Security update for the Linux Kernel
Announcement ID: | SUSE-SU-2023:4732-1 |
---|---|
Rating: | important |
References: |
|
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 15 vulnerabilities, contains three features and has 39 security fixes can now be installed.
Description:
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-2006: Fixed a race condition in the RxRPC network protocol (bsc#1210447).
- CVE-2023-25775: Fixed improper access control in the Intel Ethernet Controller RDMA driver (bsc#1216959).
- CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095)
- CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976).
- CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058).
- CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259).
- CVE-2023-46813: Fixed SEV-ES local priv escalation (bsc#1212649).
- CVE-2023-46862: Fixed a NULL pointer dereference in io_uring_show_fdinfo() (bsc#1216693).
- CVE-2023-5158: Fixed a denial of service in vringh_kiov_advance() in drivers/vhost/vringh.c in the host side of a virtio ring (bsc#1215710).
- CVE-2023-5633: Fixed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface (bsc#1216527).
- CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584).
- CVE-2023-6039: Fixed a use-after-free in lan78xx_disconnect in drivers/net/usb/lan78xx.c (bsc#1217068).
- CVE-2023-6176: Fixed a denial of service in the cryptographic algorithm scatterwalk functionality (bsc#1217332).
The following non-security bugs were fixed:
- acpi: fpdt: properly handle invalid fpdt subtables (git-fixes).
- acpi: resource: do irq override on tongfang gmxxgxx (git-fixes).
- acpi: resource: skip irq override on asus expertbook b1402cva (git-fixes).
- acpi: sysfs: fix create_pnp_modalias() and create_of_modalias() (git-fixes).
- alsa: hda/realtek - add dell alc295 to pin fall back table (git-fixes).
- alsa: hda/realtek - alc287 realtek i2s speaker platform support (git-fixes).
- alsa: hda/realtek - enable internal speaker of asus k6500zc (git-fixes).
- alsa: hda/realtek: add quirk for asus ux7602zm (git-fixes).
- alsa: hda/realtek: add quirks for asus 2024 zenbooks (git-fixes).
- alsa: hda/realtek: add quirks for hp laptops (git-fixes).
- alsa: hda/realtek: add support dual speaker for dell (git-fixes).
- alsa: hda/realtek: enable mute led on hp 255 g10 (git-fixes).
- alsa: hda/realtek: enable mute led on hp 255 g8 (git-fixes).
- alsa: hda: asus um5302la: added quirks for cs35l41/10431a83 on i2c bus (git-fixes).
- alsa: hda: cs35l41: fix unbalanced pm_runtime_get() (git-fixes).
- alsa: hda: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
- alsa: hda: disable power-save on kontron singlepc (bsc#1217140).
- alsa: hda: fix possible null-ptr-deref when assigning a stream (git-fixes).
- alsa: hda: intel-dsp-config: fix jsl chromebook quirk detection (git-fixes).
- alsa: info: fix potential deadlock at disconnection (git-fixes).
- alsa: usb-audio: add quirk flag to enable native dsd for mcintosh devices (git-fixes).
- arm/xen: fix xen_vcpu_info allocation alignment (git-fixes).
- arm64: add cortex-a520 cpu part definition (git-fixes)
- arm64: allow kprobes on el0 handlers (git-fixes)
- arm64: armv8_deprecated move emulation functions (git-fixes)
- arm64: armv8_deprecated: fix unused-function error (git-fixes)
- arm64: armv8_deprecated: fold ops into insn_emulation (git-fixes)
- arm64: armv8_deprecated: move aarch32 helper earlier (git-fixes)
- arm64: armv8_deprecated: rework deprected instruction handling (git-fixes)
- arm64: consistently pass esr_elx to die() (git-fixes)
- arm64: die(): pass 'err' as long (git-fixes)
- arm64: factor insn read out of call_undef_hook() (git-fixes)
- arm64: factor out el1 ssbs emulation hook (git-fixes)
- arm64: report el1 undefs better (git-fixes)
- arm64: rework bti exception handling (git-fixes)
- arm64: rework el0 mrs emulation (git-fixes)
- arm64: rework fpac exception handling (git-fixes)
- arm64: split el0/el1 undef handlers (git-fixes)
- arm: 9321/1: memset: cast the constant byte to unsigned char (git-fixes).
- asoc: ams-delta.c: use component after check (git-fixes).
- asoc: codecs: wsa-macro: fix uninitialized stack variables with name prefix (git-fixes).
- asoc: cs35l41: undo runtime pm changes at driver exit time (git-fixes).
- asoc: cs35l41: verify pm runtime resume errors in irq handler (git-fixes).
- asoc: fsl: fix pm disable depth imbalance in fsl_easrc_probe (git-fixes).
- asoc: fsl: mpc5200_dma.c: fix warning of function parameter or member not described (git-fixes).
- asoc: hdmi-codec: register hpd callback on component probe (git-fixes).
- asoc: intel: skylake: fix mem leak when parsing uuids fails (git-fixes).
- asoc: rt5650: fix the wrong result of key button (git-fixes).
- asoc: simple-card: fixup asoc_simple_probe() error handling (git-fixes).
- asoc: sof: core: ensure sof_ops_free() is still called when probe never ran (git-fixes).
- asoc: ti: omap-mcbsp: fix runtime pm underflow warnings (git-fixes).
- ata: pata_isapnp: add missing error check for devm_ioport_map() (git-fixes).
- atl1c: work around the dma rx overflow issue (git-fixes).
- atm: iphase: do pci error checks on own line (git-fixes).
- blk-mq: do not clear driver tags own mapping (bsc#1217366).
- blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() (bsc#1217366).
- bluetooth: add device 0bda:887b to device tables (git-fixes).
- bluetooth: add device 13d3:3571 to device tables (git-fixes).
- bluetooth: btusb: add 0bda:b85b for fn-link rtl8852be (git-fixes).
- bluetooth: btusb: add date->evt_skb is null check (git-fixes).
- bluetooth: btusb: add realtek rtl8852be support id 0x0cb8:0xc559 (git-fixes).
- bluetooth: btusb: add rtw8852be device 13d3:3570 to device tables (git-fixes).
- btrfs: always log symlinks in full mode (bsc#1214840).
- can: dev: can_put_echo_skb(): do not crash kernel if can_priv::echo_skb is accessed out of bounds (git-fixes).
- can: dev: can_restart(): do not crash kernel if carrier is ok (git-fixes).
- can: dev: can_restart(): fix race condition between controller restart and netif_carrier_on() (git-fixes).
- can: isotp: add local echo tx processing for consecutive frames (git-fixes).
- can: isotp: fix race between isotp_sendsmg() and isotp_release() (git-fixes).
- can: isotp: fix tx state handling for echo tx processing (git-fixes).
- can: isotp: handle wait_event_interruptible() return values (git-fixes).
- can: isotp: isotp_bind(): return -einval on incorrect can id formatting (git-fixes).
- can: isotp: isotp_sendmsg(): fix tx state detection and wait behavior (git-fixes).
- can: isotp: remove re-binding of bound socket (git-fixes).
- can: isotp: sanitize can id checks in isotp_bind() (git-fixes).
- can: isotp: set max pdu size to 64 kbyte (git-fixes).
- can: isotp: split tx timer into transmission and timeout (git-fixes).
- can: sja1000: fix comment (git-fixes).
- clk: imx: imx8mq: correct error handling path (git-fixes).
- clk: imx: imx8qxp: fix elcdif_pll clock (git-fixes).
- clk: imx: select mxc_clk for clk_imx8qxp (git-fixes).
- clk: keystone: pll: fix a couple null vs is_err() checks (git-fixes).
- clk: mediatek: clk-mt2701: add check for mtk_alloc_clk_data (git-fixes).
- clk: mediatek: clk-mt6765: add check for mtk_alloc_clk_data (git-fixes).
- clk: mediatek: clk-mt6779: add check for mtk_alloc_clk_data (git-fixes).
- clk: mediatek: clk-mt6797: add check for mtk_alloc_clk_data (git-fixes).
- clk: mediatek: clk-mt7629-eth: add check for mtk_alloc_clk_data (git-fixes).
- clk: mediatek: clk-mt7629: add check for mtk_alloc_clk_data (git-fixes).
- clk: npcm7xx: fix incorrect kfree (git-fixes).
- clk: qcom: clk-rcg2: fix clock rate overflow for high parent frequencies (git-fixes).
- clk: qcom: config ipq_apss_6018 should depend on qcom_smem (git-fixes).
- clk: qcom: gcc-sm8150: fix gcc_sdcc2_apps_clk_src (git-fixes).
- clk: qcom: ipq6018: drop the clk_set_rate_parent flag from pll clocks (git-fixes).
- clk: qcom: mmcc-msm8998: do not check halt bit on some branch clks (git-fixes).
- clk: qcom: mmcc-msm8998: fix the smmu gdsc (git-fixes).
- clk: sanitize possible_parent_show to handle return value of of_clk_get_parent_name (git-fixes).
- clk: scmi: free scmi_clk allocated when the clocks with invalid info are skipped (git-fixes).
- clk: ti: add ti_dt_clk_name() helper to use clock-output-names (git-fixes).
- clk: ti: change ti_clk_register_omap_hw api (git-fixes).
- clk: ti: fix double free in of_ti_divider_clk_setup() (git-fixes).
- clk: ti: update component clocks to use ti_dt_clk_name() (git-fixes).
- clk: ti: update pll and clockdomain clocks to use ti_dt_clk_name() (git-fixes).
- clocksource/drivers/timer-atmel-tcb: fix initialization on sam9 hardware (git-fixes).
- clocksource/drivers/timer-imx-gpt: fix potential memory leak (git-fixes).
- crypto: caam/jr - fix chacha20 + poly1305 self test failure (git-fixes).
- crypto: caam/qi2 - fix chacha20 + poly1305 self test failure (git-fixes).
- crypto: hisilicon/hpre - fix a erroneous check after snprintf() (git-fixes).
- disable loongson drivers loongson is a mips architecture, it does not make sense to build loongson drivers on other architectures.
- dmaengine: pxa_dma: remove an erroneous bug_on() in pxad_free_desc() (git-fixes).
- dmaengine: ste_dma40: fix pm disable depth imbalance in d40_probe (git-fixes).
- dmaengine: stm32-mdma: correct desc prep when channel running (git-fixes).
- dmaengine: ti: edma: handle irq_of_parse_and_map() errors (git-fixes).
- docs: net: move the probe and open/close sections of driver.rst up (bsc#1215458).
- docs: net: reformat driver.rst from a list to sections (bsc#1215458).
- docs: net: use c syntax highlight in driver.rst (bsc#1215458).
- documentation: networking: correct possessive "its" (bsc#1215458).
- drivers: hv: vmbus: remove unused extern declaration vmbus_ontimer() (git-fixes).
- drm/amd/display: avoid null dereference of timing generator (git-fixes).
- drm/amd/display: change the dmcub mailbox memory location from fb to inbox (git-fixes).
- drm/amd/display: refactor dm_get_plane_scale helper (git-fixes).
- drm/amd/display: remove useless check in should_enable_fbc() (git-fixes).
- drm/amd/display: use full update for clip size increase of large plane source (git-fixes).
- drm/amd/pm: handle non-terminated overdrive commands (git-fixes).
- drm/amd: disable aspm for vi w/ all intel systems (git-fixes).
- drm/amd: fix ubsan array-index-out-of-bounds for polaris and tonga (git-fixes).
- drm/amd: fix ubsan array-index-out-of-bounds for smu7 (git-fixes).
- drm/amd: move helper for dynamic speed switch check out of smu13 (git-fixes).
- drm/amd: update
update_pcie_parameters
functions to use uint8_t arguments (git-fixes). - drm/amdgpu/vkms: fix a possible null pointer dereference (git-fixes).
- drm/amdgpu: add drv_vram_usage_va for virt data exchange (bsc#1215802).
- drm/amdgpu: add vram reservation based on vram_usagebyfirmware_v2_2 (git-fixes).
- drm/amdgpu: do not use atrm for external devices (git-fixes).
- drm/amdgpu: fix a null pointer access when the smc_rreg pointer is null (git-fixes).
- drm/amdgpu: fix error handling in amdgpu_bo_list_get() (git-fixes).
- drm/amdgpu: fix potential null pointer derefernce (git-fixes).
- drm/amdgpu: fix software pci_unplug on some chips (git-fixes).
- drm/amdgpu: not to save bo in the case of ras err_event_athub (git-fixes).
- drm/amdgpu: remove unnecessary domain argument (git-fixes).
- drm/amdgpu: reserve fences for vm update (git-fixes).
- drm/amdgpu: skip vram reserve on firmware_v2_2 for bare-metal (bsc#1215802).
- drm/amdkfd: fix a race condition of vram buffer unref in svm code (git-fixes).
- drm/amdkfd: fix shift out-of-bounds issue (git-fixes).
- drm/amdkfd: fix some race conditions in vram buffer alloc/free of svm code (git-fixes).
- drm/bridge: fix kernel-doc typo in desc of output_bus_cfg in drm_bridge_state (git-fixes).
- drm/bridge: lt8912b: add missing drm_bridge_attach call (git-fixes).
- drm/bridge: lt8912b: fix bridge_detach (git-fixes).
- drm/bridge: lt8912b: fix crash on bridge detach (git-fixes).
- drm/bridge: lt8912b: manually disable hpd only if it was enabled (git-fixes).
- drm/bridge: lt8912b: register and attach our dsi device at probe (git-fixes).
- drm/bridge: lt8912b: switch to devm mipi-dsi helpers (git-fixes).
- drm/bridge: lt9611uxc: fix the race in the error path (git-fixes).
- drm/bridge: lt9611uxc: register and attach our dsi device at probe (git-fixes).
- drm/bridge: lt9611uxc: switch to devm mipi-dsi helpers (git-fixes).
- drm/bridge: tc358768: clean up clock period code (git-fixes).
- drm/bridge: tc358768: disable non-continuous clock mode (git-fixes).
- drm/bridge: tc358768: fix bit updates (git-fixes).
- drm/bridge: tc358768: fix tc358768_ns_to_cnt() (git-fixes).
- drm/bridge: tc358768: fix use of uninitialized variable (git-fixes).
- drm/bridge: tc358768: print logical values, not raw register values (git-fixes).
- drm/bridge: tc358768: remove unused variable (git-fixes).
- drm/bridge: tc358768: rename dsibclk to hsbyteclk (git-fixes).
- drm/bridge: tc358768: use dev for dbg prints, not priv->dev (git-fixes).
- drm/bridge: tc358768: use struct videomode (git-fixes).
- drm/dp_mst: fix null deref in get_mst_branch_device_by_guid_helper() (git-fixes).
- drm/gma500: fix call trace when psb_gem_mm_init() fails (git-fixes).
- drm/gud: use size_add() in call to struct_size() (git-fixes).
- drm/i915/pmu: check if pmu is closed before stopping event (git-fixes).
- drm/i915: fix potential spectre vulnerability (git-fixes).
- drm/i915: flush wc ggtt only on required platforms (git-fixes).
- drm/komeda: drop all currently held locks if deadlock happens (git-fixes).
- drm/mediatek: fix iommu fault by swapping fbs after updating plane state (git-fixes).
- drm/mediatek: fix iommu fault during crtc enabling (git-fixes).
- drm/mipi-dsi: create devm device attachment (git-fixes).
- drm/mipi-dsi: create devm device registration (git-fixes).
- drm/msm/dp: skip validity check for dp cts edid checksum (git-fixes).
- drm/msm/dsi: free tx buffer in unbind (git-fixes).
- drm/msm/dsi: use msm_gem_kernel_put to free tx buffer (git-fixes).
- drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference (git-fixes).
- drm/panel: fix a possible null pointer dereference (git-fixes).
- drm/panel: simple: fix innolux g101ice-l01 bus flags (git-fixes).
- drm/panel: simple: fix innolux g101ice-l01 timings (git-fixes).
- drm/panel: st7703: pick different reset sequence (git-fixes).
- drm/qxl: prevent memory leak (git-fixes).
- drm/radeon: fix a possible null pointer dereference (git-fixes).
- drm/radeon: possible buffer overflow (git-fixes).
- drm/rockchip: cdn-dp: fix some error handling paths in cdn_dp_probe() (git-fixes).
- drm/rockchip: fix type promotion bug in rockchip_gem_iommu_map() (git-fixes).
- drm/rockchip: vop: fix call to crtc reset helper (git-fixes).
- drm/rockchip: vop: fix color for rgb888/bgr888 format on vop full (git-fixes).
- drm/rockchip: vop: fix reset of state in duplicate state crtc funcs (git-fixes).
- drm/syncobj: fix drm_syncobj_wait_flags_wait_available (git-fixes).
- drm/ttm: reorder sys manager cleanup step (git-fixes).
- drm/vc4: fix typo (git-fixes).
- drm/vmwgfx: remove the duplicate bo_free function (bsc#1216527)
- drm/vmwgfx: rename vmw_buffer_object to vmw_bo (bsc#1216527)
- drm: bridge: it66121: fix invalid connector dereference (git-fixes).
- drm: mediatek: mtk_dsi: fix no_eot_packet settings/handling (git-fixes).
- drm: vmwgfx_surface.c: copy user-array safely (git-fixes).
- dt-bindings: usb: hcd: add missing phy name to example (git-fixes).
- dt-bindings: usb: qcom,dwc3: fix example wakeup interrupt types (git-fixes).
- ensure ia32_emulation is always enabled for kernel-obs-build if ia32_emulation is disabled by default, ensure it is enabled back for obs kernel to allow building 32bit binaries (jsc#ped-3184) [ms: always pass the parameter, no need to grep through the config which may not be very reliable]
- fbdev: atyfb: only use ioremap_uc() on i386 and ia64 (git-fixes).
- fbdev: fsl-diu-fb: mark wr_reg_wa() static (git-fixes).
- fbdev: imsttfb: fix a resource leak in probe (git-fixes).
- fbdev: imsttfb: fix double free in probe() (git-fixes).
- fbdev: imsttfb: fix error path of imsttfb_probe() (git-fixes).
- fbdev: imsttfb: release framebuffer and dealloc cmap on error path (git-fixes).
- fbdev: omapfb: drop unused remove function (git-fixes).
- fbdev: uvesafb: call cn_del_callback() at the end of uvesafb_exit() (git-fixes).
- firewire: core: fix possible memory leak in create_units() (git-fixes).
- firmware/imx-dsp: fix use_after_free in imx_dsp_setup_channels() (git-fixes).
- fix termination state for idr_for_each_entry_ul() (git-fixes).
- fix x86/mm: print the encryption features in hyperv is disabled
- gpio: mockup: fix kerneldoc (git-fixes).
- gpio: mockup: remove unused field (git-fixes).
- gpu: host1x: correct allocated size for contexts (git-fixes).
- hid: add quirk for dell pro wireless keyboard and mouse km5221w (git-fixes).
- hid: cp2112: fix duplicate workqueue initialization (git-fixes).
- hid: hyperv: avoid struct memcpy overrun warning (git-fixes).
- hid: hyperv: remove unused struct synthhid_msg (git-fixes).
- hid: hyperv: replace one-element array with flexible-array member (git-fixes).
- hid: lenovo: detect quirk-free fw on cptkbd and stop applying workaround (git-fixes).
- hid: logitech-hidpp: do not restart io, instead defer hid_connect() only (git-fixes).
- hid: logitech-hidpp: move get_wireless_feature_index() check to hidpp_connect_event() (git-fixes).
- hid: logitech-hidpp: remove hidpp_quirk_no_hidinput quirk (git-fixes).
- hid: logitech-hidpp: revert "do not restart communication if not necessary" (git-fixes).
- hv: simplify sysctl registration (git-fixes).
- hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (git-fixes).
- hv_netvsc: fix race of netvsc and vf register_netdevice (git-fixes).
- hv_netvsc: fix race of register_netdevice_notifier and vf register (git-fixes).
- hv_netvsc: mark vf as slave before exposing it to user-mode (git-fixes).
- hwmon: (coretemp) fix potentially truncated sysfs attribute name (git-fixes).
- i2c: aspeed: fix i2c bus hang in slave read (git-fixes).
- i2c: core: run atomic i2c xfer when !preemptible (git-fixes).
- i2c: designware: disable tx_empty irq while waiting for block length byte (git-fixes).
- i2c: dev: copy userspace array safely (git-fixes).
- i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (git-fixes).
- i2c: iproc: handle invalid slave state (git-fixes).
- i2c: muxes: i2c-demux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
- i2c: muxes: i2c-mux-gpmux: use of_get_i2c_adapter_by_node() (git-fixes).
- i2c: muxes: i2c-mux-pinctrl: use of_get_i2c_adapter_by_node() (git-fixes).
- i2c: stm32f7: fix pec handling in case of smbus transfers (git-fixes).
- i2c: sun6i-p2wi: prevent potential division by zero (git-fixes).
- i3c: fix potential refcount leak in i3c_master_register_new_i3c_devs (git-fixes).
- i3c: master: cdns: fix reading status register (git-fixes).
- i3c: master: mipi-i3c-hci: fix a kernel panic for accessing dat_data (git-fixes).
- i3c: master: svc: fix check wrong status register in irq handler (git-fixes).
- i3c: master: svc: fix ibi may not return mandatory data byte (git-fixes).
- i3c: master: svc: fix race condition in ibi work thread (git-fixes).
- i3c: master: svc: fix sda keep low when polling ibiwon timeout happen (git-fixes).
- i3c: master: svc: fix wrong data return when ibi happen during start frame (git-fixes).
- i3c: mipi-i3c-hci: fix out of bounds access in hci_dma_irq_handler (git-fixes).
- i915/perf: fix null deref bugs with drm_dbg() calls (git-fixes).
- idpf: add controlq init and reset checks (bsc#1215458).
- idpf: add core init and interrupt request (bsc#1215458).
- idpf: add create vport and netdev configuration (bsc#1215458).
- idpf: add ethtool callbacks (bsc#1215458).
- idpf: add module register and probe functionality (bsc#1215458).
- idpf: add ptypes and mac filter support (bsc#1215458).
- idpf: add rx splitq napi poll support (bsc#1215458).
- idpf: add singleq start_xmit and napi poll (bsc#1215458).
- idpf: add splitq start_xmit (bsc#1215458).
- idpf: add sriov support and other ndo_ops (bsc#1215458).
- idpf: add tx splitq napi poll support (bsc#1215458).
- idpf: cancel mailbox work in error path (bsc#1215458).
- idpf: configure resources for rx queues (bsc#1215458).
- idpf: configure resources for tx queues (bsc#1215458).
- idpf: fix potential use-after-free in idpf_tso() (bsc#1215458).
- idpf: initialize interrupts and enable vport (bsc#1215458).
- idpf: set scheduling mode for completion queue (bsc#1215458).
- iio: adc: xilinx-xadc: correct temperature offset/scale for ultrascale (git-fixes).
- iio: adc: xilinx-xadc: do not clobber preset voltage/temperature thresholds (git-fixes).
- iio: exynos-adc: request second interupt only when touchscreen mode is used (git-fixes).
- input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (git-fixes).
- input: synaptics-rmi4 - handle reset delay when using smbus trsnsport (git-fixes).
- input: xpad - add vid for turtle beach controllers (git-fixes).
- irqchip/stm32-exti: add missing dt irq flag translation (git-fixes).
- kabi/severities: ignore kabi in rxrpc (bsc#1210447) the rxrpc module is built since sle15-sp3 but it is not shipped as part of any sle product, only in leap (in kernel-*-optional).
- kernel-binary: suse-module-tools is also required when installed requires(pre) adds dependency for the specific sciptlet. however, suse-module-tools also ships modprobe.d files which may be needed at posttrans time or any time the kernel is on the system for generating ramdisk. add plain requires as well.
- kernel-source: move provides after sources
- kernel/fork: beware of __put_task_struct() calling context (bsc#1216761).
- leds: pwm: do not disable the pwm when the led should be off (git-fixes).
- leds: trigger: ledtrig-cpu:: fix 'output may be truncated' issue for 'cpu' (git-fixes).
- leds: turris-omnia: do not use smbus calls (git-fixes).
- lsm: fix default return value for inode_getsecctx (git-fixes).
- lsm: fix default return value for vm_enough_memory (git-fixes).
- media: bttv: fix use after free error due to btv->timeout timer (git-fixes).
- media: ccs: correctly initialise try compose rectangle (git-fixes).
- media: ccs: fix driver quirk struct documentation (git-fixes).
- media: cedrus: fix clock/reset sequence (git-fixes).
- media: cobalt: use field_get() to extract link width (git-fixes).
- media: gspca: cpia1: shift-out-of-bounds in set_flicker (git-fixes).
- media: i2c: max9286: fix some redundant of_node_put() calls (git-fixes).
- media: imon: fix access to invalid resource for the second interface (git-fixes).
- media: lirc: drop trailing space from scancode transmit (git-fixes).
- media: qcom: camss: fix missing vfe_lite clocks check (git-fixes).
- media: qcom: camss: fix pm_domain_on sequence in probe (git-fixes).
- media: qcom: camss: fix vfe-17x vfe_disable_output() (git-fixes).
- media: qcom: camss: fix vfe_get() error jump (git-fixes).
- media: sharp: fix sharp encoding (git-fixes).
- media: siano: drop unnecessary error check for debugfs_create_dir/file() (git-fixes).
- media: venus: hfi: add checks to handle capabilities from firmware (git-fixes).
- media: venus: hfi: add checks to perform sanity on queue pointers (git-fixes).
- media: venus: hfi: fix the check to handle session buffer requirement (git-fixes).
- media: venus: hfi_parser: add check to keep the number of codecs within range (git-fixes).
- media: vidtv: mux: add check and kfree for kstrdup (git-fixes).
- media: vidtv: psi: add check for kstrdup (git-fixes).
- media: vivid: avoid integer overflow (git-fixes).
- mfd: arizona-spi: set pdata.hpdet_channel for acpi enumerated devs (git-fixes).
- mfd: core: ensure disabled devices are skipped without aborting (git-fixes).
- mfd: dln2: fix double put in dln2_probe (git-fixes).
- misc: fastrpc: clean buffers on remote invocation failures (git-fixes).
- misc: pci_endpoint_test: add device id for r-car s4-8 pcie controller (git-fixes).
- mm/hmm: fault non-owner device private entries (bsc#1216844, jsc#ped-7237, git-fixes).
- mmc: block: be sure to wait while busy in cqe error recovery (git-fixes).
- mmc: block: do not lose cache flush during cqe error recovery (git-fixes).
- mmc: block: retry commands in cqe error recovery (git-fixes).
- mmc: cqhci: fix task clearing in cqe error recovery (git-fixes).
- mmc: cqhci: increase recovery halt timeout (git-fixes).
- mmc: cqhci: warn of halt or task clear failure (git-fixes).
- mmc: meson-gx: remove setting of cmd_cfg_error (git-fixes).
- mmc: sdhci-pci-gli: a workaround to allow gl9750 to enter aspm l1.2 (git-fixes).
- mmc: sdhci-pci-gli: gl9750: mask the replay timer timeout of aer (git-fixes).
- mmc: sdhci_am654: fix start loop index for tap value parsing (git-fixes).
- mmc: vub300: fix an error code (git-fixes).
- modpost: fix tee module_device_