1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:0141-1

[SUSE-SU-2024:0141-1] Security update for the Linux Kernel

Severity Important
Affected Packages 27
CVEs 10
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
  • CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
  • CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
  • CVE-2020-26555: Fixed Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B that may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN (bsc#1179610 bsc#1215237).
  • CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
  • CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335).
  • CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component that could lead to local privilege escalation. (bsc#1218258).
  • CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's ipv4: igmp component that could lead to local privilege escalation (bsc#1218253).
  • CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938).
  • CVE-2023-6121: Fixed an out-of-bounds read vulnerability in the NVMe-oF/TCP subsystem that could lead to information leak (bsc#1217250).

The following non-security bugs were fixed:

  • Documentation: KVM: add separate directories for architecture-specific documentation (jsc#PED-7167).
  • Documentation: KVM: update amd-memory-encryption.rst references (jsc#PED-7167).
  • Documentation: KVM: update msr.rst reference (jsc#PED-7167).
  • Documentation: KVM: update s390-diag.rst reference (jsc#PED-7167).
  • Documentation: KVM: update s390-pv.rst reference (jsc#PED-7167).
  • Documentation: drop more IDE boot options and ide-cd.rst (git-fixes).
  • Documentation: qat: Use code block for qat sysfs example (git-fixes).
  • Drop Documentation/ide/ (git-fixes).
  • Fix crash on screen resize (bsc#1218229)
  • Fix drm gem object underflow (bsc#1218092)
  • Revert 'Limit kernel-source-azure build to architectures for which we build binaries (bsc#1108281).'
  • Revert 'PCI/ASPM: Remove pcie_aspm_pm_state_change()' (git-fixes).
  • Revert 'PCI: acpiphp: Reassign resources on bridge if necessary' (git-fixes).
  • Revert 'md: unlock mddev before reap sync_thread in action_store' (git-fixes).
  • Revert 'swiotlb: panic if nslabs is too small' (git-fixes).
  • Revert 'xhci: Loosen RPM as default policy to cover for AMD xHC 1.1' (git-fixes).
  • Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
  • acpi: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 (git-fixes).
  • acpi: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects (git-fixes).
  • acpica: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).
  • afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).
  • afs: Fix dynamic root lookup DNS check (git-fixes).
  • afs: Fix file locking on R/O volumes to operate in local mode (git-fixes).
  • afs: Fix overwriting of result of DNS query (git-fixes).
  • afs: Fix refcount underflow from error handling race (git-fixes).
  • afs: Fix the dynamic root's d_delete to always delete unused dentries (git-fixes).
  • afs: Fix use-after-free due to get/remove race in volume tree (git-fixes).
  • afs: Make error on cell lookup failure consistent with OpenAFS (git-fixes).
  • afs: Return ENOENT if no cell DNS record can be found (git-fixes).
  • alsa: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro (git-fixes).
  • alsa: hda/hdmi: add force-connect quirk for NUC5CPYB (git-fixes).
  • alsa: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (git-fixes).
  • alsa: hda/realtek: Add Framework laptop 16 to quirks (git-fixes).
  • alsa: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).
  • alsa: hda/realtek: Add supported ALC257 for ChromeOS (git-fixes).
  • alsa: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).
  • alsa: hda/realtek: Enable headset on Lenovo M90 Gen5 (git-fixes).
  • alsa: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook 440 G6 (git-fixes).
  • alsa: hda/realtek: Headset Mic VREF to 100% (git-fixes).
  • alsa: hda/realtek: add new Framework laptop to quirks (git-fixes).
  • alsa: hda/realtek: enable SND_PCI_QUIRK for hp pavilion 14-ec1xxx series (git-fixes).
  • alsa: hda/realtek: fix mute/micmute LEDs for a HP ZBook (git-fixes).
  • alsa: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).
  • alsa: hda: intel-dsp-cfg: add LunarLake support (git-fixes).
  • alsa: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).
  • alsa: seq: oss: Fix racy open/close of MIDI devices (git-fixes).
  • alsa: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).
  • alsa: usb-audio: Increase delay in MOTU M quirk (git-fixes).
  • apparmor: Free up __cleanup() name (jsc#PED-7167).
  • arm64: dts: arm: add missing cache properties (git-fixes)
  • arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)
  • arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)
  • arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)
  • arm64: kdump: Skip kmemleak scan reserved memory for kdump (jsc#PED-7167).
  • arm64: mm: Fix 'rodata=on' when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes)
  • arm: oMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (git-fixes).
  • arm: pL011: Fix DMA support (git-fixes).
  • asoc: fsl_rpmsg: Fix error handler with pm_runtime_enable (git-fixes).
  • asoc: hdmi-codec: fix missing report for jack initial status (git-fixes).
  • asoc: meson: g12a-toacodec: Fix event generation (git-fixes).
  • asoc: meson: g12a-toacodec: Validate written enum values (git-fixes).
  • asoc: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux (git-fixes).
  • asoc: meson: g12a-tohdmitx: Validate written enum values (git-fixes).
  • asoc: wm_adsp: fix memleak in wm_adsp_buffer_populate (git-fixes).
  • bitmap: unify find_bit operations (jsc#PED-7167).
  • block: fix revalidate performance regression (bsc#1216057).
  • bluetooth: Fix deadlock in vhci_send_frame (git-fixes).
  • bluetooth: L2CAP: Send reject on command corrupted request (git-fixes).
  • bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE (git-fixes).
  • bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921 (bsc#1218461).
  • bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (git-fixes).
  • bluetooth: hci_event: shut up a false-positive warning (git-fixes).
  • bluetooth: hci_qca: Fix the teardown problem for real (git-fixes).
  • bnxt: do not handle XDP in netpoll (jsc#PED-1495).
  • bnxt_en: Clear resource reservation during resume (jsc#PED-1495).
  • bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic (jsc#PED-1495).
  • bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).
  • bnxt_en: Fix page pool logic for page size >= 64K (jsc#PED-1495).
  • bnxt_en: Fix wrong return value check in bnxt_close_nic() (jsc#PED-1495).
  • bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI (jsc#PED-1495).
  • bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
  • bus: ti-sysc: Flush posted write only after srst_udelay (git-fixes).
  • ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980).
  • ceph: fix type promotion bug on 32bit systems (bsc#1217982).
  • cleanup: Make no_free_ptr() __must_check (jsc#PED-7167).
  • clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217).
  • clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217).
  • clocksource: Handle negative skews in 'skew is too large' messages (bsc#1215885 bsc#1217217).
  • clocksource: Improve 'skew is too large' messages (bsc#1215885 bsc#1217217).
  • clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
  • clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217).
  • clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217).
  • clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217).
  • configfs-tsm: Introduce a shared ABI for attestation reports (jsc#PED-7167).
  • crypto: ccp - Add SEV_INIT rc error logging on init (jsc#PED-7167).
  • crypto: ccp - Add SEV_INIT_EX support (jsc#PED-7167).
  • crypto: ccp - Add a header for multiple drivers to use __psp_pa (jsc#PED-7167).
  • crypto: ccp - Add a quirk to firmware update (jsc#PED-7167).
  • crypto: ccp - Add psp_init_on_probe module parameter (jsc#PED-7167).
  • crypto: ccp - Drop TEE support for IRQ handler (jsc#PED-7167).
  • crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked() (jsc#PED-7167).
  • crypto: ccp - Fail the PSP initialization when writing psp data file failed (jsc#PED-7167).
  • crypto: ccp - Fix the INIT_EX data file open failure (jsc#PED-7167).
  • crypto: ccp - Fix whitespace in sev_cmd_buffer_len() (jsc#PED-7167).
  • crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (jsc#PED-7167).
  • crypto: ccp - Initialize PSP when reading psp data file failed (jsc#PED-7167).
  • crypto: ccp - Log when resetting PSP SEV state (jsc#PED-7167).
  • crypto: ccp - Move SEV_INIT retry for corrupted data (jsc#PED-7167).
  • crypto: ccp - Move some PSP mailbox bit definitions into common header (jsc#PED-7167).
  • crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (jsc#PED-7167).
  • crypto: ccp - Refactor out sev_fw_alloc() (jsc#PED-7167).
  • crypto: ccp - remove unneeded semicolon (jsc#PED-7167).
  • crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (jsc#PED-7167).
  • dm verity: initialize fec io before freeing it (git-fixes).
  • dm-verity: do not use blocking calls from tasklets (git-fixes).
  • dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).
  • dm: do not attempt to queue IO under RCU protection (git-fixes).
  • dm: fix __send_duplicate_bios() to always allow for splitting IO (bsc#1215952).
  • dm: fix improper splitting for abnormal bios (bsc#1215952).
  • dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter (git-fixes).
  • dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
  • dmaengine: ioat: Free up __cleanup() name (jsc#PED-7167).
  • doc/README.SUSE: Add how to update the config for module signing (jsc#PED-5021)
  • doc/README.SUSE: Remove how to build modules using kernel-source (jsc#PED-5021)
  • doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
  • drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c (git-fixes).
  • drm/amdgpu/sdma5.2: add begin/end_use ring callbacks (bsc#1212139).
  • drm/amdgpu: Add EEPROM I2C address support for ip discovery (git-fixes).
  • drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).
  • drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).
  • drm/amdgpu: Decouple RAS EEPROM addresses from chips (git-fixes).
  • drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).
  • drm/amdgpu: Remove second moot switch to set EEPROM I2C address (git-fixes).
  • drm/amdgpu: Return from switch early for EEPROM I2C address (git-fixes).
  • drm/amdgpu: Update EEPROM I2C address for smu v13_0_0 (git-fixes).
  • drm/amdgpu: Update ras eeprom support for smu v13_0_0 and v13_0_10 (git-fixes).
  • drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).
  • drm/amdgpu: correct the amdgpu runtime dereference usage count (git-fixes).
  • drm/amdgpu: fix tear down order in amdgpu_vm_pt_free (git-fixes).
  • drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).
  • drm/bridge: parade-ps8640: Never store more than msg->size bytes in AUX xfer (git-fixes).
  • drm/bridge: ps8640: Fix size mismatch warning w/ len (git-fixes).
  • drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS (git-fixes).
  • drm/bridge: ti-sn65dsi86: Never store more than msg->size bytes in AUX xfer (git-fixes).
  • drm/i915/display: Drop check for doublescan mode in modevalid (git-fixes).
  • drm/i915/dp: Fix passing the correct DPCD_REV for drm_dp_set_phy_test_pattern (git-fixes).
  • drm/i915/dpt: Only do the POT stride remap when using DPT (git-fixes).
  • drm/i915/lvds: Use REG_BIT() & co (git-fixes).
  • drm/i915/mtl: limit second scaler vertical scaling in ver >= 14 (git-fixes).
  • drm/i915/sdvo: stop caching has_hdmi_monitor in struct intel_sdvo (git-fixes).
  • drm/i915: Fix intel_atomic_setup_scalers() plane_state handling (git-fixes).
  • drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).
  • drm/i915: Reject async flips with bigjoiner (git-fixes).
  • drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).
  • drm/i915: fix MAX_ORDER usage in i915_gem_object_get_pages_internal() (jsc#PED-7167).
  • drm/mediatek: Add spinlock for setting vblank event in atomic_begin (git-fixes).
  • drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (git-fixes).
  • efi/libstub: Implement support for unaccepted memory (jsc#PED-7167).
  • efi/unaccepted: Avoid load_unaligned_zeropad() stepping into unaccepted memory (jsc#PED-7167).
  • efi/unaccepted: Fix off-by-one when checking for overlapping ranges (jsc#PED-7167).
  • efi/unaccepted: Fix soft lockups caused by parallel memory acceptance (jsc#PED-7167).
  • efi/unaccepted: Make sure unaccepted table is mapped (jsc#PED-7167).
  • efi/unaccepted: Use ACPI reclaim memory for unaccepted memory table (jsc#PED-7167).
  • efi/x86: Get full memory map in allocate_e820() (jsc#PED-7167).
  • efi: Add unaccepted memory support (jsc#PED-7167).
  • efi: libstub: avoid efi_get_memory_map() for allocating the virt map (jsc#PED-7167).
  • efi: libstub: install boot-time memory map as config table (jsc#PED-7167).
  • efi: libstub: remove DT dependency from generic stub (jsc#PED-7167).
  • efi: libstub: remove pointless goto kludge (jsc#PED-7167).
  • efi: libstub: simplify efi_get_memory_map() and struct efi_boot_memmap (jsc#PED-7167).
  • efi: libstub: unify initrd loading between architectures (jsc#PED-7167).
  • floppy: fix MAX_ORDER usage (jsc#PED-7167).
  • fprobe: Fix to ensure the number of active retprobes is not zero (git-fixes).
  • fs/jfs: Add check for negative db_l2nbperpage (git-fixes).
  • fs/jfs: Add validity check for db_maxag and db_agpref (git-fixes).
  • fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() (git-fixes).
  • fs/remap: constrain dedupe of EOF blocks (git-fixes).
  • fs: avoid empty option when generating legacy mount string (git-fixes).
  • fs: fix an infinite loop in iomap_fiemap (git-fixes).
  • fs: ocfs2: namei: check return value of ocfs2_add_entry() (git-fixes).
  • genwqe: fix MAX_ORDER usage (jsc#PED-7167).
  • gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).
  • gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
  • gfs2: Clean up function may_grant (git-fixes).
  • gfs2: Fix filesystem block deallocation for short writes (git-fixes).
  • gfs2: Fix gfs2_release for non-writers regression (git-fixes).
  • gfs2: Fix inode height consistency check (git-fixes).
  • gfs2: Fix length of holes reported at end-of-file (git-fixes).
  • gfs2: Fix possible data races in gfs2_show_options() (git-fixes).
  • gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).
  • gfs2: Make sure FITRIM minlen is rounded up to fs block size (git-fixes).
  • gfs2: Silence 'suspicious RCU usage in gfs2_permission' warning (git-fixes).
  • gfs2: Switch from strlcpy to strscpy (git-fixes).
  • gfs2: fix an oops in gfs2_permission (git-fixes).
  • gfs2: gfs2_setattr_size error path fix (git-fixes).
  • gfs2: ignore negated quota changes (git-fixes).
  • gfs2: jdata writepage fix (git-fixes).
  • gfs2: use i_lock spin_lock for inode qadata (git-fixes).
  • gpiolib: sysfs: Fix error handling on failed export (git-fixes).
  • gve: Fixes for napi_poll when budget is 0 (git-fixes).
  • gve: Use size_add() in call to struct_size() (git-fixes).
  • hid: add ALWAYS_POLL quirk for Apple kb (git-fixes).
  • hid: glorious: fix Glorious Model I HID report (git-fixes).
  • hid: hid-asus: add const to read-only outgoing usb buffer (git-fixes).
  • hid: hid-asus: reset the backlight brightness level on resume (git-fixes).
  • hid: lenovo: Restrict detection of patched firmware only to USB cptkbd (git-fixes).
  • hid: multitouch: Add quirk for HONOR GLO-GXXX touchpad (git-fixes).
  • hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).
  • hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe() (git-fixes).
  • i2c: aspeed: Handle the coalesced stop conditions with the start conditions (git-fixes).
  • i2c: core: Fix atomic xfer check for non-preempt config (git-fixes).
  • i2c: designware: Fix corrupted memory seen in the ISR (git-fixes).
  • i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).
  • i40e: Fix VF VLAN offloading when port VLAN is configured (jsc#PED-372).
  • i40e: Fix unexpected MFS warning message (jsc#PED-372).
  • i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (jsc#PED-372).
  • i40e: fix misleading debug logs (jsc#PED-372).
  • i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (jsc#PED-372).
  • i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).
  • i40e: prevent crash on probe if hw registers have invalid values (jsc#PED-372).
  • ib/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes)
  • ib/mlx5: Fix rdma counter binding for RAW QP (git-fixes)
  • igb: Avoid starting unnecessary workqueues (jsc#PED-370).
  • igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).
  • igb: Fix potential memory leak in igb_add_ethtool_nfc_entry (jsc#PED-370).
  • igb: clean up in all error paths when enabling SR-IOV (jsc#PED-370).
  • igb: disable virtualization features on 82580 (jsc#PED-370).
  • igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-370).
  • igc: Change IGC_MIN to allow set rx/tx value between 64 and 80 (jsc#PED-375).
  • igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).
  • igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).
  • igc: Fix infinite initialization loop with early XDP redirect (jsc#PED-375).
  • igc: Fix the typo in the PTM Control macro (jsc#PED-375).
  • iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (git-fixes).
  • iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (git-fixes).
  • iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (git-fixes).
  • iio: triggered-buffer: prevent possible freeing of wrong buffer (git-fixes).
  • input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN (git-fixes).
  • input: ipaq-micro-keys - add error handling for devm_kmemdup (git-fixes).
  • input: soc_button_array - add mapping for airplane mode button (git-fixes).
  • input: xpad - add HyperX Clutch Gladiate Support (git-fixes).
  • interconnect: Treat xlate() returning NULL node as an error (git-fixes).
  • iomap: Fix iomap_dio_rw return value for user copies (git-fixes).
  • iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (jsc#PED-7167).
  • iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes).
  • jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).
  • jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).
  • jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount (git-fixes).
  • jfs: validate max amount of blocks before allocation (git-fixes).
  • kABI: Preserve the type of rethook::handler (git-fixes).
  • kABI: restore void return to typec_altmode_attention (git-fixes).
  • kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes, as used only locally for asus-wmi stuff
  • kabi/severities: make snp_issue_guest_request PASS (jsc#PED-7167)
  • kabi: fix of_reserved_mem_* due to struct vm_struct became defined (jsc#PED-7167).
  • kabi: fix sev-dev due to fs_struct became defined (jsc#PED-7167).
  • kabi: fix struct efi after adding unaccepted memory table (jsc#PED-7167).
  • kabi: fix struct zone kabi after adding unaccepted_pages and NR_UNACCEPTED (jsc#PED-7167).
  • kbuild: Drop -Wdeclaration-after-statement (jsc#PED-7167).
  • kconfig: fix memory leak from range properties (git-fixes).
  • kernel-source: Remove config-options.changes (jsc#PED-5021)
  • kprobes: consistent rcu api usage for kretprobe holder (git-fixes).
  • kvm: arm64: Prevent kmemleak from accessing pKVM memory (jsc#PED-7167).
  • kvm: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
  • kvm: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes bsc#1217933).
  • lib/vsprintf: Fix %pfwf when current node refcount == 0 (git-fixes).
  • libceph: use kernel_connect() (bsc#1217981).
  • limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
  • locking: Introduce __cleanup() based infrastructure (jsc#PED-7167).
  • locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes).
  • md/bitmap: do not set max_write_behind if there is no write mostly device (git-fixes).
  • md/md-bitmap: hold 'reconfig_mutex' in backlog_store() (git-fixes).
  • md/md-bitmap: remove unnecessary local variable in backlog_store() (git-fixes).
  • md/raid0: add discard support for the 'original' layout (git-fixes).
  • md/raid10: do not call bio_start_io_acct twice for bio which experienced read error (git-fixes).
  • md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (git-fixes).
  • md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).
  • md/raid10: fix io loss while replacement replace rdev (git-fixes).
  • md/raid10: fix leak of 'r10bio->remaining' for recovery (git-fixes).
  • md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
  • md/raid10: fix memleak of md thread (git-fixes).
  • md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes).
  • md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git-fixes).
  • md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
  • md/raid10: fix task hung in raid10d (git-fixes).
  • md/raid10: fix the condition to call bio_end_io_acct() (git-fixes).
  • md/raid10: fix wrong setting of max_corr_read_errors (git-fixes).
  • md/raid10: prevent soft lockup while flush writes (git-fixes).
  • md/raid10: use dereference_rdev_and_rrdev() to get devices (git-fixes).
  • md/raid1: fix error: ISO C90 forbids mixed declarations (git-fixes).
  • md/raid1: free the r1bio before waiting for blocked rdev (git-fixes).
  • md/raid1: hold the barrier until handle_read_error() finishes (git-fixes).
  • md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).
  • md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid() (git-fixes).
  • md/raid5: fix miscalculation of 'end_sector' in raid5_read_one_chunk() (git-fixes).
  • md: Put the right device in md_seq_next (bsc#1217822).
  • md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).
  • md: avoid signed overflow in slot_store() (git-fixes).
  • md: do not update recovery_cp when curr_resync is ACTIVE (git-fixes).
  • md: drop queue limitation for RAID1 and RAID10 (git-fixes).
  • md: raid0: account for split bio in iostat accounting (git-fixes).
  • md: raid10 add nowait support (git-fixes).
  • md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
  • md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
  • md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).
  • memblock: exclude MEMBLOCK_NOMAP regions from kmemleak (jsc#PED-7167).
  • memblock: make memblock_find_in_range method private (jsc#PED-7167).
  • misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (git-fixes).
  • misc: mei: client.c: return negative error code in mei_cl_write (git-fixes).
  • mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When MULTIBUILD option in config.sh is enabled generate a _multibuild file listing all spec files.
  • mm/page_alloc: make deferred page init free pages in MAX_ORDER blocks (jsc#PED-7167).
  • mm/pgtable: Fix multiple -Wstringop-overflow warnings (jsc#PED-7167).
  • mm/slab: Add __free() support for kvfree (jsc#PED-7167).
  • mm/slub: fix MAX_ORDER usage in calculate_order() (jsc#PED-7167).
  • mm: Add PAGE_ALIGN_DOWN macro (jsc#PED-7167).
  • mm: Add support for unaccepted memory (jsc#PED-7167).
  • mm: add pageblock_align() macro (jsc#PED-7167).
  • mm: add pageblock_aligned() macro (jsc#PED-7167).
  • mm: avoid passing 0 to __ffs() (jsc#PED-7167).
  • mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
  • mm: move kvmalloc-related functions to slab.h (jsc#PED-7167).
  • mm: new primitive kvmemdup() (jsc#PED-7167).
  • mm: reuse pageblock_start/end_pfn() macro (jsc#PED-7167).
  • mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).
  • mmc: rpmb: fixes pause retune on all RPMB partitions (git-fixes).
  • mmc: sdhci-sprd: Fix eMMC init failure after hw reset (git-fixes).
  • neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section (git-fixes).
  • net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).
  • net/smc: Fix pos miscalculation in statistics (bsc#1218139).
  • net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
  • net: 9p: avoid freeing uninit memory in p9pdu_vreadf (git-fixes).
  • net: bnxt: fix a potential use-after-free in bnxt_init_tc (jsc#PED-1495).
  • net: ena: Destroy correct number of xdp queues upon failure (git-fixes).
  • net: ena: Fix XDP redirection error (git-fixes).
  • net: ena: Fix xdp drops handling due to multibuf packets (git-fixes).
  • net: ena: Flush XDP packets on error (git-fixes).
  • net: mana: select PAGE_POOL (git-fixes).
  • net: rfkill: gpio: set GPIO direction (git-fixes).
  • net: usb: ax88179_178a: avoid failed operations when device is disconnected (git-fixes).
  • net: usb: ax88179_178a: clean up pm calls (git-fixes).
  • net: usb: ax88179_178a: wol optimizations (git-fixes).
  • net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
  • nfc: llcp_core: Hold a ref to llcp_local->dev when holding a ref to llcp_local (git-fixes).
  • nfs: Fix O_DIRECT locking issues (bsc#1211162).
  • nfs: Fix a few more clear_bit() instances that need release semantics (bsc#1211162).
  • nfs: Fix a potential data corruption (bsc#1211162).
  • nfs: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
  • nfs: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
  • nfs: More O_DIRECT accounting fixes for error paths (bsc#1211162).
  • nfs: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
  • nfs: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
  • nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162).
  • nilfs2: fix missing error check for sb_set_blocksize call (git-fixes).
  • nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (git-fixes).
  • nlm: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
  • null_blk: fix poll request timeout handling (git-fixes).
  • nvme-core: check for too small lba shift (bsc#1214117).
  • nvme-pci: Add sleep quirk for Kingston drives (git-fixes).
  • nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev (git-fixes).
  • nvme-pci: do not set the NUMA node of device if it has none (git-fixes).
  • nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).
  • nvme-rdma: do not try to stop unallocated queues (git-fixes).
  • nvme: sanitize metadata bounce buffer for reads (git-fixes).
  • nvmet-auth: complete a request only after freeing the dhchap pointers (git-fixes).
  • of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem (jsc#PED-7167).
  • orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (git-fixes).
  • orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (git-fixes).
  • orangefs: Fix sysfs not cleanup when dev init failed (git-fixes).
  • orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (git-fixes).
  • padata: Fix refcnt handling in padata_free_shell() (git-fixes).
  • parport: Add support for Brainboxes IX/UC/PX parallel cards (git-fixes).
  • pci: loongson: Limit MRRS to 256 (git-fixes).
  • perf/core: fix MAX_ORDER usage in rb_alloc_aux_page() (jsc#PED-7167).
  • pinctrl: at91-pio4: use dedicated lock class for IRQ (git-fixes).
  • platform/surface: aggregator: fix recv_buf() return value (git-fixes).
  • platform/x86: asus-wmi: Add support for ROG X13 tablet mode (git-fixes).
  • platform/x86: asus-wmi: Adjust tablet/lidflip handling to use enum (git-fixes).
  • platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch reporting (git-fixes).
  • platform/x86: asus-wmi: Move i8042 filter install to shared asus-wmi code (git-fixes).
  • platform/x86: asus-wmi: Simplify tablet-mode-switch handling (git-fixes).
  • platform/x86: asus-wmi: Simplify tablet-mode-switch probing (git-fixes).
  • platform/x86: wmi: Allow duplicate GUIDs for drivers that use struct wmi_driver (git-fixes).
  • platform/x86: wmi: Skip blocks with zero instances (git-fixes).
  • powerpc/pseries/vas: Migration suspend waits for no in-progress open windows (bsc#1218397 ltc#204523).
  • qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info (jsc#PED-1526).
  • qed: Fix a potential use-after-free in qed_cxt_tables_alloc (jsc#PED-1526).
  • qed: fix LL2 RX buffer allocation (jsc#PED-1526).
  • qede: fix firmware halt over suspend and resume (jsc#PED-1526).
  • qla2xxx: add debug log for deprecated hw detected (bsc#1216032).
  • r8152: Add RTL8152_INACCESSIBLE checks to more loops (git-fixes).
  • r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
  • r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1() (git-fixes).
  • r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash() (git-fixes).
  • r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE (git-fixes).
  • r8169: Fix PCI error on system resume (git-fixes).
  • rdma/bnxt_re: Correct module description string (jsc#PED-1495).
  • rdma/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)
  • rdma/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)
  • rdma/hfi1: Workaround truncation compilation error (git-fixes)
  • rdma/hns: Add check for SL (git-fixes)
  • rdma/hns: Fix printing level of asynchronous events (git-fixes)
  • rdma/hns: Fix signed-unsigned mixed comparisons (git-fixes)
  • rdma/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)
  • rdma/hns: The UD mode can only be configured with DCQCN (git-fixes)
  • regmap: fix bogus error on regcache_sync success (git-fixes).
  • reiserfs: Check the return value from __getblk() (git-fixes).
  • reiserfs: Replace 1-element array with C99 style flex-array (git-fixes).
  • remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
  • reset: Fix crash when freeing non-existent optional resets (git-fixes).
  • restore renamed device IDs for USB HID devices (git-fixes).
  • rethook: Fix to use WRITE_ONCE() for rethook:: Handler (git-fixes).
  • rethook: Use __rcu pointer for rethook::handler (git-fixes).
  • ring-buffer: Do not try to put back write_stamp (git-fixes).
  • ring-buffer: Do not update before stamp when switching sub-buffers (git-fixes).
  • ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs (git-fixes).
  • ring-buffer: Fix memory leak of free page (git-fixes).
  • ring-buffer: Fix slowpath of interrupted event (git-fixes).
  • ring-buffer: Fix wake ups when buffer_percent is set to 100 (git-fixes).
  • ring-buffer: Fix writing to the buffer with max_data_size (git-fixes).
  • ring-buffer: Force absolute timestamp on discard of event (git-fixes).
  • ring-buffer: Have saved event hold the entire event (git-fixes).
  • ring-buffer: Remove useless update to write_stamp in rb_try_to_discard() (git-fixes).
  • s390/vx: fix save/restore of fpu kernel context (git-fixes bsc#1218357).
  • scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
  • serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit (git-fixes).
  • serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt (git-fixes).
  • serial: sc16is7xx: address RX timeout interrupt errata (git-fixes).
  • soundwire: stream: fix NULL pointer dereference for multi_link (git-fixes).
  • spi: atmel: Fix clock issue when using devices with different polarities (git-fixes).
  • statfs: enforce statfs[64] structure initialization (git-fixes).
  • supported.conf: add drivers/virt/coco/tsm (jsc#PED-7167)
  • swiotlb: always set the number of areas before allocating the pool (git-fixes).
  • swiotlb: do not panic! (git-fixes).
  • swiotlb: fix a braino in the alignment check fix (bsc#1216559).
  • swiotlb: fix debugfs reporting of reserved memory pools (git-fixes).
  • swiotlb: fix slot alignment checks (bsc#1216559).
  • swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).
  • swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).
  • swiotlb: reduce the number of areas to match actual memory pool size (git-fixes).
  • swiotlb: reduce the swiotlb buffer size on allocation failure (git-fixes).
  • swiotlb: use the calculated number of areas (git-fixes).
  • tracing / synthetic: Disable events after testing in synth_event_gen_test_init() (git-fixes).
  • tracing/kprobes: Fix the description of variable length arguments (git-fixes).
  • tracing/kprobes: Fix the order of argument descriptions (git-fixes).
  • tracing/perf: Add interrupt_context_level() helper (git-fixes).
  • tracing/synthetic: fix kernel-doc warnings (git-fixes).
  • tracing: Always update snapshot buffer size (git-fixes).
  • tracing: Disable preemption when using the filter buffer (bsc#1217036).
  • tracing: Disable snapshot buffer when stopping instance tracers (git-fixes).
  • tracing: Fix a possible race when disabling buffered events (bsc#1217036).
  • tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
  • tracing: Fix blocked reader of snapshot buffer (git-fixes).
  • tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
  • tracing: Fix warning in trace_buffered_event_disable() (git-fixes, bsc#1217036).
  • tracing: Have the user copy of synthetic event address use correct context (git-fixes).
  • tracing: Reuse logic from perf's get_recursion_context() (git-fixes).
  • tracing: Set actual size after ring buffer resize (git-fixes).
  • tracing: Stop current tracer when resizing buffer (git-fixes).
  • tracing: Update snapshot buffer on resize if it is allocated (git-fixes).
  • tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036).
  • tracing: relax trace_event_eval_update() execution with cond_resched() (git-fixes).
  • uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978).
  • ubifs: Fix memory leak of bud->log_hash (git-fixes).
  • ubifs: fix possible dereference after free (git-fixes).
  • usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate 3.0 G3 (git-fixes).
  • usb: aqc111: check packet for fixup for true limit (git-fixes).
  • usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (git-fixes).
  • usb: host: xhci-plat: fix possible kernel oops while resuming (git-fixes).
  • usb: hub: Guard against accesses to uninitialized BOS descriptors (git-fixes).
  • usb: serial: ftdi_sio: update Actisense PIDs constant names (git-fixes).
  • usb: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
  • usb: serial: option: add Quectel EG912Y module support (git-fixes).
  • usb: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
  • usb: typec: bus: verify partner exists in typec_altmode_attention (git-fixes).
  • usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
  • usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325 (git-fixes).
  • virt/coco/sev-guest: Double-buffer messages (jsc#PED-7167).
  • virt: coco: Add a coco/Makefile and coco/Kconfig (jsc#PED-7167).
  • virt: sevguest: Add TSM_REPORTS support for SNP_GET_EXT_REPORT (jsc#PED-7167).
  • virt: sevguest: Fix passing a stack buffer as a scatterlist target (jsc#PED-7167).
  • virt: sevguest: Prep for kernel internal get_ext_report() (jsc#PED-7167).
  • virt: tdx-guest: Add Quote generation support using TSM_REPORTS (jsc#PED-7167).
  • vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
  • wifi: cfg80211: Add my certificate (git-fixes).
  • wifi: cfg80211: fix certs build to not depend on file order (git-fixes).
  • wifi: iwlwifi: pcie: add another missing bh-disable for rxq->lock (git-fixes).
  • wifi: iwlwifi: pcie: do not synchronize IRQs from IRQ (git-fixes).
  • wifi: mac80211: mesh: check element parsing succeeded (git-fixes).
  • wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).
  • x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
  • x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).
  • x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes).
  • x86/alternatives: Sync core before enabling interrupts (git-fixes).
  • x86/boot/compressed: Handle unaccepted memory (jsc#PED-7167).
  • x86/boot/compressed: Reserve more memory for page tables (git-fixes).
  • x86/boot: Add an efi.h header for the decompressor (jsc#PED-7167).
  • x86/boot: Centralize pa()/va() definitions (jsc#PED-7167).
  • x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).
  • x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).
  • x86/cpu: Do not write CSTAR MSR on Intel CPUs (jsc#PED-7167).
  • x86/cpu: Fix amd_check_microcode() declaration (git-fixes).
  • x86/efi: Safely enable unaccepted memory in UEFI (jsc#PED-7167).
  • x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).
  • x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).
  • x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes).
  • x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).
  • x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790).
  • x86/purgatory: Remove LTO flags (git-fixes).
  • x86/resctrl: Fix kernel-doc warnings (git-fixes).
  • x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (jsc#PED-7167).
  • x86/sev-es: Use insn_decode_mmio() for MMIO implementation (jsc#PED-7167).
  • x86/sev: Add SNP-specific unaccepted memory support (jsc#PED-7167).
  • x86/sev: Allow for use of the early boot GHCB for PSC requests (jsc#PED-7167).
  • x86/sev: Change npages to unsigned long in snp_accept_memory() (jsc#PED-7167).
  • x86/sev: Change snp_guest_issue_request()'s fw_err argument (jsc#PED-7167).
  • x86/sev: Fix address space sparse warning (jsc#PED-7167).
  • x86/sev: Get rid of special sev_es_enable_key (jsc#PED-7167).
  • x86/sev: Mark snp_abort() noreturn (jsc#PED-7167).
  • x86/sev: Put PSC struct on the stack in prep for unaccepted memory support (jsc#PED-7167).
  • x86/sev: Use large PSC requests if applicable (jsc#PED-7167).
  • x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).
  • x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).
  • x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes).
  • x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).
  • x86/tdx: Add unaccepted memory support (jsc#PED-7167).
  • x86/tdx: Disable NOTIFY_ENABLES (jsc#PED-7167).
  • x86/tdx: Make _tdx_hypercall() and __tdx_module_call() available in boot stub (jsc#PED-7167).
  • x86/tdx: Refactor try_accept_one() (jsc#PED-7167).
  • x86/tdx: Relax SEPT_VE_DISABLE check for debug TD (jsc#PED-7167).
  • x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE (jsc#PED-7167).
  • x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217).
  • x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
  • x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217).
  • x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
  • xfs: Rename __xfs_attr_rmtval_remove (git-fixes).
  • xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).
  • xfs: aborting inodes on shutdown may need buffer lock (git-fixes).
  • xfs: add selinux labels to whiteout inodes (git-fixes).
  • xfs: clean up '%Ld/%Lu' which does not meet C standard (git-fixes).
  • xfs: convert flex-array declarations in struct xfs_attrlist* (git-fixes).
  • xfs: convert flex-array declarations in xfs attr leaf blocks (git-fixes).
  • xfs: convert flex-array declarations in xfs attr shortform objects (git-fixes).
  • xfs: decode scrub flags in ftrace output (git-fixes).
  • xfs: dump log intent items that cannot be recovered due to corruption (git-fixes).
  • xfs: fix a bug in the online fsck directory leaf1 bestcount check (git-fixes).
  • xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).
  • xfs: fix incorrect unit conversion in scrub tracepoint (git-fixes).
  • xfs: fix silly whitespace problems with kernel libxfs (git-fixes).
  • xfs: fix uninit warning in xfs_growfs_data (git-fixes).
  • xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes).
  • xfs: make sure maxlen is still congruent with prod when rounding down (git-fixes).
  • xfs: remove kmem_alloc_io() (git-fixes).
  • xfs: remove the xfs_dinode_t typedef (git-fixes).
  • xfs: remove the xfs_dqblk_t typedef (git-fixes).
  • xfs: remove the xfs_dsb_t typedef (git-fixes).
  • xfs: rename xfs_has_attr() (git-fixes).
  • xfs: replace snprintf in show functions with sysfs_emit (git-fixes).
  • xfs: return EINTR when a fatal signal terminates scrub (git-fixes).
  • xfs: sb verifier does not handle uncached sb buffer (git-fixes).
  • xfs: simplify two-level sysctl registration for xfs_table (git-fixes).
  • xfs: sysfs: use default_groups in kobj_type (git-fixes).
  • xfs: use swap() to make dabtree code cleaner (git-fixes).
  • xhci: Clear EHB bit only at end of interrupt handler (git-fixes).
Package Affected Version
pkg:rpm/suse/reiserfs-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/reiserfs-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/ocfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/ocfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kselftests-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kselftests-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-syms-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-vdso?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-optional?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-optional?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-livepatch-devel?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-livepatch-devel?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-extra?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-extra?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/kernel-azure-devel?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/gfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/gfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/dlm-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/dlm-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/cluster-md-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
pkg:rpm/suse/cluster-md-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 < 5.14.21-150500.33.29.1
ID
SUSE-SU-2024:0141-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20240141-1/
Published
2024-01-18T10:35:42
(7 months ago)
Modified
2024-01-18T10:35:42
(7 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0141-1.json
Suse URL for SUSE-SU-2024:0141-1 https://www.suse.com/support/update/announcement/2024/suse-su-20240141-1/
Suse E-Mail link for SUSE-SU-2024:0141-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017677.html
Bugzilla SUSE Bug 1108281 https://bugzilla.suse.com/1108281
Bugzilla SUSE Bug 1179610 https://bugzilla.suse.com/1179610
Bugzilla SUSE Bug 1183045 https://bugzilla.suse.com/1183045
Bugzilla SUSE Bug 1211162 https://bugzilla.suse.com/1211162
Bugzilla SUSE Bug 1211226 https://bugzilla.suse.com/1211226
Bugzilla SUSE Bug 1212139 https://bugzilla.suse.com/1212139
Bugzilla SUSE Bug 1212584 https://bugzilla.suse.com/1212584
Bugzilla SUSE Bug 1214117 https://bugzilla.suse.com/1214117
Bugzilla SUSE Bug 1214747 https://bugzilla.suse.com/1214747
Bugzilla SUSE Bug 1214823 https://bugzilla.suse.com/1214823
Bugzilla SUSE Bug 1215237 https://bugzilla.suse.com/1215237
Bugzilla SUSE Bug 1215696 https://bugzilla.suse.com/1215696
Bugzilla SUSE Bug 1215885 https://bugzilla.suse.com/1215885
Bugzilla SUSE Bug 1215952 https://bugzilla.suse.com/1215952
Bugzilla SUSE Bug 1216032 https://bugzilla.suse.com/1216032
Bugzilla SUSE Bug 1216057 https://bugzilla.suse.com/1216057
Bugzilla SUSE Bug 1216559 https://bugzilla.suse.com/1216559
Bugzilla SUSE Bug 1216776 https://bugzilla.suse.com/1216776
Bugzilla SUSE Bug 1217036 https://bugzilla.suse.com/1217036
Bugzilla SUSE Bug 1217217 https://bugzilla.suse.com/1217217
Bugzilla SUSE Bug 1217250 https://bugzilla.suse.com/1217250
Bugzilla SUSE Bug 1217602 https://bugzilla.suse.com/1217602
Bugzilla SUSE Bug 1217692 https://bugzilla.suse.com/1217692
Bugzilla SUSE Bug 1217790 https://bugzilla.suse.com/1217790
Bugzilla SUSE Bug 1217801 https://bugzilla.suse.com/1217801
Bugzilla SUSE Bug 1217822 https://bugzilla.suse.com/1217822
Bugzilla SUSE Bug 1217927 https://bugzilla.suse.com/1217927
Bugzilla SUSE Bug 1217933 https://bugzilla.suse.com/1217933
Bugzilla SUSE Bug 1217938 https://bugzilla.suse.com/1217938
Bugzilla SUSE Bug 1217946 https://bugzilla.suse.com/1217946
Bugzilla SUSE Bug 1217947 https://bugzilla.suse.com/1217947
Bugzilla SUSE Bug 1217980 https://bugzilla.suse.com/1217980
Bugzilla SUSE Bug 1217981 https://bugzilla.suse.com/1217981
Bugzilla SUSE Bug 1217982 https://bugzilla.suse.com/1217982
Bugzilla SUSE Bug 1218056 https://bugzilla.suse.com/1218056
Bugzilla SUSE Bug 1218092 https://bugzilla.suse.com/1218092
Bugzilla SUSE Bug 1218139 https://bugzilla.suse.com/1218139
Bugzilla SUSE Bug 1218184 https://bugzilla.suse.com/1218184
Bugzilla SUSE Bug 1218229 https://bugzilla.suse.com/1218229
Bugzilla SUSE Bug 1218234 https://bugzilla.suse.com/1218234
Bugzilla SUSE Bug 1218253 https://bugzilla.suse.com/1218253
Bugzilla SUSE Bug 1218258 https://bugzilla.suse.com/1218258
Bugzilla SUSE Bug 1218335 https://bugzilla.suse.com/1218335
Bugzilla SUSE Bug 1218357 https://bugzilla.suse.com/1218357
Bugzilla SUSE Bug 1218397 https://bugzilla.suse.com/1218397
Bugzilla SUSE Bug 1218447 https://bugzilla.suse.com/1218447
Bugzilla SUSE Bug 1218461 https://bugzilla.suse.com/1218461
Bugzilla SUSE Bug 1218515 https://bugzilla.suse.com/1218515
Bugzilla SUSE Bug 1218559 https://bugzilla.suse.com/1218559
Bugzilla SUSE Bug 1218569 https://bugzilla.suse.com/1218569
Bugzilla SUSE Bug 1218643 https://bugzilla.suse.com/1218643
CVE SUSE CVE CVE-2020-26555 page https://www.suse.com/security/cve/CVE-2020-26555/
CVE SUSE CVE CVE-2023-51779 page https://www.suse.com/security/cve/CVE-2023-51779/
CVE SUSE CVE CVE-2023-6121 page https://www.suse.com/security/cve/CVE-2023-6121/
CVE SUSE CVE CVE-2023-6531 page https://www.suse.com/security/cve/CVE-2023-6531/
CVE SUSE CVE CVE-2023-6546 page https://www.suse.com/security/cve/CVE-2023-6546/
CVE SUSE CVE CVE-2023-6606 page https://www.suse.com/security/cve/CVE-2023-6606/
CVE SUSE CVE CVE-2023-6610 page https://www.suse.com/security/cve/CVE-2023-6610/
CVE SUSE CVE CVE-2023-6622 page https://www.suse.com/security/cve/CVE-2023-6622/
CVE SUSE CVE CVE-2023-6931 page https://www.suse.com/security/cve/CVE-2023-6931/
CVE SUSE CVE CVE-2023-6932 page https://www.suse.com/security/cve/CVE-2023-6932/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/reiserfs-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse reiserfs-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/reiserfs-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse reiserfs-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/ocfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse ocfs2-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/ocfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse ocfs2-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kselftests-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse kselftests-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kselftests-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse kselftests-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-syms-azure?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-syms-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-syms-azure?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-syms-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-source-azure?arch=noarch&distro=opensuse-leap-15.5 suse kernel-source-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 noarch
Affected pkg:rpm/suse/kernel-devel-azure?arch=noarch&distro=opensuse-leap-15.5 suse kernel-devel-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 noarch
Affected pkg:rpm/suse/kernel-azure?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-azure-vdso?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure-vdso < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure-optional?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure-optional < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure-optional?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-azure-optional < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-azure-livepatch-devel?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure-livepatch-devel < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure-livepatch-devel?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-azure-livepatch-devel < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-azure-extra?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure-extra < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure-extra?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-azure-extra < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/kernel-azure-devel?arch=x86_64&distro=opensuse-leap-15.5 suse kernel-azure-devel < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/kernel-azure-devel?arch=aarch64&distro=opensuse-leap-15.5 suse kernel-azure-devel < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/gfs2-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse gfs2-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/gfs2-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse gfs2-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/dlm-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse dlm-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/dlm-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse dlm-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
Affected pkg:rpm/suse/cluster-md-kmp-azure?arch=x86_64&distro=opensuse-leap-15.5 suse cluster-md-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 x86_64
Affected pkg:rpm/suse/cluster-md-kmp-azure?arch=aarch64&distro=opensuse-leap-15.5 suse cluster-md-kmp-azure < 5.14.21-150500.33.29.1 opensuse-leap-15.5 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date