Security update for the Linux Kernel

Announcement ID: SUSE-SU-2022:2875-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2020-36516 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  • CVE-2020-36516 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  • CVE-2020-36557 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-36557 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-36558 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-36558 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-33655 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-33655 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-33656 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
  • CVE-2021-33656 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-1116 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-1116 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-1462 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-1462 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-20166 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • CVE-2022-20166 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-21505 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-2318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-2318 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-26365 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2022-26365 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-2639 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  • CVE-2022-2639 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-29581 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-29581 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-32250 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-32250 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-33740 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2022-33740 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-33741 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2022-33741 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-33742 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2022-33742 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-36946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-36946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • Basesystem Module 15-SP3
  • Development Tools Module 15-SP3
  • Legacy Module 15-SP3
  • openSUSE Leap 15.3
  • openSUSE Leap 15.4
  • SUSE Linux Enterprise Desktop 15 SP3
  • SUSE Linux Enterprise High Availability Extension 15 SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise Live Patching 15-SP3
  • SUSE Linux Enterprise Micro 5.1
  • SUSE Linux Enterprise Micro 5.2
  • SUSE Linux Enterprise Micro for Rancher 5.2
  • SUSE Linux Enterprise Real Time 15 SP3
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Linux Enterprise Workstation Extension 15 SP3
  • SUSE Manager Proxy 4.2
  • SUSE Manager Retail Branch Server 4.2
  • SUSE Manager Server 4.2

An update that solves 18 vulnerabilities, contains one feature and has 18 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method (bnc#1196616).
  • CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys that could lead to a use-after-free (bnc#1201429).
  • CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
  • CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO (bnc#1201635).
  • CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT (bnc#1201636).
  • CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647).
  • CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem (bnc#1198829).
  • CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).
  • CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds write in reserve_sfa_size() (bsc#1202154).
  • CVE-2022-20166: Fixed possible out of bounds write due to sprintf unsafety that could cause local escalation of privilege (bnc#1200598)
  • CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy (bsc#1201458).
  • CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
  • CVE-2022-29581: Fixed improper update of Reference Count in net/sched that could cause root privilege escalation (bnc#1199665).
  • CVE-2022-32250: Fixed user-after-free in net/netfilter/nf_tables_api.c that could allow local privilege escalation (bnc#1200015).
  • CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940).

The following non-security bugs were fixed:

  • ACPI: APEI: Better fix to avoid spamming the console with old error logs (git-fixes).
  • ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
  • ACPI: video: Shortening quirk list by identifying Clevo by board_name only (git-fixes).
  • ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
  • ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model (git-fixes).
  • ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop (git-fixes).
  • ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221 (git-fixes).
  • ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
  • ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array (git-fixes).
  • ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks() (git-fixes).
  • ASoC: Remove unused hw_write_t type (git-fixes).
  • ASoC: cs47l15: Fix event generation for low power mux control (git-fixes).
  • ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
  • ASoC: madera: Fix event generation for rate controls (git-fixes).
  • ASoC: ops: Fix off by one in range control validation (git-fixes).
  • ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
  • ASoC: wm5110: Fix DRE control (git-fixes).
  • Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (git-fixes).
  • Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
  • FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (git-fixes).
  • FDDI: defxx: Make MMIO the configuration default except for EISA (git-fixes).
  • Fixed a system crash related to the recent RETBLEED mitigation (bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676).
  • Fixed battery detection problem on macbooks (bnc#1201206).
  • HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).
  • KVM/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
  • KVM: VMX: Add non-canonical check on writes to RTIT address MSRs (git-fixes).
  • KVM: VMX: Do not freeze guest when event delivery causes an APIC-access exit (git-fixes).
  • KVM: apic: avoid calculating pending eoi from an uninitialized val (git-fixes).
  • KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
  • KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)
  • KVM: emulate: do not adjust size of fastop and setcc subroutines (bsc#1201930).
  • KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs (git-fixes).
  • KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1 (git-fixes).
  • KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh() (git-fixes).
  • KVM: x86: Do not let userspace set host-reserved cr4 bits (git-fixes).
  • KVM: x86: Fix split-irqchip vs interrupt injection window request (git-fixes).
  • KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks (git-fixes).
  • KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (git-fixes).
  • KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint (git-fixes).
  • NFC: nxp-nci: do not print header length mismatch on i2c error (git-fixes).
  • PCI/portdrv: Do not disable AER reporting in get_port_device_capability() (git-fixes).
  • PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
  • PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists (git-fixes).
  • PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
  • PCI: dwc: Disable outbound windows only for controllers using iATU (git-fixes).
  • PCI: dwc: Stop link on host_init errors and de-initialization (git-fixes).
  • PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).
  • PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).
  • PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() (git-fixes).
  • PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
  • PCI: tegra194: Fix link up retry sequence (git-fixes).
  • PM: runtime: Remove link state checks in rpm_get/put_supplier() (git-fixes).
  • Sort in RETbleed backport into the sorted section Now that it is upstream..
  • USB: Follow-up to SPDX identifiers addition - remove now useless comments (git-fixes).
  • USB: serial: fix tty-port initialized comments (git-fixes).
  • USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
  • amd-xgbe: Update DMA coherency values (git-fixes).
  • arm64 module: set plt* section addresses to 0x0 (git-fixes)
  • arm64: Extend workaround for erratum 1024718 to all versions of (git-fixes)
  • arm64: asm: Add new-style position independent function annotations (git-fixes)
  • arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return (git-fixes)
  • arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (git-fixes)
  • arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes)
  • arm64: dts: marvell: espressobin: add ethernet alias (git-fixes)
  • arm64: dts: mcbin: support 2W SFP modules (git-fixes)
  • arm64: fix compat syscall return truncation (git-fixes)
  • arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)
  • arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA (git-fixes)
  • arm64: module: remove (NOLOAD) from linker script (git-fixes)
  • arm64: module: rework special section handling (git-fixes)
  • arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)
  • arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes)
  • arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes)
  • arm64: stackleak: fix current_top_of_stack() (git-fixes)
  • arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes)
  • arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes)
  • ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).
  • ath10k: do not enforce interrupt trigger type (git-fixes).
  • ax88179_178a: add ethtool_op_get_ts_info() (git-fixes).
  • blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (git-fixes).
  • blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (git-fixes).
  • block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes).
  • block: Fix fsync always failed if once failed (git-fixes).
  • block: Fix wrong offset in bio_truncate() (git-fixes).
  • block: bio-integrity: Advance seed correctly for larger interval sizes (git-fixes).
  • block: do not delete queue kobject before its children (git-fixes).
  • block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit (git-fixes).
  • bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature (bsc#1199364).
  • bpf: Add config to allow loading modules with BTF mismatches (jsc#SLE-24559).
  • bpf: Add in-kernel split BTF support (jsc#SLE-24559).
  • bpf: Assign ID to vmlinux BTF and return extra info for BTF in GET_OBJ_INFO (jsc#SLE-24559).
  • bpf: Keep module's btf_data_size intact after load (jsc#SLE-24559).
  • bpf: Load and verify kernel module BTFs (jsc#SLE-24559).
  • bpf: Provide function to get vmlinux BTF information (jsc#SLE-24559).
  • bpf: Sanitize BTF data pointer after module is loaded (jsc#SLE-24559).
  • bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() (git-fixes).
  • can: Break loopback loop on loopback documentation (git-fixes).
  • can: error: specify the values of data[5..7] of CAN error frames (git-fixes).
  • can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
  • can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).
  • can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off (git-fixes).
  • can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off (git-fixes).
  • can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).
  • can: pch_can: pch_can_error(): initialize errc before using it (git-fixes).
  • can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).
  • can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).
  • can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).
  • can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).
  • clk: qcom: camcc-sdm845: Fix topology around titan_top power domain (git-fixes).
  • clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).
  • clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).
  • clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
  • clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
  • clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks (git-fixes).
  • clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
  • config: enable DEBUG_INFO_BTF This option allows users to access the btf type information for vmlinux but not kernel modules.
  • cpuidle: PSCI: Move the has_lpi check to the beginning of the (git-fixes)
  • crypto: qat - disable registration of algorithms (git-fixes).
  • crypto: qat - fix memory leak in RSA (git-fixes).
  • crypto: qat - remove dma_free_coherent() for DH (git-fixes).
  • crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
  • crypto: qat - set to zero DH parameters before free (git-fixes).
  • cxgb4: Fix the -Wmisleading-indentation warning (git-fixes).
  • dm btree remove: assign new_root only when removal succeeds (git-fixes).
  • dm btree remove: fix use after free in rebalance_children() (git-fixes).
  • dm bufio: subtract the number of initial sectors in dm_bufio_get_device_size (git-fixes).
  • dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (git-fixes).
  • dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).
  • dm crypt: make printing of the key constant-time (git-fixes).
  • dm integrity: conditionally disable "recalculate" feature (git-fixes).
  • dm integrity: fix a crash if "recalculate" used without "internal_hash" (git-fixes).
  • dm integrity: fix error code in dm_integrity_ctr() (git-fixes).
  • dm integrity: fix memory corruption when tag_size is less than digest size (git-fixes).
  • dm integrity: fix the maximum number of arguments (git-fixes).
  • dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).
  • dm persistent data: packed struct should have an aligned() attribute too (git-fixes).
  • dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload sequences (git-fixes).
  • dm snapshot: fix crash with transient storage and zero chunk size (git-fixes).
  • dm snapshot: flush merged data before committing metadata (git-fixes).
  • dm snapshot: properly fix a crash when an origin has no snapshots (git-fixes).
  • dm space map common: fix division bug in sm_ll_find_free_block() (git-fixes).
  • dm stats: add cond_resched when looping over entries (git-fixes).
  • dm verity: fix FEC for RS roots unaligned to block size (git-fixes).
  • dm: fix mempool NULL pointer race when completing IO (git-fixes).
  • dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (git-fixes).
  • dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
  • dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).
  • dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (git-fixes).
  • dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (git-fixes).
  • do not call utsname() after ->nsproxy is NULL (bsc#1201196).
  • drbd: fix potential silent data corruption (git-fixes).
  • driver core: fix potential deadlock in __driver_attach (git-fixes).
  • drivers/net: Fix kABI in tun.c (git-fixes).
  • drivers: net: fix memory leak in atusb_probe (git-fixes).
  • drivers: net: fix memory leak in peak_usb_create_dev (git-fixes).
  • drm/amd/display: Enable building new display engine with KCOV enabled (git-fixes).
  • drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).
  • drm/doc: Fix comment typo (git-fixes).
  • drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed (git-fixes).
  • drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).
  • drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).
  • drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() (git-fixes).
  • drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
  • drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (git-fixes).
  • drm/mediatek: dpi: Only enable dpi after the bridge is enabled (git-fixes).
  • drm/mediatek: dpi: Remove output format of YUV (git-fixes).
  • drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
  • drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform (git-fixes).
  • drm/msm/mdp5: Fix global state lock backoff (git-fixes).
  • drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
  • drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).
  • drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error (git-fixes).
  • drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
  • drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (git-fixes).
  • drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).
  • drm/rockchip: vop: Do not crash for invalid duplicate_state() (git-fixes).
  • drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).
  • drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration (git-fixes).
  • drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
  • drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
  • drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes (git-fixes).
  • drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
  • drm/vc4: plane: Fix margin calculations for the right/bottom edges (git-fixes).
  • drm/vc4: plane: Remove subpixel positioning check (git-fixes).
  • drm: adv7511: override i2c address of cec before accessing it (git-fixes).
  • drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).
  • drm: bridge: sii8620: fix possible off-by-one (git-fixes).
  • fbcon: Disallow setting font bigger than screen size (git-fixes).
  • fbcon: Prevent that screen size is smaller than font size (git-fixes).
  • fbdev: fbmem: Fix logo center image dx issue (git-fixes).
  • fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
  • fpga: altera-pr-ip: fix unsigned comparison with less than zero (git-fixes).
  • ftgmac100: Restart MAC HW once (git-fixes).
  • gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (git-fixes).
  • gpio: pca953x: only use single read/write for No AI mode (git-fixes).
  • gpio: pca953x: use the correct range when do regmap sync (git-fixes).
  • gpio: pca953x: use the correct register address when regcache sync during init (git-fixes).
  • hex2bin: make the function hex_to_bin constant-time (git-fixes).
  • hv_netvsc: Add (more) validation for untrusted Hyper-V values (bsc#1199364).
  • hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).
  • hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
  • hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer (bsc#1199364).
  • hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364).
  • i2c: Fix a potential use after free (git-fixes).
  • i2c: cadence: Change large transfer count reset logic to be unconditional (git-fixes).
  • i2c: cadence: Support PEC for SMBus block read (git-fixes).
  • i2c: cadence: Unregister the clk notifier in error path (git-fixes).
  • i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).
  • ida: do not use BUG_ON() for debugging (git-fixes).
  • igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes).
  • iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
  • iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
  • iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
  • iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
  • iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
  • iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
  • iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
  • iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
  • iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).
  • iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large (git-fixes).
  • iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
  • iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
  • iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
  • iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
  • iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).
  • iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).
  • iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).
  • iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
  • iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
  • iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
  • iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).
  • iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).
  • iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).
  • iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).
  • iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).
  • iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).
  • iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).
  • iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).
  • iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
  • ima: Fix a potential integer overflow in ima_appraise_measurement (git-fixes).
  • ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
  • intel_th: Fix a resource leak in an error handling path (git-fixes).
  • intel_th: msu-sink: Potential dereference of null pointer (git-fixes).
  • intel_th: msu: Fix vmalloced buffers (git-fixes).
  • kABI workaround for rtsx_usb (git-fixes).
  • kabi: create module private struct to hold btf size/data (jsc#SLE-24559).
  • kbuild: Build kernel module BTFs if BTF is enabled and pahole supports it (jsc#SLE-24559).
  • kbuild: Skip module BTF generation for out-of-tree external modules (jsc#SLE-24559).
  • kbuild: add marker for build log of *.mod.o (jsc#SLE-24559).
  • kbuild: drop $(wildcard $^) check in if_changed* for faster rebuild (jsc#SLE-24559).
  • kbuild: rebuild modules when module linker scripts are updated (jsc#SLE-24559).
  • kbuild: rename any-prereq to newer-prereqs (jsc#SLE-24559).
  • kbuild: split final module linking out into Makefile.modfinal (jsc#SLE-24559).
  • lib/string.c: implement stpcpy (git-fixes).
  • linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (git-fixes).
  • linux/random.h: Remove arch_has_random, arch_has_random_seed (git-fixes).
  • linux/random.h: Use false with bool (git-fixes).
  • lkdtm: Disable return thunks in rodata.c (bsc#1178134).
  • macvlan: remove redundant null check on data (git-fixes).
  • md/bitmap: wait for external bitmap writes to complete during tear down (git-fixes).
  • md/raid0: Ignore RAID0 layout if the second zone has only one device (git-fixes).
  • md: Set prev_flush_start and flush_bio in an atomic way (git-fixes).
  • md: bcache: check the return value of kzalloc() in detached_dev_do_request() (git-fixes).
  • media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
  • media: rc: increase rc-mm tolerance and add debug message (git-fixes).
  • media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle (git-fixes).
  • media: rtl28xxu: add missing sleep before probing slave demod (git-fixes).
  • media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).
  • media: smipcie: fix interrupt handling and IR timeout (git-fixes).
  • media: tw686x: Register the irq at the end of probe (git-fixes).
  • media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device() (git-fixes).
  • media: v4l2-mem2mem: always consider OUTPUT queue during poll (git-fixes).
  • media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes).
  • mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() (git-fixes).
  • memregion: Fix memregion_free() fallback definition (git-fixes).
  • memstick/ms_block: Fix a memory leak (git-fixes).
  • memstick/ms_block: Fix some incorrect memory allocation (git-fixes).
  • meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).
  • misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).
  • misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer (git-fixes).
  • misc: rtsx_usb: set return value in rsp_buf alloc err path (gi