550)
- commit c2d5beb
- drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (CVE-2024-53056 bsc#1233568)
- commit 95cef70
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- commit 9ca14b5
- Bluetooth: btnxpuart: Fix random crash seen while removing driver (CVE-2024-46680 bsc#1230557)
- commit 3831431
- net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (CVE-2024-26596 bsc#1220355)
- commit 4861dc8
- net: hns3: fix kernel crash when uninstalling driver (CVE-2024-50296 bsc#1233485)
- commit 6e41fd9
- powerpc/fadump: Move fadump_cma_init to setup_arch() after
initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late
init (bsc#1215199).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog
struct (bsc#1215199).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted
at address 0 (bsc#1215199).
- commit d36d28e
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- commit e1353aa
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- commit 6a9e851
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- commit c644bc4
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- commit c8b850b
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- commit dd2d99e
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- commit b16f3b1
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- commit 10c58e2
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- commit 75545f9
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- commit cc13a0d
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- commit a83a13f
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- commit ad38ac0
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- commit 2a5a31d
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- commit 8dd2fe4
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- commit af29eab
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- commit bffe233
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- commit 34a0cb0
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- commit 600dbb4
- powerpc/kexec: Fix return of uninitialized variable
(bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling
hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore
(bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init()
(bsc#1194869).
- powerpc/atomic: Use YZ constraints for DS-form instructions
(bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and
CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- commit 290216a
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- commit 428c79d
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- commit 3b24a1d
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- commit eac58a3
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- commit 225491d
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- commit a6cd1e5
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- commit 8261b13
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- commit 8c00b3f
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- commit 05664af
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- commit 428b0c1
- arm64: dts: imx93: add ocotp node (git-fixes)
- commit 9645cb0
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- commit 1bf0ccc
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- commit 6c0f124
- tcp: Fix use-after-free of nreq in reqsk_timer_handler()
(CVE-2024-50154 bsc#1233070).
- commit 297942f
- f2fs: get out of a repeat loop when getting a locked data page
(bsc#1234011).
- commit dfe277f
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- commit d737023
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- commit 013fbaa
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- commit b04b73a
- drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115 CVE-2024-50177)
- commit 2f6004f
- smb: client: Fix use-after-free of network namespace
(bsc#1233642 CVE-2024-53095).
Also applies:
smb: client: fix warning in generic_ip_connect()
- commit 97b3d9a
- jbd2: fix kernel-doc for j_transaction_overhead_buffers
(bsc#1234042).
- commit 20d4b12
- sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (CVE-2024-49944 bsc#1232166)
- commit c7bd304
- netfilter: nf_tables: prevent nf_skb_duplicated corruption (CVE-2024-49952 bsc#1232157)
- commit d0f307b
- jbd2: Move j_transaction_overhead_buffers into a hole
(bsc#1234042).
- commit 1c42745
- Update
patches.suse/drm-amd-display-Adjust-VSDB-parser-for-replay-featur.patch
(stable-fixes CVE-2024-53108 bsc#1234081).
- Update
patches.suse/fs-ntfs3-Fixed-overflow-check-in-mi_enum_attr.patch
(bsc#1233207 CVE-2024-27407 bsc#1224429).
- Update
patches.suse/ima-fix-buffer-overrun-in-ima_eventdigest_init_commo.patch
(git-fixes CVE-2024-53106 bsc#1234083).
- Update
patches.suse/keys-Fix-overwrite-of-key-expiration-on-instantiation.patch
(git-fixes CVE-2024-36031 bsc#1225713).
- Update
patches.suse/media-uvcvideo-Skip-parsing-frames-of-type-UVC_VS_UN.patch
(git-fixes CVE-2024-53104 bsc#1234025).
- Update
patches.suse/net-relax-socket-state-check-at-accept-time.patch
(git-fixes CVE-2024-36484 bsc#1226872).
- Update
patches.suse/nvme-multipath-defer-partition-scanning.patch
(bsc#122824 git-fixes CVE-2024-53093 bsc#1233640).
- Update
patches.suse/nvme-tcp-avoid-race-between-queue_lock-lock-and-dest.patch
(git-fixes CVE-2024-53100 bsc#1233771).
- Update
patches.suse/ocfs2-uncache-inode-which-has-failed-entering-the-group.patch
(git-fixes CVE-2024-53112 bsc#1234087).
- Update
patches.suse/scsi-mpi3mr-Avoid-memcpy-field-spanning-write-WARNING.patch
(git-fixes CVE-2024-36920 bsc#1225768).
- Update
patches.suse/scsi-pm80xx-Set-phy-enable_completion-only-when-we-wait-for-it.patch
(git-fixes CVE-2024-47666 bsc#1231453).
- Update
patches.suse/tcp-Fix-refcnt-handling-in-__inet_hash_connect.patch
(git-fixes CVE-2024-26864 bsc#1223112).
- Update
patches.suse/tracing-osnoise-Use-a-cpumask-to-know-what-threads-are-kthreads.patch
(git-fixes CVE-2024-46788 bsc#1230817).
- Update
patches.suse/tracing-timerlat-Move-hrtimer_init-to-timerlat_fd-open.patch
(git-fixes CVE-2024-26703 bsc#1222423).
- Update
patches.suse/x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-client
(bsc#1233443 CVE-2024-53114 bsc#1234072).
- commit 420eea1
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (CVE-2024-50125
bsc#1232928).
- Refresh
patches.suse/Bluetooth-ISO-Fix-UAF-on-iso_sock_timeout.patch.
Revert Bluetooth-ISO-Fix-UAF-on-iso_sock_timeout.patch to the upstream
version of the patch.
The reverted version was a mix of 1bf4470a and 246b435a, since they were
accidentally identified as two different commits doing the same changes.
The changes are indeed mostly the same, but to different files.
- commit 5725fe5
- cgroup/bpf: only cgroup v2 can be attached by bpf programs
(bsc#1234108).
- Revert "cgroup: Fix memory leak caused by missing
cgroup_bpf_offline" (bsc#1234108).
- commit 6a48bcc
- kexec_file: fix elfcorehdr digest exclusion when
CONFIG_CRASH_HOTPLUG=y (git-fixes).
- commit 1b2a54a
- signal: restore the override_rlimit logic (CVE-2024-50271
bsc#1233460).
- ucounts: fix counter leak in inc_rlimit_get_ucounts()
(bsc#1233460).
- commit 232c2a6
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- commit 109e508
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone
(bsc#1234098).
- commit 362812c
- signal: Replace BUG_ON()s (bsc#1234093).
- commit dad9530
- dm cache: fix out-of-bounds access to the dirty bitset when
resizing (CVE-2024-50279 bsc#1233468).
- commit 2080b22
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in
ip_tunnel_init_flow() (CVE-2024-53042 bsc#1233540).
- commit 6649f10
- intel_idle: fix ACPI _CST matching for newer Xeon platforms
(bsc#1231630).
- commit 0f23b16
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- commit 111abfc
- Update config files.
Enabled IDPF for ARM64 (bsc#1221309)
- commit adee356
- selftests/bpf: validate fake register spill/fill precision
backtracking logic (bsc#1232823 CVE-2023-52920).
- bpf: handle fake register spill to stack with BPF_ST_MEM
instruction (bsc#1232823 CVE-2023-52920).
- commit 52cdf87
- btrfs: fix a NULL pointer dereference when failed to start a
new trasacntion (CVE-2024-49868 bsc#1232272).
- commit cc68ee3
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS
milliseconds (git-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- commit 664a849
- mm/thp: fix deferred split unqueue naming and locking
(CVE-2024-53079 bsc#1233570).
- commit b50ea3e
- cxl: downgrade a warning message to debug level in
cxl_probe_component_regs() (bsc#1229165).
- commit 388d64b
- nvme-fabrics: fix kernel crash while shutting down controller
(git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive
(git-fixes).
- commit 9f9c907
- nvme-loop: flush off pending I/O while shutting down loop
controller (git-fixes).
- commit 85bcc27
- Rename to
patches.suse/nvme-multipath-defer-partition-scanning.patch. (git-fixes bsc#122824)
- commit 79fcf69
- nvme: tcp: avoid race between queue_lock lock and destroy
(git-fixes).
- commit 0d6537a
- Update
patches.suse/scsi-qla2xxx-Update-version-to-10.02.09.300-k.patch
(bsc#1228850 jsc#PED-9943 jsc#PED-11316).
This is the latest greatest version of qla2xxx. Add the jira
reference so that it is tracked.
- commit 8eff9b2
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241
jsc#PED-9943).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241
jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask
(bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure
(bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in
dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset
(bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting
follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE
before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod
paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale
NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Modify CGN warning signal calculation based on
EDC response (bsc#1233241 jsc#PED-9943).
- commit 566c7c9
- mm: always initialise folio->_deferred_list (CVE-2024-53079
bsc#1233570 prerequisity).
- commit 3c832a9
- mm/hugetlb: fix nodes huge page allocation when there are
surplus pages (bsc#1234012).
- commit 9fde6f7
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- commit d37ec4c
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless
Controller (git-fixes).
- commit 0d7bec2
- Input: xpad - add support for Machenike G5 Pro Controller
(git-fixes).
- commit f071586
- Input: xpad - sort xpad_device by vendor and product ID
(git-fixes).
- Refresh
patches.suse/Input-xpad-add-support-for-Snakebyte-GAMEPADs.patch.
- commit 5f46bd9
- Input: xpad - add GameSir T4 Kaleid Controller support
(git-fixes).
- commit d80239f
- Input: xpad - add GameSir VID for Xbox One controllers
(git-fixes).
- commit 993ca75
- Input: xpad - fix support for some third-party controllers
(git-fixes).
- commit 1d5b082
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- Refresh
patches.suse/Input-xpad-add-HyperX-Clutch-Gladiate-Support.patch.
- Refresh
patches.suse/Input-xpad-add-Lenovo-Legion-Go-controllers.patch.
- Refresh patches.suse/Input-xpad-add-PXN-V900-support.patch.
- Refresh
patches.suse/Input-xpad-add-additional-HyperX-Controller-Identifi.patch.
- Refresh
patches.suse/Input-xpad-add-support-for-ASUS-ROG-RAIKIRI.patch.
- Refresh
patches.suse/Input-xpad-add-support-for-Snakebyte-GAMEPADs.patch.
- commit 15a1c29
- jbd2: fix soft lockup in journal_finish_inode_data_buffers()
(bsc#1234046).
- commit f32d01d
- jbd2: correct the printing of write_flags in
jbd2_write_superblock() (bsc#1234045).
- commit fe6bf4e
- jbd2: fix potential data lost in recovering journal raced with
synchronizing fs bdev (bsc#1234044).
- commit 5fbdfed
- mm: convert free_transhuge_folio() to
folio_undo_large_rmappable() (CVE-2024-53079 bsc#1233570
prerequisity).
- commit 4e7d9f6
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer
(bsc#1234043).
- commit ffe100a
- jbd2: precompute number of transaction descriptor blocks
(bsc#1234042).
- commit 3ed7ebf
- jbd2: make jbd2_journal_get_max_txn_bufs() internal
(bsc#1234041).
- commit ad2f96f
- jbd2: avoid mount failed when commit block is partial submitted
(bsc#1234040).
- commit 7226fe5
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- commit ad1118f
- ext4: fix unttached inode after power cut with orphan file
feature enabled (bsc#1234009).
- commit 3e057c0
- net: arc: fix the device for dma_map_single/dma_unmap_single
(CVE-2024-50295 bsc#1233484).
- net: vertexcom: mse102x: Fix possible double free of TX skb
(CVE-2024-50276 bsc#1233465).
- net: enetc: allocate vf_state during PF probes (CVE-2024-50298
bsc#1233487).
- net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged
SKB data (CVE-2024-53058 bsc#1233552).
- commit ae38000
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
(bsc#1233443).
- commit 5beba61
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- commit 7e88dd7
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- Refresh patches.suse/x86-resctrl-Annotate-get_mem_config-functions-as-__init.patch.
- commit 6888d66
- Update
patches.suse/ASoC-dapm-fix-bounds-checker-error-in-dapm_widget_li.patch
(git-fixes CVE-2024-53045 bsc#1233524).
- Update
patches.suse/ASoC-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch
(git-fixes CVE-2024-50292 bsc#1233481).
- Update
patches.suse/HID-core-zero-initialize-the-report-buffer.patch
(git-fixes CVE-2024-50302 bsc#1233491).
- Update
patches.suse/USB-serial-io_edgeport-fix-use-after-free-in-debug-p.patch
(git-fixes CVE-2024-50267 bsc#1233456).
- Update patches.suse/can-bcm-Fix-UAF-in-bcm_proc_show.patch
(bsc#1012628 CVE-2023-52922 bsc#1233977).
- Update
patches.suse/drm-amdgpu-add-missing-size-check-in-amdgpu_debugfs_.patch
(stable-fixes CVE-2024-50282 bsc#1233471).
- Update
patches.suse/drm-amdgpu-fix-possible-UAF-in-amdgpu_cs_pass1.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-52921
bsc#1233452).
- Update
patches.suse/drm-amdgpu-prevent-NULL-pointer-dereference-if-ATIF-.patch
(git-fixes CVE-2024-53060 bsc#1233554).
- Update
patches.suse/firmware-arm_scmi-Fix-slab-use-after-free-in-scmi_bu.patch
(git-fixes CVE-2024-53068 bsc#1233561).
- Update
patches.suse/fs-Fix-uninitialized-value-issue-in-from_kuid-and-from_kgid.patch
(git-fixes CVE-2024-53101 bsc#1233769).
- Update
patches.suse/i40e-fix-race-condition-by-adding-filter-s-intermedi.patch
(git-fixes CVE-2024-53088 bsc#1233580).
- Update
patches.suse/iio-gts-helper-Fix-memory-leaks-for-the-error-path-o.patch
(git-fixes CVE-2024-53076 bsc#1233567).
- Update
patches.suse/io_uring-rw-fix-missing-NOWAIT-check-for-O_DIRECT-st.patch
(git-fixes CVE-2024-53052 bsc#1233548).
- Update
patches.suse/media-ar0521-don-t-overflow-when-checking-PLL-values.patch
(git-fixes CVE-2024-53081 bsc#1233572).
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(git-fixes CVE-2024-50290 bsc#1233479).
- Update
patches.suse/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch
(git-fixes CVE-2024-53063 bsc#1233557).
- Update
patches.suse/media-s5p-jpeg-prevent-buffer-overflows.patch
(git-fixes CVE-2024-53061 bsc#1233555).
- Update
patches.suse/media-v4l2-tpg-prevent-the-risk-of-a-division-by-zer.patch
(git-fixes CVE-2024-50287 bsc#1233476).
- Update
patches.suse/nfs-Fix-KMSAN-warning-in-decode_getfattr_attrs.patch
(git-fixes CVE-2024-53066 bsc#1233560).
- Update
patches.suse/ocfs2-remove-entry-once-instead-of-null-ptr-dereference-in-ocfs2_xa_remove.patch
(git-fixes CVE-2024-50265 bsc#1233454).
- Update
patches.suse/platform-x86-amd-pmc-Detect-when-STB-is-not-availabl.patch
(git-fixes CVE-2024-53072 bsc#1233564).
- Update
patches.suse/posix-clock-posix-clock-Fix-unbalanced-locking-in-pc.patch
(CVE-2024-50195 bsc#1233103 CVE-2024-50210 bsc#1233097).
- Update
patches.suse/scsi-wd33c93-Don-t-use-stale-scsi_pointer-value.patch
(git-fixes CVE-2024-50026 bsc#1231952).
- Update
patches.suse/security-keys-fix-slab-out-of-bounds-in-key_task_per.patch
(git-fixes CVE-2024-50301 bsc#1233490).
- Update
patches.suse/tpm-Lock-TPM-chip-in-tpm_pm_suspend-first.patch
(bsc#1082555 git-fixes CVE-2024-53085 bsc#1233577).
- Update
patches.suse/usb-musb-sunxi-Fix-accessing-an-released-usb-phy.patch
(git-fixes CVE-2024-50269 bsc#1233458).
- Update
patches.suse/usb-typec-fix-potential-out-of-bounds-in-ucsi_ccg_up.patch
(git-fixes CVE-2024-50268 bsc#1233457).
- Update
patches.suse/wifi-iwlwifi-mvm-Fix-response-handling-in-iwl_mvm_se.patch
(git-fixes CVE-2024-53059 bsc#1233553).
- Update
patches.suse/wifi-iwlwifi-mvm-don-t-leak-a-link-on-AP-removal.patch
(git-fixes CVE-2024-53074 bsc#1233566).
- commit 5a024cd
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- commit cf1674b
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- commit 29f8884
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- commit a66f7df
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- commit 182660e
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- commit dc97c33
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- commit 788cc4b
- x86: fix off-by-one in access_ok() (git-fixes).
- commit ada1011
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- commit a421b7f
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- rtc: ab-eoz9: don't fail temperature reads on undervoltage
notification (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: check if __rtc_read_time was successful in
rtc_timer_do_work() (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register
(git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler
(git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- commit 003de2e
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock
(git-fixes).
- commit bc5d0b3
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274
(stable-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock
sources (stable-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault
handler (stable-fixes).
- commit 0da3d44
- drm/amd/display: Fix null check for pipe_ctx->plane_state in
hwss_setup_dpp (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in
dcn20_program_pipe (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to
ALH dai index (git-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry
(git-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy
and Mbox devices (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- =?UTF-8?q?iio:=20accel:=20kxcjk-1013:=20Remove=20redundan?=
=?UTF-8?q?t=20I=C2=B2C=20ID?= (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name()
(git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables()
(git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer
(git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match'
(git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe()
(git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- firmware_loader: Fix possible resource leak in
fw_log_firmware_info() (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left
(git-fixes).
- Revert "usb: gadget: composite: fix OS descriptors w_value
logic" (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines
(git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in
get_serial_info() (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in
TxFIFO resizing logic (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request
(git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue
(git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible
(git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in
iowarrior_read() (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination'
(git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup()
(git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- commit 875afee
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- commit 41e9c5b
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- commit 939d649
- vsock: Update msg_count on read_skb() (git-fixes).
- commit fce5f41
- vsock: Update rx_bytes on read_skb() (git-fixes, bsc#1233320,
CVE-2024-50169).
- commit acfc5df
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- commit 8db08f8
- mm: revert "mm: shmem: fix data-race in shmem_getattr()"
(CVE-2024-50228, bsc#1233204, git fixes (mm/shmem)).
CVE is likely a non-issue while the fix introduces real bugs.
- commit b77756a
- Bluetooth: MGMT: Fix slab-use-after-free Read in
set_powered_sync (git-fixes).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid
WoL configuration (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing
PHY device (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer
allocation (git-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging
function (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real
charger status (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield
declaration (git-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from
power_supply_put() (git-fixes).
- commit 0e6f9cb
- pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558
CVE-2024-46681).
- commit ad3c579
- posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() (CVE-2024-50195 bsc#1233103)
- commit 6192694
- media: av7110: fix a spectre vulnerability (CVE-2024-50289
bsc#1233478).
- commit 2969047
- Drop OCFS2 patch causing a regression (bsc#1233255)
Deleted:
patches.suse/ocfs2-fix-the-la-space-leak-when-unmounting-an-ocfs2-volume.patch
- commit 2a24fc4
- net: fix out-of-bounds access in ops_init (CVE-2024-36883
bsc#1225725).
- commit f1b40e8
- efi/memattr: Ignore table if the size is clearly bogus
(bsc#1231465).
- commit c92a68e
- thermal: int3400: Fix reading of current_uuid for active policy
(git-fixes).
- gpio: exar: set value when external pull-up or pull-down is
present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- commit a62e144
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- commit 9a99613
- ice: fix crash on probe for DPLL enabled E810 LOM
(CVE-2024-53048 bsc#1233721).
- commit 5f7ca77
- Update references for patches.suse/RDMA-siw-Add-sendpage_ok-check-to-disable-MSG_SPLICE.patch (bsc#1233641 CVE-2024-53094)
- commit 1f528cf
- mm/hugetlb: fix missing hugetlb_lock for resv uncharge
(bsc#1224548 CVE-2024-36000).
- commit 92c1bc7
- mm/huge_memory: don't unpoison huge_zero_folio (bsc#1227842
CVE-2024-40914).
- commit 14bb799
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- idpf: avoid vport access in idpf_get_link_ksettings
(CVE-2024-50274 bsc#1233463).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload
(bsc#1233754).
- commit 8c4cfeb
- hwmon: (tps23861) Fix reporting of negative temperatures
(git-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime
pm enabled (git-fixes).
- i3c: master: Fix miss free init_dyn_addr at
i3c_master_put_i3c_addrs() (git-fixes).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming
(git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus()
(git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie"
compatible (git-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in
pci_epc_remove_epf() (git-fixes).
- commit 29a3aa9
- Move kabi netfilter fix into patches.kabi
- commit 6c82cf8
- virtio_net: Add hash_key_length check (CVE-2024-53082
bsc#1233573).
- commit 1273e47
- net: relax socket state check at accept time (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk
(git-fixes).
- commit 180e959
- net: hns3: fix a deadlock problem when config TC during
resetting (CVE-2024-44995 bsc#1230231).
- commit e1fa968
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on
pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests
(bsc#1215199).
- Revert "KVM: PPC: Book3S HV Nested: Stop forwarding all HFUs
to L1" (bsc#1215199).
- commit d27c0c3
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb()
(git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description
(git-fixes).
- lib: string_helpers: silence snprintf() output truncation
warning (git-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in
sh7760fb_alloc_mem() (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C
(git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C
(git-fixes).
- commit 17f846a
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- commit 932ea3b
- netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589
bsc#1226748).
- commit 0e7a285
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555
git-fixes).
- commit 4594f81
- kABI fix for netfilter: nft_set_pipapo: walk over current view
on netlink dump (CVE-2024-27017 bsc#1223733).
- commit 2be46c1
- Update references for
patches.suse/mm-resolve-faulty-mmap_region-error-path-behaviour.patch
(git-fixes CVE-2024-53096 bsc#1233756).
- commit 6c0d091
- ALSA: hda/realtek: Enable speaker pins for Medion E15443
platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of
Infinix Y4 Max (bsc#1233298).
- commit dd8caae
- Move upstreamed patches into sorted section
- commit b72de8f
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE
handling (git-fixes kabi).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling
(git-fixes).
- commit f31b0e3
- mm: resolve faulty mmap_region() error path behaviour
(git-fixes).
- commit 84c4dfc
- mm: refactor map_deny_write_exec() (git-fixes).
- commit 8c66a90
- mm: unconditionally close VMAs on error (git-fixes).
- commit f81f7df
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- commit e1045c0
- mm: avoid unsafe VMA hook invocation when error arises on mmap
hook (git-fixes).
- commit 2b96063
- fsl/fman: Fix refcount handling of fman-related devices
(CVE-2024-50166 bsc#1233050).
- fsl/fman: Save device references taken in mac_probe()
(CVE-2024-50166 bsc#1233050).
- commit cff0dea
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- commit 2b4c1a0
- tipc: fix UAF in error path (CVE-2024-36886 bsc#1225730).
- commit be7d8d3
- ipv4: Fix uninit-value access in __ip_make_skb() (CVE-2024-36927
bsc#1225813).
- commit 5457624
- vsock/virtio: Initialization of the dangling pointer occurring
in vsk->trans (CVE-2024-50264 bsc#1233453).
- arm64/sve: Discard stale CPU state when handling SVE traps
(CVE-2024-50275 bsc#1233464).
- commit 2855c61
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
(CVE-2024-36905 bsc#1225742).
- commit 84c8bd7
- kasan: move checks to do_strncpy_from_user (git-fixes).
- commit ca3142b
- tipc: fix a possible memleak in tipc_buf_append (CVE-2024-36954
bsc#1225764).
- commit b7093a9
- erspan: make sure erspan_base_hdr is present in skb->head
(CVE-2024-35888 bsc#1224518).
- commit aaa779d
- net: esp: fix bad handling of pages from page_pool
(CVE-2024-26953 bsc#1223656).
- commit b0a65f5
- netfilter: nft_set_pipapo: walk over current view on netlink
dump (CVE-2024-27017 bsc#1223733).
- commit d1885c4
- dccp/tcp: Unhash sk from ehash for tb2 alloc failure after
check_estalblished() (CVE-2024-26741 bsc#1222587).
- commit 9a5ac8a
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- commit 46d200b
- Fix warning in patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch
Fixes: ff613dcf3cc9c8aa5b4cc959d0bdfac2dec81854
- commit 56a258b
- Move upstreamed crypto patches into sorted section
- commit 7706550
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- commit 7f4b1c4
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- commit ff613dc
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- commit 482b364
- RDMA/hns: Use macro instead of magic number (git-fixes)
- commit d6d944a
- RDMA/hns: Add mutex_destroy() (git-fixes)
- commit 096658f
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- commit abdac11
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- commit a53ecd7
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- commit 74c369b
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- commit 7a90d31
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- commit 678f36e
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- commit 0c19d33
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- commit 21d3575
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- commit 4c3bddb
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- commit c0d9dba
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power()
(git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost()
(git-fixes).
- commit b53ff09
- cpufreq: mediatek-hw: Fix wrong return value in
mtk_cpufreq_get_cpu_power() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for
cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for
cpufreq_cpu_get_raw() (git-fixes).
- Revert "cpufreq: brcmstb-avs-cpufreq: Fix initial command check"
(stable-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure
(git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data
(git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check
(git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning
(git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock
(git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore
(git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow
(git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858)
(git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number
(git-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to
fix race (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0
(stable-fixes).
- drm/amd/display: Adjust VSDB parser for replay feature
(stable-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set
(stable-fixes).
- commit 15015b2
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- commit ab3e426
- netfilter: Fix use-after-free in get_info() (CVE-2024-50257
bsc#1233244).
- commit 1f00653
- ALSA: usb-audio: Make mic volume workarounds globally applicable
(stable-fixes).
- Refresh
patches.suse/ALSA-usb-audio-Add-quirk-for-HP-320-FHD-Webcam.patch.
- commit 777a5df
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load
(git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer
(stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in
build_mixer_unit_ctl (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put
(stable-fixes).
- commit e772374
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental
(git-fixes).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup()
(git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited
(git-fixes).
- drm/amd/display: Fix brightness level not retained over reboot
(git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in
_dpu_core_perf_calc_clk() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit
(git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS
(git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new()
(git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model
(git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in
vc4_hvs_atomic_flush (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off
(git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off
(git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/sti: avoid potential dereference of error pointers
(git-fixes).
- drm/sti: avoid potential dereference of error pointers in
sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in
sti_hqvdp_atomic_check (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel
(git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs
function (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry
pointer (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended
(git-fixes).
- drm/vc4: hvs: Don't write gamma luts on 2711 (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with
__maybe_unused (git-fixes).
- ASoC: codecs: Fix atomicity violation in
snd_soc_component_get_drvdata() (git-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c
(git-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child()
(git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths
(git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750
in SSR (git-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in
supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in
supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in
htc_connect_service() (git-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- commit c54011d
- scsi: kABI: restore no_start_on_resume to scsi_device
(git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer
(git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current
state (git-fixes).
- scsi: wd33c93: Don't use stale scsi_pointer value (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers
(git-fixes).
- scsi: NCR5380: Check for phase match during PDMA fixup
(git-fixes).
- scsi: mac_scsi: Disallow bus errors during PDMA send
(git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages
(git-fixes).
- scsi: smartpqi: revert
propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit
(git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in
progress (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count()
(git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES
(git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES
(git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait
for it (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure
scanned in again after probe failed (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Handle devices which return an unusually large
VPD page count (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use
(git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions
(git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data
(git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address
to port (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long
manufacturer strings (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame
(git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING
(git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- commit d5d37f8
- soc: fsl: rcpm: fix missing of_node_put() in
copy_ippdexpcr1_setting() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the
firmware (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
(git-fixes).
- drivers: soc: xilinx: add the missing kfree in
xlnx_add_cb_for_suspend() (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- tpm: fix signed/unsigned bug when checking event logs
(git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default
command line (git-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show
callback (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED
in uvc_parse_format (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in
fimc_md_is_isp_available (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation
failure (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in
set_frame_rate() (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm
enabled (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime
pm enabled (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime
pm enabled (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in
allocate_buffers_internal() (git-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when
using polling (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd()
(git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before
detach them (git-fixes).
- media: amphion: Set video drvdata before register video device
(git-fixes).
- media: imx-jpeg: Set video drvdata before register video device
(git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module
(git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID
(git-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed
values (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- =?UTF-8?q?spi:=20zynqmp-gqspi:=20Undo=20runtime=20PM=20ch?=
=?UTF-8?q?anges=20at=20driver=20exit=20time=E2=80=8B?=
(git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains
(git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections
(stable-fixes).
- commit fbb8e93
- doc: rcu: update printed dynticks counter bits (git-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit
attributes (git-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- thermal: core: Initialize thermal zones before registering them
(git-fixes).
- amd-pstate: Set min_perf to nominal_perf for active mode
performance gov (git-fixes).
- crypto: cavium - Fix an error handling path in
cpt_ucode_load_fw() (git-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function
(git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form
(git-fixes).
- crypto: inside-secure - Fix the return value of
safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout
(git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit
(git-fixes).
- crypto: pcrypt - Call crypto layer directly when
padata_do_parallel() return -EBUSY (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name()
(git-fixes).
- crypto: qat - remove check after debugfs_create_dir()
(git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown()
(git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference
decrement (git-fixes).
- acpi/arm64: Adjust error handling procedure in
gtdt_parse_timer_block() (git-fixes).
- commit af7e948
- btrfs: reinitialize delayed ref list after deleting it from
the list (bsc#1233462 CVE-2024-50273).
- commit 174bbc2
- kernel-binary: Enable livepatch package only when livepatch is enabled
Otherwise the filelist may be empty failing the build (bsc#1218644).
- commit f730eec
- Update config files (bsc#1218644).
LIVEPATCH_IPA_CLONES=n => LIVEPATCH=n
- commit cabd446
- ASoC: audio-graph-card2: Purge absent supplies for device tree
nodes (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook
645 G10 (stable-fixes).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue
(stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- commit 03ba04a
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP
(git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning
(git-fixes).
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger
than 4K" (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad
with ALC1318 (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop
issue (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA
(stable-fixes).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA
(stable-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
(stable-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard
(stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/
Casa touchpad (stable-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to
VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- crypto: api - Fix liveliness check in crypto_alg_tested
(stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
(stable-fixes).
- HID: multitouch: Add support for B2402FVA track point
(stable-fixes).
- commit 42778ee
- ocfs2: uncache inode which has failed entering the group
(git-fixes).
- commit 4caa305
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- commit fe96ee2
- ocfs2: remove entry once instead of null-ptr-dereference in
ocfs2_xa_remove() (git-fixes).
- commit 7a347a0
- fs: Fix uninitialized value issue in from_kuid and from_kgid
(git-fixes).
- commit 46de67d
- Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" (git-fixes)
- commit 89dc95f
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- commit 1e78f0f
- Bluetooth: ISO: Fix UAF on iso_sock_timeout (CVE-2024-50124
bsc#1232926).
- commit 25f5727
- tools/power turbostat: Increase the limit for fd opened
(bsc#1233119).
- commit 58c7a4f
- posix-clock: Fix missing timespec64 check in pc_clock_settime() (CVE-2024-50195 bsc#1233103)
- commit 5c410cf
- bpf: Use raw_spinlock_t in ringbuf (CVE-2024-50138 bsc#1232935)
- commit 949411a
- net: systemport: fix potential memory leak in bcm_sysport_xmit() (CVE-2024-50171 bsc#1233057)
- commit 24f9c7b
- crypto: aes-gcm-p10 - Use the correct bit to test for P10
(bsc#1232704).
- commit 52eb6a0
- add bugreference to a hv_netvsc patch (bsc#1232413).
- commit 14b76c0
- scsi: target: core: Fix null-ptr-deref in target_alloc_device()
(CVE-2024-50153 bsc#1233061).
- commit 76e65bc
- octeon_ep: Add SKB allocation failures handling in
__octep_oq_process_rx() (CVE-2024-50145 bsc#1233044).
- octeon_ep: Implement helper for iterating packets in Rx queue
(CVE-2024-50145 bsc#1233044).
- commit 6b574c1
- Fix for kABI fix for Bluetooth: L2CAP: Fix
div-by-zero in l2cap_le_flowctl_init() (CVE-2024-36968 bsc#1226130).
The chosen position of `mtu` in the `struct hci_conn` in the first
iteration of this patch was done based on the wrong version of the header
and therefore on the wrong position. Correct that.
Fixes: d93ac77c0df4b8dfe469c26e60d4fb45fc305341
- commit 77fc56a
- net: wwan: fix global oob in wwan_rtnl_policy (CVE-2024-50128
bsc#1232905).
- commit c939671
- xfrm: fix one more kernel-infoleak in algo dumping
(CVE-2024-50110 bsc#1232885).
- commit 2ae0e01
- scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down
(CVE-2024-50098 bsc#1232881).
- commit f344a8e
- Update
patches.suse/thermal-intel-int340x-processor-Fix-warning-during-m.patch
(git-fixes bsc#1232877 CVE-2024-50093).
- commit 6ec2cb2
- Bluetooth: btintel: Direct exception event to bluetooth stack
(git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected
(git-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx
(stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition
(stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- drm/amdgpu: add missing size check in
amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions
(stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions
(stable-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not
supported (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in
t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- commit 48ec995
- Delete patches.suse/wifi-mac80211-fix-RCU-list-iterations.patch
It was reverted on 6.6.x stable
- commit e2ead50
- net: explicitly clear the sk pointer, when pf->create fails
(CVE-2024-50186 bsc#1233110).
- commit dfaff4b
- secretmem: disable memfd_secret() if arch cannot set direct map
(CVE-2024-50182 bsc#1233129).
- commit 0d23f21
- Update
patches.suse/ACPI-CPPC-Make-rmw_lock-a-raw_spin_lock.patch
(git-fixes CVE-2024-50249 bsc#1233197).
- Update
patches.suse/ACPI-PRM-Find-EFI_MEMORY_RUNTIME-block-for-PRM-handl.patch
(git-fixes CVE-2024-50141 bsc#1233065).
- Update
patches.suse/ALSA-firewire-lib-Avoid-division-by-zero-in-apply_co.patch
(git-fixes CVE-2024-50205 bsc#1233293).
- Update
patches.suse/ALSA-hda-cs8409-Fix-possible-NULL-dereference.patch
(git-fixes CVE-2024-50160 bsc#1233074).
- Update
patches.suse/ASoC-qcom-Fix-NULL-Dereference-in-asoc_qcom_lpass_cp.patch
(git-fixes CVE-2024-50103 bsc#1232878).
- Update
patches.suse/Bluetooth-bnep-fix-wild-memory-access-in-proto_unreg.patch
(git-fixes CVE-2024-50148 bsc#1233063).
- Update
patches.suse/Bluetooth-hci-fix-null-ptr-deref-in-hci_read_support.patch
(git-fixes CVE-2024-50255 bsc#1233238).
- Update
patches.suse/HID-amd_sfh-Switch-to-device-managed-dmam_alloc_cohe.patch
(git-fixes CVE-2024-50189 bsc#1233105).
- Update
patches.suse/RDMA-bnxt_re-Add-a-check-for-memory-allocation.patch
(git-fixes CVE-2024-50209 bsc#1233114).
- Update
patches.suse/RDMA-bnxt_re-Avoid-CPU-lockups-due-fifo-occupancy-ch.patch
(git-fixes CVE-2024-50157 bsc#1233032).
- Update
patches.suse/RDMA-bnxt_re-Fix-a-bug-while-setting-up-Level-2-PBL-.patch
(git-fixes CVE-2024-50208 bsc#1233117).
- Update
patches.suse/RDMA-bnxt_re-Fix-a-possible-memory-leak.patch
(git-fixes CVE-2024-50172 bsc#1233029).
- Update patches.suse/RDMA-bnxt_re-Fix-out-of-bound-check.patch
(git-fixes CVE-2024-50158 bsc#1233036).
- Update
patches.suse/RDMA-mad-Improve-handling-of-timed-out-WRs-of-mad-ag.patch
(git-fixes CVE-2024-50095 bsc#1232873).
- Update
patches.suse/USB-gadget-dummy-hcd-Fix-task-hung-problem.patch
(git-fixes CVE-2024-50100 bsc#1232876).
- Update
patches.suse/arm64-probes-Fix-uprobes-for-big-endian-kernels.patch
(git-fixes CVE-2024-50194 bsc#1233111).
- Update
patches.suse/arm64-probes-Remove-broken-LDR-literal-uprobe-support.patch
(git-fixes CVE-2024-50099 bsc#1232887).
- Update
patches.suse/ceph-remove-the-incorrect-Fw-reference-check-when-dir.patch
(bsc#1231182 CVE-2024-50179 bsc#1233123).
- Update
patches.suse/clk-imx-Remove-CLK_SET_PARENT_GATE-for-DRAM-mux-for-.patch
(stable-fixes CVE-2024-50181 bsc#1233127).
- Update
patches.suse/drm-amd-Guard-against-bad-data-for-ATIF-ACPI-method.patch
(git-fixes CVE-2024-50117 bsc#1232897).
- Update
patches.suse/drm-amd-display-Disable-PSR-SU-on-Parade-08-01-TCON-.patch
(stable-fixes CVE-2024-50108 bsc#1232884).
- Update
patches.suse/drm-amd-pm-Vangogh-Fix-kernel-memory-out-of-bounds-w.patch
(git-fixes CVE-2024-50221 bsc#1233185).
- Update
patches.suse/drm-msm-Avoid-NULL-dereference-in-msm_disp_state_pri.patch
(git-fixes CVE-2024-50156 bsc#1233073).
- Update patches.suse/drm-radeon-Fix-encoder-possible_clones.patch
(git-fixes CVE-2024-50201 bsc#1233104).
- Update
patches.suse/drm-vboxvideo-Replace-fake-VLA-at-end-of-vbva_mouse_.patch
(stable-fixes CVE-2024-50134 bsc#1232890).
- Update
patches.suse/drm-vc4-Stop-the-active-perfmon-before-being-destroy.patch
(git-fixes CVE-2024-50187 bsc#1233108).
- Update
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198).
- Update patches.suse/fbdev-sisfb-Fix-strbuf-array-overflow.patch
(stable-fixes CVE-2024-50180 bsc#1233125).
- Update
patches.suse/firmware-arm_scmi-Fix-the-double-free-in-scmi_debugf.patch
(git-fixes CVE-2024-50159 bsc#1233041).
- Update
patches.suse/iio-adc-ad7124-fix-division-by-zero-in-ad7124_set_ch.patch
(git-fixes CVE-2024-50232 bsc#1233209).
- Update
patches.suse/iio-gts-helper-Fix-memory-leaks-in-iio_gts_build_ava.patch
(git-fixes CVE-2024-50231 bsc#1233208).
- Update
patches.suse/iio-light-veml6030-fix-IIO-device-retrieval-from-emb.patch
(git-fixes CVE-2024-50198 bsc#1233100).
- Update
patches.suse/iommu-vt-d-Fix-incorrect-pci_for_each_dma_alias-for-.patch
(git-fixes CVE-2024-50101 bsc#1232869).
- Update
patches.suse/maple_tree-correct-tree-corruption-on-spanning-store.patch
(git-fixes CVE-2024-50200 bsc#1233088).
- Update
patches.suse/media-qcom-camss-Remove-use_count-guard-in-stop_stre.patch
(git-fixes CVE-2024-50175 bsc#1233092).
- Update
patches.suse/net-mlx5-Fix-command-bitmask-initialization.patch
(git-fixes CVE-2024-50147 bsc#1233067).
- Update
patches.suse/net-mlx5-Unregister-notifier-on-eswitch-init-failure.patch
(git-fixes CVE-2024-50136 bsc#1232914).
- Update
patches.suse/net-mlx5e-Don-t-call-cleanup-on-profile-rollback-fai.patch
(git-fixes CVE-2024-50146 bsc#1233056).
- Update
patches.suse/net-phy-dp83869-fix-memory-corruption-when-enabling-.patch
(git-fixes CVE-2024-50188 bsc#1233107).
- Update
patches.suse/netdevsim-use-cond_resched-in-nsim_dev_trap_report_w.patch
(git-fixes CVE-2024-50155 bsc#1233035).
- Update
patches.suse/nfsd-cancel-nfsd_shrinker_work-using-sync-mode-in-nf.patch
(git-fixes CVE-2024-50121 bsc#1232925).
- Update
patches.suse/nilfs2-fix-kernel-bug-due-to-missing-clearing-of-buffer-delay-flag.patch
(git-fixes CVE-2024-50116 bsc#1232892).
- Update
patches.suse/nilfs2-fix-potential-deadlock-with-newly-created-symlinks.patch
(git-fixes CVE-2024-50229 bsc#1233205).
- Update
patches.suse/nouveau-dmem-Fix-vulnerability-in-migrate_to_ram-upo.patch
(git-fixes CVE-2024-50096 bsc#1232870).
- Update
patches.suse/nvme-pci-fix-race-condition-between-reset-and-nvme_d.patch
(git-fixes CVE-2024-50135 bsc#1232888).
- Update
patches.suse/nvmet-auth-assign-dh_key-to-NULL-after-kfree_sensiti.patch
(git-fixes CVE-2024-50215 bsc#1233189).
- Update
patches.suse/ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overflow.patch
(git-fixes CVE-2024-50218 bsc#1233191).
- Update
patches.suse/phy-qcom-qmp-usb-fix-NULL-deref-on-runtime-suspend.patch
(git-fixes CVE-2024-50240 bsc#1233217).
- Update
patches.suse/pinctrl-ocelot-fix-system-hang-on-level-based-interr.patch
(stable-fixes CVE-2024-50196 bsc#1233113).
- Update
patches.suse/remoteproc-k3-r5-Fix-error-handling-when-power-up-fa.patch
(git-fixes CVE-2024-50176 bsc#1233091).
- Update
patches.suse/scsi-lpfc-Ensure-DA_ID-handling-completion-before-de.patch
(bsc#1232757 CVE-2024-50183 bsc#1233130).
- Update
patches.suse/spi-spi-fsl-dspi-Fix-crash-when-not-using-GPIO-chip-.patch
(git-fixes CVE-2024-50224 bsc#1233188).
- Update
patches.suse/staging-iio-frequency-ad9832-fix-division-by-zero-in.patch
(git-fixes CVE-2024-50233 bsc#1233210).
- Update
patches.suse/thermal-intel-int340x-processor-Fix-warning-during-m.patch
(git-fixes CVE-2024-50093 bsc#1232877).
- Update
patches.suse/tracing-Consider-the-NULL-character-when-validating-the-event-length.patch
(git-fixes CVE-2024-50131 bsc#1232896).
- Update
patches.suse/tracing-timerlat-Drop-interface_lock-in-stop_kthread.patch
(git-fixes CVE-2024-49976 bsc#1232103).
- Update
patches.suse/tracing-timerlat-Only-clear-timer-if-a-kthread-exists.patch
(git-fixes CVE-2024-46845 bsc#1231076).
- Update
patches.suse/unicode-Don-t-special-case-ignorable-code-points.patch
(stable-fixes CVE-2024-50089 bsc#1232860).
- Update
patches.suse/uprobe-avoid-out-of-bounds-memory-access-of-fetching-args.patch
(git-fixes CVE-2024-50067 bsc#1232416).
- Update
patches.suse/uprobes-fix-kernel-info-leak-via-uprobes-vma.patch
(bsc#1231114 CVE-2024-46828 CVE-2024-49975 bsc#1232104).
- Update
patches.suse/usb-typec-altmode-should-keep-reference-to-parent.patch
(git-fixes CVE-2024-50150 bsc#1233051).
- Update
patches.suse/wifi-ath10k-Fix-memory-leak-in-management-tx.patch
(git-fixes CVE-2024-50236 bsc#1233212).
- Update
patches.suse/wifi-cfg80211-clear-wdev-cqm_config-pointer-on-free.patch
(git-fixes CVE-2024-50235 bsc#1233176).
- Update
patches.suse/wifi-iwlegacy-Clear-stale-interrupts-before-resuming.patch
(stable-fixes CVE-2024-50234 bsc#1233211).
- Update
patches.suse/wifi-mac80211-do-not-pass-a-stopped-vif-to-the-drive.patch
(git-fixes CVE-2024-50237 bsc#1233216).
- Update
patches.suse/x86-fix-user-address-masking-non-canonical-speculation-iss.patch
(git-fixes CVE-2024-50102 bsc#1232880).
- Update
patches.suse/xfs-fix-finding-a-last-resort-AG-in-xfs_filestream_pick_ag.patch
(git-fixes CVE-2024-50216 bsc#1233179).
- commit 7d67ea3
- btrfs: fix error propagation of split bios (CVE-2024-50225 bsc#1233193)
- commit ec9c552
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- commit b9564da
- Update references in patches.suse/ntfs3-Add-bounds-checking-to-mi_enum_attr.patch (CVE-2024-50248 bsc#1233219 bsc#1233207)
- commit 56e1d55
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- commit 95663e2
- fs/ntfs3: Add rough attr alloc_size check (CVE-2024-50246 bsc#1233207)
- commit 378df6a
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- commit 418f82a
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- commit 6744037
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- commit 766ca6e
- fs/ntfs3: Fix possible deadlock in mi_read (CVE-2024-50245 bsc#1233203)
- commit 5f9c2da
- Rename to
patches.kabi/kABI-fix-for-Bluetooth-L2CAP-Fix-div-by-zero-in-l2ca.patch.
Fixes: d93ac77c0df4b8dfe469c26e60d4fb45fc305341
- commit 1f6a42b
- virtio_pmem: Check device status before requesting flush
(CVE-2024-50184 bsc#1233135).
- commit 4e28ae6
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT
guests (bsc#1232207).
- commit 4b9eff5
- KVM: SEV-ES: Prevent MSR access post VMSA encryption
(bsc#1232207).
- commit 61f28ae
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly
in one file (git-fixes).
- commit 017d59a
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink()
(CVE-2024-50154 bsc#1233070).
- commit 43fc2d5
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch (bsc#1233350)
Correctly workaround kABI breakage that was introduced with fixes
backported for bsc#1225903.
- commit 52684a5
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS
for ChainDMA (bsc#1233305).
- commit 1b06409
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
(git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries
(git-fixes).
- commit 83eaece
- mm: shmem: fix data-race in shmem_getattr() (CVE-2024-50228,
bsc#1233204, git fixes (mm/shmem)).
- commit 89c94b7
- irqchip/gic-v4: Correctly deal with set_affinity on
lazily-mapped VPEs (CVE-2024-50192 bsc#1233106).
- commit 4258dbe
- irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
(CVE-2024-50192 bsc#1233106).
- kABI: Don't allow a VMOVP on a dying VPE (kabi CVE-2024-50192
bsc#1233106).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack
(git-fixes).
- commit 9bd7834
- selftests/bpf: add stack access precision test (bsc#1232823
CVE-2023-52920).
- bpf: support non-r10 register spill/fill to/from stack in
precision tracking (bsc#1232823 CVE-2023-52920).
- Refresh patches.suse/bpf-Fix-accesses-to-uninit-stack-slots.patch
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch
- commit 2dc84ae
- kABI fix for - Bluetooth: L2CAP: Fix
div-by-zero in l2cap_le_flowctl_init()
(CVE-2024-36968 bsc#1226130). - Refresh
patches.suse/Bluetooth-Ignore-too-large-handle-values-in-BIG.patch.
- Refresh
patches.suse/Bluetooth-L2CAP-Fix-deadlock.patch. - Refresh
patches.suse/Bluetooth-btnxpuart-Enable-Power-Save-feature-on-sta.patch.
- Refresh
patches.suse/bluetooth-hci-disallow-setting-handle-bigger-than-HC.patch.
- Refresh
patches.suse/bluetooth-l2cap-sync-sock-recv-cb-and-release.patch.
- commit d93ac77
- macsec: Fix use-after-free while sending the offloading packet
(CVE-2024-50261 bsc#1233253).
- commit 493a21e
- kABI workaround for ASoC SOF (bsc#1233305).
- commit d8b041e
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum
control (bsc#1233305).
- Refresh
patches.suse/ASoC-SOF-ipc4-topology-Correct-data-structures-for-t-e238b68.patch.
- commit 6d4ee28
- ASoC: SOF: topology: Parse DAI type token for dspless mode
(bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI
widget->private (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in
dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on
device_count (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Add i2s bt dai configuration support for AMD
platforms (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai
(bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw
definitions (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct
definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header
(bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module
set up (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification
message from firmware (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by
module/instance id (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from
topology (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology
(bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions
to header.h (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control
(bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control
(bsc#1233305).
- ASoC: SOF: ipc4-topology: export
sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type:
SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints
(bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- commit ccbfc43
- ima: fix buffer overrun in ima_eventdigest_init_common
(git-fixes).
- commit 200c852
- KVM: arm64: Fix shift-out-of-bounds bug (CVE-2024-50139
bsc#1233062).
- commit dc4add6
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
(CVE-2024-50115 bsc#1232919).
- commit b8f7c4d
- Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
(CVE-2024-36968 bsc#1226130).
- Refresh
patches.suse/Bluetooth-Ignore-too-large-handle-values-in-BIG.patch.
- Refresh patches.suse/Bluetooth-L2CAP-Fix-deadlock.patch.
- Refresh
patches.suse/Bluetooth-btnxpuart-Enable-Power-Save-feature-on-sta.patch.
- Refresh
patches.suse/bluetooth-hci-disallow-setting-handle-bigger-than-HC.patch.
- Refresh
patches.suse/bluetooth-l2cap-sync-sock-recv-cb-and-release.patch.
- commit c95a285
- net: sched: fix use-after-free in taprio_change()
(CVE-2024-50127 bsc#1232907).
- commit 8d80c7f
- fsdax: dax_unshare_iter needs to copy entire blocks
(bsc#1233226, CVE-2024-50250).
- fsdax: remove zeroing code from dax_unshare_iter (bsc#1233226,
CVE-2024-50250).
- commit 94457ab
- nilfs2: fix kernel bug due to missing clearing of checked flag
(bsc#1233206 CVE-2024-50230).
- commit ba9ac5c
- drm/amd/display: Check null pointers before used (bsc#1232371 CVE-2024-49921)
- commit 3bf6629
- net/ncsi: Disable the ncsi work before freeing the associated
structure (CVE-2024-49945 bsc#1232165).
- commit 75d875c
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync
state (git-fixes).
- commit f4e661d
- Revert "mm/writeback: fix possible divide-by-zero in
wb_dirty_limits(), again" (CVE-2024-42102 bsc#1233132).
- commit 696592c
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE
is not set (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk
(git-fixes).
- usb: typec: fix potential out of bounds in
ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- commit d16f490
- ASoC: stm: Prevent potential division by zero in
stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in
stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad
E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022
(stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781
qfn chip (stable-fixes).
- commit 1f9992e
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits
(git-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in
stm32_spdifrx_remove (git-fixes).
- ALSA: firewire-lib: fix return value on fail in
amdtp_tscm_init() (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup()
(git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: adv7604: prevent underflow condition when reporting
colorspace (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: ar0521: don't overflow when checking PLL values
(git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: dvb_frontend: don't play tricks with underflow values
(git-fixes).
- media: dvbdev: prevent the risk of out of memory access
(git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero
(git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl()
(git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting
TMU mode (stable-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device
(stable-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq
context (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe
(stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler
(stable-fixes).
- commit c5281d0
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping
(git-fixes).
- commit e6016a1
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- commit 9358249
- NFS: remove revoked delegation from server's delegation list
(git-fixes).
- commit 6feb8eb
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- commit 5969339
- nilfs2: fix potential deadlock with newly created symlinks
(git-fixes).
- commit 002996c
- cpufreq: amd-pstate: add check for cpufreq_cpu_get's return
value (CVE-2024-50009 bsc#1232318).
- commit 15f7e86
- ext4: fix error message when rejecting the default hash
(bsc#1232264 CVE-2024-49968).
- commit 5d137c7
- sched/deadline: Fix task_struct reference leak (CVE-2024-41023
bsc#1228430).
- commit 3a83981
- be2net: fix potential memory leak in be_xmit() (CVE-2024-50167
bsc#1233049).
- commit 376f8c7
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation
(git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing
configuration when switching CAN modes (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode
(git-fixes).
- commit c5fa961
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082 bsc#1232500)
- commit 6a67bac
- btrfs: fix uninitialized pointer free on read_alloc_one_name() error (CVE-2024-50087 bsc#1232499)
- commit a3c097a
- btrfs: fix uninitialized pointer free in add_inode_ref() (CVE-2024-50088 bsc#1232498)
- commit 75b1127
- net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (CVE-2024-50084 bsc#1232494)
- commit e53e21a
- drm/amd/display: fix double free issue during amdgpu module unload (CVE-2024-49989 bsc#1232483)
- commit 6511376
- drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (CVE-2024-50004 bsc#1232396)
- commit d5739f8
- drm/amd/display: Fix system hang while resume with TBT monitor (CVE-2024-50003 bsc#1232385)
- commit 24ceb7a
- thermal: intel: int340x: processor: Fix warning during module
unload (git-fixes).
- commit 2c3d870
- mptcp: fix double-free on socket dismantle (CVE-2024-26782
bsc#1222590).
- mptcp: deal with large GSO size (CVE-2023-52778 bsc#1224948).
- commit 86ee052
- ext4: ext4_search_dir should return a proper error (bsc#1231920
CVE-2024-47701).
- commit 7c02130
- ext4: explicitly exit when ext4_find_inline_entry returns an
error (bsc#1231920 CVE-2024-47701).
- commit e600961
- ext4: return error on ext4_find_inline_entry (bsc#1231920
CVE-2024-47701).
- commit 39b6acc
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- commit b8afad1
- fs/inode: Prevent dump_mapping() accessing invalid
dentry.d_name.name (bsc#1232387 CVE-2024-49934).
- commit cf2a806
- ext4: filesystems without casefold feature cannot be mounted
with siphash (bsc#1232264 CVE-2024-49968).
- commit 1907014
- ext4: drop ppath from ext4_ext_replay_update_ex() to avoid
double-free (bsc#1232096 CVE-2024-49983).
- commit 4a6ac53
- vfs: fix race between evice_inodes() and find_inode()&iput()
(bsc#1231930 CVE-2024-47679).
- commit dcf9f6e
- ext4: avoid OOB when system.data xattr changes underneath the
filesystem (bsc#1231920 CVE-2024-47701).
- commit f292cb3
- security/keys: fix slab-out-of-bounds in key_task_permission
(git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available
(git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- commit 277fa5f
- mlxbf_gige: disable RX filters until RX path initialized
(git-fixes).
- commit f2b07e9
- selftests/bpf: Add tests for sdiv/smod overflow cases
(CVE-2024-49888 bsc#1232208).
- commit b193d4f
- initramfs: avoid filename buffer overrun (bsc#1232436).
- commit 4918398
- netfilter: bpf: must hold reference on net namespace
(bsc#1232894 CVE-2024-50130).
- commit 7d292ad
- bpftool: Fix undefined behavior in qsort(NULL, 0,
...) (bsc#1232258 CVE-2024-49987).
- commit 80f8e64
- Update
patches.suse/mm-mmap-no-need-to-call-khugepaged_enter_vma-for-sta.patch
(jsc#PED-11442).
- commit d087a3b
- fbdev: efifb: Register sysfs groups through driver core
(bsc#1232224 CVE-2024-49925).
- commit 4fd0365
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- commit f0dea0e
- ublk: don't allow user copy for unprivileged device
(CVE-2024-50080 bsc#1232502).
- commit 267c92f
- blk-mq: setup queue ->tag_set before initializing hctx
(CVE-2024-50081 bsc#1232501).
- commit 87d4a82
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL
name (git-fixes).
- commit c862b93
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- commit 92209c4
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- commit 6e1da70
- scsi: elx: libefc: Fix potential use after free in
efc_nport_vport_del() (CVE-2024-49852 bsc#1232819).
- commit 51395e6
- Update config files.
c37e85c135ce ("clocksource: Loosen clocksource watchdog constraints")
introduced a new default for the time skew measured by the clocksource
watchdog. The value was raised from 100 to 125 microseconds. Reflect this
change in the kernel config. This is an x86_64 option only.
- commit 14c1b2d
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- commit 7c39137
- kABI: bpf: struct bpf_func_state kABI workaround (CVE-2024-47703
bsc#1231946).
- commit fd45833
- selftests/bpf: Workaround strict bpf_lsm return value check
(CVE-2024-47703 bsc#1231946).
- selftests/bpf: Add verifier tests for bpf lsm (CVE-2024-47703
bsc#1231946).
- selftests/bpf: Add return value checks for failed tests
(CVE-2024-47703 bsc#1231946).
- bpf: Fix compare error in function retval_range_within
(CVE-2024-47703 bsc#1231946).
- bpf, lsm: Add check for BPF LSM return value (CVE-2024-47703
bsc#1231946).
- Refresh patches.suse/bpf-Fail-verification-for-sign-extension-of-packet-d.patch
- Refresh patches.kabi/bpf-struct-bpf_insn_access_aux-workaround.patch
- selftests/bpf: fix timer/test_bad_ret subtest on
test_progs-cpuv4 flavor (CVE-2024-47703 bsc#1231946).
- commit a0c7d4f
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- firmware: arm_scmi: Fix slab-use-after-free in
scmi_bus_notifier() (git-fixes).
- commit 01fe6bf
- Update references for patches.suse/tracing-timerlat-Fix-a-race-during-cpuhp-processing.patch (CVE-2024-49866 bsc#1232259 git-fixes)
- commit d9311d0
- Move out-of-tree patch into a proper section
- commit c581359
- Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown"
(bsc#1228269).
- commit 13ce240
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled
(bsc#1232757).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR
to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Ensure DA_ID handling completion before deleting
an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo
handler (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs
(bsc#1232757 bsc#1228119).
- scsi: lpfc: Update phba link state conditional before sending
CMF_SYNC_WQE (bsc#1232757).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in
lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Remove trailing space after \n newline
(bsc#1232757).
- commit 3cf27b4
- ext4: fix timer use-after-free on failed mount (CVE-2024-49960
bsc#1232395).
- commit bd6997d
- net/xen-netback: prevent UAF in xenvif_flush_hash()
(CVE-2024-49936 bsc#1232424).
- commit ae05dab
- tipc: guard against string buffer overrun (CVE-2024-49995
bsc#1232432).
- commit ada263e
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer
(CVE-2024-49991 bsc#1232282).
- commit 1b15839
- nvme: re-fix error-handling for io_uring nvme-passthrough
(git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive
(git-fixes).
- nvme-pci: fix race condition between reset and
nvme_dev_disable() (git-fixes).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- commit d7598b1
- mm: split critical region in remap_file_pages() and invoke
LSMs in between (CVE-2024-47745 bsc#1232135 git-fix).
- commit 8228ecb
- Add alt-commit to AMDGPU patch
- commit 9e50980
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL
lock check (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier
(git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
(git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA
transfer (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero
(git-fixes).
- Revert "driver core: Fix uevent_show() vs driver detach race"
(git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy
(git-fixes).
- usb: typec: fix unreleased fwnode_handle in
typec_port_register_altmodes() (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event
(git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems
(git-fixes).
- usbip: tools: Fix detach_port() invalid port error path
(git-fixes).
- iio: adc: ad7124: fix division by zero in
ad7124_set_channel_odr() (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in
ad9832_calc_freqreg() (git-fixes).
- iio: light: veml6030: fix microlux value calculation
(git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of
iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in
iio_gts_build_avail_scale_table() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails
(git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on
32-bit host (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched
endianness (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc()
(git-fixes).
- commit df7fb9d
- Refresh
patches.suse/PCI-Fix-pci_enable_acs-support-for-the-ACS-quirks.patch.
Update upstream status.
- commit f283868
- nfsd: cancel nfsd_shrinker_work using sync mode in
nfs4_state_shutdown_net (git-fixes).
- commit ed2b339
- NFSv3: only use NFS timeout for MOUNT when protocols are
compatible (bsc#1231016).
- commit ddbeb4f
- Update
patches.suse/0002-x86-mm-ident_map-Use-gbpages-only-where-full-GB-page.patch
(bsc#1220382 CVE-2024-50017 bsc#1232312).
- Update patches.suse/ACPI-PAD-fix-crash-in-exit_round_robin.patch
(stable-fixes CVE-2024-49935 bsc#1232370).
- Update
patches.suse/ACPI-battery-Fix-possible-crash-when-unregistering-a.patch
(git-fixes CVE-2024-49955 bsc#1232154).
- Update
patches.suse/ACPI-sysfs-validate-return-type-of-_STR-method.patch
(git-fixes CVE-2024-49860 bsc#1231861).
- Update
patches.suse/ACPICA-check-null-return-of-ACPI_ALLOCATE_ZEROED-in-.patch
(stable-fixes CVE-2024-49962 bsc#1232314).
- Update
patches.suse/ALSA-asihpi-Fix-potential-OOB-array-access.patch
(stable-fixes CVE-2024-50007 bsc#1232394).
- Update
patches.suse/Bluetooth-Call-iso_exit-on-module-unload.patch
(git-fixes CVE-2024-50078 bsc#1232503).
- Update
patches.suse/Bluetooth-ISO-Fix-multiple-init-when-debugfs-is-disa.patch
(git-fixes CVE-2024-50077 bsc#1232504).
- Update
patches.suse/Bluetooth-RFCOMM-FIX-possible-deadlock-in-rfcomm_sk_.patch
(git-fixes CVE-2024-50044 bsc#1231904).
- Update
patches.suse/IB-core-Fix-ib_cache_setup_one-error-flow-cleanup.patch
(git-fixes CVE-2024-47693 bsc#1232013).
- Update
patches.suse/IB-core-Implement-a-limit-on-UMAD-receive-List.patch
(bsc#1228743 CVE-2024-42145 bsc#1223384).
- Update
patches.suse/Input-adp5589-keys-fix-NULL-pointer-dereference.patch
(git-fixes CVE-2024-49871 bsc#1232287).
- Update
patches.suse/KEYS-prevent-NULL-pointer-dereference-in-find_asymme.patch
(git-fixes CVE-2024-47743 bsc#1232129).
- Update
patches.suse/KVM-Use-dedicated-mutex-to-protect-kvm_usage_count-t.patch
(git-fixes CVE-2024-47744 bsc#1232132).
- Update
patches.suse/PCI-keystone-Fix-if-statement-expression-in-ks_pcie_.patch
(git-fixes CVE-2024-47756 bsc#1232185).
- Update
patches.suse/PCI-kirin-Fix-buffer-overflow-in-kirin_pcie_parse_po.patch
(git-fixes CVE-2024-47751 bsc#1232127).
- Update
patches.suse/RDMA-cxgb4-Added-NULL-check-for-lookup_atid.patch
(git-fixes CVE-2024-47749 bsc#1232180).
- Update
patches.suse/RDMA-hns-Fix-Use-After-Free-of-rsv_qp-on-HIP08.patch
(git-fixes CVE-2024-47750 bsc#1232182).
- Update
patches.suse/RDMA-hns-Fix-spin_unlock_irqrestore-called-with-IRQs.patch
(git-fixes CVE-2024-47735 bsc#1232111).
- Update
patches.suse/RDMA-iwcm-Fix-WARNING-at_kernel-workqueue.c-check_fl.patch
(git-fixes CVE-2024-47696 bsc#1231864).
- Update
patches.suse/RDMA-rtrs-clt-Reset-cid-to-con_num-1-to-stay-in-boun.patch
(git-fixes CVE-2024-47695 bsc#1231931).
- Update
patches.suse/RDMA-rtrs-srv-Avoid-null-pointer-deref-during-path-e.patch
(git-fixes CVE-2024-50062 bsc#1232232).
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-more.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-49982 bsc#1232097).
- Update
patches.suse/bpf-Fail-verification-for-sign-extension-of-packet-d.patch
(git-fixes CVE-2024-47702 bsc#1231924).
- Update
patches.suse/bpf-Fix-helper-writes-to-read-only-maps.patch
(git-fixes CVE-2024-49861 bsc#1232254).
- Update
patches.suse/bpf-Fix-use-after-free-in-bpf_uprobe_multi_link_attach.patch
(git-fixes CVE-2024-47675 bsc#1231926).
- Update
patches.suse/bpf-Zero-former-ARG_PTR_TO_-LONG-INT-args-in-case-of.patch
(git-fixes CVE-2024-47728 bsc#1232076).
- Update
patches.suse/bpf-correctly-handle-malformed-BPF_CORE_TYPE_ID_LOCA.patch
(git-fixes CVE-2024-49850 bsc#1232189).
- Update
patches.suse/cachefiles-fix-dentry-leak-in-cachefiles_open_file.patch
(bsc#1231183 CVE-2024-49870 bsc#1232279).
- Update
patches.suse/can-bcm-Clear-bo-bcm_proc_read-after-remove_proc_ent.patch
(git-fixes CVE-2024-47709 bsc#1232048).
- Update
patches.suse/crypto-iaa-Fix-potential-use-after-free-bug.patch
(git-fixes CVE-2024-47732 bsc#1232109).
- Update
patches.suse/cxl-pci-Fix-disabling-memory-if-DVSEC-CXL-Range-does.patch
(git-fixes CVE-2024-26761 bsc#1230375).
- Update
patches.suse/driver-core-Fix-a-potential-null-ptr-deref-in-module.patch
(git-fixes CVE-2024-47688 bsc#1232009).
- Update
patches.suse/driver-core-bus-Fix-double-free-in-driver-API-bus_re.patch
(stable-fixes CVE-2024-50055 bsc#1232329).
- Update
patches.suse/drivers-media-dvb-frontends-rtl2830-fix-an-out-of-bo.patch
(git-fixes CVE-2024-47697 bsc#1231858).
- Update
patches.suse/drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bo.patch
(git-fixes CVE-2024-47698 bsc#1231859).
- Update
patches.suse/drm-amd-display-Add-null-check-for-set_output_gamma-.patch
(git-fixes CVE-2024-47720 bsc#1232043).
- Update
patches.suse/drm-amd-display-Check-null-pointer-before-dereferenc.patch
(stable-fixes CVE-2024-50049 bsc#1232309).
- Update
patches.suse/drm-amd-display-fixed-integer-types-and-null-check-l.patch
(git-fixes CVE-2024-26767 bsc#1230339).
- Update
patches.suse/drm-omapdrm-Add-missing-check-for-alloc_ordered_work.patch
(git-fixes CVE-2024-49879 bsc#1232349).
- Update
patches.suse/drm-v3d-Stop-the-active-perfmon-before-being-destroy.patch
(git-fixes CVE-2024-50031 bsc#1231947).
- Update
patches.suse/efistub-tpm-Use-ACPI-reclaim-memory-for-event-log-to.patch
(stable-fixes CVE-2024-49858 bsc#1232251).
- Update
patches.suse/ep93xx-clock-Fix-off-by-one-in-ep93xx_div_recalc_rat.patch
(git-fixes CVE-2024-47686 bsc#1232000).
- Update
patches.suse/exfat-fix-memory-leak-in-exfat_load_bitmap.patch
(git-fixes CVE-2024-50013 bsc#1232080).
- Update
patches.suse/fbcon-Fix-a-NULL-pointer-dereference-issue-in-fbcon_.patch
(stable-fixes CVE-2024-50048 bsc#1232310).
- Update
patches.suse/firmware-arm_scmi-Fix-double-free-in-OPTEE-transport.patch
(git-fixes CVE-2024-49853 bsc#1232192).
- Update patches.suse/firmware_loader-Block-path-traversal.patch
(git-fixes CVE-2024-47742 bsc#1232126).
- Update
patches.suse/i2c-stm32f7-Do-not-prepare-unprepare-clock-during-ru.patch
(git-fixes CVE-2024-49985 bsc#1232094).
- Update
patches.suse/i3c-master-cdns-Fix-use-after-free-vulnerability-in-.patch
(stable-fixes CVE-2024-50061 bsc#1232263).
- Update
patches.suse/i3c-master-svc-Fix-use-after-free-vulnerability-in-s.patch
(git-fixes CVE-2024-49874 bsc#1232295).
- Update
patches.suse/i40e-Fix-XDP-program-unloading-while-removing-the-dr.patch
(git-fixes CVE-2024-41047 bsc#1228537).
- Update
patches.suse/idpf-fix-UAFs-when-destroying-the-queues.patch
(git-fixes CVE-2024-44932 bsc#1229808).
- Update
patches.suse/idpf-fix-memory-leaks-and-crashes-while-performing-a.patch
(git-fixes CVE-2024-44964 bsc#1230220).
- Update
patches.suse/iommufd-Protect-against-overflow-of-ALIGN-during-iov.patch
(git-fixes CVE-2024-47719 bsc#1231865).
- Update
patches.suse/jffs2-prevent-xattr-node-from-overflowing-the-eraseblock.patch
(git-fixes CVE-2024-38599 bsc#1226848 bsc#1223384).
- Update patches.suse/jfs-Fix-uaf-in-dbFreeBits.patch (git-fixes
CVE-2024-49903 bsc#1232362).
- Update
patches.suse/jfs-Fix-uninit-value-access-of-new_ea-in-ea_buffer.patch
(git-fixes CVE-2024-49900 bsc#1232359).
- Update
patches.suse/jfs-check-if-leafidx-greater-than-num-leaves-per-dmap-tree.patch
(git-fixes CVE-2024-49902 bsc#1232378).
- Update
patches.suse/jfs-fix-out-of-bounds-in-dbNextAG-and-diAlloc.patch
(git-fixes CVE-2024-47723 bsc#1232050).
- Update
patches.suse/mailbox-bcm2835-Fix-timeout-during-suspend-mode.patch
(git-fixes CVE-2024-49963 bsc#1232147).
- Update
patches.suse/md-Don-t-ignore-suspended-array-in-md_check_recovery-1baa.patch
(bsc#1219596 CVE-2024-26758 bsc#1230341).
- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
(git-fixes CVE-2024-27043 bsc#1223824 bsc#1218562).
- Update
patches.suse/media-i2c-ar0521-Use-cansleep-version-of-gpiod_set_v.patch
(git-fixes CVE-2024-49961 bsc#1232148).
- Update
patches.suse/media-venus-fix-use-after-free-bug-in-venus_remove-d.patch
(git-fixes CVE-2024-49981 bsc#1232098).
- Update
patches.suse/nbd-fix-race-between-timeout-and-normal-completion.patch
(bsc#1230918 CVE-2024-49855 bsc#1232195).
- Update
patches.suse/net-phy-Remove-LED-entry-from-LEDs-list-on-unregiste.patch
(git-fixes CVE-2024-50023 bsc#1231955).
- Update
patches.suse/net-test-for-not-too-small-csum_start-in-virtio_net_.patch
(git-fixes CVE-2024-49947 bsc#1232162).
- Update
patches.suse/nfsd-call-cache_put-if-xdr_reserve_space-returns-NULL.patch
(git-fixes CVE-2024-47737 bsc#1232056).
- Update
patches.suse/nfsd-map-the-EBADMSG-to-nfserr_io-to-avoid-warning.patch
(git-fixes CVE-2024-49875 bsc#1232333).
- Update
patches.suse/nilfs2-fix-potential-null-ptr-deref-in-nilfs_btree_insert.patch
(git-fixes CVE-2024-47699 bsc#1231916).
- Update
patches.suse/nilfs2-fix-potential-oob-read-in-nilfs_btree_check_delete.patch
(git-fixes CVE-2024-47757 bsc#1232187).
- Update
patches.suse/nouveau-dmem-handle-kcalloc-allocation-failure.patch
(git-fixes CVE-2024-26943 bsc#1230527).
- Update
patches.suse/ocfs2-cancel-dqi_sync_work-before-freeing-oinfo.patch
(git-fixes CVE-2024-49966 bsc#1232141).
- Update
patches.suse/ocfs2-fix-null-ptr-deref-when-journal-load-failed.patch
(git-fixes CVE-2024-49957 bsc#1232152).
- Update
patches.suse/ocfs2-fix-possible-null-ptr-deref-in-ocfs2_set_buffer_uptodate.patch
(git-fixes CVE-2024-49877 bsc#1232339).
- Update
patches.suse/ocfs2-remove-unreasonable-unlock-in-ocfs2_read_blocks.patch
(git-fixes CVE-2024-49965 bsc#1232142).
- Update
patches.suse/parport-Proper-fix-for-array-out-of-bounds-access.patch
(git-fixes CVE-2024-50074 bsc#1232507).
- Update
patches.suse/pinctrl-apple-check-devm_kasprintf-returned-value.patch
(git-fixes CVE-2024-50069 bsc#1232511).
- Update
patches.suse/platform-x86-ISST-Fix-the-KASAN-report-slab-out-of-b.patch
(git-fixes CVE-2024-49886 bsc#1232196).
- Update
patches.suse/powercap-intel_rapl-Fix-off-by-one-in-get_rpi.patch
(git-fixes CVE-2024-49862 bsc#1231871).
- Update
patches.suse/resource-fix-region_intersects-vs-add_memory_driver_.patch
(git-fixes CVE-2024-49878 bsc#1232340).
- Update
patches.suse/scsi-fnic-Move-flush_work-initialization-out-of-if-b.patch
(bsc#1230055 CVE-2024-50025 bsc#1231953).
- Update
patches.suse/scsi-lpfc-validate-hdwq-pointers-before-dereferencing-in.patch
(bsc#1229429 jsc#PED-9899 CVE-2024-49891 bsc#1232218).
- Update
patches.suse/scsi-sd-Fix-off-by-one-error-in-sd_read_block_charac.patch
(bsc#1223848 CVE-2024-47682 bsc#1231856).
- Update
patches.suse/serial-protect-uart_port_dtr_rts-in-uart_shutdown-to.patch
(stable-fixes CVE-2024-50058 bsc#1232285).
- Update
patches.suse/tpm-Clean-up-TPM-space-after-command-failure.patch
(git-fixes CVE-2024-49851 bsc#1232134).
- Update
patches.suse/tty-n_gsm-Fix-use-after-free-in-gsm_cleanup_mux.patch
(stable-fixes CVE-2024-50073 bsc#1232520).
- Update
patches.suse/vhost-scsi-null-ptr-dereference-in-vhost_scsi_get_re.patch
(git-fixes CVE-2024-49863 bsc#1232255).
- Update
patches.suse/vhost_vdpa-assign-irq-bypass-producer-token-correctl.patch
(git-fixes CVE-2024-47748 bsc#1232174).
- Update patches.suse/vmxnet3-Fix-missing-reserved-tailroom.patch
(bsc#1226498 CVE-2024-27026 bsc#1223700).
- Update
patches.suse/vt-prevent-kernel-infoleak-in-con_font_get.patch
(git-fixes CVE-2024-50076 bsc#1232505).
- Update
patches.suse/wifi-ath11k-fix-array-out-of-bound-access-in-SoC-sta.patch
(stable-fixes CVE-2024-49930 bsc#1232260).
- Update
patches.suse/wifi-ath12k-fix-array-out-of-bound-access-in-SoC-sta.patch
(stable-fixes CVE-2024-49931 bsc#1232275).
- Update
patches.suse/wifi-ath9k_htc-Use-__skb_set_length-for-resetting-ur.patch
(stable-fixes CVE-2024-49938 bsc#1232552).
- Update
patches.suse/wifi-cfg80211-Set-correct-chandef-when-starting-CAC.patch
(stable-fixes CVE-2024-49937 bsc#1232427).
- Update
patches.suse/wifi-iwlwifi-mvm-avoid-NULL-pointer-dereference.patch
(stable-fixes CVE-2024-49929 bsc#1232253).
- Update
patches.suse/wifi-mac80211-don-t-use-rate-mask-for-offchannel-TX-.patch
(git-fixes CVE-2024-47738 bsc#1232114).
- Update
patches.suse/wifi-mac80211-use-two-phase-skb-reclamation-in-ieee8.patch
(git-fixes CVE-2024-47713 bsc#1232016).
- Update
patches.suse/wifi-mt76-mt7915-fix-oops-on-non-dbdc-mt7986.patch
(git-fixes CVE-2024-47715 bsc#1231860).
- Update
patches.suse/wifi-mt76-mt7996-fix-NULL-pointer-dereference-in-mt7.patch
(git-fixes CVE-2024-47681 bsc#1231855).
- Update
patches.suse/wifi-mt76-mt7996-use-hweight16-to-get-correct-tx-ant.patch
(git-fixes CVE-2024-47714 bsc#1232018).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch
(stable-fixes CVE-2024-50008 bsc#1232317).
- Update
patches.suse/wifi-rtw88-always-wait-for-both-firmware-loading-att.patch
(git-fixes CVE-2024-47718 bsc#1232015).
- Update
patches.suse/wifi-rtw89-avoid-reading-out-of-bounds-when-loading-.patch
(stable-fixes CVE-2024-49928 bsc#1232250).
- Update
patches.suse/wifi-rtw89-avoid-to-add-interface-to-list-twice-when.patch
(stable-fixes CVE-2024-49939 bsc#1232381).
- Update
patches.suse/wifi-wilc1000-fix-potential-RCU-dereference-issue-in.patch
(git-fixes CVE-2024-47712 bsc#1232017).
- Update
patches.suse/xhci-tegra-fix-checked-USB2-port-number.patch
(git-fixes CVE-2024-50075 bsc#1232506).
- commit a270265
- Update
patches.suse/i3c-mipi-i3c-hci-Fix-out-of-bounds-access-in-hci_dma.patch
(git-fixes CVE-2023-52766 bsc#1230620).
- Update
patches.suse/media-pci-cx23885-check-cx23885_vdev_init-return.patch
(stable-fixes CVE-2023-52918 bsc#1232047).
- Update
patches.suse/nfc-nci-fix-possible-NULL-pointer-dereference-in-sen.patch
(git-fixes CVE-2023-52919 bsc#1231988).
- Update
patches.suse/ntb-intel-Fix-the-NULL-vs-IS_ERR-bug-for-debugfs_cre.patch
(git-fixes CVE-2023-52917 bsc#1231849).
- Update
patches.suse/tcp-do-not-accept-ACK-of-bytes-we-never-sent.patch
(CVE-2023-52881 bsc#1225611 bsc#1223384).
- Update patches.suse/wifi-ath11k-fix-htt-pktlog-locking.patch
(git-fixes CVE-2023-52800 bsc#1230600).
- commit 9859953
- NFSD: Force all NFSv4.2 COPY requests to be synchronous
(CVE-2024-49974 bsc#1232383).
- commit 16045fc
- fgraph: Change the name of cpuhp state to "fgraph:online"
(git-fixes).
- commit 59421b3
- fgraph: Fix missing unlock in register_ftrace_graph()
(git-fixes).
- commit 60d91ed
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- commit 5fa5f19
- 9p: explicitly deny setlease attempts (git-fixes).
- commit 474852b
- fs/9p: fix the cache always being enabled on files with qid
flags (git-fixes).
- commit 362152c
- zonefs: Improve error handling (git-fixes).
- commit cb63c4c
- debugfs: fix automount d_fsdata usage (git-fixes).
- commit 5f78a06
- splice: fsnotify_access(in), fsnotify_modify(out) on success
in tee (git-fixes).
- commit d518e6d
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice
(git-fixes).
- commit d630f18
- splice: always fsnotify_access(in), fsnotify_modify(out)
on success (git-fixes).
- commit e7f8947
- keys: Fix overwrite of key expiration on instantiation
(git-fixes).
- commit 323181d
- audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare()
(git-fixes).
- commit e2db423
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- commit 426a4b1
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately
on expiry (git-fixes).
- commit ce262a7
- Revert "KEYS: encrypted: Add check for strsep" (git-fixes).
- commit 7aa308c
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- commit ea9ba15
- ubifs: dbg_orphan_check: Fix missed key type checking
(git-fixes).
- commit 465ad1a
- ubifs: Fix adding orphan entry twice for the same inode
(git-fixes).
- commit 93096ab
- Revert "ubifs: ubifs_symlink: Fix memleak of inode->i_link in
error path" (git-fixes).
- commit 0a7c17d
- ubifs: Fix unattached xattr inode if powercut happens after
deleting (git-fixes).
- commit 6c90268
- audit: don't take task_lock() in audit_exe_compare() code path
(git-fixes).
- Refresh patches.suse/vfs-add-super_operations-get_inode_dev.
- commit d4e23ef
- uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1231114
CVE-2024-46828).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- uprobes: introduce the global struct vm_special_mapping
xol_mapping (bsc#1231114).
- commit 4f9954c
- sched: sch_cake: fix bulk flow accounting logic for host
fairness (bsc#1231114 CVE-2024-46828).
- commit ad42d5f
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag
(git-fixes).
- commit a10af4c
- static_call: Handle module init failure correctly in
static_call_del_module() (bsc#1232083 CVE-2024-50002).
- commit af953b9
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book
init (stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-quirk-for-Huawei-MateBook-13-KL.patch.
- commit 98d4026
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- commit 7075c22
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- commit e26a542
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6
mb1 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3
(stable-fixes).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create
(git-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error
(git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla
10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated
codec (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from
rt5640_cancel_work() (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13
(stable-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform
(stable-fixes).
- commit 0d350ca
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write
(git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- firmware: arm_sdei: Fix the input parameter of
cpuhp_remove_state() (git-fixes).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- commit 2a07e04
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
(git-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free
(git-fixes).
- Revert "wifi: iwlwifi: remove retry loops in start" (git-fixes).
- wifi: iwlwifi: mvm: don't add default link in fw restart flow
(git-fixes).
- wifi: iwlwifi: mvm: Fix response handling in
iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: don't leak a link on AP removal (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode
(git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING
(git-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
(git-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in
.get_txpower (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING
(git-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in
il_enqueue_hcmd() (git-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe()
(git-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications
(stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix
initial lid detection issue (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[]
(stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too
(stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method
(git-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING
store (git-fixes).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring
(git-fixes).
- drm/msm/dpu: don't always program merge_3d block (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc()
(git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs()
(git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate
calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds()
(git-fixes).
- drm/msm/dpu: move CRTC resource assignment to
dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized
(git-fixes).
- platform/x86: dell-sysman: add support for alienware products
(stable-fixes).
- drm/vboxvideo: Replace fake VLA at end of
vbva_mouse_pointer_shape with real VLA (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name
(stable-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer
scnprintf() variant (stable-fixes).
- commit 09f40f7
- drm/amd/display: Check null pointers before using them (CVE-2024-49922 bsc#1232374)
- commit 342005c
- drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (CVE-2024-49912 bsc#1232367)
- commit 2394db2
- drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (CVE-2024-49911 bsc#1232366)
- commit 6c83ea7
- drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (CVE-2024-49923 bsc#1232361)
- commit 3759560
- drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (CVE-2024-49895 bsc#1232352)
- commit f36c162
- drm/amd/display: Initialize denominators' default to 1 (CVE-2024-49899 bsc#1232358)
- commit 282fa51
- Update references for patches.suse/0001-drm-amd-display-Add-null-check-for-afb-in-amdgpu_dm_.patch (bsc#1232335 CVE-2024-49908 bsc#1232357 CVE-2024-49905)
- commit fa3a85a
- drm/amd/display: Check phantom_stream before it is used (CVE-2024-49897 bsc#1232355)
- commit d3fcaed
- drm/amd/display: Fix index out of bounds in degamma hardware format translation (CVE-2024-49894 bsc#1232354)
- commit db76ccb
- drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (CVE-2024-49909 bsc#1232337)
- commit 11facc9
- drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (CVE-2024-49913 bsc#1232307)
- commit 60f7853
- drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (CVE-2024-49901 bsc#1232305)
- commit 69be7bb
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- commit 52d40f4
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- commit 94e412f
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- commit 2b18348
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- commit e1cf5b5
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- commit 17f78f9
- drm/amd/display: Check null pointer before try to access it (bsc#1232332 CVE-2024-49906)
- commit f2b2892
- drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369 CVE-2024-49914)
- commit c236474
- drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (bsc#1232335 CVE-2024-49908)
- commit 64a943f
- drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334 CVE-2024-49907)
- commit 366c63a
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- commit 866dbc5
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- commit c834f25
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- commit 3c270f2
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- commit 587d3b0
- ext4: fix access to uninitialised lock in fc replay path (CVE-2024-50014 bsc#1232446)
- commit 1b2ba45
- ext4: fix i_data_sem unlock order in ext4_ind_migrate() (CVE-2024-50006 bsc#1232442)
- commit de0e62b
- scsi: ufs: core: Remove SCSI host only if added (CVE-2024-46843
bsc#1231100).
- commit b455bee
- io_uring: check if we need to reschedule during overflow flush
(bsc#1232417 CVE-2024-50060).
- commit 695bc5f
- iommu/vt-d: Fix potential lockup if qi_submit_sync called
with 0 count (bsc#1232316 CVE-2024-49993).
- commit f1e5ce7
- ext4: dax: fix overflowing extents beyond inode size when partially writing (CVE-2024-50015 bsc#1232079)
- commit 9768b7c
- jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (CVE-2024-49959 bsc#1232149)
- commit 8307a3a
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- commit 794e5ba
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- commit 277d940
- cpufreq: Avoid a bad reference count on CPU node (CVE-2024-50012 bsc#1232386)
- commit 283b9a0
- ext4: update orig_path in ext4_find_extent() (CVE-2024-49881 bsc#1232201)
- commit 2ed2a04
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- commit c78e4be
- btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info()
in walk_down_proc() (CVE-2024-46841 bsc#1231094).
- commit fb4a0c7
- ext4: aovid use-after-free in ext4_ext_insert_extent() (CVE-2024-49883 bsc#1232199)
- commit 2db9cb5
- blk_iocost: fix more out of bound shifts (CVE-2024-49933 bsc#1232368)
- commit df53397
- drm/amd/display: Fix index out of bounds in DCN30 color
transformation (CVE-2024-49969 bsc#1232519).
- commit 7d6c264
- static_call: Replace pointless WARN_ON() in
static_call_module_notify() (bsc#1232155 CVE-2024-49954).
- commit 03b6c35
- module: abort module loading when sysfs setup suffer errors
(git-fixes).
- Refresh patches.suse/add-suse-supported-flag.patch.
- commit db27509
- bpf,perf: Fix perf_event_detach_bpf_prog error handling
(git-fixes).
- commit 5b6b2d4
- tracing: Consider the NULL character when validating the event
length (git-fixes).
- commit 6b1d97f
- uprobe: avoid out-of-bounds memory access of fetching args
(git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer
(git-fixes).
- commit ead6cfe
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes
bsc#1232629).
- commit e4948be
- s390/sclp: Deactivate sclp after all its users (git-fixes
bsc#1232628).
- commit 9e889e7
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
(git-fixes bsc#1232627).
- commit 5725ee0
- KVM: s390: Change virtual to physical address access in diag
0x258 handler (git-fixes bsc#1232626).
- commit 2b0b1e9
- KVM: s390: gaccess: Check if guest address is in memslot
(git-fixes bsc#1232623).
- commit b583687
- fgraph: Use CPU hotplug mechanism to initialize idle shadow
stacks (git-fixes).
- commit 4265ef9
- mm: khugepaged: fix the arguments order in
khugepaged_collapse_file trace point (git-fixes).
- commit 43546b6
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing
(git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread()
(git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU
online/offline (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled
(git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread
in stop_kthread() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists
(git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads
(git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open()
(git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off
(git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to
migrate_disable (git-fixes).
- commit 8482ad0
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow
(git-fixes).
- commit 24fea60
- Refresh patches.suse/x86-fix-user-address-masking-non-canonical-speculation-iss.patch. (bsc#1232529)
Give check_range a unique label. Otherwise the macro's 1b label
conflicts with __get_user_1's 1 label and this causes the exception fixup
entry, installed at the end of the file to match the wrong thing.
Instead of matching __get_user_1's 1b label it will match check_range's 1b
label when this macro is expanded for the last time in __get_user_8.
This fixes intermittent random crashes when copying data from userspace.
- commit 3a35fd0
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- commit ab363f5
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- commit 84cc417
- drm/amd/display: Deallocate DML memory if allocation fails (CVE-2024-49972 bsc#1232315)
- commit dd5ab13
- drm/amd/display: Check stream before comparing them (CVE-2024-49896 bsc#1232221)
- commit 930546b
- drm/amd/pm: ensure the fw_info is not null before using it (CVE-2024-49890 bsc#1232217)
- commit a0e8b9f
- drm/amd/display: Initialize get_bytes_per_element's default to 1 (CVE-2024-49892 bsc#1232220)
- commit e1539d0
- drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (CVE-2024-47731 bsc#1232117)
- commit 774dc33
- padata: use integer wrap around to prevent deadlock on seq_nr overflow (CVE-2024-47739 bsc#1232124)
- commit 7e58560
- media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (CVE-2024-47752 bsc#1232130)
- commit 086cd43
- media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (CVE-2024-47754 bsc#1232131)
- commit dacb1c6
- media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (CVE-2024-47753 bsc#1231868)
- commit fed66a9
- iommu/vt-d: Always reserve a domain ID for identity setup
(git-fixes).
- commit f7ecad0
- btrfs: clean up our handling of refs == 0 in snapshot delete (CVE-2024-46840 bsc#1231105)
- commit 788d396
- kABI: bpf: struct bpf_map kABI workaround (CVE-2024-50063
bsc#1232435).
- selftests/bpf: Add test for lsm tail call (CVE-2024-50063
bsc#1232435).
- bpf: Prevent tail call between progs attached to different hooks
(CVE-2024-50063 bsc#1232435).
- commit 666246a
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI
devices (git-fixes).
- commit 28951a9
- drm/amd/display: Check null pointers before multiple uses (bsc#1232313 CVE-2024-49920)
- commit 5447aa1
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- commit bf57b96
- drm/amd/display: Check null-initialized variables (bsc#1232222 CVE-2024-49898)
- commit a00bfda
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944 CVE-2024-47704)
- commit 931c899
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select
(git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops()
(git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR
(git-fixes).
- commit fd0b348
- crypto: stm32/cryp - call finalize with bh disabled
(CVE-2024-47658 bsc#1231436).
- commit 2854148
- smb: client: fix UAF in async decryption (bsc#1232418
CVE-2024-50047).
- commit 381863e
- e1000e: fix force smbus during suspend flow (git-fixes).
- commit f9cbf12
- btrfs: wait for fixup workers before stopping cleaner kthread
during umount (bsc#1232262 CVE-2024-49867).
- btrfs: fix race setting file private on concurrent lseek using
same fd (bsc#1231869 CVE-2024-47741).
- commit af36a3e
- ppp: fix ppp_async_encode() illegal access (CVE-2024-50035
bsc#1232392).
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO
(CVE-2024-49949 bsc#1232160).
- commit f4bcea0
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors()
(git-fixes).
- Refresh
patches.suse/ice-move-netif_queue_set_napi-to-rtnl-protected-sect.patch.
- commit 7b44c3c
- net/mlx5: Check capability for fw_reset (git-fixes).
- Refresh
patches.suse/net-mlx5-Fix-MTMP-register-capability-offset-in-MCAM.patch.
- commit 480249d
- net/mlx5e: Don't call cleanup on profile rollback failure
(git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure
(git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation
(git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins
(git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock
(git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs
(git-fixes).
- ice: Fix lldp packets dropping after changing the number of
channels (git-fixes).
- net/mlx5: Add missing masks and QoS bit masks for scheduling
elements (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type
(git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map
(git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map
(git-fixes).
- net/mlx5: Update the list of the PCI supported devices
(git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP
setup (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226
MAC retry buffer (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows
(git-fixes).
- ice: Fix reset handler (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset
(git-fixes).
- igc: Fix double reset adapter triggered from a single taprio
cmd (git-fixes).
- net/mlx5e: Add a check for the return value from
mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec
prio capability (git-fixes).
- net/mlx5: Lag, don't use the hardcoded value of the first port
(git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq
(git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog
(git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: don't busy wait for Rx queue disable in ice_qp_dis()
(git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's
(git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow
(git-fixes).
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is
disabled (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS
(git-fixes).
- i40e: Fix XDP program unloading while removing the driver
(git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in
mlx5e_priv_cleanup() (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error
(git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume
(git-fixes).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response
(git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO
headers (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP
(non-VXLAN) packets (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings
config (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices
(git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline
(git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function
(git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- idpf: don't enable NAPI and interrupts prior to allocating Rx
buffers (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for
reporting buffer exhaustion (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check
(git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state
(git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- idpf: don't skip over ethtool tcp-data-split setting
(git-fixes).
- ice: Fix package download algorithm (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld()
function (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec
(git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower
(git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr()
(git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config
(git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll
(git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device
(git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe()
(git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- commit 58c03fe
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- commit d6ce9b3
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- commit 561e50e
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- commit aa2495e
- x86: do the user address masking outside the user access area (git-fixes).
- commit a4b9c7b
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- commit 6536d1f
- runtime constants: add x86 architecture support (git-fixes).
- commit 32e2def
- runtime constants: add default dummy infrastructure (git-fixes).
- commit dd17ee6
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- commit c440ebe
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- commit 3dc5225
- Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342)
- commit c84227d
- ACPI: PRM: Clean up guid type in struct prm_handler_info
(git-fixes).
- commit 8c8a801
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593
(stable-fixes).
- commit 595e400
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and
context (git-fixes).
- ata: libata: Set DID_TIME_OUT for commands that actually timed
out (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found
(git-fixes).
- ASoC: qcom: Fix NULL Dereference in
asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE
(git-fixes).
- ALSA: firewire-lib: Avoid division by zero in
apply_constraint_to_size() (git-fixes).
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory
systems (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for
debugfs_create_dir() (git-fixes).
- commit 33d7ff7
- platform/x86: x86-android-tablets: Fix use after free on
platform_device_register() errors (bsc#1232093 CVE-2024-49986).
- commit a5650bf
- thermal: core: Free tzp copy along with the thermal zone
(bsc#1231951 CVE-2024-50027).
- commit 5199a1f
- device-dax: correct pgoff align in dax_set_mapping()
(bsc#1231956 CVE-2024-50022).
- commit 527a95e
- ntb: ntb_hw_switchtec: Fix use after free vulnerability in
switchtec_ntb_remove due to race condition (CVE-2024-50059
bsc#1232345).
- commit 4d86c47
- mm: call the security_mmap_file() LSM hook in remap_file_pages()
(CVE-2024-47745 bsc#1232135).
- commit 18a36ea
- Bluetooth: L2CAP: Fix uaf in l2cap_connect (CVE-2024-49950
bsc#1232159).
- commit c906740
- rxrpc: Fix a race between socket set up and I/O thread creation
(CVE-2024-49864 bsc#1232256).
- commit 9a8fa8a
- jfs: Fix sanity check in dbMount (git-fixes).
- commit 82a9085
- net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()
(CVE-2024-50000 bsc#1232085).
- commit fe8d0fb
- ext4: fix double brelse() the buffer of the extents path
(bsc#1232200 CVE-2024-49882).
- ext4: no need to continue when the number of entries is 1
(bsc#1232140 CVE-2024-49967).
- commit 4a7f79c
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- commit e02c81e
- ice: Fix improper handling of refcount in
ice_sriov_set_msix_vec_count() (CVE-2024-50020 bsc#1231989).
- Refresh patches.suse/ice-Fix-increasing-MSI-X-on-VF.patch.
- commit 879bb19
- igb: Do not bring the device up after non-fatal error
(CVE-2024-50040 bsc#1231908).
- ice: Fix improper handling of refcount in
ice_dpll_init_rclk_pins() (CVE-2024-50021 bsc#1231957).
- ppp: do not assume bh is held in ppp_channel_bridge_input()
(CVE-2024-49946 bsc#1232164).
- net/mlx5e: Fix crash caused by calling __xfrm_state_delete()
twice (CVE-2024-49953 bsc#1232156).
- net/mlx5: Fix error path in multi-packet WQE transmit
(CVE-2024-50001 bsc#1232084).
- net: seeq: Fix use after free vulnerability in ether3 Driver
Due to Race Condition (CVE-2024-47747 bsc#1232145).
- vdpa/mlx5: Fix invalid mr resource destroy (CVE-2024-47687
bsc#1232003).
- Revert "ixgbe: Manual AN-37 for troublesome link partners for
X550 SFI" (git-fixes).
- commit bf0d04c
- net: usb: usbnet: fix name regression (get-fixes).
- commit 05e3778
- r8169: add tally counter fields added with RTL8125 (CVE-2024-49973 bsc#1232105)
- commit bda1225
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- commit fe52020
- crypto: hisilicon/qm - inject error before stopping queue (CVE-2024-47730 bsc#1232075)
- commit 2ca1dd9
- sock_map: Add a cond_resched() in sock_hash_free() (CVE-2024-47710 bsc#1232049)
- commit 0ac9917
- cifs: Fix buffer overflow when parsing NFS reparse points
(bsc#1232089, CVE-2024-49996).
- commit f42a100
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (CVE-2024-47685 bsc#1231998)
- commit 8da2621
- net: Fix an unsafe loop on the list (CVE-2024-50024 bsc#1231954)
- commit 89e6925
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (CVE-2024-47707 bsc#1231935)
- commit cc8f915
- netfilter: br_netfilter: fix panic with metadata_dst skb (CVE-2024-50045 bsc#1231903)
- commit e6591d1
- block, bfq: fix possible UAF for bfqq->bic with merge chain (CVE-2024-47706 bsc#1231942)
- commit 5c1066e
- tcp: check skb is non-NULL in tcp_rto_delta_us() (CVE-2024-47684 bsc#1231987)
- commit e27a5c2
- add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036).
- commit e93ce92
- filemap: remove use of wait bookmarks (bsc#1224088).
- commit 323bb54
- config: Disable LAM on x86 (bsc#1217845)
LAM is affected by speculative execution vulnerabilities so until LASS
lands it's advisable to be disabled.
- commit 405fa97
- selftests/bpf: adjust global_func15 test to validate prog exit
precision (CVE-2024-47703 bsc#1231946).
- selftests/bpf: validate async callback return value check
correctness (CVE-2024-47703 bsc#1231946).
- bpf: enforce precision of R0 on program/async callback return
(CVE-2024-47703 bsc#1231946).
- bpf: unify async callback and program retval checks
(CVE-2024-47703 bsc#1231946).
- commit d5ff894
- bpf: enforce precise retval range on program exit
(CVE-2024-47703 bsc#1231946).
- selftests/bpf: add selftest validating callback result is
enforced (CVE-2024-47703 bsc#1231946).
- bpf: enforce exact retval range on subprog/callback exit
(CVE-2024-47703 bsc#1231946).
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch
- bpf: provide correct register name for exception callback
retval check (CVE-2024-47703 bsc#1231946).
- bpf: rearrange bpf_func_state fields to save a bit of memory
(CVE-2024-47703 bsc#1231946).
- Refresh patches.suse/bpf-Add-some-comments-to-stack-representation.patch
- Refresh patches.kabi/bpf-verifier-kABI-workarounds.patch
- bpf: Treat first argument as return value for bpf_throw
(CVE-2024-47703 bsc#1231946).
- commit 5efe683
- drm/amd/display: Add null check for head_pipe in
dcn32_acquire_idle_pipe_for_head_pipe_in_layer (CVE-2024-49918
bsc#1231967).
- commit 0e6515f
- drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs
in dcn30_init_hw (bsc#1231965 CVE-2024-49917).
- commit 0859f94
- ocfs2: reserve space for inline xattr before attaching reflink
tree (bsc#1232151 CVE-2024-49958).
- commit 9d01096
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- commit 5114e0b
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- commit 2795830
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- commit 83d2001
- spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (CVE-2024-47664 bsc#1231442)
- commit 89945c9
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- commit ad9716f
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- commit f66e878
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- commit 6a20007
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- commit 28e8491
- printk: Add notation to console_srcu locking (bsc#1232183).
- commit b5edcce
- Update patches.suse/kthread-unpark-only-parked-kthread.patch
(git-fixes, bsc#1231990, CVE-2024-50019).
- commit 1ac001a
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- commit 9059d40
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- commit 1c2e2e9
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090)
This is needed for secure execution attestations feature.
- commit 9d4c7ad
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- commit 8e4a09c
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- commit 4411a53
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090)
The new s390-tools attestation-related tools depends on this. It's
better to have this built into the kernel just like in all other
branches.
- commit 25c0449
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- commit 589671a
- x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116 CVE-2024-47727).
- commit 9b65946
- selftests/bpf: Add test for sign extension in
coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension
in coerce_reg_to_size_sx() (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for sign extension in
coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension
in coerce_reg_to_size_sx() (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- commit 34bee66
- xfs: fix freeing speculative preallocations for preallocated
files (git-fixes).
- commit 80e4f70
- selftests/bpf: Add test for lsm tail call (CVE-2024-50063).
- commit 810e00e
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- commit 258a678
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent
(git-fixes).
- commit 4ab4091
- xfs: convert delayed extents to unwritten when zeroing post
eof blocks (git-fixes).
- commit 6f12db2
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target
offset (git-fixes).
- commit 9f0f731
- xfs: make the seq argument to xfs_bmapi_convert_delalloc()
optional (git-fixes).
- commit 504e0bc
- xfs: validate recovered name buffers when recovering xattr items
(git-fixes).
- commit a53fc5e
- xfs: check shortform attr entry flags specifically (git-fixes).
- commit 621ec11
- kABI: bpf: struct bpf_map kABI workaround (CVE-2024-50063).
- bpf: Prevent tail call between progs attached to different hooks
(CVE-2024-50063).
- commit cef79ef
- xfs: check opcode and iovec count match in
xlog_recover_attri_commit_pass2 (git-fixes).
- commit 2398ba4
- fat: fix uninitialized variable (git-fixes).
- commit 77f5dad
- drm/amd/display: Add null check for head_pipe in
dcn201_acquire_free_pipe_for_layer (CVE-2024-49919 bsc#1231968).
- commit ff31b31
- slip: make slhc_remember() more robust against malicious packets
(CVE-2024-50033 bsc#1231914).
- i40e: Fix macvlan leak by synchronizing access to
mac_filter_hash (CVE-2024-50041 bsc#1231907).
- ice: Fix increasing MSI-X on VF (CVE-2024-50042 bsc#1231906).
- commit a1fb8a8
- pinctrl: ocelot: fix system hang on level based interrupts
(stable-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
(stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions
(stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL
(stable-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- commit 4fdf5d1
- thermal: core: Reference count the zone in
thermal_zone_get_by_id() (CVE-2024-50028 bsc#1231950).
- commit a5813a1
- bpf: Fix a sdiv overflow issue (CVE-2024-49888 bsc#1232208).
- commit ce8f994
- kabi fix for NFSv4: Prevent NULL-pointer dereference in
nfs42_complete_copies() (bsc#1231902 CVE-2024-50046).
- NFSv4: Prevent NULL-pointer dereference in
nfs42_complete_copies() (bsc#1231902 CVE-2024-50046).
- commit e5e1a89
- zram: don't free statically defined names (CVE-2024-50064
bsc#1231901).
- commit 645eb93
- zram: free secondary algorithms names (CVE-2024-50064
bsc#1231901).
- commit 293822f
- block: fix potential invalid pointer dereference in
blk_add_partition (bsc#1231872 CVE-2024-47705).
- block: print symbolic error name instead of error code
(bsc#1231872).
- commit fcde2ed
- nfsd: return -EINVAL when namelen is 0 (CVE-2024-47692
bsc#1231857).
- commit 9ee6831
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- commit 1bd1860
- nilfs2: fix kernel bug due to missing clearing of buffer delay
flag (git-fixes).
- commit 472d949
- Update
patches.suse/xen-move-max_pfn-in-xen_memory_setup-out-of-function.patch
(bsc#1226003 bsc#1231828).
- commit ec3e6a6
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- commit 23789e3
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- commit 546101e
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- commit 846156b
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- commit 8a7a0be
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- commit 60a5f34
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- commit 7c1cc11
- maple_tree: correct tree corruption on spanning store
(git-fixes).
- commit 2b034f1
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- commit b2f0d6d
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- commit 7e80f38
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- commit 312d3e7
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- commit 0cb125d
- ethtool: fail closed if we can't get max channel used in
indirection tables (CVE-2024-46834 bsc#1231096).
- commit 5cacc93
- Bluetooth: btusb: Fix regression with fake CSR controllers
0a12:0001 (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
(git-fixes).
- Bluetooth: Remove debugfs directory on module init failure
(git-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled
(git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value
(git-fixes).
- parport: Proper fix for array out-of-bounds access (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in
Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER
in Kconfig (git-fixes).
- iio: hid-sensors: Fix an error handling path in
_hid_sensor_set_report_latency() (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in
Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
(git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig
(git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in
Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig
(git-fixes).
- iio: proximity: mb1232: add missing select
IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER
in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER
in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig
(git-fixes).
- iio: adc: ti-ads124s08: add missing select
IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER
in Kconfig (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: opt3001: add missing full-scale range value
(git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded
device (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in
tap event handling (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt
(git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring
GUSB2PHYCFG (git-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- commit 5e08e81
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035)
In 59d03d7c990c, we marked adiantum as a supported module, I'm afraid
we need to mark nhpoly1305 as supported too (as a dependecy) if we
want adiantum to work.
This makes tcrypt test case 219 (adiantum) pass on SLE15-SP6 (tested
on z15 VM).
- commit 01d2906
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame
(bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- commit 1bd55aa
- vmxnet3: update to version 9 (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads
(bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3
(bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: Add XDP support (bsc#1226498).
- commit 3fdc8e3
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- commit 15be003
- NFSD: Mark filecache "down" if init fails (git-fixes).
- commit ceca4b8
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- commit 2e12710
- nfs: fix memory leak in error path of nfs4_do_reclaim
(git-fixes).
- commit 1994ef6
- nfsd: fix delegation_blocked() to block correctly for at least
30 seconds (git-fixes).
- commit f66078d
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- commit 1bc1c36
- nfsd: call cache_put if xdr_reserve_space returns NULL
(git-fixes).
- commit 003f784
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- commit 5b8020a
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- commit 88290fb
- nfsd: fix refcount leak when file is unhashed after being found
(git-fixes).
- commit 5a551a1
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire
(git-fixes).
- commit 6d18e0e
- NFS: Avoid unnecessary rescanning of the per-server delegation
list (git-fixes).
- commit e5841ef
- NFSv4: Fix clearing of layout segments in layoutreturn
(git-fixes).
- commit ec4c812
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on
HP EliteOne 1000 G2 (git-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property
read (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in
sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller
(stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects
(stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
(stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024
(stable-fixes).
- commit fb6c2ec
- firmware: arm_scmi: Fix the double free in
scmi_debugfs_common_setup() (git-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work()
(git-fixes).
- macsec: don't increment counters for an unrelated SA
(git-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume
key (stable-fixes).
- usb: xhci: Fix problem with xhci resume from suspend
(stable-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB
sound chip (stable-fixes).
- net: phy: Remove LED entry from LEDs list on unregister
(git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber
(git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- unicode: Don't special case ignorable code points
(stable-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs
(stable-fixes).
- drm/amd/display: Check null pointer before dereferencing se
(stable-fixes).
- driver core: bus: Fix double free in driver API bus_register()
(stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store
invalid bus attribute (stable-fixes).
- comedi: ni_routing: tools: Check when the file could not be
opened (stable-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too
(stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt
Registration in the Crashkernel Scenario (stable-fixes).
- usb: chipidea: udc: enable suspend interrupt after usb reset
(stable-fixes).
- i3c: master: cdns: Fix use after free vulnerability in
cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- media: videobuf2-core: clear memory related fields in
__vb2_plane_dmabuf_put() (stable-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D
(stable-fixes).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters
(stable-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI
match less strict (stable-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting
reset (stable-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken
(stable-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
(stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status"
(stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad
(stable-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp
(stable-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk
(stable-fixes).
- commit f829d20
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- commit b9b835e
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- commit cf9eccb
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- commit 72bef76
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid
(git-fixes).
- commit ff84c2d
- mm: avoid leaving partial pfn mappings around in error case
(CVE-2024-47674 bsc#1231673).
- commit 83d1625
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- commit 21fb93d
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- commit 6a0779e
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- commit d91ede3
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- commit 414cbde
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- commit 6755798
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- commit 4e1ef61
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- commit d8d1339
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- commit 598626b
- RDMA/srpt: Make slab cache names unique (git-fixes)
- commit 29c0fcb
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- commit 2566da7
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- commit 89fa27f
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- commit 4c15511
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- commit abea295
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- commit ae91db1
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- commit 77c3f34
- io_uring/rw: fix cflags posting for single issue multishot read
(git-fixes).
- commit 320c7ee
- io_uring/net: harden multishot termination case for recv
(git-fixes).
- commit 6529e65
- io_uring: check for presence of task_work rather than
TIF_NOTIFY_SIGNAL (git-fixes).
- commit 5b92400
- io_uring/io-wq: inherit cpuset of cgroup in io worker
(git-fixes).
- commit 474a07e
- io_uring/io-wq: do not allow pinning outside of cpuset
(git-fixes).
- commit e99d8a8
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN
(git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset
(git-fixes).
- commit 37d0dce
- io_uring/eventfd: move to more idiomatic RCU free usage
(git-fixes).
- commit 4e262c3
- udf: Avoid excessive partition lengths (bsc#1230773
CVE-2024-46777).
- commit ec61258
- fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439
CVE-2024-47660).
- commit 133a7e9
- netem: fix return value if duplicate enqueue fails
(CVE-2024-45016 bsc#1230429).
- commit 8c9c269
- media: pci: ipu3-cio2: Initialise timing struct to avoid a
compiler warning (git-fixes).
- commit c21df3e
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons
(git-fixes).
- commit d46bb93
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and
re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- Update config files.
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD
(bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched
implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10
(bsc#1230501 ltc#208632).
- powerpc/crypto: don't build aes-gcm-p10 by default (bsc#1230501
ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10
(bsc#1230501 ltc#208632).
- commit a579f42
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- commit 6c73c0c
- drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435 CVE-2024-46870)
- commit 0a39326
- drm/amd/display: Add disable timeout option (bsc#1231435)
- commit cb303b5
- Refresh patches.suse/paddings-add-paddings-to-TypeC-stuff.patch
Drop superfluous file mode modifications in the patch that broke the
patch expansion recently
- commit e7ac9e1
- Move upstreamed scsi patch into sorted section
- commit 5db43b0
- nbd: fix race between timeout and normal completion
(bsc#1230918).
- commit 57c54c8
- ext4: mark fc as ineligible using an handle in ext4_xattr_set()
(bsc#1231640).
- ext4: use handle to mark fc as ineligible in
__track_dentry_update() (bsc#1231639).
- jbd2: correctly compare tids with tid_geq function in
jbd2_fc_begin_commit (bsc#1231638).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible()
(bsc#1231637).
- ext4: fix fast commit inode enqueueing during a full journal
commit (bsc#1231636).
- ext4: don't track ranges in fast_commit if inode has inlined
data (bsc#1231635).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- commit 6951914
- net: sysfs: Fix /sys/class/net/<iface> path for statistics
(git-fixes).
- commit 54925d7
- devlink: Fix command annotation documentation (git-fixes).
- commit 2b95827
- x86/Documentation: Indent 'note::' directive for protocol
version number note (git-fixes).
- commit ec31602
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split
(bsc#1231617).
- commit c3c5888
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- task_work: add kerneldoc annotation for 'data' argument
(git-fixes).
- commit a4661ee
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()
(git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in
ish_fw_xfer_direct_dma (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller
is halted (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- commit 2bb6fd5
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C
(git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C
(git-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C
(git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C
(git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die
Temperature (git-fixes).
- commit 07e1f67
- gpio: aspeed: Use devm_clk api to manage clock source
(git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete
(git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during
hibernation (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy
error (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel
(git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed
(git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed
(git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- commit 8534efe
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- commit c2cff36
- Update patches.suse/ASoC-meson-axg-card-fix-use-after-free.patch
(git-fixes CVE-2024-46849 bsc#1231073).
- Update
patches.suse/KVM-x86-Acquire-kvm-srcu-when-handling-KVM_SET_VCPU_.patch
(git-fixes CVE-2024-46830 bsc#1231116).
- Update
patches.suse/PCI-keystone-Add-workaround-for-Errata-i2037-AM65x-S.patch
(stable-fixes CVE-2024-47667 bsc#1231481).
- Update patches.suse/USB-usbtmc-prevent-kernel-usb-infoleak.patch
(git-fixes CVE-2024-47671 bsc#1231541).
- Update patches.suse/arm64-tlb-Fix-TLBI-RANGE-operand.patch
(bsc#1229585 CVE-2024-35980 bsc#1224574).
- Update
patches.suse/dma-buf-heaps-Fix-off-by-one-in-CMA-heap-fault-handl.patch
(git-fixes CVE-2024-46852 bsc#1231082).
- Update
patches.suse/drm-amd-amdgpu-Check-tbo-resource-pointer.patch
(stable-fixes CVE-2024-46807 bsc#1231138).
- Update
patches.suse/drm-amd-display-Add-array-index-check-for-hdcp-ddc-a.patch
(stable-fixes CVE-2024-46804 bsc#1231132).
- Update
patches.suse/drm-amd-display-Avoid-overflow-from-uint32_t-to-uint.patch
(stable-fixes CVE-2024-47661 bsc#1231496).
- Update
patches.suse/drm-amd-display-Avoid-race-between-dcn10_set_drr-and.patch
(git-fixes CVE-2024-46851 bsc#1231081).
- Update
patches.suse/drm-amd-display-Check-BIOS-images-before-it-is-used.patch
(stable-fixes CVE-2024-46809 bsc#1231148).
- Update
patches.suse/drm-amd-display-Check-gpio_id-before-used-as-array-i.patch
(stable-fixes CVE-2024-46818 bsc#1231203).
- Update
patches.suse/drm-amd-display-Check-msg_id-before-processing-trans.patch
(stable-fixes CVE-2024-46814 bsc#1231193).
- Update
patches.suse/drm-amd-display-Check-num_valid_sets-before-accessin.patch
(stable-fixes CVE-2024-46815 bsc#1231195).
- Update
patches.suse/drm-amd-display-Correct-the-defined-value-for-AMDGPU.patch
(stable-fixes CVE-2024-46871 bsc#1231434).
- Update
patches.suse/drm-amd-display-Fix-index-may-exceed-array-range-wit.patch
(stable-fixes CVE-2024-46811 bsc#1231179).
- Update
patches.suse/drm-amd-display-Remove-register-from-DCN35-DMCUB-dia.patch
(stable-fixes CVE-2024-47662 bsc#1231440).
- Update
patches.suse/drm-amd-display-Skip-inactive-planes-within-ModeSupp.patch
(stable-fixes CVE-2024-46812 bsc#1231187).
- Update
patches.suse/drm-amd-display-Stop-amdgpu_dm-initialize-when-strea.patch
(stable-fixes CVE-2024-46817 bsc#1231200).
- Update
patches.suse/drm-amd-display-added-NULL-check-at-start-of-dc_vali.patch
(stable-fixes CVE-2024-46802 bsc#1231111).
- Update
patches.suse/drm-amd-pm-Fix-negative-array-index-read.patch
(stable-fixes CVE-2024-46821 bsc#1231169).
- Update
patches.suse/drm-amdgpu-Fix-smatch-static-checker-warning.patch
(stable-fixes CVE-2024-46835 bsc#1231098).
- Update
patches.suse/drm-amdgpu-Fix-the-warning-division-or-modulo-by-zer.patch
(stable-fixes CVE-2024-46806 bsc#1231136).
- Update
patches.suse/drm-amdgpu-fix-the-waring-dereferencing-hive.patch
(stable-fixes CVE-2024-46805 bsc#1231135).
- Update
patches.suse/drm-amdgpu-the-warning-dereferencing-obj-for-nbio_v7.patch
(stable-fixes CVE-2024-46819 bsc#1231202).
- Update
patches.suse/drm-amdkfd-Check-debug-trap-enable-before-write-dbg_.patch
(stable-fixes CVE-2024-46803 bsc#1231131).
- Update
patches.suse/drm-bridge-tc358767-Check-if-fully-initialized-befor.patch
(stable-fixes CVE-2024-46810 bsc#1231178).
- Update
patches.suse/i3c-mipi-i3c-hci-Error-out-instead-on-BUG_ON-in-IBI-.patch
(stable-fixes CVE-2024-47665 bsc#1231452).
- Update
patches.suse/lib-generic-radix-tree.c-Fix-rare-race-in-__genradix.patch
(stable-fixes CVE-2024-47668 bsc#1231502).
- Update
patches.suse/msft-hv-3054-x86-hyperv-fix-kexec-crash-due-to-VP-assist-page-cor.patch
(git-fixes CVE-2024-46864 bsc#1231108).
- Update
patches.suse/nilfs2-fix-state-management-in-error-path-of-log-writing-function.patch
(git-fixes CVE-2024-47669 bsc#1231474).
- Update
patches.suse/ocfs2-add-bounds-checking-to-ocfs2_xattr_find_entry.patch
(bsc#1228410 CVE-2024-41016 CVE-2024-47670 bsc#1231537).
- Update
patches.suse/perf-x86-intel-Limit-the-period-on-Haswell.patch
(git-fixes CVE-2024-46848 bsc#1231072).
- Update
patches.suse/platform-x86-panasonic-laptop-Fix-SINF-array-out-of-.patch
(git-fixes CVE-2024-46859 bsc#1231089).
- Update
patches.suse/rcu-Fix-buffer-overflow-in-print_cpu_stall_info.patch
(bsc#1226623 CVE-2024-38576).
- Update
patches.suse/rcu-tasks-Fix-show_rcu_tasks_trace_gp_kthread-buffer-overflow.patch
(bsc#1226631 CVE-2024-38577).
- Update
patches.suse/scsi-lpfc-Handle-mailbox-timeouts-in-lpfc_get_sfp_in.patch
(bsc#1228857 CVE-2024-46842 bsc#1231101).
- Update
patches.suse/spi-nxp-fspi-fix-the-KASAN-report-out-of-bounds-bug.patch
(git-fixes CVE-2024-46853 bsc#1231083).
- Update
patches.suse/spi-rockchip-Resolve-unbalanced-runtime-PM-system-PM.patch
(git-fixes CVE-2024-46846 bsc#1231075).
- Update
patches.suse/staging-iio-frequency-ad9834-Validate-frequency-para.patch
(git-fixes CVE-2024-47663 bsc#1231441).
- Update
patches.suse/usb-gadget-aspeed_udc-validate-endpoint-index-for-as.patch
(stable-fixes CVE-2024-46836 bsc#1231092).
- Update
patches.suse/usbnet-ipheth-do-not-stop-RX-on-failing-RX-callback.patch
(git-fixes CVE-2024-46861 bsc#1231102).
- Update
patches.suse/wifi-ath12k-fix-firmware-crash-due-to-invalid-peer-n.patch
(stable-fixes CVE-2024-46827 bsc#1231171).
- Update
patches.suse/wifi-iwlwifi-mvm-don-t-wait-for-tx-queues-if-firmwar.patch
(stable-fixes CVE-2024-47672 bsc#1231540).
- Update
patches.suse/wifi-iwlwifi-mvm-pause-TCM-when-the-firmware-is-stop.patch
(stable-fixes CVE-2024-47673 bsc#1231539).
- Update
patches.suse/wifi-iwlwifi-mvm-use-IWL_FW_CHECK-for-link-ID-check.patch
(stable-fixes CVE-2024-46825 bsc#1231170).
- Update
patches.suse/wifi-mt76-mt7921-fix-NULL-pointer-access-in-mt7921_i.patch
(stable-fixes CVE-2024-46860 bsc#1231093).
- commit 1ed6329
- sched/smt: Fix unbalance sched_smt_present dec/inc
(CVE-2024-44958 bsc#1230179).
- sched/smt: Introduce sched_smt_present_inc/dec() helper
(CVE-2024-44958 bsc#1230179).
- commit b09820b
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- commit 155c418
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm
enabled (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout
(git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk
(stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list
(stable-fixes).
- power: reset: brcmstb: Do not go into infinite loop if reset
fails (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb
before resubmit (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx
worker (stable-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11
fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session
enable/disable (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power
FW elements (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware
(stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC
(stable-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference
(stable-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX
(stable-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow
(stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: ath9k: fix possible integer overflow in
ath9k_get_et_stats() (stable-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats
(stable-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats
(stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER
(stable-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- i2c: xiic: improve error message when transfer fails to start
(stable-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c
(stable-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- commit 490fb1f
- ALSA: usb-audio: Replace complex quirk lines with macros
(stable-fixes).
- commit 6f67136
- Bluetooth: RFCOMM: FIX possible deadlock in
rfcomm_sk_state_change (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery
hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to
irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to
irq1_level_low_skip_override[] (stable-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd
Portfolio (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure
(stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk
(stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries
(stable-fixes).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard
types (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook
CF-18 (stable-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH
(stable-fixes).
- ACPI: EC: Do not release locks during operation region accesses
(stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails
(stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails
(stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in
acpi_db_convert_to_package() (stable-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122
(stable-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback
with stale can_priv::ctrlmode (stable-fixes).
- commit 650f32e
- ocfs2: fix the la space leak when unmounting an ocfs2 volume
(git-fixes).
- commit 92d1b30
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- commit b1e0ef1
- jfs: check if leafidx greater than num leaves per dmap tree
(git-fixes).
- commit 4cb79e7
- jfs: Fix uaf in dbFreeBits (git-fixes).
- commit da4aab1
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- commit fee8a70
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- commit 93e6047
- iommu/amd: Allocate the page table root using GFP_KERNEL
(git-fixes).
- commit cdbbb3f
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- commit baf85d0
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- commit 5ca02dc
- nvme-multipath: suppress partition scan until the disk is ready
(bsc#1228244).
- commit 5accc60
- fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE
(CVE-2024-45025 bsc#1230456).
- commit c3824ef
- i2c: core: Setup i2c_adapter runtime-pm before calling
device_add() (git-fixes).
- commit 5095dfb
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- commit f6029bb
- iommufd: Check the domain owner of the parent before creating
a nesting domain (git-fixes).
- commit 3ff7340
- iommufd: Protect against overflow of ALIGN() during iova
allocation (git-fixes).
- commit fffeb67
- iommu/amd: Do not set the D bit on AMD v2 table entries
(git-fixes).
- commit e3053a9
- i2c: omap: wakeup the controller during suspend() callback
(git-fixes).
- commit 52f3dad
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and
RUNTIME_PM_OPS() (git-fixes).
- commit 3fe2f94
- Drop the previous HD-audio TAS2781 fix (bsc#1230132)
The proposed fix turned out to be incorrect
- commit b3a4c29
- Update config files: Enable NFSD_V2 (bsc#1230914)
NFSv2 was disabled because of the upstream kernel commit 2f3a4b2ac2f2
("nfsd: allow disabling NFSv2 at compile time").
Enable it for the few users who cannot upgrade to NFSv3.
https://bugzilla.suse.com/show_bug.cgi?id=1230914#c5
- commit 9e3254d
- i2c: stm32f7: perform most of irq job in threaded handler
(git-fixes).
- commit 4a35980
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- commit 38f58af
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- commit 036aff9
- i2c: cpm: Remove linux,i2c-index conversion from be32
(git-fixes).
- commit 5d04b4e
- i2c: ocores: Move system PM hooks to the NOIRQ phase
(git-fixes).
- commit 0df7a53
- i2c: ocores: Remove #ifdef guards for PM related functions
(git-fixes).
- commit ead06ad
- wifi: iwlwifi: config: label 'gl' devices as discrete
(git-fixes).
- commit 6321867
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug
(git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime
suspend/resume (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/sched: Always wake up correct scheduler in
drm_sched_entity_push_job (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched
(git-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS
(git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE
(git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- ieee802154: Fix build error (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amd/display: Validate backlight caps are sane
(stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off
(stable-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support
(stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode
(stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid
corruption (stable-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible
(git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042
quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris
Gen5 AMD line (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk
table (stable-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
(stable-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL
(stable-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries
(stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be
more robust (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error
(git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in
the match tables (stable-fixes).
- commit 85984c8
- i2c: core: fix lockdep warning for sparsely nested adapter chain
(git-fixes).
- commit 691570d
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec
(git-fixes).
- commit cbbb120
- i2c: i801: add helper i801_restore_regs (git-fixes).
- commit 3839f86
- i2c: rcar: properly format a debug output (git-fixes).
- commit e7085c8
- selftests/bpf: Add a test case to write mtu result into .rodata
(git-fixes).
- selftests/bpf: Add a test case to write strtol result into
.rodata (git-fixes).
- commit 805bbba
- selftests/bpf: Rename ARG_PTR_TO_LONG test description
(git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test
(git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error
(git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types
(git-fixes).
- commit 4580630
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul
helpers (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit
(git-fixes).
- commit 5fc2ffd
- bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801
CVE-2024-46754).
- commit a7335b8
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- commit 04ed437
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL
relocation (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos
(git-fixes).
- commit 67ebe66
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta
accesses (git-fixes).
- bpf: Fail verification for sign-extension of packet
data/data_end/data_meta (git-fixes).
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- commit df1486e
- bpf, net: Fix a potential race in do_sock_getsockopt()
(git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog
(git-fixes).
- commit e072387
- add bug reference for a mana change (bsc#1229769).
- commit 64c619e
- net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244 bsc#1226797)
- commit 5ade9d6
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS
(git-fixes).
- commit 7e90455
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a
(git-fixes).
- commit 994f16f
- aoe: fix the potential use-after-free problem in more places
(bsc#1218562 CVE-2023-6270).
- commit 1a991ba
- ALSA: hda: tas2781: Fix missing setup at runtime PM
(bsc#1230132).
- commit 3dc7842
- Move upstreamed sound patch into sorted section
- commit b11079c
- kbuild,bpf: Add module-specific pahole flags for distilled
base BTF (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414
bsc#1229450).
- kbuild, bpf: Use test-ge check for v1.25-only pahole
(bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26
and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh
(bsc#1230414 bsc#1229450).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414
bsc#1229450).
- commit e2cacce
- Use pahole -j1 option for reproducible builds (bsc#1230414
bsc#1229450).
- commit 340585e
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- commit ca24d43
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
(git-fixes).
- commit 267df6b
- virtio_console: fix misc probe bugs (git-fixes).
- commit f7d3065
- RDMA/mana_ib: use the correct page size for mapping user-mode
doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware
page size (git-fixes).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides
frequency (git-fixes).
- commit 059fd95
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if
the GVA is valid (git-fixes).
- commit bb6f3d3
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were
unprotected (git-fixes).
- commit bcfafe2
- KVM: x86/mmu: Trigger unprotect logic only on write-protection
page faults (git-fixes).
- commit 322cf36
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is
disabled (git-fixes).
- commit d7b7771
- btrfs: send: fix invalid clone operation for file that got
its size decreased (git-fixes).
- commit 26ee3ac
- KVM: x86: Exit to userspace if fastpath triggers one on
instruction skip (git-fixes).
- commit 1621f7b
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- commit c20ff7c
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is
successful (git-fixes).
- commit 0dc4c78
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD
(x2AVIC) (git-fixes).
- commit 0a6716e
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC)
(git-fixes).
- commit 6a07b23
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode()
(git-fixes).
- commit 4f194f7
- USB: misc: yurex: fix race between read and write (git-fixes).
- commit 7f6ab55
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- commit 3dcfad1
- USB: appledisplay: close race between probe and completion
handler (git-fixes).
- commit 888718f
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits
(git-fixes).
- commit 891c3ef
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- commit 9e9d585
- KVM: Write the per-page "segment" when clearing (part of)
a guest page (git-fixes).
- commit dae8f10
- xhci: Add a quirk for writing ERST in high-low order
(git-fixes).
- commit d0eccfc
- drm/amd/display: Validate function returns (bsc#1230774 CVE-2024-46775)
- commit fc9ad2b
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace
exit (git-fixes).
- commit 93dbc58
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid
deadlock (git-fixes).
- commit 2ff88a8
- Delete some more obsolete scripts
- commit 9bb77f8
- KVM: SVM: Disallow guest from changing userspace's
MSR_AMD64_DE_CFG value (git-fixes).
- commit c8fa16d
- drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (CVE-2024-46816 bsc#1231197).
- commit c05e7e2
- net: test for not too small csum_start in
virtio_net_hdr_to_skb() (git-fixes).
- commit ed78dff
- vhost_vdpa: assign irq bypass producer token correctly
(git-fixes).
- commit 1a9cba6
- drm/amd/display: Check link_index before accessing dc->links (CVE-2024-46813 bsc#1231191).
- commit eb31596
- minmax: avoid overly complex min()/max() macro arguments in xen
(git-fixes).
- Refresh
patches.suse/xen-move-max_pfn-in-xen_memory_setup-out-of-function.patch.
- commit 754808b
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin
(git-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X
(stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u
(stable-fixes).
- ALSA: core: add isascii() check to card ID generator
(stable-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string
(stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace
if SND=m (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit
(stable-fixes).
- ASoC: codecs: lpass-rx-macro: add missing
CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream
runtime is uninitialized (git-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one
(stable-fixes).
- Revert "ALSA: hda: Conditionally use snooping for AMD HDMI"
(stable-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200
(stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257
(git-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages
(git-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9
(stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET
(stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop
(stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8
(stable-fixes).
- commit 1cdc743
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
(bsc#1226631).
- commit 36faf07
- scsi: fnic: Move flush_work initialization out of if block
(bsc#1230055).
- commit 9b5b899
- rcu: Fix buffer overflow in print_cpu_stall_info()
(bsc#1226623).
- commit b695829
- Replace ALP with SLFO
- Refresh patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch
- Update config files.
- commit 267a9d3
- Update config files.
Update SUSE_VERSION to match SLFO project version
- commit 0d531e8
- config.sh: Remove Arm build project, we do not build armv7 configs
- commit 359f219
- config.sh: Update bugzilla product
- commit 0688dde
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- commit 9f2c584
- Update patches.suse/powerpc-qspinlock-Fix-deadlock-in-MCS-queue.patch
(bsc#1230295 ltc#206656 CVE-2024-46797 bsc#1230831).
- commit af09bb2
- KVM: s390: Fix SORTL and DFLTCC instruction format error in
__insn32_query (git-fixes bsc#1231276).
- commit 39bab2d
- s390/mm: Add cond_resched() to cmm_alloc/free_pages()
(bsc#1228747).
- commit d0c79ab
- ELF: fix kernel.randomize_va_space double read (CVE-2024-46826 bsc#1231115)
- commit 0519fb0
- net/mlx5: Fix bridge mode operations when there are no VFs (CVE-2024-46857 bsc#1231087)
- commit b20fc2c
- netfilter: nft_socket: fix sk refcount leaks (CVE-2024-46855 bsc#1231085)
- commit 6c66212
- net: microchip: vcap: Fix use-after-free error in kunit test
(CVE-2024-46831 bsc#1231117).
- commit 630e2e8
- vmalloc: modify the alloc_vmap_area() error message for better
diagnostics (jsc#PED-10978).
- mm: mmap: no need to call khugepaged_enter_vma() for stack
(jsc#PED-10978).
- commit 41e1775
- nvme-pci: qdepth 1 quirk (git-fixes).
- commit ee2b909
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs
(bsc#1219803).
- commit 020b49a
- powerpc/code-patching: Add generic memory patching
(bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction()
in case of failure (bsc#1194869).
- commit 33b01a6
- usbnet: fix cyclical race on disconnect with work queue
(git-fixes).
- Refresh
patches.suse/0002-Add-a-void-suse_kabi_padding-placeholder-to-some-USB.patch.
- commit 8272f2d
- apparmor: fix possible NULL pointer dereference (CVE-2024-46721 bsc#1230710)
- commit 2d35a7c
- powerpc/64: Convert patch_instruction() to patch_u32()
(bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc()
(bsc#1194869).
- powerpc/xics: Check return value of kasprintf in
icp_native_map_one_cpu (bsc#1194869).
- powerpc/vdso: Fix VDSO data access when running in a non-root
time namespace (bsc#1194869).
- commit 0dec2e8
- net: mana: Improve mana_set_channels() in low mem conditions
(bsc#1230289).
- net: mana: Implement get_ringparam/set_ringparam for mana
(bsc#1229891).
- net: dpaa: Pad packets to ETH_ZLEN (CVE-2024-46854 bsc#1231084).
- ice: move netif_queue_set_napi to rtnl-protected sections
(CVE-2024-46766 bsc#1230762).
- ice: Add netif_device_attach/detach into PF reset flow
(CVE-2024-46770 bsc#1230763).
- bonding: change ipsec_lock from spin lock to mutex
(CVE-2024-46678 bsc#1230550).
- bonding: extract the use of real_device into local variable
(CVE-2024-46678 bsc#1230550).
- bonding: implement xdo_dev_state_free and call it after deletion
(CVE-2024-46678 bsc#1230550).
- commit 9ee67ad
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- commit c675509
- libdb-4_8
-
- Security fix: [bsc#1174414, CVE-2019-2708]
* libdb: Data store execution leads to partial DoS
* Backport the upsteam commits:
- Fixed several possible crashes when running db_verify
on a corrupted database. [#27864]
- Fixed several possible hangs when running db_verify
on a corrupted database. [#27864]
- Added a warning message when attempting to verify a queue
database which has many extent files. Verification will take
a long time if there are many extent files. [#27864]
* Add libdb-4_8-CVE-2019-2708.patch
- Use %patch -P N instead of deprecated %patchN.
- expat
-
- security update
- added patches
fix CVE-2024-50602 [bsc#1232579], DoS via XML_ResumeParser
+ expat-CVE-2024-50602.patch
- gcc13
-
- Add gcc13-pr116657.patch to fix for parsing tzdata 2024b [gcc#116657]
- openssl-3
-
- Security fix: [bsc#1220262, CVE-2023-50782]
* Implicit rejection in PKCS#1 v1.5
* Add openssl-CVE-2023-50782.patch
- Security fix: [bsc#1230698, CVE-2024-41996]
* Validating the order of the public keys in the Diffie-Hellman
Key Agreement Protocol, when an approved safe prime is used.
* Added openssl-3-CVE-2024-41996.patch
- libxml2
-
- security update
- added patches
fix CVE-2024-40896 [bsc#1234812], XXE vulnerability
+ libxml2-CVE-2024-40896.patch
- libzypp
-
- Url: queryparams without value should not have a trailing "=".
- version 17.35.16 (35)
- Url query part: `=` is a safe char in value (bsc#1234304)
- RpmDb: Recognize rpmdb.sqlite as database file (#593)
- Fix typo (fixes #592)
- cmake: check location of fcgi header and adjust include
accordingly. On Debian and derivatives the fcgi headers
are not stored in a fastcgi/ subdirectory.(#590)
- version 17.35.15 (35)
- The 20MB download limit must not apply to non-metadata files like
package URLs provided via the CLI (bsc#1233393).
- version 17.35.14 (35)
- BuildCache: Don't try to retrieve missing raw metadata if no
permission to write the cache (bsc#1225451)
- RepoManager: throw RepoNoPermissionException if the user has no
permission to update(write) the caches (bsc#1225451)
- version 17.35.13 (35)
- pam
-
- pam_access: rework resolving of tokens as hostname
- separate resolving of IP addresses from hostnames. Don't resolve TTYs or
display variables as hostname.
- Add "nodns" option to disallow resolving of tokens as hostname.
- [pam_access-rework-resolving-of-tokens-as-hostname.patch, bsc#1233078,
CVE-2024-10963]
- libxml2:python
-
- security update
- added patches
fix CVE-2024-40896 [bsc#1234812], XXE vulnerability
+ libxml2-CVE-2024-40896.patch
- regionServiceClientConfigGCE
-
- Version 4.2.0 (jsc#PCT-361)
+ Add IPv6 certs to supprt access of the update infrastructure via
IPv6 on GCE instances.
- Update to version 4.1.0 (bsc#1217538)
+ Replace 162.222.182.90 and 35.187.193.56 (length 4096):
rgnsrv-gce-asia-northeast1 -> 162.222.182.90 expires in 9 years
rgnsrv-gce-us-central1 -> 35.187.193.56 expires in 10 years
- Update to version 4.0.1 (bsc#1217538)
+ Replace 130.211.242.136.pem and 130.211.88.88.pem certs
expiring in 8 years and new length of 4096
These certs will replace the current certs that
expire soon
- rsync
-
- Bump protocol version to 32 - make it easier to show server is patched.
* Add rsync-protocol-version-32.patch
- Fix FLAG_GOT_DIR_FLIST collission with FLAG_HLINKED
* Added rsync-fix-FLAG_GOT_DIR_FLIST.patch
- Security update,CVE-2024-12747, bsc#1235475 race condition in handling symbolic links
* Added rsync-CVE-2024-12747.patch
- Security update, fix multiple vulnerabilities:
* CVE-2024-12084, bsc#1234100 - Heap Buffer Overflow in Checksum Parsing
* CVE-2024-12085, bsc#1234101 - Info Leak via uninitialized Stack contents defeats ASLR
* CVE-2024-12086, bsc#1234102 - Server leaks arbitrary client files
* CVE-2024-12087, bsc#1234103 - Server can make client write files outside of destination directory using symbolic links
* CVE-2024-12088, bsc#1234104 - --safe-links Bypass
* Added rsync-CVE-2024-12084-overflow-01.patch
* Added rsync-CVE-2024-12084-overflow-02.patch
* Added rsync-CVE-2024-12085.patch
* Added rsync-CVE-2024-12086_01.patch
* Added rsync-CVE-2024-12086_02.patch
* Added rsync-CVE-2024-12086_03.patch
* Added rsync-CVE-2024-12086_04.patch
* Added rsync-CVE-2024-12087_01.patch
* Added rsync-CVE-2024-12087_02.patch
* Added rsync-CVE-2024-12088.patch
- selinux-policy
-
- Update macros.selinux-policy to trigger a full relabel on transactional
systems upon module installation. This is rather expensive and will
hopefully be replaced by a more fine grained solution later on (bsc#1232753)
- suseconnect-ng
-
- Update version to 1.13:
- Integrating uptime-tracker
- Honor auto-import-gpg-keys flag on migration (bsc#1231328)
- Only send labels if targetting SCC
- Skip the docker auth generation on RMT (bsc#1231185)
- Add --set-labels to register command to set labels at registration time on SCC
- Add a new function to display suse-uptime-tracker version
- Integrate with uptime-tracker ( https://github.com/SUSE/uptime-tracker/ )
- Add a command to show the info being gathered
- wpa_supplicant
-
- Add CVE-2023-52160.patch - Bypassing WiFi Authentication (bsc#1219975)
- Change ctrl_interface from /var/run to %_rundir (/run)