Security update for the Linux Kernel

Announcement ID: SUSE-SU-2022:4503-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2022-2602 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-2602 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-28693 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2022-3567 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-3567 ( NVD ): 4.6 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2022-3628 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-3628 ( NVD ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-3635 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-3635 ( NVD ): 5.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2022-3707 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-3707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-3903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-3903 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-4095 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-4095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-4129 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-4129 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-4139 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-4139 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-41850 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
  • CVE-2022-41850 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-41858 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-41858 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-42895 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
  • CVE-2022-42895 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2022-42896 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
  • CVE-2022-42896 ( NVD ): 8.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  • CVE-2022-4378 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-4378 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-43945 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-43945 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • openSUSE Leap 15.3
  • Public Cloud Module 15-SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Manager Proxy 4.2
  • SUSE Manager Retail Branch Server 4.2
  • SUSE Manager Server 4.2

An update that solves 17 vulnerabilities and has 33 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec (bsc#1206207).
  • CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c of the component IPsec (bsc#1204631).
  • CVE-2022-41850: Fixed a race condition in roccat_report_event() in drivers/hid/hid-roccat.c (bsc#1203960).
  • CVE-2022-45934: Fixed a integer wraparound via L2CAP_CONF_REQ packets in l2cap_config_req in net/bluetooth/l2cap_core.c (bsc#1205796).
  • CVE-2022-3628: Fixed potential buffer overflow in brcmf_fweh_event_worker() in wifi/brcmfmac (bsc#1204868).
  • CVE-2022-3567: Fixed a to race condition in inet6_stream_ops()/inet6_dgram_ops() of the component IPv6 Handler (bsc#1204414).
  • CVE-2022-41858: Fixed a denial of service in sl_tx_timeout() in drivers/net/slip (bsc#1205671).
  • CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
  • CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
  • CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
  • CVE-2022-2602: Fixed a local privilege escalation vulnerability involving Unix socket Garbage Collection and io_uring (bsc#1204228).
  • CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req() which can be used to leak kernel pointers remotely (bsc#1205705).
  • CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2cap_core.c's l2cap_connect() and l2cap_le_connect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).
  • CVE-2022-3707: Fixed a double free in the Intel GVT-g graphics driver (bsc#1204780).

The following non-security bugs were fixed:

  • ALSA: hda/ca0132: add quirk for EVGA Z390 DARK (git-fixes).
  • ALSA: hda: fix potential memleak in 'add_widget_node' (git-fixes).
  • ALSA: usb-audio: Add DSD support for Accuphase DAC-60 (git-fixes).
  • ALSA: usb-audio: Add quirk entry for M-Audio Micro (git-fixes).
  • ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() (git-fixes).
  • ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" -> "Route" (git-fixes).
  • ASoC: codecs: jz4725b: add missed Line In power control bit (git-fixes).
  • ASoC: codecs: jz4725b: fix capture selector naming (git-fixes).
  • ASoC: codecs: jz4725b: fix reported volume for Master ctl (git-fixes).
  • ASoC: codecs: jz4725b: use right control for Capture Volume (git-fixes).
  • ASoC: core: Fix use-after-free in snd_soc_exit() (git-fixes).
  • ASoC: max98373: Add checks for devm_kcalloc (git-fixes).
  • ASoC: soc-utils: Remove __exit for snd_soc_util_exit() (git-fixes).
  • ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe" (git-fixes).
  • ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe" (git-fixes).
  • ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK (git-fixes).
  • ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe" (git-fixes).
  • Bluetooth: L2CAP: Fix attempting to access uninitialized memory (git-fixes).
  • Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm (git-fixes).
  • Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (git-fixes).
  • Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573)
  • Drivers: hv: vmbus: Add /sys/bus/vmbus/hibernation (git-fixes).
  • Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
  • Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening (bsc#1204017).
  • Drivers: hv: vmbus: Drop error message when 'No request id available' (bsc#1204017).
  • Drivers: hv: vmbus: Fix duplicate CPU assignments within a device (git-fixes).
  • Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero (bsc#1204017).
  • Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (git-fixes).
  • Drivers: hv: vmbus: Fix potential crash on module unload (git-fixes).
  • Drivers: hv: vmbus: Introduce vmbus_request_addr_match() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
  • Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer (git-fixes).
  • Drivers: hv: vmbus: Remove unused linux/version.h header (git-fixes).
  • Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb() (git-fixes).
  • Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() (git-fixes).
  • Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() (git-fixes).
  • Drivers: hv: vmbus: remove unused function (git-fixes).
  • HID: saitek: add madcatz variant of MMO7 mouse device ID (git-fixes).
  • Input: i8042 - fix leaking of platform device on module removal (git-fixes).
  • Input: iforce - invert valid length check when fetching device IDs (git-fixes).
  • KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support (git-fixes).
  • KVM: nVMX: Invalidate all EPTP contexts when emulating INVEPT for L1 (git-fixes).
  • KVM: nVMX: Validate the EPTP when emulating INVEPT(EXTENT_CONTEXT) (git-fixes).
  • KVM: nVMX: clear PIN_BASED_POSTED_INTR from nested pinbased_ctls only when apicv is globally disabled (git-fixes).
  • KVM: s390: Add a routine for setting userspace CPU state (git-fixes).
  • KVM: s390: Fix handle_sske page fault handling (git-fixes).
  • KVM: s390: Simplify SIGP Set Arch handling (git-fixes).
  • KVM: s390: get rid of register asm usage (git-fixes).
  • KVM: s390: pv: avoid stalls when making pages secure (git-fixes).
  • KVM: s390: pv: do not allow userspace to set the clock under PV (git-fixes).
  • KVM: s390: pv: leak the topmost page table when destroy fails (git-fixes).
  • KVM: s390: reduce number of IO pins to 1 (git-fixes).
  • NFC: nci: fix memory leak in nci_rx_data_packet() (git-fixes).
  • NFS: Refactor nfs_instantiate() for dentry referencing callers (bsc#1204215).
  • NFSv3: use nfs_add_or_obtain() to create and reference inodes (bsc#1204215).
  • PCI: hv: Add check for hyperv_initialized in init_hv_pci_drv() (bsc#1204446).
  • PCI: hv: Add validation for untrusted Hyper-V values (git-fixes).
  • PCI: hv: Drop msi_controller structure (bsc#1204446).
  • PCI: hv: Fix a race condition when removing the device (bsc#1204446).
  • PCI: hv: Fix sleep while in non-sleep context when removing child devices from the bus (bsc#1204446).
  • PCI: hv: Fix synchronization between channel callback and hv_compose_msi_msg() (bsc#1204017).
  • PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit() (bsc#1204017).
  • PCI: hv: Fix the definition of vector in hv_compose_msi_msg() (bsc#1200845).
  • PCI: hv: Fix typo (bsc#1204446).
  • PCI: hv: Remove bus device removal unused refcount/functions (bsc#1204446).
  • PCI: hv: Remove unnecessary use of %hx (bsc#1204446).
  • PCI: hv: Support for create interrupt v3 (bsc#1204446).
  • PCI: hv: Use PCI_ERROR_RESPONSE to identify config read errors (bsc#1204446).
  • PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (bsc#1204017).
  • RDMA/core/sa_query: Remove unused argument (git-fixes)
  • RDMA/hns: Fix spelling mistakes of original (git-fixes)
  • RDMA/qedr: Add support for user mode XRC-SRQ's (git-fixes)
  • RDMA/qedr: Fix reporting max_{send/recv}_wr attrs (git-fixes)
  • RDMA/qedr: Remove unsupported qedr_resize_cq callback (git-fixes)
  • RDMA/rxe: Fix memory leak in error path code (git-fixes)
  • SCSI: scsi_probe_lun: retry INQUIRY after timeout (bsc#1189297).
  • USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
  • USB: serial: option: add Fibocom FM160 0x0111 composition (git-fixes).
  • USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
  • USB: serial: option: add u-blox LARA-L6 modem (git-fixes).
  • USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
  • USB: serial: option: remove old LARA-R6 PID (git-fixes).
  • USB: serial: option: remove old LARA-R6 PID.
  • Xen/gntdev: do not ignore kernel unmapping error (git-fixes).
  • add another bug reference to some hyperv changes (bsc#1205617).
  • arm/xen: Do not probe xenbus as part of an early initcall (git-fixes).
  • arm64: dts: imx8mm: Fix NAND controller size-cells (git-fixes)
  • arm64: dts: juno: Add thermal critical trip points (git-fixes)
  • ata: libata-transport: fix double ata_host_put() in ata_tport_add() (git-fixes).
  • ata: libata-transport: fix error handling in ata_tdev_add() (git-fixes).
  • ata: libata-transport: fix error handling in ata_tlink_add() (git-fixes).
  • ata: libata-transport: fix error handling in ata_tport_add() (git-fixes).
  • ata: pata_legacy: fix pdc20230_set_piomode() (git-fixes).
  • blk-crypto: fix check for too-large dun_bytes (git-fixes).
  • blk-mq: Properly init requests from blk_mq_alloc_request_hctx() (git-fixes).
  • blk-mq: do not create hctx debugfs dir until q->debugfs_dir is created (git-fixes).
  • blk-wbt: call rq_qos_add() after wb_normal is initialized (git-fixes).
  • blktrace: Trace remapped requests correctly (git-fixes).
  • block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (git-fixes).
  • block: Add a helper to validate the block size (git-fixes).
  • block: assign bi_bdev for cloned bios in blk_rq_prep_clone (bsc#1204328).
  • block: ataflop: fix breakage introduced at blk-mq refactoring (git-fixes).
  • block: ataflop: more blk-mq refactoring fixes (git-fixes).
  • block: fix infinite loop for invalid zone append (git-fixes).
  • block: limit request dispatch loop duration (git-fixes).
  • block: nbd: add sanity check for first_minor (git-fixes).
  • block: use "unsigned long" for blk_validate_block_size() (git-fixes).
  • bus: sunxi-rsb: Support atomic transfers (git-fixes).
  • can: cc770: cc770_isa_probe(): add missing free_cc770dev() (git-fixes).
  • can: sja1000_isa: sja1000_isa_probe(): add missing free_sja1000dev() (git-fixes).
  • capabilities: fix undefined behavior in bit shift for CAP_TO_MASK (git-fixes).
  • ceph: allow ceph.dir.rctime xattr to be updatable (bsc#1205989).
  • ceph: do not access the kiocb after aio requests (bsc#1205984).
  • ceph: fix fscache invalidation (bsc#1205985).
  • ceph: lockdep annotations for try_nonblocking_invalidate (bsc#1205988).
  • ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (bsc#1205986).
  • ceph: request Fw caps before updating the mtime in ceph_write_iter (bsc#1205987).
  • cifs: skip extra NULL byte in filenames (bsc#1204791).
  • dm era: commit metadata in postsuspend after worker stops (git-fixes).
  • dm integrity: set journal entry unused when shrinking device (git-fixes).
  • dm mirror log: clear log bits up to BITS_PER_LONG boundary (git-fixes).
  • dm mpath: only use ktime_get_ns() in historical selector (git-fixes).
  • dm raid: fix accesses beyond end of raid member array (git-fixes).
  • dm raid: fix address sanitizer warning in raid_resume (git-fixes).
  • dm raid: fix address sanitizer warning in raid_status (git-fixes).
  • dm thin: fix use-after-free crash in dm_sm_register_threshold_callback (git-fixes).
  • dm verity fec: fix misaligned RS roots IO (git-fixes).
  • dm writecache: fix writing beyond end of underlying device when shrinking (git-fixes).
  • dm writecache: return the exact table values that were set (git-fixes).
  • dm writecache: set a default MAX_WRITEBACK_JOBS (git-fixes).
  • dm: fix request-based DM to not bounce through indirect dm_submit_bio (git-fixes).
  • dm: remove special-casing of bio-based immutable singleton target on NVMe (git-fixes).
  • dm: return early from dm_pr_call() if DM device is suspended (git-fixes).
  • dma-buf: fix racing conflict of dma_heap_add() (git-fixes).
  • dmaengine: at_hdmac: Check return code of dma_async_device_register (git-fixes).
  • dmaengine: at_hdmac: Do not allow CPU to reorder channel enable (git-fixes).
  • dmaengine: at_hdmac: Do not start transactions at tx_submit level (git-fixes).
  • dmaengine: at_hdmac: Fix at_lli struct definition (git-fixes).
  • dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors (git-fixes).
  • dmaengine: at_hdmac: Fix impossible condition (git-fixes).
  • dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() (git-fixes).
  • dmaengine: pxa_dma: use platform_get_irq_optional (git-fixes).
  • drivers/hv: remove obsolete TODO and fix misleading typo in comment (git-fixes).
  • drivers: hv: Fix EXPORT_SYMBOL and tab spaces issue (git-fixes).
  • drivers: hv: Fix hyperv_record_panic_msg path on comment (git-fixes).
  • drivers: hv: Fix missing error code in vmbus_connect() (git-fixes).
  • drivers: hv: vmbus: Fix call msleep using < 20ms (git-fixes).
  • drivers: hv: vmbus: Fix checkpatch LINE_SPACING (git-fixes).
  • drivers: hv: vmbus: Fix checkpatch SPLIT_STRING (git-fixes).
  • drivers: hv: vmbus: Replace symbolic permissions by octal permissions (git-fixes).
  • drivers: net: slip: fix NPD bug in sl_tx_timeout() (git-fixes).
  • drm/drv: Fix potential memory leak in drm_dev_init() (git-fixes).
  • drm/i915/dmabuf: fix sg_table handling in map_dma_buf (git-fixes).
  • drm/i915/sdvo: Filter out invalid outputs more sensibly (git-fixes).
  • drm/i915/sdvo: Setup DDC fully before output init (git-fixes).
  • drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid (git-fixes).
  • drm/panel: simple: set bpc field for logic technologies displays (git-fixes).
  • drm/rockchip: dsi: Force synchronous probe (git-fixes).
  • drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register() (git-fixes).
  • drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() (git-fixes).
  • fbdev: smscufx: Fix several use-after-free bugs (git-fixes).
  • firmware: arm_scmi: Suppress the driver's bind attributes (git-fixes).
  • ftrace: Fix char print issue in print_ip_ins() (git-fixes).
  • ftrace: Fix null pointer dereference in ftrace_add_mod() (git-fixes).
  • ftrace: Fix the possible incorrect kernel message (git-fixes).
  • ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
  • ftrace: Optimize the allocation for mcount entries (git-fixes).
  • ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
  • fuse: add file_modified() to fallocate (bsc#1205330).
  • fuse: fix readdir cache race (bsc#1205329).
  • hamradio: fix issue of dev reference count leakage in bpq_device_event() (git-fixes).
  • hv: hyperv.h: Remove unused inline functions (git-fixes).
  • hv_netvsc: Add a comment clarifying batching logic (git-fixes).
  • hv_netvsc: Add check for kvmalloc_array (git-fixes).
  • hv_netvsc: Add error handling while switching data path (bsc#1204850).
  • hv_netvsc: Allocate the recv_buf buffers after NVSP_MSG1_TYPE_SEND_RECV_BUF (git-fixes).
  • hv_netvsc: Check VF datapath when sending traffic to VF (git-fixes).
  • hv_netvsc: Fix potential dereference of NULL pointer (git-fixes).
  • hv_netvsc: Fix race between VF offering and VF association message from host (bsc#1204850).
  • hv_netvsc: Print value of invalid ID in netvsc_send_{completion,tx_complete}() (git-fixes).
  • hv_netvsc: Process NETDEV_GOING_DOWN on VF hot remove (bsc#1204850).
  • hv_netvsc: Use bitmap_zalloc() when applicable (git-fixes).
  • hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • hv_netvsc: Validate number of allocated sub-channels (git-fixes).
  • hv_netvsc: Wait for completion on request SWITCH_DATA_PATH (bsc#1204017).
  • hv_netvsc: use netif_is_bond_master() instead of open code (git-fixes).
  • hv_utils: Fix passing zero to 'PTR_ERR' warning (git-fixes).
  • hwmon: (coretemp) Check for null before removing sysfs attrs (git-fixes).
  • hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (git-fixes).
  • hwmon: (i5500_temp) fix missing pci_disable_device() (git-fixes).
  • hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails (git-fixes).
  • i2c: i801: add lis3lv02d's I2C address for Vostro 5568 (git-fixes).
  • ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533 git-fixes).
  • iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() (git-fixes).
  • iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails (git-fixes).
  • iio: health: afe4403: Fix oob read in afe4403_read_raw (git-fixes).
  • iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw (git-fixes).
  • iio: light: apds9960: fix wrong register for gesture gain (git-fixes).
  • iio: light: rpr0521: add missing Kconfig dependencies (git-fixes).
  • iio: pressure: ms5611: changed hardcoded SPI speed to value limited (git-fixes).
  • iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() (git-fixes).
  • isdn: mISDN: netjet: fix wrong check of device registration (git-fixes).
  • iwlwifi: dbg: disable ini debug in 9000 family and below (git-fixes).
  • kABI: Fix after adding trace_iterator.wait_index (git-fixes).
  • kABI: remove new member of usbip_device (git-fixes).
  • kabi: fix transport_add_device change (git-fixes).
  • kexec: turn all kexec_mutex acquisitions into trylocks (git-fixes).
  • kvm: nVMX: reflect MTF VM-exits if injected by L1 (git-fixes).
  • loop: Check for overflow while configuring loop (git-fixes).
  • mISDN: fix misuse of put_device() in mISDN_register_device() (git-fixes).
  • mISDN: fix possible memory leak in mISDN_dsp_element_register() (git-fixes).
  • mISDN: fix possible memory leak in mISDN_register_device() (git-fixes).
  • md/raid5: Ensure stripe_fill happens on non-read IO with journal (git-fixes).
  • md: Replace snprintf with scnprintf (git-fixes).
  • media: dvb-frontends/drxk: initialize err to 0 (git-fixes).
  • media: meson: vdec: fix possible refcount leak in vdec_probe() (git-fixes).
  • media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation (git-fixes).
  • media: venus: dec: Handle the case where find_format fails (git-fixes).
  • media: vim2m: initialize the media device earlier (git-fixes).
  • media: vivid: fix assignment of dev->fbuf_out_flags (git-fixes).
  • misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (git-fixes).
  • mmc: core: properly select voltage range without power cycle (git-fixes).
  • mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI (git-fixes).
  • mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
  • mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout (git-fixes).
  • mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() (git-fixes).
  • nbd: Fix use-after-free in pid_show (git-fixes).
  • nbd: fix possible overflow for 'first_minor' in nbd_dev_add() (git-fixes).
  • nbd: fix possible overflow on 'first_minor' in nbd_dev_add() (git-fixes).
  • nbd: handle device refs for DESTROY_ON_DISCONNECT properly (git-fixes).
  • net/x25: Fix skb leak in x25_lapb_receive_frame() (git-fixes).
  • net: ethernet: nixge: fix NULL dereference (git-fixes).
  • net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed (git-fixes).
  • net: hyperv: remove use of bpf_op_t (git-fixes).
  • net: netvsc: remove break after return (git-fixes).
  • net: phy: fix null-ptr-deref while probe() failed (git-fixes).
  • net: thunderbolt: Fix error handling in tbnet_init() (git-fixes).
  • net: usb: qmi_wwan: Set DTR quirk for MR400 (git-fixes).
  • net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch (git-fixes).
  • nfc/nci: fix race with opening and closing (git-fixes).
  • nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (git-fixes).
  • nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send() (git-fixes).
  • nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).
  • nfc: st-nci: fix memory leaks in EVT_TRANSACTION (git-fixes).
  • nfsd: set the server_scope during service startup (bsc#1203746).
  • null_blk: Fail zone append to conventional zones (git-fixes).
  • null_blk: synchronization fix for zoned device (git-fixes).
  • nvmem: core: Check input parameter for NULL in nvmem_unregister() (bsc#1204241).
  • panic, kexec: make __crash_kexec() NMI safe (git-fixes).
  • parport_pc: Avoid FIFO port location truncation (git-fixes).
  • phy: stm32: fix an error code in probe (git-fixes).
  • pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map (git-fixes).
  • platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi (git-fixes).
  • powerpc/boot: Explicitly disable usage of SPE instructions (bsc#1156395).
  • powerpc/kvm: Fix kvm_use_magic_page (bsc#1156395).
  • printk: add missing memory barrier to wake_up_klogd() (bsc#1204934).
  • printk: use atomic updates for klogd work (bsc#1204934).
  • printk: wake waiters for safe and NMI contexts (bsc#1204934).
  • r8152: Add MAC passthrough support to new device (git-fixes).
  • r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
  • r8152: use new helper tcp_v6_gso_csum_prep (git-fixes).
  • rbd: fix possible memory leak in rbd_sysfs_init() (git-fixes).
  • regulator: core: fix UAF in destroy_regulator() (git-fixes).
  • regulator: core: fix kobject release warning and memory leak in regulator_register() (git-fixes).
  • regulator: twl6030: re-add TWL6032_SUBCLASS (git-fixes).
  • ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
  • ring-buffer: Allow splice to read previous partially read pages (git-fixes).
  • ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters() (git-fixes).
  • ring-buffer: Check pending waiters when doing wake ups as well (git-fixes).
  • ring-buffer: Fix race between reset page and reading page (git-fixes).
  • ring-buffer: Have the shortest_full queue be the shortest not longest (git-fixes).
  • ring-buffer: Include dropped pages in counting dirty patches (git-fixes).
  • ring_buffer: Do not deactivate non-existant pages (git-fixes).
  • rndis_host: increase sleep time in the query-response loop (git-fixes).
  • rtc: mt6397: fix alarm register overwrite (git-fixes).
  • s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
  • s390/cpcmd: fix inline assembly register clobbering (git-fixes).
  • s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup (git-fixes).
  • s390/disassembler: increase ebpf disasm buffer size (git-fixes).
  • s390/futex: add missing EX_TABLE entry to __futex_atomic_op() (bsc#1205428 LTC#200501).
  • s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages (bsc#1203144 LTC#199881).
  • s390/mm: use non-quiescing sske for KVM switch to keyed guest (git-fixes).
  • s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() (git-fixes).
  • s390/ptrace: return -ENOSYS when invalid syscall is supplied (git-fixes).
  • s390/uaccess: add missing EX_TABLE entries to __clear_user(), copy_in_user_mvcos(), copy_in_user_mvc(), clear_user_xc() and __strnlen_user() (bsc#1205428 LTC#200501).
  • s390/vtime: fix inline assembly clobber list (git-fixes).
  • s390/zcore: fix race when reading from hardware system area (git-fixes).
  • s390/zcrypt: fix zcard and zqueue hot-unplug memleak (git-fixes).
  • s390: Remove arch_has_random, arch_has_random_seed (git-fixes).
  • s390: fix double free of GS and RI CBs on fork() failure (git-fixes).
  • s390: fix nospec table alignments (git-fixes).
  • s390: mark __cpacf_query() as __always_inline (git-fixes).
  • scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (git-fixes).
  • scsi: drivers: base: Propagate errors through the transport component (git-fixes).
  • scsi: drivers: base: Support atomic version of attribute_container_device_trigger (git-fixes).
  • scsi: ibmvfc: Avoid path failures during live migration (bsc#1065729 bsc#1204810 ltc#200162).
  • scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 (bsc#1156395).
  • scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for transceiver info (bsc#1204957).
  • scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (bsc#1204957).
  • scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
  • scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited" (bsc#1204957).
  • scsi: lpfc: Log when congestion management limits are in effect (bsc#1204957).
  • scsi: lpfc: Set sli4_param's cmf option to zero when CMF is turned off (bsc#1204957).
  • scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
  • scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
  • scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
  • scsi: q