- ovl: Filter invalid inodes with missing lookup function
(bsc#1235035 CVE-2024-56570).
- commit 54169ab
- NFSv4.0: Fix a use-after-free problem in the asynchronous open()
(CVE-2024-53173 bsc#1234891).
- commit f801b5b
- Bluetooth: L2CAP: do not leave dangling sk pointer on error
in l2cap_sock_create() (CVE-2024-56605 bsc#1235061).
- commit c461209
- Run scripts/renamepatches for cve/linux-5.14-LTSS
- commit 6a1366b
- idpf: trigger SW interrupt when exiting wb_on_itr mode
(bsc#1235507).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024
(bsc#1235246).
- idpf: enable WB_ON_ITR (bsc#1235507).
- commit b33decb
- smb: client: fix use-after-free of signing key (CVE-2024-53179
bsc#1234921).
- commit 86400c7
- smb: client: fix TCP timers deadlock after rmmod (git-fixes)
[hcarvalho: this fixes issue discussed in bsc#1233642].
- commit 3e3e1af
- smb: client: Fix use-after-free of network namespace
(CVE-2024-53095 bsc#1233642).
[hcarvalho: remove netfs_tracker_* related code because we don't have
such infrastructure.]
- commit 97b2d9e
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_config_scan() (CVE-2024-56539 bsc#1234963).
- commit e27d4b2
- Refresh
patches.suse/nfsd-restore-callback-functionality-for-NFSv4.0.patch.
- commit 60bcd54
- vfio/pci: Properly hide first-in-list PCIe extended capability
(bsc#1235004 CVE-2024-53214).
- commit f520125
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in
rfcomm_sock_alloc() (bsc#1235056 CVE-2024-56604).
- commit cf32d9d
- Bluetooth: Consolidate code around sk_alloc into a helper
function (bsc#1235056 CVE-2024-56604).
Refresh
patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_sock_timeout.patch.
- commit 4de890e
- nilfs2: fix potential out-of-bounds memory access in
nilfs_find_entry() (bsc#1235224 CVE-2024-56619).
- commit b3f788e
- jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220
CVE-2024-56598).
- commit 4762f9a
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- commit b016f85
- hfsplus: don't query the device logical block size multiple
times (bsc#1235073 CVE-2024-56548).
- commit 67473c2
- netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
(CVE-2024-56755 bsc#1234920).
- cachefiles: Fix NULL pointer dereference in object->file
(CVE-2024-56549 bsc#1234912).
- commit 169a95b
- wifi: ath9k: add range check for conn_rsp_epid in
htc_connect_service() (CVE-2024-53156 bsc#1234846).
- commit 747e664
- ALSA: 6fire: Release resources at card release (CVE-2024-53239
bsc#1235054).
- commit 6995b0a
- media: imx-jpeg: Ensure power suppliers be suspended before
detach them (CVE-2024-56575 bsc#1235039).
- media: uvcvideo: Require entities to have a non-zero unique ID
(CVE-2024-56571 bsc#1235037).
- commit 59cd438
- NFSD: Prevent a potential integer overflow (CVE-2024-53146
bsc#1234853).
- commit 79b751c
- net: usb: lan78xx: Fix double free issue with interrupt buffer
allocation (CVE-2024-53213 bsc#1234973).
- commit 15155a2
- Update
patches.suse/tcp-Fix-use-after-free-of-nreq-in-reqsk_timer_handler.patch
(CVE-2024-50154 bsc#1233070 CVE-2024-53206 bsc#1234960).
- commit cdf9cb8
- Update
patches.suse/media-s5p_cec-limit-msg.len-to-CEC_MAX_MSG_SIZE.patch
(git-fixes CVE-2022-49035 bsc#1215304).
- commit d91bb81
- firmware: arm_scpi: Check the DVFS OPP count returned by the
firmware (CVE-2024-53157 bsc#1234827).
- commit f110472
- EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161
bsc#1234856).
- commit 14c13f2
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()
(CVE-2024-53210 bsc#1234971).
- commit bcc5771
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
(CVE-2024-53158 bsc#1234811).
- commit 9318192
- crypto: qat/qat_4xxx - fix off by one in uof_get_name()
(CVE-2024-53162 bsc#1234843).
- commit 21fafcd
- ALSA: usb-audio: Fix out of bounds reads when finding clock
sources (CVE-2024-53150 bsc#1234834).
- commit 9ca989f
- svcrdma: Address an integer overflow (git-fixes).
- commit d7773b3
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- commit 49f5582
- jffs2: Fix rtime decompressor (git-fixes).
- commit 6531a08
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width
(git-fixes).
- commit fcfe46d
- zonefs: fix zone report size in __zonefs_io_error() (git-fixes).
- commit 830e757
- autofs: use flexible array in ioctl structure (git-fixes).
- commit 7918406
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget
(git-fixes).
- commit 8cdded6
- nilfs2: fix potential out-of-bounds memory access in
nilfs_find_entry() (git-fixes).
- commit 899e98d
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- commit 5a66060
- jffs2: fix use of uninitialized variable (git-fixes).
- commit a9dd4d9
- ubifs: authentication: Fix use-after-free in
ubifs_tnc_end_commit (git-fixes).
- commit 83c8733
- ubifs: Correct the total block count by deducting journal
reservation (git-fixes).
- commit f37e257
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- commit d4858c9
- jfs: add a check to prevent array-index-out-of-bounds in
dbAdjTree (git-fixes).
- commit 44ea6d2
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- commit cf31b3c
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- commit db0dc92
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- commit ea62655
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- commit fe23c21
- hfsplus: don't query the device logical block size multiple
times (git-fixes).
- commit e73ecea
- nilfs2: prevent use of deleted inode (git-fixes).
- commit b6ac8cc
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- commit e4d2610
- ipc/sem: Fix dangling sem_array access in semtimedop race
(bsc#1234727).
- commit 4dce14b
- idpf: fix idpf_vc_core_init error path (CVE-2024-53064
bsc#1233558 bsc#1234464).
- commit 0a1be5c
- x86/xen: use new hypercall functions instead of hypercall page
(XSA-466 CVE-2024-53241 bsc#1234282).
- commit 439afbb
- btrfs: qgroup: fix sleep from invalid context bug in
btrfs_qgroup_inherit() (CVE-2022-49033 bsc#1232045).
- commit 5b9ca25
- x86/xen: add central hypercall functions (XSA-466 CVE-2024-53241
bsc#1234282).
- commit 1784c5e
- x86/xen: don't do PV iret hypercall through hypercall page
(XSA-466 CVE-2024-53241 bsc#1234282).
- commit 9f17f93
- x86/static-call: provide a way to do very early static-call
updates (XSA-466 CVE-2024-53241 bsc#1234282).
- Refresh patches.kabi/tracepoint-fix.patch.
- commit 2e422a6
- objtool/x86: allow syscall instruction (XSA-466 CVE-2024-53241
bsc#1234282).
- commit 1f61d5b
- x86: make get_cpu_vendor() accessible from Xen code (XSA-466
CVE-2024-53241 bsc#1234282).
- commit 4d90703
- xen/netfront: fix crash when removing device (XSA-465
CVE-2024-53240 bsc#1234281).
- commit f11b367
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- commit 0ac2c22
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- commit b2083ef
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650
bsc#1233701 bsc#1232472).
- commit ed45f70
- NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701
bsc#1232472).
- blacklist.conf:
- commit a5863a4
- NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650
bsc#1233701 bsc#1232472).
- blacklist.conf:
- Refresh
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch.
- Refresh
patches.suse/rename-avoid-a-deadlock-in-the-case-of-parents-havin.patch.
- commit 6fcc887
- devlink: allow registering parameters after the instance
(bsc#1231388 bsc#1230422).
- devlink: don't require setting features before registration
(bsc#1231388 bsc#1230422).
- commit 9e0a4cd
- Update
patches.suse/Bluetooth-hci_event-Align-BR-EDR-JUST_WORKS-paring-w.patch
(git-fixes, bsc#1230697, CVE-2024-8805).
- commit 32c6a1b
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- commit 6d2db63
- bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156
CVE-2024-53125).
- commit f08e931
- scsi: pm80xx: Set phy->enable_completion only when we wait
for it (CVE-2024-47666 bsc#1231453).
- commit 6eaab68
- kobject: Add sanity check for kset->kobj.ktype in
kset_register() (bsc#1234639).
- commit 191167d
- NFSv4.0: Fix a use-after-free problem in the asynchronous open()
(git-fixes).
- commit b63fc00
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- commit 374eb43
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()
(git-fixes).
- commit 876ac53
- SUNRPC: make sure cache entry active before cache_show
(git-fixes).
- commit 23bad23
- nfsd: make sure exp active before svc_export_show (git-fixes).
- commit 8fcab75
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
(git-fixes).
- commit 3703ee5
- NFSD: Prevent a potential integer overflow (git-fixes).
- commit 69abaa2
- sunrpc: simplify two-level sysctl registration for
svcrdma_parm_table (git-fixes).
- commit fcf1dc3
- net: Make copy_safe_from_sockptr() match documentation
(git-fixes CVE-2024-36915 bsc#1225758).
- commit 6fb42a1
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- commit 979dbfa
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode
(git-fixes).
- Refresh
patches.suse/autofs-use-wake_up-instead-of-wake_up_interruptible.patch.
- commit 9fa435f
- Delete patches.suse/NFSD-Convert-the-callback-workqueue-to-use-delayed_w.patch. (bsc#1233837)
- Delete patches.suse/NFSD-Reschedule-CB-operations-when-backchannel-rpc_c.patch. (bsc#1233837)
- commit 60721fe
- arm64: dts: allwinner: pinephone: Add mount matrix to
accelerometer (git-fixes).
- commit 9be38ad
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc
(git-fixes).
- commit 17eb8d6
- bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262 bsc#1233239)
- commit 9c19140
- platform/x86/amd/pmc: Detect when STB is not available (CVE-2024-53072 bsc#1233564)
- commit 1335d85
- Update references for patches.suse/net-mlx5e-CT-Fix-null-ptr-deref-in-add-rule-err-flow.patch (CVE-2024-53120 bsc#1234075 git-fixes)
- commit abf5898
- fs: Fix uninitialized value issue in from_kuid and from_kgid (CVE-2024-53101 bsc#1233769)
- commit e038166
- mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (CVE-2024-53122 bsc#1234076)
- commit 31129d0
- virtio/vsock: Fix accept_queue memory leak (CVE-2024-53119 bsc#1234073)
- commit 30399e1
- arm64: dts: rockchip: Remove #cooling-cells from fan on
Theobroma lion (git-fixes).
- commit 4b88506
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards
(git-fixes).
- commit 836dd0e
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328
(git-fixes).
- commit 4d37495
- arm64: dts: rockchip: Fix rt5651 compatible value on
rk3399-sapphire-excavator (git-fixes).
- commit d0928c0
- Fix bug introduced in backport of
patches.suse/udf_rename-only-access-the-child-content-on-cross-di.patch.
- commit ae1fb0a
- udf: Handle error when adding extent to a file (bsc#1234437).
- commit dbea247
- kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth
- commit 05606f9
- net: preserve kabi for napi_struct and net_device
(CVE-2024-50018 bsc#1232419).
- netfilter: nf_reject_ipv6: fix potential crash in
nf_send_reset6() (CVE-2024-50256 bsc#1233200).
- fsl/fman: Fix refcount handling of fman-related devices
(CVE-2024-50166 bsc#1233050).
- fsl/fman: Save device references taken in mac_probe()
(CVE-2024-50166 bsc#1233050).
- net: napi: Prevent overflow of napi_defer_hard_irqs
(CVE-2024-50018 bsc#1232419).
- net: fman: Unregister ethernet device on removal (CVE-2024-50166
bsc#1233050).
- commit e372e18
- afs: Fix lock recursion (bsc#1233637 CVE-2024-53090).
- commit 41b742a
- nilfs2: propagate directory read errors from nilfs_find_entry()
(bsc#1233324 CVE-2024-50202).
- commit bad80aa
- netfilter: nft_set_pipapo: do not free live element
(CVE-2024-26924 bsc#1223387).
- commit f3a511c
- rtnetlink: make sure to refresh master_dev/m_ops in
__rtnl_newlink() (CVE-2022-48742 bsc#1226694).
- commit 36fae5a
- Update References: field,
patches.suse/dm-cache-fix-flushing-uninitialized-delayed_work-on--1354.patch
(bsc#1233467, CVE-2024-50278, bsc#1233469, CVE-2024-50280).
- commit ccb7c34
- Delete
patches.suse/smb-client-Fix-use-after-free-of-network-namespace-.patch
(bsc#1233642 CVE-2024-53095).
[hcarvalho: revert because the fix is incomplete. The patch fixes UAF of
network namespace but causes in another UAF (of the socket) when the
cifs module is removed].
- commit 393d09d
- dmaengine: idxd: Check for driver name match before sva user
feature (bsc#1234357).
- dmaengine: idxd: add wq driver name support for accel-config
user tool (bsc#1234357).
- commit 9a15d19
- kABI: bpf: support non-r10 register spill/fill to/from stack
in precision tracking (bsc#1232823 CVE-2023-52920).
- bpf: Fix check_stack_write_fixed_off() to correctly spill imm
(bsc#1232823 CVE-2023-52920).
- Refresh patches.suse/bpf-support-non-r10-register-spill-fill-to-from-stac.patch
- Refresh patches.suse/bpf-handle-fake-register-spill-to-stack-with-BPF_ST_.patch
- commit 66c4fd1
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them
(git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path
(git-fixes).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove
(git-fixes).
- mmc: core: Further prevent card detect during shutdown
(git-fixes).
- commit a85e5af
- bpf: handle fake register spill to stack with BPF_ST_MEM
instruction (bsc#1232823 CVE-2023-52920).
- commit 145a13f
- bpf: support non-r10 register spill/fill to/from stack in
precision tracking (bsc#1232823 CVE-2023-52920).
- Refresh patches.suse/bpf-Fix-accesses-to-uninit-stack-slots.patch
- Refresh patches.kabi/bpf-bpf_idmap-idset-workaround.patch
- Refresh patches.kabi/bpf-callback-fixes-kABI-workaround.patch
- bpf: Fix verifier id tracking of scalars on spill (bsc#1232823
CVE-2023-52920).
- commit 67aeddf
- selftests/bpf: check if BPF_ST with variable offset preserves
STACK_ZERO (bsc#1232823 CVE-2023-52920).
- bpf: BPF_ST with variable offset should preserve STACK_ZERO
marks (bsc#1232823 CVE-2023-52920).
- Refresh patches.suse/bpf-Fix-accesses-to-uninit-stack-slots.patch
- selftests/bpf: check if verifier tracks constants spilled by
BPF_ST_MEM (bsc#1232823 CVE-2023-52920).
- bpf: track immediate values written to stack by BPF_ST
instruction (bsc#1232823 CVE-2023-52920).
- Refresh patches.suse/bpf-Fix-accesses-to-uninit-stack-slots.patch
- commit 65c1ce3
- nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
(bsc#1234220 CVE-2024-53131).
- commit 026d687
- nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
(bsc#1234219 CVE-2024-53130).
- commit 76ddd8d
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- commit cb2148b
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- commit 379ead1
- udf: fix uninit-value use in udf_get_fileshortad (bsc#1234243
bsc#1233038 CVE-2024-50143).
- commit 74fc0bf
- udf: refactor inode_bmap() to handle error (bsc#1234242
bsc#1233096 CVE-2024-50211).
- commit 4a34764
- mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
(CVE-2024-53113 bsc#1234077).
- commit 064f5f8
- mm/kfence: reset PG_slab and memcg_data before freeing
__kfence_pool (bsc#1234120).
- commit b3bbd4a
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072 CVE-2024-53114).
- commit 05659e3
- net/ipv6: release expired exception dst cached in socket
(bsc#1216813).
- commit eda9477
- Update
patches.suse/initramfs-avoid-filename-buffer-overrun.patch
(CVE-2024-53142 bsc#1232436).
- commit 14f79ec
- net: bridge: mcast: wait for previous gc cycles when removing
port (CVE-2024-44934 bsc#1229809).
- Bluetooth: af_bluetooth: Fix deadlock (CVE-2024-26886
bsc#1223044).
- commit fc48798
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- commit 8769bc2
- dm cache: fix potential out-of-bounds access on the first resume
(bsc#1233467, CVE-2024-50278).
- dm cache: optimize dirty bit checking with find_next_bit when
resizing (bsc#1233467, CVE-2024-50278).
- commit ea1471d
- Update the Rerferences: field,
patches.suse/dm-cache-fix-out-of-bounds-access-to-the-dirty-bitset-when-resizing.patch
(bsc#1233467, bsc#1233468, CVE-2024-50278, CVE-2024-50279).
- commit 685afd3
- dm cache: fix flushing uninitialized delayed_work on cache_ctr
error (bsc#1233467, CVE-2024-50278).
- dm cache: correct the number of origin blocks to match the
target length (bsc#1233467, CVE-2024-50278).
- commit 1c6d167
- sch/netem: fix use after free in netem_dequeue (CVE-2024-46800
bsc#1230827).
- commit 4fa3f93
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
- commit a0b39c4
- vp_vdpa: fix id_table array not null terminated error
(CVE-2024-53110 bsc#1234085).
- commit d161a67
- idpf: fix UAFs when destroying the queues (CVE-2024-44932
bsc#1229808).
- idpf: fix memory leaks and crashes while performing a soft reset
(CVE-2024-44964 bsc#1230220).
- commit 4316b61
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED
in uvc_parse_format (CVE-2024-53104 bsc#1234025).
- commit 1c41c2f
- can: j1939: j1939_session_new(): fix skb reference counting
(git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics
(git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics
(git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors
statistics (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors
statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state()
even if cf is NULL (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb
allocation fails (git-fixes).
- HID: wacom: fix when get product name maybe null pointer
(git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in
mtk_wdt_restart() (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call
(git-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed
values (git-fixes).
- commit 6f2f0c6
- arm64/uprobes: change the uprobe_opcode_t typedef to fix the sparse warning (git-fixes)
Refresh patches.suse/arm64-probes-Fix-uprobes-for-big-endian-kernels.patch.
- commit 8fb43aa
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- commit c8e82c2
- icmp: change the order of rate limits (CVE-2024-47678 bsc#1231854).
- icmp: Fix data-races around sysctl (CVE-2024-47678 bsc#1231854).
- commit 4fed248
- drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (CVE-2024-53051 bsc#1233547)
- commit bb15300
- USB: serial: io_edgeport: fix use after free in debug printk (CVE-2024-50267 bsc#1233456)
- commit 5a7c927
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (CVE-2024-50181 bsc#1233127)
- commit 3d9958b
- kernel.h: split out COUNT_ARGS() and CONCATENATE() to args.h (git-fixes)
- commit ce86139
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- commit 11b60ab
- wifi: iwlwifi: mvm: fix 6 GHz scan construction (CVE-2024-53055 bsc#1233550)
- commit 1b3f527
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- commit 834680b
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- commit 49b56be
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- commit e8b197c
- arm64/sve: Discard stale CPU state when handling SVE traps (git-fixes)
- commit 019ef42
- drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (CVE-2024-53056 bsc#1233568)
- commit b0b5344
- net: hns3: fix kernel crash when uninstalling driver (CVE-2024-50296 bsc#1233485)
- commit e1c4613
- smb: client: Fix use-after-free of network namespace
(bsc#1233642 CVE-2024-53095).
[hcarvalho: remove netfs_tracker_* related code because we don't have
such infrastructure. To understand the changes, look into the definition
of `sock_inuse_add(net, 1)` (commit d477eb9004845) and into commit
4199bae10c49e.]
- commit f162821
- powerpc/kexec: Fix return of uninitialized variable
(bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling
hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore
(bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init()
(bsc#1194869).
- powerpc/atomic: Use YZ constraints for DS-form instructions
(bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and
CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/asm: Remove UPD_CONSTR after GCC 4.9 removal
(bsc#1194869).
- powerpc: remove GCC version check for UPD_CONSTR (bsc#1194869).
- commit 2d82b73
- net/mlx5: Unregister notifier on eswitch init failure
(git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- net/mlx5e: Take state lock during tx timeout reporter
(git-fixes).
- net/mlx5e: Correct snprintf truncation handling for fw_version
buffer used by representors (git-fixes).
- net/mlx5e: Correct snprintf truncation handling for fw_version
buffer (git-fixes).
- iavf: in iavf_down, disable queues when removing the driver
(git-fixes).
- commit c073e57
- net: ena: Fix potential sign extension issue (git-fixes).
- Refresh
patches.suse/net-ena-Fix-redundant-device-NUMA-node-override.patch.
- commit f3d6416
- idpf: distinguish vports by the dev_port attribute (git-fixes).
- Refresh patches.suse/0001-idpf-extend-tx-watchdog-timeout.patch.
- commit 3fa63a5
- vdpa/mlx5: preserve CVQ vringh index (git-fixes).
- Refresh patches.suse/vdpa-mlx5-Allow-CVQ-size-changes.patch.
- commit dbac474
- net/mlx5: Drain health before unregistering devlink (git-fixes).
- Refresh
patches.suse/net-mlx5-Register-devlink-first-under-devlink-lock.patch.
- commit fa0f96d
- iavf: send VLAN offloading caps once after VFR (git-fixes).
- Refresh
patches.suse/iavf-fix-a-deadlock-caused-by-rtnl-and-driver-s-lock.patch.
- commit 39965fe
- net/mlx5: Use recovery timeout on sync reset flow (git-fixes).
- Refresh
patches.suse/net-mlx5-Fix-missing-lock-on-sync-reset-reload.patch.
- commit 0f9e3d5
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface
is down (git-fixes).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow
(git-fixes).
- net/mlx5e: kTLS, Fix incorrect page refcounting (git-fixes).
- net/mlx5: fs, lock FTE when checking if active (git-fixes).
- ice: change q_index variable type to s16 to store -1 value
(git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock
(git-fixes).
- ice: fix accounting for filters shared by multiple VSIs
(git-fixes).
- net/mlx5: Add missing masks and QoS bit masks for scheduling
elements (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type
(git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map
(git-fixes).
- net/mlx5: Update the list of the PCI supported devices
(git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows
(git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset
(git-fixes).
- net/mlx5e: Add a check for the return value from
mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5: Lag, don't use the hardcoded value of the first port
(git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's
(git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow
(git-fixes).
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is
disabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver
(git-fixes).
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in
mlx5e_priv_cleanup() (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error
(git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO
headers (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP
(non-VXLAN) packets (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- idpf: don't enable NAPI and interrupts prior to allocating Rx
buffers (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for
reporting buffer exhaustion (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check
(git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state
(git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- Revert "ixgbe: Manual AN-37 for troublesome link partners for
X550 SFI" (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld()
function (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec
(git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config
(git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll
(git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash
LAG deactivation (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number
(git-fixes).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset
(git-fixes).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa()
(git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or
registers (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets
(git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not
supported (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling
xsk_pool (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able
(git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- tun: Fix xdp_rxq_info's queue_index when detaching (git-fixes).
- igc: Remove temporary workaround (git-fixes).
- i40e: take into account XDP Tx queues when stopping rings
(git-fixes).
- i40e: avoid double calling i40e_pf_rxq_wait() (git-fixes).
- i40e: Fix waiting for queues of all VSIs to be disabled
(git-fixes).
- idpf: avoid compiler padding in virtchnl2_ptype struct
(git-fixes).
- gve: Fix skb truesize underestimation (git-fixes).
- net/mlx5e: Allow software parsing when IPsec crypto is enabled
(git-fixes).
- net/mlx5: Use mlx5 device constant for selecting CQ period
mode for ASO (git-fixes).
- net/mlx5: DR, Can't go to uplink vport on RX rule (git-fixes).
- net/mlx5: DR, Use the right GVMI number for drop action
(git-fixes).
- bnxt_en: Wait for FLR to complete during probe (git-fixes).
- igc: Fix hicredit calculation (git-fixes).
- i40e: Restore VF MSI-X state during PCI reset (git-fixes).
- i40e: fix use-after-free in i40e_aqc_add_filters() (git-fixes).
- bnxt_en: Remove mis-applied code from bnxt_cfg_ntp_filters()
(git-fixes).
- igc: Check VLAN EtherType mask (git-fixes).
- igc: Check VLAN TCI mask (git-fixes).
- igc: Report VLAN EtherType matching back to user (git-fixes).
- i40e: Fix filter input checks to prevent config with invalid
values (git-fixes).
- ice: Shut down VSI with "link-down-on-close" enabled
(git-fixes).
- ice: Fix link_down_on_close message (git-fixes).
- idpf: avoid compiler introduced padding in virtchnl2_rss_key
struct (git-fixes).
- idpf: fix corrupted frames and skb leaks in singleq mode
(git-fixes).
- sfc: fix a double-free bug in efx_probe_filters (git-fixes).
- net/mlx5: Fix fw tracer first block check (git-fixes).
- net/mlx5e: fix a potential double-free in fs_udp_create_groups
(git-fixes).
- net/mlx5e: Fix slab-out-of-bounds in
mlx5_query_nic_vport_mac_list() (git-fixes).
- net/mlx5e: fix double free of encap_header (git-fixes).
- iavf: Introduce new state machines for flow director
(git-fixes).
- net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work
(git-fixes).
- iavf: validate tx_coalesce_usecs even if rx_coalesce_usecs is
zero (git-fixes).
- net/mlx5e: Check return value of snprintf writing to fw_version
buffer for representors (git-fixes).
- net/mlx5e: Check return value of snprintf writing to fw_version
buffer (git-fixes).
- net/mlx5e: Reduce the size of icosq_str (git-fixes).
- net/mlx5e: Fix pedit endianness (git-fixes).
- chtls: fix tp->rcv_tstamp initialization (git-fixes).
- iavf: Fix promiscuous mode configuration flow messages
(git-fixes).
- iavf: initialize waitqueues before starting watchdog_task
(git-fixes).
- tun: prevent negative ifindex (git-fixes).
- net/mlx5e: Don't offload internal port if filter device is
out device (git-fixes).
- net/mlx5: Handle fw tracer change ownership event based on MTRC
(git-fixes).
- net/mlx5: E-switch, register event handler before arming the
event (git-fixes).
- ice: reset first in crash dump kernels (git-fixes).
- ice: fix over-shifted variable (git-fixes).
- net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp
(git-fixes).
- ixgbe: fix crash with empty VF macvlan list (git-fixes).
- iavf: do not process adminq tasks when __IAVF_IN_REMOVE_TASK
is set (git-fixes).
- ixgbe: fix timestamp configuration code (git-fixes).
- net/mlx5: Use RMW accessors for changing LNKCTL (git-fixes).
- sfc: Check firmware supports Ethernet PTP filter (git-fixes).
- ice: avoid executing commands on other ports when driving sync
(git-fixes).
- ice: ice_aq_check_events: fix off-by-one check when filling
buffer (git-fixes).
- ice: Fix NULL pointer deref during VF reset (git-fixes).
- ice: fix receive buffer size miscalculation (git-fixes).
- iavf: fix FDIR rule fields masks validation (git-fixes).
- ice: Block switchdev mode when ADQ is active and vice versa
(git-fixes).
- sfc: don't unregister flow_indr if it was never registered
(git-fixes).
- net/mlx5: Skip clock update work when device is in error state
(git-fixes).
- net/mlx5: LAG, Check correct bucket when modifying LAG
(git-fixes).
- net/mlx5: Allow 0 for total host VFs (git-fixes).
- drivers: net: prevent tun_build_skb() to exceed the packet
size limit (git-fixes).
- net/mlx5e: Move representor neigh cleanup to profile cleanup_tx
(git-fixes).
- net/mlx5e: Fix crash moving to switchdev mode when ntuple
offload is set (git-fixes).
- net/mlx5e: fix return value check in
mlx5e_ipsec_remove_trailer() (git-fixes).
- net/mlx5: fix potential memory leak in mlx5e_init_rep_rx
(git-fixes).
- net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
(git-fixes).
- net/mlx5e: fix double free in
macsec_fs_tx_create_crypto_table_groups (git-fixes).
- commit 8552b15
- tcp: Fix use-after-free of nreq in reqsk_timer_handler()
(CVE-2024-50154 bsc#1233070).
- commit 9c54dc2
- sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (CVE-2024-49944 bsc#1232166)
- commit 974388e
- netfilter: nf_tables: prevent nf_skb_duplicated corruption (CVE-2024-49952 bsc#1232157)
- commit dcad18b
- netdevsim: Add trailing zero to terminate the string
in nsim_nexthop_bucket_activity_write() (CVE-2024-50259
bsc#1233214).
- commit 3b589d0
- Update patches.suse/can-bcm-Fix-UAF-in-bcm_proc_show.patch
(git-fixes CVE-2023-52922 bsc#1233977).
- commit 624f722
- Update
patches.suse/ACPI-CPPC-Make-rmw_lock-a-raw_spin_lock.patch
(git-fixes CVE-2024-50249 bsc#1233197).
- Update
patches.suse/ASoC-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch
(git-fixes CVE-2024-50292 bsc#1233481).
- Update
patches.suse/Bluetooth-hci-fix-null-ptr-deref-in-hci_read_support.patch
(git-fixes CVE-2024-50255 bsc#1233238).
- Update
patches.suse/HID-core-zero-initialize-the-report-buffer.patch
(git-fixes CVE-2024-50302 bsc#1233491).
- Update
patches.suse/KVM-arm64-vgic-v2-Check-for-non-NULL-vCPU-in-vgic_v2.patch
(git-fixes CVE-2024-36953 bsc#1225812).
- Update
patches.suse/USB-serial-io_edgeport-fix-use-after-free-in-debug-p.patch
(git-fixes CVE-2024-50267 bsc#1233456).
- Update patches.suse/arm64-tlb-Fix-TLBI-RANGE-operand.patch
(bsc#1229585 CVE-2024-35980 bsc#1224574).
- Update
patches.suse/drm-amdgpu-add-missing-size-check-in-amdgpu_debugfs_.patch
(stable-fixes CVE-2024-50282 bsc#1233471).
- Update
patches.suse/drm-amdgpu-fix-possible-UAF-in-amdgpu_cs_pass1.patch
(git-fixes CVE-2023-52921 bsc#1233452).
- Update
patches.suse/drm-amdgpu-prevent-NULL-pointer-dereference-if-ATIF-.patch
(git-fixes CVE-2024-53060 bsc#1233554).
- Update
patches.suse/erofs-fix-pcluster-use-after-free-on-UP-platforms.patch
(git-fixes CVE-2022-48674 bsc#1223942).
- Update
patches.suse/filelock-fix-potential-use-after-free-in-posix_lock_inode.patch
(git-fixes CVE-2024-41049 bsc#1228486).
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(git-fixes CVE-2024-50290 bsc#1233479).
- Update
patches.suse/media-dvb-usb-v2-af9035-Fix-null-ptr-deref-in-af9035.patch
(stable-fixes CVE-2023-52915 bsc#1230270).
- Update
patches.suse/media-pci-cx23885-check-cx23885_vdev_init-return.patch
(stable-fixes CVE-2023-52918 bsc#1232047).
- Update
patches.suse/media-v4l2-tpg-prevent-the-risk-of-a-division-by-zer.patch
(git-fixes CVE-2024-50287 bsc#1233476).
- Update
patches.suse/net-drop-bad-gso-csum_start-and-offset-in-virtio_net.patch
(git-fixes CVE-2024-43897 bsc#1229752).
- Update patches.suse/net-missing-check-virtio.patch (git-fixes
CVE-2024-43817 bsc#1229312).
- Update
patches.suse/net-relax-socket-state-check-at-accept-time.patch
(git-fixes CVE-2024-36484 bsc#1226872).
- Update
patches.suse/nfs-Fix-KMSAN-warning-in-decode_getfattr_attrs.patch
(git-fixes CVE-2024-53066 bsc#1233560).
- Update
patches.suse/ocfs2-remove-entry-once-instead-of-null-ptr-dereference-in-ocfs2_xa_remove.patch
(git-fixes CVE-2024-50265 bsc#1233454).
- Update
patches.suse/rcu-tasks-Fix-show_rcu_tasks_trace_gp_kthread-buffer-overflow.patch
(bsc#1226631 CVE-2024-38577).
- Update
patches.suse/security-keys-fix-slab-out-of-bounds-in-key_task_per.patch
(git-fixes CVE-2024-50301 bsc#1233490).
- Update
patches.suse/staging-iio-frequency-ad9832-fix-division-by-zero-in.patch
(git-fixes CVE-2024-50233 bsc#1233210).
- Update
patches.suse/tpm-Lock-TPM-chip-in-tpm_pm_suspend-first.patch
(bsc#1082555 git-fixes CVE-2024-53085 bsc#1233577).
- Update
patches.suse/usb-musb-sunxi-Fix-accessing-an-released-usb-phy.patch
(git-fixes CVE-2024-50269 bsc#1233458).
- Update
patches.suse/usb-typec-fix-potential-out-of-bounds-in-ucsi_ccg_up.patch
(git-fixes CVE-2024-50268 bsc#1233457).
- Update
patches.suse/wifi-iwlwifi-mvm-Fix-response-handling-in-iwl_mvm_se.patch
(git-fixes CVE-2024-53059 bsc#1233553).
- commit 5ad850f
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (CVE-2024-50125
bsc#1232928).
- Refresh
patches.suse/Bluetooth-ISO-Fix-UAF-on-iso_sock_timeout.patch.
Revert Bluetooth-ISO-Fix-UAF-on-iso_sock_timeout.patch to the upstream
version of the patch.
The reverted version was a mix of 1bf4470a and 246b435a, since they were
accidentally identified as two different commits doing the same changes.
The changes are indeed mostly the same, but to different files.
- commit 965f18d
- cgroup/bpf: only cgroup v2 can be attached by bpf programs
(bsc#1234108).
- Revert "cgroup: Fix memory leak caused by missing
cgroup_bpf_offline" (bsc#1234108).
- commit bb8ec61
- kexec: fix a memory leak in crash_shrink_memory() (git-fixes).
- commit 67db122
- security/keys: fix slab-out-of-bounds in key_task_permission
(CVE-2024-50301 bsc#1233490).
- commit b8c1415
- signal: restore the override_rlimit logic (CVE-2024-50271
bsc#1233460).
- ucounts: fix counter leak in inc_rlimit_get_ucounts()
(bsc#1233460).
- commit 180784c
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- commit 47836ea
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone
(bsc#1234098).
+KABI restoration patch
- commit e4b780d
- signal: Replace BUG_ON()s (bsc#1234093).
- commit 2e26a2c
- media: cx24116: prevent overflows on SNR calculus
(CVE-2024-50290 bsc#1233479).
- commit c59cd01
- dm cache: fix out-of-bounds access to the dirty bitset when
resizing (CVE-2024-50279 bsc#1233468).
- commit 6c88f14
- nvme-fabrics: fix kernel crash while shutting down controller
(git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and
nvme_dev_disable() (git-fixes bsc#1232888 CVE-2024-50135).
- commit 9354fff
- mm/hugetlb: fix nodes huge page allocation when there are
surplus pages (bsc#1234012).
- commit 57caf06
- Update config files.
Enabled IDPF for ARM64 (bsc#1221309)
- commit 5ae56f6
- btrfs: fix a NULL pointer dereference when failed to start a
new trasacntion (CVE-2024-49868 bsc#1232272).
- commit d310176
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie"
compatible (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS
milliseconds (git-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in
pci_epc_remove_epf() (git-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- commit ae00716
- mm/thp: fix deferred split unqueue naming and locking
(CVE-2024-53079 bsc#1233570).
- commit 12f4be0
- scsi: lpfc: Copyright updates for 14.4.0.6 patches
(bsc#1233241).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask
(bsc#1233241).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure
(bsc#1233241).
- scsi: lpfc: Prevent NDLP reference count underflow in
dev_loss_tmo callback (bsc#1233241).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset
(bsc#1233241).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting
follow up FDMI (bsc#1233241).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE
before BSG flag (bsc#1233241).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod
paths (bsc#1233241).
- scsi: lpfc: Check devloss callbk done flag for potential stale
NDLP ptrs (bsc#1233241).
- scsi: lpfc: Modify CGN warning signal calculation based on
EDC response (bsc#1233241).
- commit b4b5aa0
- net: esp: fix bad handling of pages from page_pool
(CVE-2024-26953 bsc#1223656).
Back-port by using `page_pool_return_skb_page()`.
Original patch uses `napi_pp_put_page()` which was only introduced later
and is a renamed and slightly extended version of
`page_pool_return_skb_page()`.
- commit 533a05f
- HID: core: zero-initialize the report buffer (CVE-2024-50302
bsc#1233491).
- commit 086ff16
- vsock/virtio: Initialization of the dangling pointer occurring
in vsk->trans (CVE-2024-50264 bsc#1233453).
- commit 008fbbf
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042
quirk table (git-fixes).
- commit afbd0bc
- Input: i8042 - add another board name for TUXEDO Stellaris
Gen5 AMD line (git-fixes).
- commit 5a2b5e0
- btrfs: reinitialize delayed ref list after deleting it from
the list (bsc#1233462 CVE-2024-50273).
- commit b55957a
- net: arc: fix the device for dma_map_single/dma_unmap_single
(CVE-2024-50295 bsc#1233484).
- net: enetc: allocate vf_state during PF probes (CVE-2024-50298
bsc#1233487).
- net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged
SKB data (CVE-2024-53058 bsc#1233552).
- commit 56d9e2a
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (CVE-2024-50125
bsc#1232928).
- commit 9dd8cd5
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk
table (git-fixes).
- commit d68dfa0
- Update
patches.suse/Bluetooth-ISO-Fix-UAF-on-iso_sock_timeout.patch
(CVE-2024-50124 bsc#1232926).
Revert to upstream version of patch.
The reverted version was a mix of 1bf4470a and 246b435a, since they were
accidentally identified as two different commits doing the same changes.
The changes are indeed mostly the same, but to different files.
- commit f3fab2d
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table
(git-fixes).
- commit 0792816
- Input: i8042 - add Ayaneo Kun to i8042 quirk table (git-fixes).
- commit 64769ef
- Bluetooth: SCO: Fix UAF on sco_sock_timeout (CVE-2024-50125
bsc#1232928).
- commit f9d799e
- blk-throttle: Fix io statistics for cgroup v1 (bsc#1233528).
- commit 8c6ab5e
- Update
patches.suse/ACPI-CPPC-Make-rmw_lock-a-raw_spin_lock.patch
(git-fixes CVE-2024-50249 bsc#1233197).
- Update
patches.suse/ASoC-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch
(git-fixes CVE-2024-50292 bsc#1233481).
- Update
patches.suse/Bluetooth-hci-fix-null-ptr-deref-in-hci_read_support.patch
(git-fixes CVE-2024-50255 bsc#1233238).
- Update
patches.suse/HID-core-zero-initialize-the-report-buffer.patch
(git-fixes CVE-2024-50302 bsc#1233491).
- Update
patches.suse/USB-serial-io_edgeport-fix-use-after-free-in-debug-p.patch
(git-fixes CVE-2024-50267 bsc#1233456).
- Update
patches.suse/drm-amdgpu-add-missing-size-check-in-amdgpu_debugfs_.patch
(stable-fixes CVE-2024-50282 bsc#1233471).
- Update
patches.suse/drm-amdgpu-fix-possible-UAF-in-amdgpu_cs_pass1.patch
(git-fixes CVE-2023-52921 bsc#1233452).
- Update
patches.suse/drm-amdgpu-prevent-NULL-pointer-dereference-if-ATIF-.patch
(git-fixes CVE-2024-53060 bsc#1233554).
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(git-fixes CVE-2024-50290 bsc#1233479).
- Update
patches.suse/media-pci-cx23885-check-cx23885_vdev_init-return.patch
(stable-fixes CVE-2023-52918 bsc#1232047).
- Update
patches.suse/media-v4l2-tpg-prevent-the-risk-of-a-division-by-zer.patch
(git-fixes CVE-2024-50287 bsc#1233476).
- Update
patches.suse/nfs-Fix-KMSAN-warning-in-decode_getfattr_attrs.patch
(git-fixes CVE-2024-53066 bsc#1233560).
- Update
patches.suse/ocfs2-remove-entry-once-instead-of-null-ptr-dereference-in-ocfs2_xa_remove.patch
(git-fixes CVE-2024-50265 bsc#1233454).
- Update
patches.suse/security-keys-fix-slab-out-of-bounds-in-key_task_per.patch
(git-fixes CVE-2024-50301 bsc#1233490).
- Update
patches.suse/staging-iio-frequency-ad9832-fix-division-by-zero-in.patch
(git-fixes CVE-2024-50233 bsc#1233210).
- Update
patches.suse/usb-musb-sunxi-Fix-accessing-an-released-usb-phy.patch
(git-fixes CVE-2024-50269 bsc#1233458).
- Update
patches.suse/usb-typec-fix-potential-out-of-bounds-in-ucsi_ccg_up.patch
(git-fixes CVE-2024-50268 bsc#1233457).
- Update
patches.suse/wifi-iwlwifi-mvm-Fix-response-handling-in-iwl_mvm_se.patch
(git-fixes CVE-2024-53059 bsc#1233553).
- commit 22770b4
- Update patches.suse/can-bcm-Fix-UAF-in-bcm_proc_show.patch
(git-fixes CVE-2023-52922 bsc#1233977).
- commit 82c5a0a
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- rtc: ab-eoz9: don't fail temperature reads on undervoltage
notification (git-fixes).
- rtc: check if __rtc_read_time was successful in
rtc_timer_do_work() (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register
(git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- commit 1d73f32
- arm64: dts: imx8mp: correct sdhc ipg clk (git-fixes).
- commit 8c1d928
- arm64: Force position-independent veneers (git-fixes).
- commit 037de2c
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock
(git-fixes).
- commit 8a46fef
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry
(git-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- =?UTF-8?q?iio:=20accel:=20kxcjk-1013:=20Remove=20redundan?=
=?UTF-8?q?t=20I=C2=B2C=20ID?= (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer
(git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match'
(git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe()
(git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left
(git-fixes).
- Revert "usb: gadget: composite: fix OS descriptors w_value
logic" (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines
(git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in
get_serial_info() (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in
TxFIFO resizing logic (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue
(git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible
(git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in
iowarrior_read() (git-fixes).
- commit 75ee7d4
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
(bsc#1233548 CVE-2024-53052).
- commit db98042
- pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558
CVE-2024-46681).
- commit 79a3f5c
- Bluetooth: MGMT: Fix slab-use-after-free Read in
set_powered_sync (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid
WoL configuration (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing
PHY device (git-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging
function (git-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from
power_supply_put() (git-fixes).
- commit 01635d8
- Refresh
patches.suse/initramfs-avoid-filename-buffer-overrun.patch.
- commit 145c949
- posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() (CVE-2024-50195 bsc#1233103)
- commit 290f973
- media: av7110: fix a spectre vulnerability (CVE-2024-50289
bsc#1233478).
- commit 79acfeb
- net: relax socket state check at accept time (git-fixes).
- commit 75020f0
- Drop OCFS2 patch causing a regression (bsc#1233255)
Deleted:
patches.suse/ocfs2-fix-the-la-space-leak-when-unmounting-an-ocfs2-volume.patch
- commit 751a2bd
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
(CVE-2024-36905 bsc#1225742).
- commit f693405
- net: fix out-of-bounds access in ops_init (CVE-2024-36883
bsc#1225725).
- commit eb0ac08
- efi/memattr: Ignore table if the size is clearly bogus
(bsc#1231465).
- commit ee06f84
- idpf: avoid vport access in idpf_get_link_ksettings
(CVE-2024-50274 bsc#1233463).
- commit 8971b65
- i40e: fix race condition by adding filter's intermediate sync
state (CVE-2024-53088 bsc#1233580).
- i40e: fix i40e_count_filters() to count only active/new filters
(CVE-2024-53088 bsc#1233580).
- commit 2251801
- hwmon: (tps23861) Fix reporting of negative temperatures
(git-fixes).
- i3c: master: Fix miss free init_dyn_addr at
i3c_master_put_i3c_addrs() (git-fixes).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming
(git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus()
(git-fixes).
- commit eb819fb
- nilfs2: fix potential oob read in nilfs_btree_check_delete()
(bsc#1232187 CVE-2024-47757).
- commit d813a1d
- net: hns3: fix a deadlock problem when config TC during
resetting (CVE-2024-44995 bsc#1230231).
- commit 8f3de3e
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- commit 7022fa5
- media: dvbdev: prevent the risk of out of memory access
(CVE-2024-53063 bsc#1233557).
- commit 52a90e5
- netrom: fix possible dead-lock in nr_rt_ioctl() (CVE-2024-38589
bsc#1226748).
- commit bee9469
- mptcp: never allow the PM to close a listener subflow
(CVE-2021-47594 bsc#1226560).
- commit 639c494
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555
git-fixes).
- commit 478dbbb
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer
(git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current
state (git-fixes).
- commit 502ca69
- media: s5p-jpeg: prevent buffer overflows (CVE-2024-53061
bsc#1233555).
- commit aef5475
- firmware: arm_scmi: Fix slab-use-after-free in
scmi_bus_notifier() (CVE-2024-53068 bsc#1233561).
- commit e507b37
- tipc: fix UAF in error path (CVE-2024-36886 bsc#1225730).
- commit 295f12e
- ibmvnic: Ensure login failure recovery is safe from other resets
(bsc#1233150).
- ibmvnic: Do partial reset on login failure (bsc#1233150).
- ibmvnic: Handle DMA unmapping of login buffs in release
functions (bsc#1233150).
- ibmvnic: Unmap DMA login rsp buffer on send login fail
(bsc#1233150).
- ibmvnic: Enforce stronger sanity checks on login response
(bsc#1233150).
- commit 10ef085
- tipc: fix a possible memleak in tipc_buf_append (CVE-2024-36954
bsc#1225764).
- commit c051ffd
- erspan: make sure erspan_base_hdr is present in skb->head
(CVE-2024-35888 bsc#1224518).
- commit a36710a
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- commit 6e3e371
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- commit 4fc8465
- RDMA/hns: Use macro instead of magic number (git-fixes)
- commit e4ebf0e
- RDMA/hns: Add mutex_destroy() (git-fixes)
- commit cb1de76
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- commit b00cfa9
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- commit 69e0eee
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- commit a102dfe
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- commit 1c672f5
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- commit 0d8596e
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- commit e895eca
- RDMA/hns: Remove unnecessary QP type checks (git-fixes)
- commit 5a2c4d9
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- commit 1c5f525
- RDMA/hns: Add clear_hem return value to log (git-fixes)
- commit ff0016c
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- commit e774e20
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- commit e2ba602
- drm/amd: Fix initialization mistake for NBIO 7.7.0
(stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook
645 G10 (stable-fixes).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue
(stable-fixes).
- commit 46d58c4
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited
(git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in
_dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model
(git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off
(git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/sti: avoid potential dereference of error pointers
(git-fixes).
- drm/sti: avoid potential dereference of error pointers in
sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in
sti_hqvdp_atomic_check (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs
function (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry
pointer (git-fixes).
- drm/vc4: hvs: Don't write gamma luts on 2711 (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with
__maybe_unused (git-fixes).
- ASoC: codecs: Fix atomicity violation in
snd_soc_component_get_drvdata() (git-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection
(git-fixes).
- wifi: ath10k: fix invalid VHT parameters in
supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in
supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in
htc_connect_service() (git-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- commit 4ce629c
- x86/kvm: fix is_stale_page_fault() (bsc#1221333).
- commit 332e968
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- thermal: core: Initialize thermal zones before registering them
(git-fixes).
- amd-pstate: Set min_perf to nominal_perf for active mode
performance gov (git-fixes).
- crypto: cavium - Fix an error handling path in
cpt_ucode_load_fw() (git-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function
(git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form
(git-fixes).
- crypto: inside-secure - Fix the return value of
safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout
(git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit
(git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown()
(git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference
decrement (git-fixes).
- commit 5f244c5
- kernel-binary: Enable livepatch package only when livepatch is enabled
Otherwise the filelist may be empty failing the build (bsc#1218644).
- commit f730eec
- Update config files (bsc#1218644).
LIVEPATCH_IPA_CLONES=n => LIVEPATCH=n
- commit 9c28790
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning
(git-fixes).
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger
than 4K" (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition
(stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard
(stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/
Casa touchpad (stable-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to
VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad
(stable-fixes).
- HID: multitouch: Add support for B2402FVA track point
(stable-fixes).
- commit 8da6f10
- Bluetooth: ISO: Fix UAF on iso_sock_timeout (CVE-2024-50124
bsc#1232926).
- commit a1432ce
- posix-clock: Fix missing timespec64 check in pc_clock_settime() (CVE-2024-50195 bsc#1233103)
- commit 8efc3a7
- bpf: Use raw_spinlock_t in ringbuf (CVE-2024-50138 bsc#1232935)
- commit 6bb77e6
- net: systemport: fix potential memory leak in bcm_sysport_xmit() (CVE-2024-50171 bsc#1233057)
- commit b70ca2e
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (CVE-2024-50073 bsc#1232520)
- commit 3e72b22
- USB: serial: qcserial: add support for Sierra Wireless EM86xx
(stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition
(stable-fixes).
- drm/amdgpu: add missing size check in
amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions
(stable-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not
supported (git-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3
(stable-fixes).
- media: dvb-usb-v2: af9035: fix missing unlock (git-fixes).
- media: dvb-usb-v2: af9035: Fix null-ptr-deref in
af9035_i2c_master_xfer (stable-fixes).
- commit 8316036
- add bugreference to a hv_netvsc patch (bsc#1232413).
- commit c98c418
- ALSA: firewire-lib: Avoid division by zero in
apply_constraint_to_size() (CVE-2024-50205 bsc#1233293).
- commit d31c5c9
- scsi: target: core: Fix null-ptr-deref in target_alloc_device()
(CVE-2024-50153 bsc#1233061).
- commit 3b8c091
- net: wwan: fix global oob in wwan_rtnl_policy (CVE-2024-50128
bsc#1232905).
- commit e39a4e6
- xfrm: fix one more kernel-infoleak in algo dumping
(CVE-2024-50110 bsc#1232885).
- commit 0993db8
- scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down
(CVE-2024-50098 bsc#1232881).
- commit f8c4b7b
- thermal: intel: int340x: processor: Fix warning during module
unload (CVE-2024-50093 bsc#1232877).
- commit ef3b2be
- net: phy: dp83869: fix memory corruption when enabling fiber
(CVE-2024-50188 bsc#1233107).
- commit a27c339
- net: explicitly clear the sk pointer, when pf->create fails
(CVE-2024-50186 bsc#1233110).
- commit 3fff4c4
- secretmem: disable memfd_secret() if arch cannot set direct map
(CVE-2024-50182 bsc#1233129).
- commit 729f64d
- Update
patches.suse/0001-PCI-keystone-Fix-if-statement-expression-in-ks_pcie_.patch
(git-fixes CVE-2024-47756 bsc#1232185).
- Update
patches.suse/0002-x86-mm-ident_map-Use-gbpages-only-where-full-GB-page.patch
(bsc#1220382 CVE-2024-50017 bsc#1232312).
- Update
patches.suse/0544-drm-amdgpu-fix-use-after-free-during-gpu-recovery.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48990 bsc#1232028).
- Update
patches.suse/0551-drm-amd-display-fix-array-index-out-of-bound-error-i.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48979 bsc#1232293).
- Update patches.suse/ACPI-PAD-fix-crash-in-exit_round_robin.patch
(stable-fixes CVE-2024-49935 bsc#1232370).
- Update
patches.suse/ACPI-PRM-Find-EFI_MEMORY_RUNTIME-block-for-PRM-handl.patch
(git-fixes CVE-2024-50141 bsc#1233065).
- Update
patches.suse/ALSA-asihpi-Fix-potential-OOB-array-access.patch
(stable-fixes CVE-2024-50007 bsc#1232394).
- Update
patches.suse/ALSA-firewire-lib-Avoid-division-by-zero-in-apply_co.patch
(git-fixes CVE-2024-50205 bsc#1233293).
- Update
patches.suse/ALSA-hda-cs8409-Fix-possible-NULL-dereference.patch
(git-fixes CVE-2024-50160 bsc#1233074).
- Update
patches.suse/ASoC-qcom-Fix-NULL-Dereference-in-asoc_qcom_lpass_cp.patch
(git-fixes CVE-2024-50103 bsc#1232878).
- Update
patches.suse/Bluetooth-Call-iso_exit-on-module-unload.patch
(git-fixes CVE-2024-50078 bsc#1232503).
- Update
patches.suse/Bluetooth-Fix-crash-when-replugging-CSR-fake-control.patch
(git-fixes CVE-2022-48982 bsc#1231978).
- Update
patches.suse/Bluetooth-ISO-Fix-multiple-init-when-debugfs-is-disa.patch
(git-fixes CVE-2024-50077 bsc#1232504).
- Update
patches.suse/Bluetooth-RFCOMM-FIX-possible-deadlock-in-rfcomm_sk_.patch
(git-fixes CVE-2024-50044 bsc#1231904).
- Update
patches.suse/Bluetooth-bnep-fix-wild-memory-access-in-proto_unreg.patch
(git-fixes CVE-2024-50148 bsc#1233063).
- Update
patches.suse/HID-amd_sfh-Switch-to-device-managed-dmam_alloc_cohe.patch
(git-fixes CVE-2024-50189 bsc#1233105).
- Update
patches.suse/IB-core-Fix-ib_cache_setup_one-error-flow-cleanup.patch
(git-fixes CVE-2024-47693 bsc#1232013).
- Update
patches.suse/Input-adp5589-keys-fix-NULL-pointer-dereference.patch
(git-fixes CVE-2024-49871 bsc#1232287).
- Update
patches.suse/PCI-keystone-Add-workaround-for-Errata-i2037-AM65x-S.patch
(stable-fixes CVE-2024-47667 bsc#1231481).
- Update
patches.suse/RDMA-bnxt_re-Add-a-check-for-memory-allocation.patch
(git-fixes CVE-2024-50209 bsc#1233114).
- Update
patches.suse/RDMA-cxgb4-Added-NULL-check-for-lookup_atid.patch
(git-fixes CVE-2024-47749 bsc#1232180).
- Update
patches.suse/RDMA-hns-Fix-spin_unlock_irqrestore-called-with-IRQs.patch
(git-fixes CVE-2024-47735 bsc#1232111).
- Update
patches.suse/RDMA-iwcm-Fix-WARNING-at_kernel-workqueue.c-check_fl.patch
(git-fixes CVE-2024-47696 bsc#1231864).
- Update
patches.suse/RDMA-mad-Improve-handling-of-timed-out-WRs-of-mad-ag.patch
(git-fixes CVE-2024-50095 bsc#1232873).
- Update
patches.suse/RDMA-rtrs-clt-Reset-cid-to-con_num-1-to-stay-in-boun.patch
(git-fixes CVE-2024-47695 bsc#1231931).
- Update
patches.suse/RDMA-rtrs-srv-Avoid-null-pointer-deref-during-path-e.patch
(git-fixes CVE-2024-50062 bsc#1232232).
- Update patches.suse/USB-usbtmc-prevent-kernel-usb-infoleak.patch
(git-fixes CVE-2024-47671 bsc#1231541).
- Update
patches.suse/arm64-probes-Fix-uprobes-for-big-endian-kernels.patch
(git-fixes CVE-2024-50194 bsc#1233111).
- Update
patches.suse/arm64-probes-Remove-broken-LDR-literal-uprobe-support.patch
(git-fixes CVE-2024-50099 bsc#1232887).
- Update
patches.suse/bpf-Fix-helper-writes-to-read-only-maps.patch
(git-fixes CVE-2024-49861 bsc#1232254).
- Update
patches.suse/bpf-Zero-former-ARG_PTR_TO_-LONG-INT-args-in-case-of.patch
(git-fixes CVE-2024-47728 bsc#1232076).
- Update
patches.suse/bpf-correctly-handle-malformed-BPF_CORE_TYPE_ID_LOCA.patch
(git-fixes CVE-2024-49850 bsc#1232189).
- Update
patches.suse/cachefiles-fix-dentry-leak-in-cachefiles_open_file.patch
(bsc#1231181 CVE-2024-49870 bsc#1232279).
- Update
patches.suse/can-bcm-Clear-bo-bcm_proc_read-after-remove_proc_ent.patch
(git-fixes CVE-2024-47709 bsc#1232048).
- Update
patches.suse/ceph-remove-the-incorrect-Fw-reference-check-when-dir.patch
(bsc#1231180 CVE-2024-50179 bsc#1233123).
- Update
patches.suse/drivers-media-dvb-frontends-rtl2830-fix-an-out-of-bo.patch
(git-fixes CVE-2024-47697 bsc#1231858).
- Update
patches.suse/drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bo.patch
(git-fixes CVE-2024-47698 bsc#1231859).
- Update
patches.suse/drm-amd-Guard-against-bad-data-for-ATIF-ACPI-method.patch
(git-fixes CVE-2024-50117 bsc#1232897).
- Update
patches.suse/drm-amd-amdgpu-Check-tbo-resource-pointer.patch
(stable-fixes CVE-2024-46807 bsc#1231138).
- Update
patches.suse/drm-amd-display-Add-array-index-check-for-hdcp-ddc-a.patch
(stable-fixes CVE-2024-46804 bsc#1231132).
- Update
patches.suse/drm-amd-display-Add-null-check-for-afb-in-amdgpu_dm_.patch
(stable-fixes bsc#1232335 CVE-2024-49908 CVE-2024-49905
bsc#1232357).
- Update
patches.suse/drm-amd-display-Check-null-pointers-before-using-dc-.patch
(stable-fixes CVE-2024-49907 bsc#1232334).
- Update
patches.suse/drm-amd-display-Correct-the-defined-value-for-AMDGPU.patch
(stable-fixes CVE-2024-46871 bsc#1231434).
- Update
patches.suse/drm-amd-display-Fix-system-hang-while-resume-with-TB.patch
(stable-fixes CVE-2024-50003 bsc#1232385).
- Update
patches.suse/drm-amd-display-Skip-inactive-planes-within-ModeSupp.patch
(stable-fixes CVE-2024-46812 bsc#1231187).
- Update
patches.suse/drm-amd-display-added-NULL-check-at-start-of-dc_vali.patch
(stable-fixes CVE-2024-46802 bsc#1231111).
- Update
patches.suse/drm-amd-pm-Fix-negative-array-index-read.patch
(stable-fixes CVE-2024-46821 bsc#1231169).
- Update
patches.suse/drm-amdgpu-Fix-smatch-static-checker-warning.patch
(stable-fixes CVE-2024-46835 bsc#1231098).
- Update
patches.suse/drm-amdgpu-fix-the-waring-dereferencing-hive.patch
(stable-fixes CVE-2024-46805 bsc#1231135).
- Update
patches.suse/drm-amdgpu-the-warning-dereferencing-obj-for-nbio_v7.patch
(stable-fixes CVE-2024-46819 bsc#1231202).
- Update
patches.suse/drm-bridge-tc358767-Check-if-fully-initialized-befor.patch
(stable-fixes CVE-2024-46810 bsc#1231178).
- Update
patches.suse/drm-msm-Avoid-NULL-dereference-in-msm_disp_state_pri.patch
(git-fixes CVE-2024-50156 bsc#1233073).
- Update
patches.suse/drm-omapdrm-Add-missing-check-for-alloc_ordered_work.patch
(git-fixes CVE-2024-49879 bsc#1232349).
- Update patches.suse/drm-radeon-Fix-encoder-possible_clones.patch
(git-fixes CVE-2024-50201 bsc#1233104).
- Update
patches.suse/drm-v3d-Stop-the-active-perfmon-before-being-destroy.patch
(git-fixes CVE-2024-50031 bsc#1231947).
- Update
patches.suse/drm-vc4-Stop-the-active-perfmon-before-being-destroy.patch
(git-fixes CVE-2024-50187 bsc#1233108).
- Update
patches.suse/exfat-fix-memory-leak-in-exfat_load_bitmap.patch
(git-fixes CVE-2024-50013 bsc#1232080).
- Update
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198).
- Update
patches.suse/fbdev-pxafb-Fix-possible-use-after-free-in-pxafb_tas.patch
(stable-fixes CVE-2024-49924 bsc#1232364).
- Update patches.suse/fbdev-sisfb-Fix-strbuf-array-overflow.patch
(stable-fixes CVE-2024-50180 bsc#1233125).
- Update patches.suse/firmware_loader-Block-path-traversal.patch
(git-fixes CVE-2024-47742 bsc#1232126).
- Update
patches.suse/fscache-Fix-oops-due-to-race-with-cookie_lru-and-use_cookie.patch
(jsc#SES-1880 CVE-2022-48989 bsc#1232027).
- Update
patches.suse/i2c-stm32f7-Do-not-prepare-unprepare-clock-during-ru.patch
(git-fixes CVE-2024-49985 bsc#1232094).
- Update
patches.suse/i3c-mipi-i3c-hci-Error-out-instead-on-BUG_ON-in-IBI-.patch
(stable-fixes CVE-2024-47665 bsc#1231452).
- Update
patches.suse/iio-light-veml6030-fix-IIO-device-retrieval-from-emb.patch
(git-fixes CVE-2024-50198 bsc#1233100).
- Update patches.suse/jfs-Fix-uaf-in-dbFreeBits.patch (git-fixes
CVE-2024-49903 bsc#1232362).
- Update
patches.suse/jfs-Fix-uninit-value-access-of-new_ea-in-ea_buffer.patch
(git-fixes CVE-2024-49900 bsc#1232359).
- Update
patches.suse/jfs-check-if-leafidx-greater-than-num-leaves-per-dmap-tree.patch
(git-fixes CVE-2024-49902 bsc#1232378).
- Update
patches.suse/jfs-fix-out-of-bounds-in-dbNextAG-and-diAlloc.patch
(git-fixes CVE-2024-47723 bsc#1232050).
- Update
patches.suse/mailbox-bcm2835-Fix-timeout-during-suspend-mode.patch
(git-fixes CVE-2024-49963 bsc#1232147).
- Update
patches.suse/media-venus-fix-use-after-free-bug-in-venus_remove-d.patch
(git-fixes CVE-2024-49981 bsc#1232098).
- Update
patches.suse/msft-hv-3054-x86-hyperv-fix-kexec-crash-due-to-VP-assist-page-cor.patch
(git-fixes CVE-2024-46864 bsc#1231108).
- Update
patches.suse/nbd-fix-race-between-timeout-and-normal-completion.patch
(bsc#1230918 CVE-2024-49855 bsc#1232195).
- Update
patches.suse/net-test-for-not-too-small-csum_start-in-virtio_net_.patch
(git-fixes CVE-2024-49947 bsc#1232162).
- Update
patches.suse/netdevsim-use-cond_resched-in-nsim_dev_trap_report_w.patch
(git-fixes CVE-2024-50155 bsc#1233035).
- Update
patches.suse/nfsd-call-cache_put-if-xdr_reserve_space-returns-NULL.patch
(git-fixes CVE-2024-47737 bsc#1232056).
- Update
patches.suse/nfsd-map-the-EBADMSG-to-nfserr_io-to-avoid-warning.patch
(git-fixes CVE-2024-49875 bsc#1232333).
- Update
patches.suse/nilfs2-fix-kernel-bug-due-to-missing-clearing-of-buffer-delay-flag.patch
(git-fixes CVE-2024-50116 bsc#1232892).
- Update
patches.suse/nilfs2-fix-potential-null-ptr-deref-in-nilfs_btree_insert.patch
(git-fixes CVE-2024-47699 bsc#1231916).
- Update
patches.suse/nilfs2-fix-potential-oob-read-in-nilfs_btree_check_delete.patch
(git-fixes CVE-2024-47757 bsc#1232187).
- Update
patches.suse/nilfs2-fix-state-management-in-error-path-of-log-writing-function.patch
(git-fixes CVE-2024-47669 bsc#1231474).
- Update
patches.suse/nouveau-dmem-Fix-vulnerability-in-migrate_to_ram-upo.patch
(git-fixes CVE-2024-50096 bsc#1232870).
- Update
patches.suse/ntb-intel-Fix-the-NULL-vs-IS_ERR-bug-for-debugfs_cre.patch
(git-fixes CVE-2023-52917 bsc#1231849).
- Update
patches.suse/nvmet-auth-assign-dh_key-to-NULL-after-kfree_sensiti.patch
(git-fixes CVE-2024-50215 bsc#1233189).
- Update
patches.suse/ocfs2-add-bounds-checking-to-ocfs2_xattr_find_entry.patch
(bsc#1228410 CVE-2024-41016 CVE-2024-47670 bsc#1231537).
- Update
patches.suse/ocfs2-cancel-dqi_sync_work-before-freeing-oinfo.patch
(git-fixes CVE-2024-49966 bsc#1232141).
- Update
patches.suse/ocfs2-fix-null-ptr-deref-when-journal-load-failed.patch
(git-fixes CVE-2024-49957 bsc#1232152).
- Update
patches.suse/ocfs2-fix-possible-null-ptr-deref-in-ocfs2_set_buffer_uptodate.patch
(git-fixes CVE-2024-49877 bsc#1232339).
- Update
patches.suse/ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overflow.patch
(git-fixes CVE-2024-50218 bsc#1233191).
- Update
patches.suse/ocfs2-remove-unreasonable-unlock-in-ocfs2_read_blocks.patch
(git-fixes CVE-2024-49965 bsc#1232142).
- Update
patches.suse/parport-Proper-fix-for-array-out-of-bounds-access.patch
(git-fixes CVE-2024-50074 bsc#1232507).
- Update
patches.suse/platform-x86-panasonic-laptop-Fix-SINF-array-out-of-.patch
(git-fixes CVE-2024-46859 bsc#1231089).
- Update
patches.suse/scsi-elx-libefc-Fix-potential-use-after-free-in-efc_nport_vport_del.patch
(git-fixes CVE-2024-49852 bsc#1232819).
- Update
patches.suse/scsi-fnic-Move-flush_work-initialization-out-of-if-b.patch
(bsc#1230055 CVE-2024-50025 bsc#1231953).
- Update
patches.suse/scsi-lpfc-Ensure-DA_ID-handling-completion-before-de.patch
(bsc#1232757 CVE-2024-50183 bsc#1233130).
- Update
patches.suse/scsi-lpfc-Handle-mailbox-timeouts-in-lpfc_get_sfp_in.patch
(bsc#1228857 CVE-2024-46842 bsc#1231101).
- Update
patches.suse/scsi-lpfc-Validate-hdwq-pointers-before-dereferencin.patch
(bsc#1229429 CVE-2024-49891 bsc#1232218).
- Update
patches.suse/scsi-sd-Fix-off-by-one-error-in-sd_read_block_charac.patch
(bsc#1223848 CVE-2024-47682 bsc#1231856).
- Update
patches.suse/scsi-wd33c93-Don-t-use-stale-scsi_pointer-value.patch
(git-fixes CVE-2024-50026 bsc#1231952).
- Update
patches.suse/spi-nxp-fspi-fix-the-KASAN-report-out-of-bounds-bug.patch
(git-fixes CVE-2024-46853 bsc#1231083).
- Update
patches.suse/staging-iio-frequency-ad9834-Validate-frequency-para.patch
(git-fixes CVE-2024-47663 bsc#1231441).
- Update
patches.suse/tpm-Clean-up-TPM-space-after-command-failure.patch
(git-fixes CVE-2024-49851 bsc#1232134).
- Update
patches.suse/tracing-Consider-the-NULL-character-when-validating-the-event-length.patch
(git-fixes CVE-2024-50131 bsc#1232896).
- Update
patches.suse/uprobe-avoid-out-of-bounds-memory-access-of-fetching-args.patch
(git-fixes CVE-2024-50067 bsc#1232416).
- Update
patches.suse/usb-typec-altmode-should-keep-reference-to-parent.patch
(git-fixes CVE-2024-50150 bsc#1233051).
- Update
patches.suse/vhost-scsi-null-ptr-dereference-in-vhost_scsi_get_re.patch
(git-fixes CVE-2024-49863 bsc#1232255).
- Update
patches.suse/wifi-ath9k_htc-Use-__skb_set_length-for-resetting-ur.patch
(stable-fixes CVE-2024-49938 bsc#1232552).
- Update
patches.suse/wifi-mac80211-use-two-phase-skb-reclamation-in-ieee8.patch
(git-fixes CVE-2024-47713 bsc#1232016).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning.patch
(stable-fixes CVE-2024-50008 bsc#1232317).
- Update
patches.suse/wifi-rtw88-always-wait-for-both-firmware-loading-att.patch
(git-fixes CVE-2024-47718 bsc#1232015).
- Update
patches.suse/wifi-wilc1000-fix-potential-RCU-dereference-issue-in.patch
(git-fixes CVE-2024-47712 bsc#1232017).
- commit e33d75f
- virtio_pmem: Check device status before requesting flush
(CVE-2024-50184 bsc#1233135).
- commit 82ce64b
- Update tags in
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198).
- commit ad996bf
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink()
(CVE-2024-50154 bsc#1233070).
- commit 2430e1b
- Refresh patches.kabi/bpf-callback-fixes-kABI-workaround.patch (bsc#1233350)
- add commit message for the kABI patch
- adapt same struct naming as similar kABI workaround in SLE15-SP6
(prefixed with "suse_" to make it more obvious its a downstream thing.
- commit b6821d4
- unicode: Don't special case ignorable code points
(CVE-2024-50089 bsc#1232860).
- commit ba47e72
- mm/memory: add non-anonymous page check in the
copy_present_page() (bsc#1231646).
- commit 9f5cb06
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on
GIC v4.1 (git-fixes).
- commit 1fa30cf
- irqchip/gic-v4: Correctly deal with set_affinity on
lazily-mapped VPEs (CVE-2024-50192 bsc#1233106).
- commit 6b39f7a
- irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
(CVE-2024-50192 bsc#1233106).
- kABI: Don't allow a VMOVP on a dying VPE (kabi CVE-2024-50192
bsc#1233106).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack
(git-fixes).
- commit 1772267
- README.BRANCH: drop explicit maintainers
kbuild already recognizes all downstream branch maintainers an
merge their PRs so we do not need explicit maintainers for the cve
branch itself.
- commit cd6f8fb
- macsec: Fix use-after-free while sending the offloading packet
(CVE-2024-50261 bsc#1233253).
- commit 918342c
- io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
(CVE-2022-48983 bsc#1231959).
- commit cb16389
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
(CVE-2024-50115 bsc#1232919).
- commit 4c6b1da
- mptcp: fix double-free on socket dismantle (CVE-2024-26782
bsc#1222590).
(cherry picked from commit 03ac3f085c702ef308481c09b021887b5a01d52b)
- mptcp: fix double-free on socket dismantle (CVE-2024-26782
bsc#1222590).
- commit 7f40404
- drm/amd/display: Check null pointers before used (bsc#1232371 CVE-2024-49921)
- commit 956721a
- nilfs2: fix kernel bug due to missing clearing of checked flag
(bsc#1233206 CVE-2024-50230).
- commit e84e612
- nilfs2: fix potential deadlock with newly created symlinks
(bsc#1233205 CVE-2024-50229).
- commit 22257d1
- Update
patches.suse/iio-adc-ad7124-fix-division-by-zero-in-ad7124_set_ch.patch
(CVE-2024-50232 bsc#1233209 git-fixes).
- commit c0912d0
- Update patches.suse/drm-amd-Guard-against-bad-data-for-ATIF-ACPI-method.patch (git-fixes bsc#1232897 CVE-2024-50117).
- commit 4fc44d0
- Update
patches.suse/wifi-ath10k-Fix-memory-leak-in-management-tx.patch
(CVE-2024-50236 bsc#1233212 git-fixes).
- Update
patches.suse/wifi-iwlegacy-Clear-stale-interrupts-before-resuming.patch
(CVE-2024-50234 bsc#1233211 stable-fixes).
- Update
patches.suse/wifi-mac80211-do-not-pass-a-stopped-vif-to-the-drive.patch
(CVE-2024-50237 bsc#1233216 git-fixes).
- commit bb693c7
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape (bsc#1232890 CVE-2024-50134)
- commit f5103e7
- net/ncsi: Disable the ncsi work before freeing the associated
structure (CVE-2024-49945 bsc#1232165).
- commit a2d88b4
- net: sched: fix use-after-free in taprio_change()
(CVE-2024-50127 bsc#1232907).
- commit 88b0d06
- Fix regression on AMDGPU driver (bsc#1233134)
Drop a hunk in an AMDGPU fix patch that caused the missing VT console
and possibly other side-effects.
Refreshed:
patches.suse/drm-amd-display-Check-null-pointers-before-using-the.patch.
- commit c4d3cf0
- Update tags
patches.suse/mm-Avoid-overflows-in-dirty-throttling-logic.patch
(bsc#1222364 CVE-2024-42131 bsc#1228650).
- commit 42963b8
- USB: serial: io_edgeport: fix use after free in debug printk
(git-fixes).
- usb: typec: fix potential out of bounds in
ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in
stm32_spdifrx_remove (git-fixes).
- ALSA: firewire-lib: fix return value on fail in
amdtp_tscm_init() (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup()
(git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: adv7604: prevent underflow condition when reporting
colorspace (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: don't play tricks with underflow values
(git-fixes).
- media: dvbdev: prevent the risk of out of memory access
(git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero
(git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl()
(git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission
(git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy
(git-fixes).
- usb: typec: fix unreleased fwnode_handle in
typec_port_register_altmodes() (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event
(git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems
(git-fixes).
- usbip: tools: Fix detach_port() invalid port error path
(git-fixes).
- iio: adc: ad7124: fix division by zero in
ad7124_set_channel_odr() (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in
ad9832_calc_freqreg() (git-fixes).
- iio: light: veml6030: fix microlux value calculation
(git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc()
(git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
(git-fixes).
- wifi: iwlwifi: mvm: Fix response handling in
iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode
(git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING
(git-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys
(git-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in
.get_txpower (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING
(git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device
(stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6
mb1 (stable-fixes).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe()
(git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform
(stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications
(stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix
initial lid detection issue (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[]
(stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593
(stable-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module
unload (git-fixes).
- platform/x86: dell-sysman: add support for alienware products
(stable-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string
(stable-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit
(stable-fixes).
- ASoC: codecs: lpass-rx-macro: add missing
CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- drm/vboxvideo: Replace fake VLA at end of
vbva_mouse_pointer_shape with real VLA (stable-fixes).
- platform/surface: aggregator: Fix warning when controller is
destroyed in probe (git-fixes).
- HID: wacom: Defer calculation of resolution until
resolution_code is known (git-fixes).
- XHCI: Separate PORT and CAPs macros into dedicated file
(stable-fixes).
- media: pci: cx23885: check cx23885_vdev_init() return
(stable-fixes).
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed
(stable-fixes).
- commit 4f83ccb
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- commit f7bbf8d
- ocfs2: remove entry once instead of null-ptr-dereference in
ocfs2_xa_remove() (git-fixes).
- commit ebda297
- pinctrl: ocelot: fix system hang on level based interrupts
(CVE-2024-50196 bsc#1233113).
- commit 722d7d5
- cpufreq: amd-pstate: add check for cpufreq_cpu_get's return
value (CVE-2024-50009 bsc#1232318).
- commit e472c58
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117 CVE-2024-50208)
- commit da4098a
- cpufreq: exit() callback is optional (CVE-2024-38615
bsc#1226592).
- commit de52ec2
- cpufreq: Rearrange locking in cpufreq_remove_dev()
(CVE-2024-38615 bsc#1226592).
- commit f83b7ff
- cpufreq: Split cpufreq_offline() (CVE-2024-38615 bsc#1226592).
- commit 71730ce
- cpufreq: Reorganize checks in cpufreq_offline() (CVE-2024-38615
bsc#1226592).
- commit c8f486b
- cpufreq: amd-pstate: fix memory leak on CPU EPP exit
(CVE-2024-40997 bsc#1227853).
- commit bd37b8f
- ext4: fix error message when rejecting the default hash
(bsc#1232264 CVE-2024-49968).
- commit 4678448
- sched/deadline: Fix task_struct reference leak (CVE-2024-41023
bsc#1228430).
- commit 65da526
- be2net: fix potential memory leak in be_xmit() (CVE-2024-50167
bsc#1233049).
- net/mlx5e: Don't call cleanup on profile rollback failure
(CVE-2024-50146 bsc#1233056).
- net/mlx5: Fix command bitmask initialization (CVE-2024-50147
bsc#1233067).
- commit 30967e3
- arm64:uprobe fix the uprobe SWBP_INSN in big-endian (git-fixes)
- commit ef49fc2
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (CVE-2024-50082 bsc#1232500)
- commit 0de9297
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (CVE-2024-50108 bsc#1232884)
- commit e6eb1e9
- drm/amd/display: fix double free issue during amdgpu module unload (CVE-2024-49989 bsc#1232483)
- commit 6aee3e2
- Refresh
patches.suse/scsi-fnic-Move-flush_work-initialization-out-of-if-b.patch.
- commit c3feb06
- ext4: explicitly exit when ext4_find_inline_entry returns an
error (bsc#1231920 CVE-2024-47701).
- commit dbc663c
- ext4: return error on ext4_find_inline_entry (bsc#1231920
CVE-2024-47701).
- commit 9f6ca1a
- ext4: ext4_search_dir should return a proper error (bsc#1231920
CVE-2024-47701).
- commit 92b7975
- fs/inode: Prevent dump_mapping() accessing invalid
dentry.d_name.name (bsc#1232387 CVE-2024-49934).
- commit 93af37f
- ext4: filesystems without casefold feature cannot be mounted
with siphash (bsc#1232264 CVE-2024-49968).
- commit 84a2529
- ext4: drop ppath from ext4_ext_replay_update_ex() to avoid
double-free (bsc#1232096 CVE-2024-49983).
- commit 8cb0c2e
- vfs: fix race between evice_inodes() and find_inode()&iput()
(bsc#1231930 CVE-2024-47679).
- commit 479d388
- ext4: avoid OOB when system.data xattr changes underneath the
filesystem (bsc#1231920 CVE-2024-47701).
- commit 9e7d0c7
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes
CVE-2024-35937 bsc#1224526).
- blacklist.conf: remove the entry that we're just adding
- commit 81bb44e
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (bsc#1223202 CVE-2024-26906).
- commit 35585b4
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (bsc#1223202 CVE-2024-26906).
- commit fd679d8
- Refresh patches.kabi/bpf-bpf_map-kABI-workaround.patch.
- Removed the duplicated check of
static_assert(sizeof(struct work_struct) >= sizeof(struct rcu_head)).
- Removed unnecessary white-space change in kernel/bpf/syscall.c
- commit d99887e
- Refresh patches.kabi/bpf-bpf_map-kABI-workaround.patch.
Ensure that the free_after_mult_rcu_gp field fits into struct hole on
all architecture by cloning struct bpf_map then use static_assert() to
check.
- commit 9056822
- initramfs: avoid filename buffer overrun (bsc#1232436).
- commit 6855778
- fbdev: efifb: Register sysfs groups through driver core
(bsc#1232224 CVE-2024-49925).
- commit ed25954
- net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979 CVE-2022-48960)
- commit e22014e
- driver core: bus: Fix double free in driver API bus_register()
(CVE-2024-50055 bsc#1232329).
- commit 90fa355
- blk-mq: setup queue ->tag_set before initializing hctx
(CVE-2024-50081 bsc#1232501).
- commit 47f15a1
- block: Avoid leaking hctx->nr_active counter on batched
completion (bsc#1231923).
- commit 06a9b00
- ipv6: avoid use-after-free in ip6_fragment() (CVE-2022-48956
bsc#1231893).
- commit c192a62
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer
(CVE-2024-49991 bsc#1232282).
- commit 6ba5342
- vhost_vdpa: assign irq bypass producer token correctly
(bsc#1232174 CVE-2024-47748).
- commit 51b6257
- octeontx2-af: avoid off-by-one read from userspace
(CVE-2024-36957 bsc#1225762).
- commit 82a42a7
- Update
patches.suse/scsi-lpfc-Restrict-support-for-32-byte-CDBs-to-specific-HBAs.patch
(git-fixes bsc#1232757 bsc#1228119).
- commit ba604a8
- ext4: fix timer use-after-free on failed mount (CVE-2024-49960
bsc#1232395).
- tipc: guard against string buffer overrun (CVE-2024-49995
bsc#1232432).
- commit 7dec126
- Drop HD-audio conexant patch that caused a regression on Thinkpad (bsc#1228269)
- commit 147923a
- uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1232104
CVE-2024-49975).
- commit 98e2376
- module: abort module loading when sysfs setup suffer errors
(git-fixes).
- Refresh patches.suse/add-suse-supported-flag.patch.
- commit 38f1b15
- net/xen-netback: prevent UAF in xenvif_flush_hash()
(CVE-2024-49936 bsc#1232424).
- commit 05a71d8
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled
(bsc#1232757).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR
to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Ensure DA_ID handling completion before deleting
an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo
handler (bsc#1232757).
- scsi: lpfc: Update phba link state conditional before sending
CMF_SYNC_WQE (bsc#1232757).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in
lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Remove trailing space after \n newline
(bsc#1232757).
- commit acff620
- bpf,perf: Fix perf_event_detach_bpf_prog error handling
(git-fixes).
- commit 23dff14
- tracing: Consider the NULL character when validating the event
length (git-fixes).
- commit a6be5ae
- uprobe: avoid out-of-bounds memory access of fetching args
(git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer
(git-fixes).
- tracing/uprobes: Use trace_event_buffer_reserve() helper
(git-fixes).
- commit c9bed4e
- fgraph: Change the name of cpuhp state to "fgraph:online"
(git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph()
(git-fixes).
- commit 25b5fcd
- fgraph: Use CPU hotplug mechanism to initialize idle shadow
stacks (git-fixes).
- commit 7b587c7
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- commit da4b9b4
- sched: sch_cake: fix bulk flow accounting logic for host
fairness (bsc#1231114 CVE-2024-46828).
- commit 2eff83f
- static_call: Replace pointless WARN_ON() in
static_call_module_notify() (bsc#1232155 CVE-2024-49954).
- commit b3b712c
- static_call: Handle module init failure correctly in
static_call_del_module() (bsc#1232083 CVE-2024-50002).
- commit 14d0312
- static_call: Don't make __static_call_return0 static
(git-fixes).
- Refresh patches.kabi/tracepoint-fix.patch.
- commit e74c3f0
- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer
(CVE-2024-49991 bsc#1232282).
- commit bb02e87
- nvmet-auth: assign dh_key to NULL after kfree_sensitive
(git-fixes).
- nvme-multipath: system fails to create generic nvme device
(git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- commit 50acd8c
- mm: split critical region in remap_file_pages() and invoke
LSMs in between (CVE-2024-47745 bsc#1232135 git-fix).
- commit 1436986
- PCI: Fix pci_enable_acs() support for the ACS quirks
(bsc#1229019).
- commit d675594
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- commit 9122478
- NFSv3: only use NFS timeout for MOUNT when protocols are
compatible (bsc#1231016).
- commit 9522cfb
- Update
patches.suse/IB-core-Implement-a-limit-on-UMAD-receive-List.patch
(bsc#1228743 CVE-2024-42145 bsc#1223384).
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-more.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-49982 bsc#1232097).
- Update
patches.suse/fuse-Initialize-beyond-EOF-page-contents-before-setti.patch
(bsc#1229454 CVE-2024-44947 bsc#1229456).
- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch
(CVE-2024-27043 bsc#1223824 bsc#1218562).
- commit 1967352
- Update
patches.suse/i3c-mipi-i3c-hci-Fix-out-of-bounds-access-in-hci_dma.patch
(git-fixes CVE-2023-52766 bsc#1230620).
- Update
patches.suse/nfc-nci-fix-possible-NULL-pointer-dereference-in-sen.patch
(git-fixes CVE-2023-52919 bsc#1231988).
- Update
patches.suse/tcp-do-not-accept-ACK-of-bytes-we-never-sent.patch
(CVE-2023-52881 bsc#1225611 bsc#1223384).
- Update patches.suse/wifi-ath11k-fix-htt-pktlog-locking.patch
(git-fixes CVE-2023-52800 bsc#1230600).
- commit 4af6b80
- Update
patches.suse/0001-af_unix-Get-user_ns-from-in_skb-in-unix_diag_get_exa.patch
(bsc#1209290 CVE-2023-28327 CVE-2022-48970 bsc#1231887).
- Update
patches.suse/ALSA-seq-Fix-function-prototype-mismatch-in-snd_seq_.patch
(git-fixes CVE-2022-48994 bsc#1232119).
- Update
patches.suse/ASoC-ops-Check-bounds-for-second-channel-in-snd_soc_.patch
(git-fixes CVE-2022-48951 bsc#1231929).
- Update
patches.suse/ASoC-ops-Fix-bounds-check-for-_sx-controls.patch
(git-fixes CVE-2022-49005 bsc#1232150).
- Update
patches.suse/ASoC-soc-pcm-Add-NULL-check-in-BE-reparenting.patch
(git-fixes CVE-2022-48992 bsc#1232071).
- Update
patches.suse/Bluetooth-Fix-not-cleanup-led-when-bt_init-fails.patch
(git-fixes CVE-2022-48971 bsc#1232037).
- Update patches.suse/Bluetooth-L2CAP-Fix-u8-overflow.patch
(CVE-2022-45934 bsc#1205796 CVE-2022-48947 bsc#1231895).
- Update
patches.suse/HID-core-fix-shift-out-of-bounds-in-hid_report_raw_e.patch
(git-fixes CVE-2022-48978 bsc#1232038).
- Update
patches.suse/Input-raydium_ts_i2c-fix-memory-leak-in-raydium_i2c_.patch
(git-fixes CVE-2022-48995 bsc#1232120).
- Update
patches.suse/NFC-nci-Bounds-check-struct-nfc_target-arrays.patch
(git-fixes CVE-2022-48967 bsc#1232304).
- Update
patches.suse/afs-Fix-server-active-leak-in-afs_put_server.patch
(git-fixes CVE-2022-49012 bsc#1232005).
- Update
patches.suse/btrfs-fix-hang-during-unmount-when-stopping-a-space-.patch
(bsc#1232262 CVE-2024-49867 CVE-2022-48664 bsc#1223524).
- Update
patches.suse/can-af_can-fix-NULL-pointer-dereference-in-can_rcv_f.patch
(bsc#1210627 CVE-2023-2166 CVE-2022-48977 bsc#1231883).
- Update
patches.suse/can-m_can-pci-add-missing-m_can_class_free_dev-in-pr.patch
(git-fixes CVE-2022-49024 bsc#1232001).
- Update
patches.suse/char-tpm-Protect-tpm_pm_suspend-with-locks.patch
(git-fixes CVE-2022-48997 bsc#1232035).
- Update
patches.suse/drm-shmem-helper-Remove-errant-put-in-error-path.patch
(git-fixes CVE-2022-48981 bsc#1232229).
- Update
patches.suse/e100-Fix-possible-use-after-free-in-e100_xmit_prepar.patch
(git-fixes CVE-2022-49026 bsc#1231997).
- Update
patches.suse/gpio-amd8111-Fix-PCI-device-reference-count-leak.patch
(git-fixes CVE-2022-48973 bsc#1232039).
- Update
patches.suse/gpiolib-fix-memory-leak-in-gpiochip_setup_dev.patch
(git-fixes CVE-2022-48975 bsc#1231885).
- Update
patches.suse/hwmon-coretemp-Check-for-null-before-removing-sysfs-.patch
(git-fixes CVE-2022-49010 bsc#1232172).
- Update
patches.suse/hwmon-coretemp-fix-pci-device-refcount-leak-in-nv1a_.patch
(git-fixes CVE-2022-49011 bsc#1232006).
- Update
patches.suse/hwmon-ibmpex-Fix-possible-UAF-when-ibmpex_register_b.patch
(git-fixes CVE-2022-49029 bsc#1231995).
- Update
patches.suse/iavf-Fix-error-handling-in-iavf_init_module.patch
(jsc#SLE-18385 CVE-2022-49027 bsc#1232007).
- Update
patches.suse/igb-Initialize-mailbox-message-for-VF-reset.patch
(jsc#SLE-18379 CVE-2022-48949 bsc#1231897).
- Update
patches.suse/iio-health-afe4403-Fix-oob-read-in-afe4403_read_raw.patch
(git-fixes CVE-2022-49031 bsc#1231992).
- Update
patches.suse/iio-health-afe4404-Fix-oob-read-in-afe4404_-read-wri.patch
(git-fixes CVE-2022-49032 bsc#1231991).
- Update
patches.suse/iommu-vt-d-Fix-PCI-device-refcount-leak-in-dmar_dev_scope_init
(git-fixes CVE-2022-49002 bsc#1232133).
- Update
patches.suse/iommu-vt-d-Fix-PCI-device-refcount-leak-in-has_external_pci
(git-fixes CVE-2022-49000 bsc#1232123).
- Update
patches.suse/ipv4-Handle-attempt-to-delete-multipath-route-when-f.patch
(bsc#1204171 CVE-2022-3435 CVE-2022-48999 bsc#1231936).
- Update
patches.suse/ixgbevf-Fix-resource-leak-in-ixgbevf_init_module.patch
(git-fixes CVE-2022-49028 bsc#1231996).
- Update
patches.suse/mac802154-fix-missing-INIT_LIST_HEAD-in-ieee802154_i.patch
(git-fixes CVE-2022-48972 bsc#1232025).
- Update
patches.suse/media-v4l2-dv-timings.c-fix-too-strict-blanking-sani.patch
(git-fixes CVE-2022-48987 bsc#1232067).
- Update
patches.suse/msft-hv-2684-net-mana-Fix-race-on-per-CQ-variable-napi-work_done.patch
(git-fixes bsc#1206188 CVE-2022-48985 bsc#1231958).
- Update
patches.suse/net-ethernet-nixge-fix-NULL-dereference.patch
(git-fixes CVE-2022-49019 bsc#1231940).
- Update
patches.suse/net-mdio-fix-unbalanced-fwnode-reference-count-in-md.patch
(git-fixes CVE-2022-48961 bsc#1232108).
- Update
patches.suse/net-mdiobus-fix-unbalanced-node-reference-count.patch
(git-fixes CVE-2022-49016 bsc#1231937).
- Update
patches.suse/net-mlx5e-Fix-use-after-free-when-reverting-terminat.patch
(jsc#SLE-19253 CVE-2022-49025 bsc#1231960).
- Update
patches.suse/net-phy-fix-null-ptr-deref-while-probe-failed.patch
(git-fixes CVE-2022-49021 bsc#1231939).
- Update
patches.suse/net-thunderbolt-fix-memory-leak-in-tbnet_open.patch
(git-fixes CVE-2022-48955 bsc#1231892).
- Update
patches.suse/net-tun-Fix-use-after-free-in-tun_detach.patch
(git-fixes CVE-2022-49014 bsc#1231890).
- Update
patches.suse/nilfs2-fix-NULL-pointer-dereference-in-nilfs_palloc_.patch
(git-fixes CVE-2022-49007 bsc#1232170).
- Update
patches.suse/nvme-fix-SRCU-protection-of-nvme_ns_head-list.patch
(git-fixes CVE-2022-49003 bsc#1232136).
- Update
patches.suse/octeontx2-pf-Fix-potential-memory-leak-in-otx2_init_.patch
(jsc#SLE-24682 CVE-2022-48968 bsc#1232237).
- Update
patches.suse/rtc-cmos-Fix-event-handler-registration-ordering-iss.patch
(git-fixes CVE-2022-48953 bsc#1231941).
- Update patches.suse/s390-qeth-fix-use-after-free-in-hsci.patch
(bsc#1210449 git-fixes CVE-2022-48954 bsc#1231972).
- Update
patches.suse/tracing-Free-buffers-when-a-used-dynamic-event-is-removed.patch
(git-fixes CVE-2022-49006 bsc#1232163).
- Update
patches.suse/udf-Fix-preallocation-discarding-at-indirect-extent-.patch
(bsc#1213034 CVE-2022-48946 bsc#1231888).
- Update
patches.suse/usb-gadget-uvc-Prevent-buffer-overflow-in-setup-hand.patch
(git-fixes CVE-2022-48948 bsc#1231896).
- Update
patches.suse/wifi-cfg80211-fix-buffer-overflow-in-elem-comparison.patch
(git-fixes CVE-2022-49023 bsc#1231961).
- Update
patches.suse/wifi-mac8021-fix-possible-oob-access-in-ieee80211_ge.patch
(git-fixes CVE-2022-49022 bsc#1231962).
- Update
patches.suse/xen-netfront-Fix-NULL-sring-after-live-migration.patch
(git-fixes CVE-2022-48969 bsc#1232026).
- commit 2377658
- Update
patches.suse/drm-vc4-kms-Add-missing-drm_crtc_commit_put.patch
(git-fixes CVE-2021-47534 bsc#1230903).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 CVE-2021-47416 bsc#1225336 bsc#1225189).
- commit d4160e3
- NFSD: Force all NFSv4.2 COPY requests to be synchronous
(CVE-2024-49974 bsc#1232383).
- commit e488dd4
- drm/amd/display: Check null pointers before using them (CVE-2024-49922 bsc#1232374)
- commit 0fa5eef
- Update references in patches.suse/drm-amd-display-Handle-null-stream_status-in-planes_.patch (CVE-2024-49912 bsc#1232367 stable-fixes)
- commit 82ff3c5
- drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (CVE-2024-49911 bsc#1232366)
- commit 647f0fb
- drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (CVE-2024-49923 bsc#1232361)
- commit cd7d6eb
- Update references in patches.suse/drm-amd-display-Fix-index-out-of-bounds-in-DCN30-deg.patch (CVE-2024-49895 bsc#1232352 stable-fixes)
- commit 30b332b
- drm/amd/display: Initialize denominators' default to 1 (CVE-2024-49899 bsc#1232358)
- commit debe055
- drm/amd/display: Check phantom_stream before it is used (CVE-2024-49897 bsc#1232355)
- commit 6e6c48e
- Update references in patches.suse/drm-amd-display-Fix-index-out-of-bounds-in-degamma-h.patch (CVE-2024-49894 bsc#1232354 stable-fixes)
- commit 31682a2
- drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (CVE-2024-49909 bsc#1232337)
- commit 40ccde2
- Update references for patches.suse/drm-amd-display-Add-null-check-for-top_pipe_to_progr.patch (CVE-2024-49913 bsc#1232307 stable-fixes)
- commit 809100c
- drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (CVE-2024-49901 bsc#1232305)
- commit 28f4c23
- Update references in patches.suse/drm-amd-display-Check-null-pointer-before-dereferenc.patch (CVE-2024-50049 bsc#1232309 stable-fixes)
- commit dbbbdf6
- Rename to
patches.suse/scsi-pm8001-Do-not-overwrite-PCI-queue-mapping.patch.
An upstream git-fix replaces an existing SUSE-only patch. The
contents are essentially the same, but the meta-data and patch
filename have changed.
- commit 658b404
- Update patches.suse/drm-amd-display-Add-null-check-for-afb-in-amdgpu_dm_.patch (stable-fixes bsc#1232335 CVE-2024-49908).
- commit d6e1a21
- drm/amd/display: Check null pointer before try to access it (bsc#1232332 CVE-2024-49906)
- commit afdfd36
- drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369 CVE-2024-49914)
- commit 3d890ab
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- commit a6a7d8b
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- commit 122bc1e
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- commit e1d0f0a
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- commit 9ec5789
- scsi: wd33c93: Don't use stale scsi_pointer value (git-fixes).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs
(git-fixes).
- drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: elx: libefc: Fix potential use after free in
efc_nport_vport_del() (git-fixes).
- scsi: NCR5380: Check for phase match during PDMA fixup
(git-fixes).
- scsi: mac_scsi: Disallow bus errors during PDMA send
(git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages
(git-fixes).
- scsi: smartpqi: revert
propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit
(git-fixes).
- drbd: Add NULL check for net_conf to prevent dereference in
state validation (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count()
(git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES
(git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES
(git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure
scanned in again after probe failed (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: core: Handle devices which return an unusually large
VPD page count (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use
(git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions
(git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data
(git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address
to port (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- commit 2156f82
- ext4: fix access to uninitialised lock in fc replay path (CVE-2024-50014 bsc#1232446)
- commit a229d89
- ext4: fix i_data_sem unlock order in ext4_ind_migrate() (CVE-2024-50006 bsc#1232442)
- commit 5cc362b
- iommu/vt-d: Fix potential lockup if qi_submit_sync called
with 0 count (bsc#1232316 CVE-2024-49993).
- commit add20c9
- jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (CVE-2024-49959 bsc#1232149)
- commit 6f60278
- ext4: update orig_path in ext4_find_extent() (CVE-2024-49881 bsc#1232201)
- commit 0088c10
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- commit 070f449
- ACPI: sysfs: validate return type of _STR method (bsc#1231861
CVE-2024-49860).
- commit 1bb3615
- btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info()
in walk_down_proc() (CVE-2024-46841 bsc#1231094).
- commit bf46df8
- ext4: aovid use-after-free in ext4_ext_insert_extent() (CVE-2024-49883 bsc#1232199)
- commit 2b05f4c
- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO
hog on RK3399 Puma (git-fixes).
- commit cf1f6ea
- blk_iocost: fix more out of bound shifts (CVE-2024-49933 bsc#1232368)
- commit c639728
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (CVE-2024-49929 bsc#1232253)
- commit 58431d9
- Update references in patches.suse/efistub-tpm-Use-ACPI-reclaim-memory-for-event-log-to.patch (CVE-2024-49858 bsc#1232251 stable-fixes)
- commit 643a630
- tracing/timerlat: Fix a race during cpuhp processing (CVE-2024-49866 bsc#1232259)
- commit 5a5e6bb
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (CVE-2024-50048 bsc#1232310)
- commit 58eb9a7
- ACPI: PRM: Clean up guid type in struct prm_handler_info
(git-fixes).
- commit 3b24754
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and
context (git-fixes).
- ASoC: qcom: Fix NULL Dereference in
asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: firewire-lib: Avoid division by zero in
apply_constraint_to_size() (git-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method
(git-fixes).
- net: usb: usbnet: fix name regression (git-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions
(stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL
(stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on
HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2
(stable-fixes).
- commit 738bedb
- Revert PM changes that caused a regression on S4 resume (bsc#1231578)
The recent PM fixes seem causing a regression and broke the resume from
suspend-to-disk. Revert those temporarily as a workaround.
- commit 214736e
- drm/amd/display: Fix index out of bounds in DCN30 color
transformation (CVE-2024-49969 bsc#1232519).
- commit a2392a3
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR
(git-fixes bsc#1232632).
- commit c1f0a53
- KVM: s390: Change virtual to physical address access in diag
0x258 handler (git-fixes bsc#1232631).
- commit ff68f2a
- KVM: s390: gaccess: Check if guest address is in memslot
(git-fixes bsc#1232630).
- commit 31c3558
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow
(git-fixes).
- commit d909d0d
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- commit cd82099
- serial: protect uart_port_dtr_rts() in uart_shutdown() too
(CVE-2024-50058 bsc#1232285).
- commit 34995da
- smb: client: fix UAF in async decryption (bsc#1232418
CVE-2024-50047).
- commit dcba7ec
- Update references in patches.suse/ACPICA-check-null-return-of-ACPI_ALLOCATE_ZEROED-in-.patch (CVE-2024-49962 bsc#1232314 stable-fixes)
- commit f0fdf4d
- Update references in patches.suse/drm-amd-display-Check-stream-before-comparing-them.patch (CVE-2024-49896 bsc#1232221 stable-fixes).
- commit 0424fac
- Update references in patches.suse/drm-amd-pm-ensure-the-fw_info-is-not-null-before-usi.patch (CVE-2024-49890 bsc#1232217 stable-fixes)
- commit 10dd27d
- Update references in patches.suse/drm-amd-display-Initialize-get_bytes_per_element-s-d.patch (CVE-2024-49892 bsc#1232220 stable-fixes)
- commit 53b7a11
- ACPI: battery: Fix possible crash when unregistering a battery hook (CVE-2024-49955 bsc#1232154)
- commit 9b71864
- ACPI: battery: Simplify battery hook locking (bsc#1232154)
- commit fe3f1c8
- ACPI: battery: Call power_supply_changed() when adding hooks (bsc#1232154)
- commit 3384bbc
- padata: use integer wrap around to prevent deadlock on seq_nr overflow (CVE-2024-47739 bsc#1232124)
- commit d49e07a
- drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (CVE-2024-47720 bsc#1232043)
- commit c17fe2d
- iommu/vt-d: Always reserve a domain ID for identity setup
(git-fixes).
- commit b9c8f77
- btrfs: clean up our handling of refs == 0 in snapshot delete (CVE-2024-46840 bsc#1231105)
- commit 82b0718
- drm/amd/display: Check null pointers before multiple uses (bsc#1232313 CVE-2024-49920)
- commit 5963a7b
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- commit 28c98ef
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944 CVE-2024-47704)
- commit a3d6750
- selftests/bpf: Add test for lsm tail call (CVE-2024-50063
bsc#1232435).
- bpf: Prevent tail call between progs attached to different hooks
(CVE-2024-50063 bsc#1232435).
- Refresh patches.kabi/bpf-bpf_map-kABI-workaround.patch
- selftests/bpf: Add a test for using a cpumap from an
freplace-to-XDP program (CVE-2024-50063 bsc#1232435).
- bpf: Resolve fext program type when checking map compatibility
(CVE-2024-50063 bsc#1232435).
- Refresh patches.suse/bpf-Fix-null-pointer-dereference-in-resolve_prog_typ.patch
- Refresh patches.suse/bpf-Fix-updating-attached-freplace-prog-in-prog_arra.patch
- commit 0f72f86
- net: mvneta: Fix an out of bounds check (CVE-2022-48966
bsc#1232191).
- commit 8b86532
- net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
(CVE-2022-48962 bsc#1232286).
- commit 0f23f49
- btrfs: wait for fixup workers before stopping cleaner kthread
during umount (bsc#1232262 CVE-2024-49867).
- btrfs: fix hang during unmount when stopping a space reclaim
worker (bsc#1232262 CVE-2024-49867).
- commit b603fa4
- ppp: fix ppp_async_encode() illegal access (CVE-2024-50035
bsc#1232392).
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO
(CVE-2024-49949 bsc#1232160).
- net: dsa: sja1105: avoid out of bounds access in
sja1105_init_l2_policing() (CVE-2022-48980 bsc#1232233).
- net: mvneta: Prevent out of bounds read in mvneta_config_rss()
(CVE-2022-48966 bsc#1232191).
- net/9p: Fix a potential socket leak in p9_socket_open
(CVE-2022-49020 bsc#1232175).
- commit f80d8c6
- wifi: rtw89: avoid to add interface to list twice when SER
(CVE-2024-49939 bsc#1232381).
- commit 11b12a3
- kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450).
- Makefile.compiler: replace cc-ifversion with compiler-specific
macros (bsc#1230414 bsc#1229450).
- commit 333c031
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- commit 18e56f7
- fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes).
- commit 5011da4
- filelock: fix potential use-after-free in posix_lock_inode
(git-fixes).
- commit a756cfc
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write()
(git-fixes).
- commit 2d51bab
- debugfs: fix automount d_fsdata usage (git-fixes).
- commit f411859
- erofs: avoid infinite loop in z_erofs_do_read_page() when
reading beyond EOF (git-fixes).
- commit 974bef0
- erofs: fix potential overflow calculating xattr_isize
(git-fixes).
- commit 4298ffd
- erofs: stop parsing non-compact HEAD index if clusterofs is
invalid (git-fixes).
- commit 7d6a607
- fs/namespace: fnic: Switch to use %ptTd (git-fixes).
- Refresh
patches.suse/mount-warn-only-once-about-timestamp-range-expiratio.patch.
- commit eb6d674
- exportfs: use pr_debug for unreachable debug statements
(git-fixes).
- commit 6f07ce6
- erofs: fix pcluster use-after-free on UP platforms (git-fixes).
- commit bc3c731
- erofs: avoid consecutive detection for Highmem memory
(git-fixes).
- commit 1f8a3b1
- afs: Revert "afs: Hide silly-rename files from userspace"
(git-fixes).
- commit 514f9ab
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- commit d46e58b
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- commit d50701c
- Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342)
- commit 9eb10ce
- Update patch reference for NTB fix (CVE-2024-50059 bsc#1232345)
- commit 7e7191a
- mm: call the security_mmap_file() LSM hook in remap_file_pages()
(CVE-2024-47745 bsc#1232135).
- commit 20b76bc
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma
(CVE-2022-48991 bsc#1232070 prerequisity git-fix).
- mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
(CVE-2022-48991 bsc#1232070).
- commit 3ab8533
- mm/khugepaged: fix GUP-fast interaction by sending IPI
(CVE-2022-48991 bsc#1232070 prerequisity).
- commit 327d525
- mm/khugepaged: take the right locks for page table retraction
(CVE-2022-48991 bsc#1232070 prerequisity).
- commit e43adf4
- mm: gup: fix the fast GUP race against THP collapse
(CVE-2022-48991 bsc#1232070 prerequisity).
- commit 262192e
- Bluetooth: L2CAP: Fix uaf in l2cap_connect (CVE-2024-49950
bsc#1232159).
- commit 640a739
- net: seeq: Fix use after free vulnerability in ether3 Driver
Due to Race Condition (CVE-2024-47747 bsc#1232145).
- commit a1020b1
- ext4: fix double brelse() the buffer of the extents path
(bsc#1232200 CVE-2024-49882).
- ext4: no need to continue when the number of entries is 1
(bsc#1232140 CVE-2024-49967).
- commit 52da641
- ppp: do not assume bh is held in ppp_channel_bridge_input()
(CVE-2024-49946 bsc#1232164).
- net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()
(CVE-2024-50000 bsc#1232085).
- net/mlx5: Fix error path in multi-packet WQE transmit
(CVE-2024-50001 bsc#1232084).
- ethernet: aeroflex: fix potential skb leak in greth_init_rings()
(CVE-2022-48958 bsc#1231889).
- commit 25ee2f4
- jfs: Fix sanity check in dbMount (git-fixes).
- commit 35da5b4
- drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (CVE-2024-46811 bsc#1231179).
- commit 1bc47f7
- drm/amd/display: Check msg_id before processing transcation (CVE-2024-46814 bsc#1231193).
- commit 81681a2
- i3c: master: cdns: Fix use after free vulnerability in
cdns_i3c_master Driver Due to Race Condition (CVE-2024-50061
bsc#1232263).
- commit 6ed9c96
- r8169: add tally counter fields added with RTL8125 (CVE-2024-49973 bsc#1232105)
- commit 4e4fc3c
- crypto: hisilicon/qm - inject error before stopping queue (CVE-2024-47730 bsc#1232075)
- commit 9699bc1
- crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075)
- commit 368c724
- crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075)
- commit 0b80db6
- sock_map: Add a cond_resched() in sock_hash_free() (CVE-2024-47710 bsc#1232049)
- commit 5cc4002
- cifs: Fix buffer overflow when parsing NFS reparse points
(bsc#1232089, CVE-2024-49996).
- commit 629d06c
- tipc: re-fetch skb cb after tipc_msg_validate (CVE-2022-49017 bsc#1232004)
- commit b9d33e0
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (CVE-2024-47685 bsc#1231998)
- commit d7fe249
- net: Fix an unsafe loop on the list (CVE-2024-50024 bsc#1231954)
- commit f700b14
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (CVE-2024-47707 bsc#1231935)
- commit 64e3b6a
- netfilter: br_netfilter: fix panic with metadata_dst skb (CVE-2024-50045 bsc#1231903)
- commit 727e945
- block, bfq: fix possible UAF for bfqq->bic with merge chain (CVE-2024-47706 bsc#1231942)
- commit c5d0bc0
- tcp: check skb is non-NULL in tcp_rto_delta_us() (CVE-2024-47684 bsc#1231987)
- commit 569d856
- net: hsr: Fix potential use-after-free (CVE-2022-49015 bsc#1231938)
- commit 5883d13
- add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036).
- commit 3e74daa
- wifi: ath11k: fix array out-of-bound access in SoC stats
(CVE-2024-49930 bsc#1232260).
- commit e11de4c
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug
(CVE-2024-49886 bsc#1232196).
- commit b27a545
- Refresh
patches.suse/gpio-pca953x-fix-pca953x_irq_bus_sync_unlock-race.patch.
The gpio-pca953x driver wasn't yet converted to guard-style locking
in kernel v5.14, so use traditional locking directives.
- commit 3464b98
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- commit 105bb8d
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- commit d94196b
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- commit eda3a0b
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- commit 1391273
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- commit 4aef76b
- drm/amd/display: Add null check for head_pipe in
dcn32_acquire_idle_pipe_for_head_pipe_in_layer (CVE-2024-49918
bsc#1231967).
- commit a445095
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- commit b215a2f
- arm64: Add Cortex-715 CPU part definition (git-fixes)
Refresh patches.suse/arm64-Add-Cortex-A520-CPU-part-definition.patch.
Refresh patches.suse/arm64-cputype-Add-Cortex-X4-definitions.patch.
- commit 5d98446
- wifi: mac80211: don't use rate mask for offchannel TX either
(CVE-2024-47738 bsc#1232114).
- wifi: mac80211: don't use rate mask for scanning (CVE-2024-47738
bsc#1232114).
- commit 67fbe82
- drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs
in dcn30_init_hw (bsc#1231965 CVE-2024-49917).
- commit c6bb88b
- md/raid5: fix deadlock that raid5d() wait for itself to clear
MD_SB_CHANGE_PENDING (CVE-2024-39476 bsc#1227437).
- commit ee734c0
- ocfs2: reserve space for inline xattr before attaching reflink
tree (bsc#1232151 CVE-2024-49958).
- commit 8a206c2
- kthread: unpark only parked kthread (git-fixes, bsc#1231990,
CVE-2024-50019).
- commit ad67452
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- commit 6a38280
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- commit d16b07d
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- commit 6ee6f75
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- commit 783b4c0
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- commit f222561
- x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116 CVE-2024-47727).
- commit c381359
- fat: fix uninitialized variable (git-fixes).
- commit 457698b
- Update
patches.suse/memcg-Fix-possible-use-after-free-in-memcg_write_event_control.patch
(bsc#1206344, CVE-2022-48988, bsc#1232069).
- commit e7eaea8
- drm/amd/display: Add null check for head_pipe in
dcn201_acquire_free_pipe_for_layer (CVE-2024-49919 bsc#1231968).
- commit afcb4c9
- dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add()
and dpaa2_switch_acl_entry_remove() (CVE-2022-48957
bsc#1231973).
- commit b3f573c
- slip: make slhc_remember() more robust against malicious packets
(CVE-2024-50033 bsc#1231914).
- i40e: Fix macvlan leak by synchronizing access to
mac_filter_hash (CVE-2024-50041 bsc#1231907).
- commit bf7bdd1
- net: dsa: sja1105: fix memory leak in
sja1105_setup_devlink_regions() (CVE-2022-48959 bsc#1231976).
- commit ec81f5f
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- commit 0e442b9
- thermal: core: Reference count the zone in
thermal_zone_get_by_id() (CVE-2024-50028 bsc#1231950).
- commit cae3a79
- kabi fix for NFSv4: Prevent NULL-pointer dereference in
nfs42_complete_copies() (bsc#1231902 CVE-2024-50046).
- commit 2c3b231
- NFSv4: Prevent NULL-pointer dereference in
nfs42_complete_copies() (bsc#1231902 CVE-2024-50046).
- commit 8c78cbf
- drm/amdgpu: prevent BO_HANDLES error from being overwritten
(git-fixes).
- commit 33d2548
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- Revert "usb: yurex: Replace snprintf() with the safer
scnprintf() variant" (stable-fixes).
- usb: xhci: Fix problem with xhci resume from suspend
(stable-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB
sound chip (stable-fixes).
- USB: misc: yurex: fix race between read and write
(stable-fixes).
- USB: misc: cypress_cy7c63: check for short transfer
(stable-fixes).
- USB: appledisplay: close race between probe and completion
handler (stable-fixes).
- USB: serial: pl2303: add device id for Macrosilicon MS3020
(stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt
Registration in the Crashkernel Scenario (stable-fixes).
- usb: chipidea: udc: enable suspend interrupt after usb reset
(stable-fixes).
- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time
(git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk
(stable-fixes).
- power: reset: brcmstb: Do not go into infinite loop if reset
fails (stable-fixes).
- spi: bcm63xx: Fix module autoloading (git-fixes).
- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ
(git-fixes).
- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb
before resubmit (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: ath9k: Remove error checks when creating debugfs entries
(git-fixes).
- wifi: ath9k: fix possible integer overflow in
ath9k_get_et_stats() (stable-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats
(stable-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- spi: spidev: Add missing spi_device_id for jg10309-01
(git-fixes).
- spi: bcm63xx: Enable module autoloading (stable-fixes).
- wifi: iwlwifi: clear trans->state earlier upon error
(stable-fixes).
- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation
(stable-fixes).
- wifi: iwlwifi: lower message level for FW buffer destination
(stable-fixes).
- platform/surface: aggregator_registry: Add support for Surface
Laptop Go 3 (stable-fixes).
- usbnet: ipheth: fix carrier detection in modes 1 and 4
(stable-fixes).
- usb: yurex: Fix inconsistent locking bug in yurex_read()
(git-fixes).
- usb: yurex: Replace snprintf() with the safer scnprintf()
variant (stable-fixes).
- wifi: ath9k: fix parameter check in ath9k_init_debug()
(stable-fixes).
- spi: lpspi: Simplify some error message (git-fixes).
- spi: lpspi: release requested DMA channels (stable-fixes).
- spi: lpspi: Silence error message upon deferred probe
(stable-fixes).
- commit f956c13
- parport: Proper fix for array out-of-bounds access (git-fixes).
- iio: hid-sensors: Fix an error handling path in
_hid_sensor_set_report_latency() (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in
Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig
(git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig
(git-fixes).
- iio: proximity: mb1232: add missing select
IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: opt3001: add missing full-scale range value
(git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work()
(git-fixes).
- media: videobuf2-core: clear memory related fields in
__vb2_plane_dmabuf_put() (stable-fixes).
- ntb: ntb_hw_switchtec: Fix use after free vulnerability in
switchtec_ntb_remove due to race condition (stable-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for
debugfs_create_dir() (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken
(stable-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip
(stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 840 G2
(stable-fixes).
- Input: ads7846 - ratelimit the spi_sync error message
(stable-fixes).
- Input: goodix - use the new soc_intel_is_byt() helper
(stable-fixes).
- commit dcfb1af
- HID: multitouch: Add support for GT7868Q (stable-fixes).
- Refresh
patches.kabi/restore-renamed-device-IDs-for-USB-HID-devices.patch.
- commit 3c7db56
- i2c: xiic: Switch from waitqueue to completion (stable-fixes).
- Refresh patches.suse/i2c-xiic-Make-bus-names-unique.patch.
- commit a465fd8
- Bluetooth: btusb: Fix regression with fake CSR controllers
0a12:0001 (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
(git-fixes).
- Bluetooth: Remove debugfs directory on module init failure
(git-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded
device (git-fixes).
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory
systems (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring
(git-fixes).
- drm/msm/dpu: don't always program merge_3d block (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc()
(git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs()
(git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate
calculation (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized
(git-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume
key (stable-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime
suspend/resume (git-fixes).
- drm/amd/display: Fix system hang while resume with TBT monitor
(stable-fixes).
- i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm
enabled (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- drm/amd/display: Allow backlight to go below
`AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amd/display: Validate backlight caps are sane
(stable-fixes).
- drm/amd/display: Check null pointer before dereferencing se
(stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store
invalid bus attribute (stable-fixes).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid
corruption (stable-fixes).
- comedi: ni_routing: tools: Check when the file could not be
opened (stable-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters
(stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout
(git-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue
(stable-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC
Determination (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer
(stable-fixes).
- drm/amd/pm: ensure the fw_info is not null before using it
(stable-fixes).
- drm/amd/display: Add null check for 'afb' in
amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes).
- drm/amd/display: Check null pointers before using dc->clk_mgr
(stable-fixes).
- drm/radeon/r100: Handle unknown family in
r100_cp_init_microcode() (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx
(stable-fixes).
- drm/amd/display: Handle null 'stream_status' in
'planes_changed_for_existing_stream' (stable-fixes).
- drm/amd/display: Initialize get_bytes_per_element's default to 1
(stable-fixes).
- drm/amd/display: Add null check for top_pipe_to_program in
commit_planes_for_stream (stable-fixes).
- drm/radeon: properly handle vbios fake edid sizing (git-fixes).
- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).
- drm/amd/display: Fix index out of bounds in DCN30 color
transformation (stable-fixes).
- drm/amd/display: Fix index out of bounds in degamma hardware
format translation (stable-fixes).
- drm/amd/display: Fix index out of bounds in DCN30 degamma
hardware format translation (stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit
(stable-fixes).
- drm/amd/display: Check stream before comparing them
(stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd
Portfolio (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task()
(stable-fixes).
- bus: integrator-lm: fix OF node leak in probe() (git-fixes).
- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp()
(git-fixes).
- i2c: xiic: improve error message when transfer fails to start
(stable-fixes).
- i2c: xiic: Use devm_clk_get_enabled() (stable-fixes).
- i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path
(git-fixes).
- drm/amdgpu: Replace one-element array with flexible-array member
(stable-fixes).
- drm/radeon: Replace one-element array with flexible-array member
(stable-fixes).
- drm/rockchip: support gamma control on RK3399 (stable-fixes).
- drm/rockchip: define gamma registers for RK3399 (stable-fixes).
- i2c: xiic: Fix RX IRQ busy check (stable-fixes).
- i2c: xiic: Fix broken locking on tx_msg (stable-fixes).
- commit 9daeadb
- Bluetooth: ISO: Fix multiple init when debugfs is disabled
(git-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to
irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to
irq1_level_low_skip_override[] (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X
(stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u
(stable-fixes).
- ALSA: core: add isascii() check to card ID generator
(stable-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200
(stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9
(stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET
(stable-fixes).
- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer
the error (git-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk
(stable-fixes).
- ALSA: hda: cs35l41: fix module autoloading (git-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros
(stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries
(stable-fixes).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard
types (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
(stable-fixes).
- ACPI: EC: Do not release locks during operation region accesses
(stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails
(stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails
(stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in
acpi_db_convert_to_package() (stable-fixes).
- ASoC: tda7419: fix module autoloading (stable-fixes).
- ASoC: intel: fix module autoloading (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids
(stable-fixes).
- commit f59a49f
- block: fix potential invalid pointer dereference in
blk_add_partition (bsc#1231872 CVE-2024-47705).
- block: print symbolic error name instead of error code
(bsc#1231872).
- commit 629456f
- nfsd: return -EINVAL when namelen is 0 (CVE-2024-47692
bsc#1231857).
- commit 3ec0b50
- nilfs2: fix kernel bug due to missing clearing of buffer delay
flag (git-fixes).
- commit fa778cc
- Refresh
patches.suse/KVM-Reject-overly-excessive-IDs-in-KVM_CREATE_VCPU.patch
(fix build warning).
- commit 4509600
- ethtool: fail closed if we can't get max channel used in
indirection tables (CVE-2024-46834 bsc#1231096).
- commit 92f1041
- vmxnet3: update to version 9 (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads
(bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3
(bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- commit 11f0889
- gpio: prevent potential speculation leaks in
gpio_device_get_desc() (stable-fixes CVE-2024-44931
bsc#1229837).
- commit fd874e3
- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race
(stable-fixes CVE-2024-42253 bsc#1229005).
- commit 1b7d3e6
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- commit e96d6b6
- NFSD: Mark filecache "down" if init fails (git-fixes).
- commit 2bc13b1
- nfs: fix memory leak in error path of nfs4_do_reclaim
(git-fixes).
- commit 78b8702
- nfsd: fix delegation_blocked() to block correctly for at least
30 seconds (git-fixes).
- commit a755d72
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- commit c0a4772
- nfsd: call cache_put if xdr_reserve_space returns NULL
(git-fixes).
- commit bea413a
- nfsd: fix refcount leak when file is unhashed after being found
(git-fixes).
- commit a3bda73
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire
(git-fixes).
- commit 1bee667
- NFS: Avoid unnecessary rescanning of the per-server delegation
list (git-fixes).
- commit 5a9ecaa
- NFSv4: Fix clearing of layout segments in layoutreturn
(git-fixes).
- commit 21968b2
- ocfs2: fix the la space leak when unmounting an ocfs2 volume
(git-fixes).
- commit 2bcef50
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- commit 894e3e9
- jfs: check if leafidx greater than num leaves per dmap tree
(git-fixes).
- commit 2a190ef
- jfs: Fix uaf in dbFreeBits (git-fixes).
- commit 77fee8f
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- commit bdbc194
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- commit 06d0a1f
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- commit a59c1e5
- RDMA/hns: Refactor the abnormal interrupt handler function (git-fixes)
Refresh patches.suse/RDMA-hns-Fix-VF-triggering-PF-reset-in-abnormal-inte.patch
- commit 16f4f98
- RDMA/hns: Fix the wrong type of return value of the interrupt handler (git-fixes)
Refresh:
- patches.suse/RDMA-hns-Fix-VF-triggering-PF-reset-in-abnormal-inte.patch
- patches.suse/RDMA-hns-Fix-soft-lockup-under-heavy-CEQE-load.patch
- commit 10cd6d3
- RDMA/hns: Remove unused abnormal interrupt of type RAS (git-fixes)
- commit 05afe22
- mm: avoid leaving partial pfn mappings around in error case
(CVE-2024-47674 bsc#1231673).
- commit 9910e8f
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- commit bc97910
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- commit d91cca2
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- commit 530c748
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- commit 04af073
- RDMA/srpt: Make slab cache names unique (git-fixes)
- commit d1c01aa
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- commit 5a68e97
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- commit e2cb15f
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- commit a888491
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- commit 21e34e7
- udf: Avoid excessive partition lengths (bsc#1230773
CVE-2024-46777).
- commit 43cca3d
- fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439
CVE-2024-47660).
- commit 66d4cf0
- netem: fix return value if duplicate enqueue fails
(CVE-2024-45016 bsc#1230429).
- commit 2e9108a
- net: test for not too small csum_start in
virtio_net_hdr_to_skb() (git-fixes).
- commit 78a3945
- KVM: fix memoryleak in kvm_init() (git-fixes).
- commit 066c2d8
- kabi: fix after KVM: arm64: mixed-width check should be skipped
for uninitialized vCPUs (git-fixes).
- commit bbf2daf
- kabi: fix after kvm: add guest_state_{enter,exit}_irqoff()
(git-fixes).
- commit baf8de4
- kab: fix after net: add more sanity check in
virtio_net_hdr_to_skb() (git-fixes).
- commit e85c3fa
- kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes).
- commit 880c9eb
- nbd: fix race between timeout and normal completion
(bsc#1230918).
- commit 3f6c035
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()
(git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in
ish_fw_xfer_direct_dma (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller
is halted (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- commit 27bf420
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C
(git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C
(git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source
(git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete
(git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy
error (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed
(git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed
(git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in
rfcomm_sk_state_change (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm
enabled (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin
(git-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace
if SND=m (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs
(git-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257
(git-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages
(git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched
(git-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS
(git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE
(git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq()
(git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- drm: komeda: Fix an issue related to normalized zpos
(stable-fixes).
- ALSA: hda/realtek - FIxed ALC285 headphone no sound
(stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound
(stable-fixes).
- ALSA: hda: Fix kctl->id initialization (git-fixes).
- ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
(git-fixes).
- commit 05e9a52
- perf/x86/intel: Limit the period on Haswell (bsc#1231072,
CVE-2024-46848).
- commit f8c2996
- sched/smt: Fix unbalance sched_smt_present dec/inc
(CVE-2024-44958 bsc#1230179).
- commit 2c63e21
- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped
(CVE-2024-47673 bsc#1231539).
- commit 775f803
- wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead
(CVE-2024-47672 bsc#1231540).
- commit 01e4e8b
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- commit 56416b7
- spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (CVE-2024-47664 bsc#1231442)
- commit c0024fd
- drm/amd/display: Avoid overflow from uint32_t to uint8_t (CVE-2024-47661 bsc#1231496)
- commit 8f65382
- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668 bsc#1231502)
- commit 45aa8b3
- dn_route: set rt neigh to blackhole_netdev instead of
loopback_dev in ifdown (bsc#1216813).
- commit 44138e3
- xfrm: set dst dev to blackhole_netdev instead of loopback_dev
in ifdown (bsc#1216813).
- commit 89c7a24
- ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813).
- commit faf59f1
- ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813).
- commit 13cc498
- selftests/bpf: Add a test case to write mtu result into .rodata
(git-fixes).
- commit c1c2650
- selftests/bpf: Add a test case to write strtol result into
.rodata (git-fixes).
- commit 1de69ac
- selftests/bpf: Rename ARG_PTR_TO_LONG test description
(git-fixes).
- commit 6cf4336
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test
(git-fixes).
- commit fd06ef1
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error
(git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types
(git-fixes).
- commit 6b5690f
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul
helpers (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit
(git-fixes).
- bpf: Allow helpers to accept pointers with a fixed size
(git-fixes).
- Refresh patches.suse/bpf-Tidy-up-verifier-check_func_arg.patch
- commit b017693
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL
relocation (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos
(git-fixes).
- commit 262d8c3
- KVM: x86: Use a stable condition around all VT-d PI paths
(git-fixes).
- Refresh
patches.suse/KVM-VMX-Don-t-unblock-vCPU-w-Posted-IRQ-if-IRQs-are-.patch.
- commit d33f58c
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- commit fe7fa3e
- KVM: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k
(git-fixes).
- Refresh
patches.suse/KVM-x86-mmu-Remove-spurious-TLB-flushes-in-TDP-MMU-z.patch.
- commit 6e463a6
- bpf, net: Fix a potential race in do_sock_getsockopt()
(git-fixes).
- net: socket: suppress unused warning (git-fixes).
- commit 62fee56
- KVM: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes).
- commit 9bc72d6
- fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE
(CVE-2024-45025 bsc#1230456).
- commit 19343d1
- Update kabi files.
Based on October maintenance update:
kernel-64kb-devel-5.14.21-150500.55.83.1.aarch64.rpm
kernel-default-devel-5.14.21-150500.55.83.1.aarch64.rpm
kernel-default-devel-5.14.21-150500.55.83.1.ppc64le.rpm
kernel-default-devel-5.14.21-150500.55.83.1.s390x.rpm
kernel-default-devel-5.14.21-150500.55.83.1.x86_64.rpm
so that we can track newly added symbols.
- commit 8427d2e
- KVM: SVM: Disallow guest from changing userspace's
MSR_AMD64_DE_CFG value (git-fixes).
- commit 0b0882c
- KVM: SVM: Don't advertise Bus Lock Detect to guest if SVM
support is missing (git-fixes).
- commit 26a295a
- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE
and MSR_GS_BASE (git-fixes).
- commit 4b12471
- kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while
single-step is enabled (git-fixes).
- commit 29756fe
- RDMA/mana_ib: use the correct page size for mapping user-mode
doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware
page size (git-fixes).
- commit 4a96266
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- commit ab13605
- KVM: arm64: Preserve PSTATE.SS for the guest while single-step
is enabled (git-fixes).
- commit 9b95067
- add bug reference for a mana change (bsc#1229769).
- commit 279dcec
- KVM: arm64: mixed-width check should be skipped for
uninitialized vCPUs (git-fixes).
- commit 39f0f9f
- bpf, verifier: Correct tail_call_reachable for bpf prog
(git-fixes).
- bpf: Check for helper calls in check_subprogs() (git-fixes).
- commit 41df3fb
- usb: xhci: prevent potential failure in handle_tx_event()
for Transfer events without TRB (CVE-2024-42226 bsc#1228709).
- commit e76988e
- kvm: add guest_state_{enter,exit}_irqoff() (git-fixes).
- commit 96c07ae
- bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801
CVE-2024-46754).
- commit 8b4a412
- kvm/arm64: rework guest entry logic (git-fixes).
- Refresh
patches.suse/KVM-arm64-Treat-PMCR_EL1.LC-as-RES1-on-asymmetric-systems.patch.
- commit dfd24e5
- KVM: Pre-allocate cpumasks for
kvm_make_all_cpus_request_except() (git-fixes).
- Refresh
patches.suse/Revert-KVM-set-owner-of-cpu-and-vm-file-operations.patch.
- commit 83b6823
- KVM: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes).
- commit 709720b
- KVM: Write the per-page "segment" when clearing (part of)
a guest page (git-fixes).
- commit 9811c1e
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace
exit (git-fixes).
- commit 5a089f5
- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags
hits ZONE_DEVICE (git-fixes).
- commit a55326d
- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe
hyp init (git-fixes).
- commit 2e75c88
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- commit b54be89
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode
(git-fixes).
- commit 7476735
- KVM: arm64: Fix AArch32 register narrowing on userspace write
(git-fixes).
- commit 517e742
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in
vgic_v2_parse_attr() (git-fixes).
- commit 9f76023
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
(git-fixes).
- commit 8fff566
- KVM: arm64: vgic-its: Test for valid IRQ in
its_sync_lpi_pending_table() (git-fixes).
- commit b695d86
- KVM: arm64: Add missing memory barriers when switching to
pKVM's hyp pgd (git-fixes).
- commit 606dda9
- KVM: arm64: vgic-v4: Restore pending state on host userspace
write (git-fixes).
- commit c4e4df2
- Revert "KVM: Prevent module exit until all VMs are freed"
(git-fixes).
- commit 5f68725
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI
(git-fixes).
- commit 1f3e21a
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id
(git-fixes).
- commit 89273cb
- KVM: Grab a reference to KVM for VM and vCPU stats file
descriptors (git-fixes).
- commit d99dedf
- kvm: Add support for arch compat vm ioctls (git-fixes).
- commit c1d9461
- KVM: Unconditionally get a ref to /dev/kvm module when creating
a VM (git-fixes).
- commit 7df3401
- KVM: Fix lockdep false negative during host resume (git-fixes).
- commit 72fbff6
- KVM: eventfd: Fix false positive RCU usage warning (git-fixes).
- commit a76a2b9
- net/sched: taprio: extend minimum interval restriction to entire cycle too (CVE-2024-36244 bsc#1226797)
- commit 39420f6
- net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797)
- commit ddff31f
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req()
(git-fixes).
- commit 46f17cb
- bpf: Add --skip_encoding_btf_inconsistent_proto,
- -btf_gen_optimized to pahole flags for v1.25 (bsc#1230414
bsc#1229450).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- Refresh patches.suse/make-module-BTF-toggleable.patch
- btf, scripts: Exclude Rust CUs with pahole (bsc#1230414
bsc#1229450).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- Refresh patches.suse/make-module-BTF-toggleable.patch
- Update config files.
- commit 536f189
- virtio_console: fix misc probe bugs (git-fixes).
- commit 2cea93c
- vhost_vdpa: assign irq bypass producer token correctly
(git-fixes).
- commit e82b017
- virtio-net: synchronize probe with ndo_set_features (git-fixes).
- commit aa85f12
- aoe: fix the potential use-after-free problem in more places
(bsc#1218562 CVE-2023-6270).
- commit e949a45
- virtio_net: fixing XDP for fully checksummed packets handling
(git-fixes).
- commit f3d52ed
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- commit 50a25ba
- kbuild,bpf: Add module-specific pahole flags for distilled
base BTF (bsc#1230414 bsc#1229450).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414
bsc#1229450).
- kbuild, bpf: Use test-ge check for v1.25-only pahole
(bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26
and later (bsc#1230414 bsc#1229450).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- kbuild: avoid too many execution of scripts/pahole-flags.sh
(bsc#1230414 bsc#1229450).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- commit 05f7b0b
- Use pahole -j1 option for reproducible builds (bsc#1230414
bsc#1229450).
- commit 486aef8
- net: add more sanity check in virtio_net_hdr_to_skb()
(git-fixes).
- commit c9cb665
- ceph: fix cap ref leak via netfs init_request (bsc#1231383).
- commit 61990ab
- Update
patches.suse/usb-typec-ucsi-Fix-null-pointer-dereference-in-trace.patch
(CVE-2024-46719 bsc#1230722).
Added CVE
- commit 04ed2dd
- efi: fix NULL-deref in init error path (bsc#1229556
CVE-2022-48879).
- commit 41e1770
- dmaengine: altera-msgdma: properly free descriptor in
msgdma_free_descriptor (bsc#1230715 CVE-2024-46716).
- commit 92074a5
- bpf: Fix pointer-leak due to insufficient speculative store
bypass mitigation (bsc#1231375).
- commit fd93435
- drm/amd/display: Check gpio_id before used as array index (CVE-2024-46818 bsc#1231203).
- commit 53caf4b
- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (CVE-2024-46815 bsc#1231195).
- commit ad18f86
- ice: Unbind the workqueue (bsc#1231344).
- commit fa8a96c
- drm/amd/display: Validate function returns (bsc#1230774 CVE-2024-46775)
- commit a72450c
- drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (CVE-2024-46816 bsc#1231197).
- commit 1eea356
- Delete some more obsolete scripts
- commit 0d4cf12
- char: tpm: Fix possible memory leak in
tpm_bios_measurements_open() (git-fixes).
- commit e53c1af
- drm/amd/display: Check link_index before accessing dc->links (CVE-2024-46813 bsc#1231191).
- commit a97e1a4
- sched/isolation: Prevent boot crash when the boot CPU is (bsc#1231327)
- commit a3438e4
- rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full (bsc#1231327)
- commit 670f96b
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow
(bsc#1226631).
- commit 2c24b8c
- scsi: fnic: Move flush_work initialization out of if block
(bsc#1230055).
- commit 3f71444
- workqueue: mark power efficient workqueue as unbounded if (bsc#1231327)
- commit 2a22cf9
- workqueue: Avoid using isolated cpus' timers on (bsc#1231327)
- commit ab862e0
- net: mana: Improve mana_set_channels() in low mem conditions
(bsc#1230289).
- net: mana: Implement get_ringparam/set_ringparam for mana
(bsc#1229891).
- net: dpaa: Pad packets to ETH_ZLEN (CVE-2024-46854 bsc#1231084).
- ice: Add netif_device_attach/detach into PF reset flow
(CVE-2024-46770 bsc#1230763).
- bonding: change ipsec_lock from spin lock to mutex
(CVE-2024-46678 bsc#1230550).
- bonding: extract the use of real_device into local variable
(CVE-2024-46678 bsc#1230550).
- bonding: implement xdo_dev_state_free and call it after deletion
(CVE-2024-46678 bsc#1230550).
- commit 057bf3f
- drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (CVE-2024-46817 bsc#1231200).
- commit 18cf241
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- commit 9f2c584
- KVM: s390: Fix SORTL and DFLTCC instruction format error in
__insn32_query (git-fixes bsc#1231277).
- commit cce5574
- s390/mm: Add cond_resched() to cmm_alloc/free_pages()
(bsc#1228747).
- commit 41a09b7
- ASoC: meson: axg-card: fix 'use-after-free' (CVE-2024-46849 bsc#1231073)
- commit a395e2d
- ELF: fix kernel.randomize_va_space double read (CVE-2024-46826 bsc#1231115)
- commit d14eaf0
- powerpc: Allow clearing and restoring registers independent
of saved breakpoint state (bsc#1194869).
- commit fab6193
- powerpc/tlb: Add local flush for page given mm_struct and psize
(bsc#1194869).
- commit 819e69d
- net/mlx5: Fix bridge mode operations when there are no VFs (CVE-2024-46857 bsc#1231087)
- commit b275110
- netfilter: nft_socket: fix sk refcount leaks (CVE-2024-46855 bsc#1231085)
- commit b9b2afb
- powerpc/imc-pmu: Use the correct spinlock initializer
(bsc#1054914 fate#322448 git-fixes).
- commit 1a80d47
- powerpc/code-patching: introduce patch_instructions()
(bsc#1194869).
- commit ce19d55
- powerpc/code-patching: Remove #ifdef CONFIG_STRICT_KERNEL_RWX
(bsc#1194869).
- commit 347af82
- powerpc/code-patching: Fix oops with DEBUG_VM enabled
(bsc#1194869).
- powerpc/code-patching: Consolidate and cache per-cpu patching
context (bsc#1194869).
- powerpc/code-patching: Use temporary mm for Radix MMU
(bsc#1194869).
- powerpc/code-patching: Use WARN_ON and fix check in poking_init
(bsc#1194869).
- powerpc/code-patching: Speed up page mapping/unmapping
(bsc#1194869).
- powerpc/code-patching: Use jump_label to check if poking_init()
is done (bsc#1194869).
- powerpc/code-patching: Don't call is_vmalloc_or_module_addr()
without CONFIG_MODULES (bsc#1194869).
- powerpc/code-patching: Pre-map patch area (bsc#1194869).
- powerpc/code-patching: Reorganise do_patch_instruction()
to ease error handling (bsc#1194869).
- powerpc/code-patching: Fix unmap_patch_area() error handling
(bsc#1194869).
- powerpc/code-patching: Fix error handling in
do_patch_instruction() (bsc#1194869).
- commit 630a906
- powerpc/code-patching: Remove pr_debug()/pr_devel() messages
and fix check() (bsc#1194869).
- powerpc/lib: Add __init attribute to eligible functions
(bsc#1194869).
- powerpc/inst: Refactor ___get_user_instr() (bsc#1194869).
- commit d1c574c
- powerpc/code-patching: Add generic memory patching
(bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction()
in case of failure (bsc#1194869).
- powerpc/ftrace: Use patch_instruction() return directly
(bsc#1194869).
- commit 358e581