Security update for the Linux Kernel

Announcement ID: SUSE-SU-2021:2645-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2021-21781 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-21781 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-22543 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-22543 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
  • CVE-2021-35039 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-35039 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-3609 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-3609 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-3612 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-3612 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-3659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-3659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2021-37576 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-37576 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • openSUSE Leap 15.3
  • Public Cloud Module 15-SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Manager Proxy 4.2
  • SUSE Manager Retail Branch Server 4.2
  • SUSE Manager Server 4.2

An update that solves seven vulnerabilities and has 58 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
  • CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
  • CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
  • CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).
  • CVE-2021-3609: Fixed a potential local privilege escalation in the CAN BCM networking protocol (bsc#1187215).
  • CVE-2021-3612: Fixed an out-of-bounds memory write flaw in the joystick devices subsystem. This flaw allowed a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
  • CVE-2021-35039: Fixed mishandling of signature verification. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, did not occur for a module.sig_enforce=1 command-line argument (bsc#1188080).

The following non-security bugs were fixed:

  • ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
  • ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
  • ACPI: DPTF: Fix reading of attributes (git-fixes).
  • ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
  • ACPI: PM / fan: Put fan device IDs into separate header file (git-fixes).
  • ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
  • ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
  • ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
  • ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
  • ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
  • ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
  • ACPICA: Fix memory leak caused by _CID repair function (git-fixes).
  • ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
  • ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
  • ALSA: firewire-motu: fix detection for S/PDIF source on optical interface in v2 protocol (git-fixes).
  • ALSA: firewire-motu: fix stream format for MOTU 8pre FireWire (git-fixes).
  • ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
  • ALSA: hda/realtek: Apply LED fixup for HP Dragonfly G1, too (git-fixes).
  • ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
  • ALSA: hda/realtek: Fix pop noise and 2 Front Mic issues on a machine (git-fixes).
  • ALSA: hda/realtek: Improve fixup for HP Spectre x360 15-df0xxx (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook 830 G8 Notebook PC (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook x360 830 G8 (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G8 (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 450 G8 (git-fixes).
  • ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 630 G8 (git-fixes).
  • ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
  • ALSA: hda: intel-dsp-cfg: add missing ElkhartLake PCI ID (git-fixes).
  • ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
  • ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
  • ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
  • ALSA: pcm - fix mmap capability check for the snd-dummy driver (git-fixes).
  • ALSA: pcm: Call substream ack() method upon compat mmap commit (git-fixes).
  • ALSA: pcm: Fix mmap capability check (git-fixes).
  • ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
  • ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
  • ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
  • ALSA: usb-audio: Add missing proc text entry for BESPOKEN type (git-fixes).
  • ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
  • ALSA: usb-audio: Fix OOB access at proc output (git-fixes).
  • ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
  • ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
  • ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
  • ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
  • ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
  • ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
  • ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
  • ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
  • ALSA: usx2y: Avoid camelCase (git-fixes).
  • ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
  • ARM: ensure the signal page contains defined contents (bsc#1188445).
  • ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
  • ASoC: Intel: sof_sdw: add SOF_RT715_DAI_ID_FIX for AlderLake (git-fixes).
  • ASoC: Intel: sof_sdw: add mutual exclusion between PCH DMIC and RT715 (git-fixes).
  • ASoC: SOF: loader: Use snd_sof_dsp_block_read() instead sof_block_read() (git-fixes).
  • ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
  • ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
  • ASoC: fsl_spdif: Fix error handler with pm_runtime_enable (git-fixes).
  • ASoC: fsl_spdif: Fix unexpected interrupt after suspend (git-fixes).
  • ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
  • ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
  • ASoC: intel/boards: add missing MODULE_DEVICE_TABLE (git-fixes).
  • ASoC: max98373-sdw: add missing memory allocation check (git-fixes).
  • ASoC: max98373-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
  • ASoC: rk3328: fix missing clk_disable_unprepare() on error in rk3328_platform_probe() (git-fixes).
  • ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
  • ASoC: rt1308-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
  • ASoC: rt5682-sdw: set regcache_cache_only false before reading RT5682_DEVICE_ID (git-fixes).
  • ASoC: rt5682-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: rt5682: Disable irq on shutdown (git-fixes).
  • ASoC: rt5682: Fix a problem with error handling in the io init function of the soundwire (git-fixes).
  • ASoC: rt5682: fix getting the wrong device id when the suspend_stress_test (git-fixes).
  • ASoC: rt700-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: rt711-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: rt715-sdw: use first_hw_init flag on resume (git-fixes).
  • ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
  • ASoC: soc-pcm: fix the return value in dpcm_apply_symmetry() (git-fixes).
  • ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
  • ASoC: wm_adsp: Correct wm_coeff_tlv_get handling (git-fixes).
  • Bluetooth: Fix alt settings for incoming SCO with transparent coding format (git-fixes).
  • Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
  • Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
  • Bluetooth: L2CAP: Fix invalid access if ECRED Reconfigure fails (git-fixes).
  • Bluetooth: L2CAP: Fix invalid access on ECRED Connection response (git-fixes).
  • Bluetooth: Remove spurious error message (git-fixes).
  • Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
  • Bluetooth: btintel: Add infrastructure to read controller information (bsc#1188893).
  • Bluetooth: btintel: Check firmware version before download (bsc#1188893).
  • Bluetooth: btintel: Collect tlv based active firmware build info in FW mode (bsc#1188893).
  • Bluetooth: btintel: Consolidate intel_version parsing (bsc#1188893).
  • Bluetooth: btintel: Consolidate intel_version_tlv parsing (bsc#1188893).
  • Bluetooth: btintel: Fix endianness issue for TLV version information (bsc#1188893).
  • Bluetooth: btintel: Fix offset calculation boot address parameter (bsc#1188893).
  • Bluetooth: btintel: Functions to send firmware header / payload (bsc#1188893).
  • Bluetooth: btintel: Move operational checks after version check (bsc#1188893).
  • Bluetooth: btintel: Refactor firmware download function (bsc#1188893).
  • Bluetooth: btintel: Reorganized bootloader mode tlv checks in intel_version_tlv parsing (bsc#1188893).
  • Bluetooth: btintel: Replace zero-length array with flexible-array member (bsc#1188893).
  • Bluetooth: btintel: Skip reading firmware file version while in bootloader mode (bsc#1188893).
  • Bluetooth: btqca: Do not modify firmware contents in-place (git-fixes).
  • Bluetooth: btusb: Add setup function for new generation Intel controllers (bsc#1188893).
  • Bluetooth: btusb: Add support USB ALT 3 for WBS (git-fixes).
  • Bluetooth: btusb: Add support for GarfieldPeak controller (bsc#1188893).
  • Bluetooth: btusb: Consolidate code for waiting firmware download (bsc#1188893).
  • Bluetooth: btusb: Define a function to construct firmware filename (bsc#1188893).
  • Bluetooth: btusb: Enable MSFT extension for Intel controllers (bsc#1188893).
  • Bluetooth: btusb: Fix failing to init controllers with operation firmware (bsc#1188893).
  • Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
  • Bluetooth: btusb: Helper function to download firmware to Intel adapters (bsc#1188893).
  • Bluetooth: btusb: Map Typhoon peak controller to BTUSB_INTEL_NEWGEN (bsc#1188893).
  • Bluetooth: btusb: Update boot parameter specific to SKU (bsc#1188893).
  • Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
  • Bluetooth: btusb: print firmware file name on error loading firmware (bsc#1188893).
  • Bluetooth: hci_intel: drop strange le16_to_cpu() against u8 values (bsc#1188893).
  • Bluetooth: hci_intel: enable on new platform (bsc#1188893).
  • Bluetooth: hci_intel: switch to list_for_each_entry() (bsc#1188893).
  • Bluetooth: hci_qca: fix potential GPF (git-fixes).
  • Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
  • Bluetooth: mgmt: Fix the command returns garbage parameter value (git-fixes).
  • HID: do not use down_interruptible() when unbinding devices (git-fixes).
  • HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
  • Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
  • Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
  • Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
  • Input: usbtouchscreen - fix control-request directions (git-fixes).
  • KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
  • KVM: SVM: document KVM_MEM_ENCRYPT_OP, let userspace detect if SEV is available (bsc#1188703).
  • KVM: nVMX: Consult only the "basic" exit reason when routing nested exit (bsc#1188773).
  • KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
  • KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
  • PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
  • PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
  • PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
  • PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
  • PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
  • PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
  • PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
  • PCI: intel-gw: Fix INTx enable (git-fixes).
  • PCI: intel-gw: Fix INTx enable (git-fixes).
  • PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
  • PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
  • PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
  • PCI: quirks: fix false kABI positive (git-fixes).
  • PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
  • PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift (git-fixes).
  • PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
  • RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
  • RDMA/cma: Protect RMW with qp_mutex (git-fixes).
  • RDMA/hns: Remove unused parameter udata (jsc#SLE-15176).
  • RDMA/mlx4: Remove unused parameter udata (jsc#SLE-15176).
  • RDMA/mlx5: Remove unused parameter udata (jsc#SLE-15176).
  • RDMA/rtrs-clt: Check if the queue_depth has changed during a reconnection (jsc#SLE-15176).
  • RDMA/rtrs-clt: Check state of the rtrs_clt_sess before reading its stats (jsc#SLE-15176).
  • RDMA/rtrs-clt: Fix memory leak of not-freed sess->stats and stats->pcpu_stats (jsc#SLE-15176).
  • RDMA/rtrs-srv: Fix memory leak of unfreed rtrs_srv_stats object (jsc#SLE-15176).
  • RDMA/rtrs-srv: Fix memory leak when having multiple sessions (jsc#SLE-15176).
  • RDMA/rtrs-srv: Replace atomic_t with percpu_ref for ids_inflight (jsc#SLE-15176).
  • RDMA/rtrs-srv: Set minimal max_send_wr and max_recv_wr (jsc#SLE-15176).
  • RDMA/rtrs: Do not reset hb_missed_max after re-connection (jsc#SLE-15176).
  • RDMA/srp: Fix a recently introduced memory leak (jsc#SLE-15176).
  • Revert "ACPI: resources: Add checks for ACPI IRQ override" (git-fixes).
  • Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro" (git-fixes).
  • Revert "Bluetooth: btintel: Fix endianness issue for TLV version information" (bsc#1188893).
  • Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" (git-fixes).
  • Revert "be2net: disable bh with spin_lock in be_process_mcc" (git-fixes).
  • Revert "drm/i915: Propagate errors on awaiting already signaled fences" (git-fixes).
  • Revert "drm: add a locked version of drm_is_current_master" (git-fixes).
  • Revert "ibmvnic: remove duplicate napi_schedule call in open function" (bsc#1065729).
  • Revert "iwlwifi: remove wide_cmd_header field" (bsc#1187495).
  • USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
  • USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
  • USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
  • USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
  • USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
  • [xarray] iov_iter_fault_in_readable() should do nothing in xarray case (git-fixes).
  • amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472).
  • ata: ahci_sunxi: Disable DIPM (git-fixes).
  • ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
  • ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
  • ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
  • ath10k: remove unused more_frags variable (git-fixes).
  • ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
  • backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
  • backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
  • bcache: avoid oversized read request in cache missing code path (bsc#1184631).
  • bcache: remove bcache device self-defined readahead (bsc#1184631).
  • blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
  • blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick (bsc#1180092).
  • blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
  • blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
  • blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
  • blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
  • bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: do not disable an already disabled PCI device (git-fixes).
  • bonding: Add struct bond_ipesc to manage SA (bsc#1176447).
  • bonding: disallow setting nested bonding + ipsec offload (bsc#1176447).
  • bonding: fix build issue (git-fixes).
  • bonding: fix incorrect return value of bond_ipsec_offload_ok() (bsc#1176447).
  • bonding: fix null dereference in bond_ipsec_add_sa() (bsc#1176447).
  • bonding: fix suspicious RCU usage in bond_ipsec_add_sa() (bsc#1176447).
  • bonding: fix suspicious RCU usage in bond_ipsec_del_sa() (bsc#1176447).
  • bonding: fix suspicious RCU usage in bond_ipsec_offload_ok() (bsc#1176447).
  • bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
  • bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
  • brcmfmac: Fix a double-free in brcmf_sdio_bus_reset (git-fixes).
  • brcmfmac: correctly report average RSSI in station info (git-fixes).
  • brcmfmac: fix setting of station info chains bitmask (git-fixes).
  • brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
  • cadence: force nonlinear buffers to be cloned (git-fixes).
  • can: ems_usb: fix memory leak (git-fixes).
  • can: esd_usb2: fix memory leak (git-fixes).
  • can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
  • can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
  • can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
  • can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
  • can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
  • can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
  • can: usb_8dev: fix memory leak (git-fixes).
  • ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
  • cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
  • char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
  • cifs: Fix preauth hash corruption (git-fixes).
  • cifs: Return correct error code from smb2_get_enc_key (git-fixes).
  • cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
  • cifs: fix interrupted close commands (git-fixes).
  • cifs: fix memory leak in smb2_copychunk_range (git-fixes).
  • clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
  • clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
  • clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
  • clk: imx8mq: remove SYS PLL 1/2 clock gates (git-fixes).
  • clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
  • clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
  • clk: renesas: rcar-gen3: Update Z clock rate formula in comments (git-fixes).
  • clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
  • clk: si5341: Update initialization magic (git-fixes).
  • clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
  • clk: zynqmp: pll: Remove some dead code (git-fixes).
  • clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
  • clocksource: Retry clock read if long delays detected (git-fixes).
  • coresight: Propagate symlink failure (git-fixes).
  • coresight: core: Fix use of uninitialized pointer (git-fixes).
  • cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
  • cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
  • crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
  • crypto: ixp4xx - dma_unmap the correct address (git-fixes).
  • crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
  • crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
  • crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
  • crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
  • crypto: qat - remove unused macro in FW loader (git-fixes).
  • crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
  • crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
  • crypto: sun4i-ss - initialize need_fallback (git-fixes).
  • crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
  • crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
  • crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
  • cw1200: Revert unnecessary patches that fix unreal use-after-free bugs (git-fixes).
  • cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
  • cxgb4: fix IRQ free race during driver unload (git-fixes).
  • dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
  • dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
  • dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
  • dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
  • dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
  • dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
  • dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
  • docs: admin-guide: update description for kernel.hotplug sysctl (git-fixes).
  • docs: virt/kvm: close inline string literal (bsc#1188703).
  • dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
  • dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
  • drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
  • drm/amd/dc: Fix a missing check bug in dm_dp_mst_detect() (git-fixes).
  • drm/amd/display: Avoid HDCP over-read and corruption (git-fixes).
  • drm/amd/display: Fix DCN 3.01 DSCCLK validation (git-fixes).
  • drm/amd/display: Fix build warnings (git-fixes).
  • drm/amd/display: Fix off-by-one error in DML (git-fixes).
  • drm/amd/display: Release MST resources on switch from MST to SST (git-fixes).
  • drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
  • drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
  • drm/amd/display: fix HDCP reset sequence on reinitialize (git-fixes).
  • drm/amd/display: fix incorrrect valid irq check (git-fixes).
  • drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
  • drm/amdgpu: Do not query CE and UE errors (bsc#1152472)
  • drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
  • drm/amdgpu: enable sdma0 tmz for Raven/Renoir(V2) (git-fixes).
  • drm/amdgpu: remove unsafe optimization to drop preamble ib (git-fixes).
  • drm/amdgpu: update golden setting for sienna_cichlid (git-fixes).
  • drm/amdgpu: wait for moving fence after pinning (git-fixes).
  • drm/amdkfd: Fix circular lock in nocpsch path (git-fixes).
  • drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
  • drm/amdkfd: fix circular locking on get_wave_state (git-fixes).
  • drm/amdkfd: use allowed domain for vmbo validation (git-fixes).
  • drm/arm/malidp: Always list modifiers (git-fixes).
  • drm/bridge/sii8620: fix dependency on extcon (git-fixes).
  • drm/bridge: Fix the stop condition of drm_bridge_chain_pre_enable() (git-fixes).
  • drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
  • drm/bridge: nwl-dsi: Force a full modeset when crtc_state->active is changed to be true (git-fixes).
  • drm/dp_mst: Do not set proposed vcpi directly (git-fixes).
  • drm/gma500: Add the missed drm_gem_object_put() in psb_user_framebuffer_create() (git-fixes).
  • drm/i915/display: Do not zero past infoframes.vsc (git-fixes).
  • drm/i915/gvt: Clear d3_entered on elsp cmd submission (git-fixes).
  • drm/i915/selftests: use vma_lookup() in __igt_mmap() (git-fixes).
  • drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
  • drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
  • drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
  • drm/msm/dpu: Fix sm8250_mdp register length (git-fixes).
  • drm/msm/mdp4: Fix modifier support enabling (git-fixes).
  • drm/msm: Fix error return code in msm_drm_init() (git-fixes).
  • drm/msm: Small msm_gem_purge() fix (bsc#1152489)
  • drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
  • drm/nouveau: Do not set allow_fb_modifiers explicitly (git-fixes).
  • drm/nouveau: fix dma_address check for CPU/GPU sync (git-fixes).
  • drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
  • drm/panel: nt35510: Do not fail if DSI read fails (git-fixes).
  • drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
  • drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
  • drm/radeon: Call radeon_suspend_kms() in radeon_pci_shutdown() for Loongson64 (git-fixes).
  • drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
  • drm/radeon: wait for moving fence after pinning (git-fixes).
  • drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
  • drm/rockchip: cdn-dp: fix sign extension on an int multiply for a u64 result (git-fixes).
  • drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
  • drm/rockchip: dsi: remove extra component_del() call (git-fixes).
  • drm/rockchip: lvds: Fix an error handling path (git-fixes).
  • drm/sched: Avoid data corruptions (git-fixes).
  • drm/scheduler: Fix hang when sched_entity released (git-fixes).
  • drm/stm: Fix bus_flags handling (bsc#1152472)
  • drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
  • drm/vc4: Fix clock source for VEC PixelValve on BCM2711 (git-fixes).
  • drm/vc4: crtc: Skip the TXP (git-fixes).
  • drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
  • drm/vc4: hdmi: Fix PM reference leak in vc4_hdmi_encoder_pre_crtc_co() (git-fixes).
  • drm/vc4: hdmi: Fix error path of hpd-gpios (git-fixes).
  • drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
  • drm/vc4: hdmi: Prevent clock unbalance (git-fixes).
  • drm/vc4: txp: Properly set the possible_crtcs mask (git-fixes).
  • drm/virtio: Fix double free on probe failure (git-fixes).
  • drm/vmwgfx: Fix cpu updates of coherent multisample surfaces (git-fixes).
  • drm/vmwgfx: Mark a surface gpu-dirty after the SVGA3dCmdDXGenMips command (git-fixes).
  • drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
  • drm: Return -ENOTTY for non-drm ioctls (git-fixes).
  • drm: add a locked version of drm_is_current_master (git-fixes).
  • drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
  • drm: bridge: add missing word in Analogix help text (git-fixes).
  • drm: qxl: ensure surf.data is ininitialized (git-fixes).
  • drm: rockchip: add missing registers for RK3066 (git-fixes).
  • drm: rockchip: add missing registers for RK3188 (git-fixes).
  • drm: rockchip: set alpha_en to 0 if it is not used (git-fixes).
  • e1000e: Check the PCIm state (git-fixes).
  • e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
  • efi/tpm: Differentiate missing and invalid final event log table (bsc#1188036).
  • extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
  • extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
  • extcon: max8997: Add missing modalias string (git-fixes).
  • extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
  • fbmem: Do not delete the mode that is still in use (git-fixes).
  • fbmem: add margin check to fb_check_caps() (git-fixes).
  • firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
  • firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
  • firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
  • firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
  • fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
  • fpga: machxo2-spi: Address warning about unused variable (git-fixes).
  • fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
  • fuse: check connected before queueing on fpq->io (bsc#1188267).
  • fuse: ignore PG_workingset after stealing (bsc#1188268).
  • fuse: reject internal errno (bsc#1188269).
  • gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
  • gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
  • gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
  • gtp: fix an use-before-init in gtp_newlink() (git-fixes).
  • gve: Add DQO fields for core data structures (bsc#1176940).
  • gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
  • gve: Add dqo descriptors (bsc#1176940).
  • gve: Add stats for gve (bsc#1176940).
  • gve: Add support for DQO RX PTYPE map (bsc#1176940).
  • gve: Add support for raw addressing device option (bsc#1176940).
  • gve: Add support for raw addressing in the tx path (bsc#1176940).
  • gve: Add support for raw addressing to the rx path (bsc#1176940).
  • gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
  • gve: Check TX QPL was actually assigned (bsc#1176940).
  • gve: DQO: Add RX path (bsc#1176940).
  • gve: DQO: Add TX path (bsc#1176940).
  • gve: DQO: Add core netdev features (bsc#1176940).
  • gve: DQO: Add ring allocation and initialization (bsc#1176940).
  • gve: DQO: Configure interrupts on device up (bsc#1176940).
  • gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
  • gve: DQO: Remove incorrect prefetch (bsc#1176940).
  • gve: Enable Link Speed Reporting in the driver (bsc#1176940).
  • gve: Fix an error handling path in 'gve_probe()' (git-fixes).
  • gve: Fix swapped vars when fetching max queues (git-fixes).
  • gve: Fix warnings reported for DQO patchset (bsc#1176940).
  • gve: Get and set Rx copybreak via ethtool (bsc#1176940).
  • gve: Introduce a new model for device options (bsc#1176940).
  • gve: Introduce per netdev enum gve_queue_format (bsc#1176940).
  • gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
  • gve: Move some static functions to a common file (bsc#1176940).
  • gve: NIC stats for report-stats and for ethtool (bsc#1176940).
  • gve: Propagate error codes to caller (bsc#1176940).
  • gve: Replace zero-length array with flexible-array member (bsc#1176940).
  • gve: Rx Buffer Recycling (bsc#1176940).
  • gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
  • gve: Update adminq commands to support DQO queues (bsc#1176940).
  • gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
  • gve: Use link status register to report link status (bsc#1176940).
  • gve: adminq: DQO specific device descriptor logic (bsc#1176940).
  • gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
  • hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
  • hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
  • hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
  • hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
  • hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
  • i2c: core: Disable client irq on reboot/shutdown (git-fixes).
  • i2c: designware: Adjust bus_freq_hz when refuse high speed mode set (git-fixes).
  • i2c: dev: Add __user annotation (git-fixes).
  • i2c: robotfuzz-osif: fix control-request directions (git-fixes).
  • i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
  • i40e: Fix error handling in i40e_vsi_open (git-fixes).
  • i40e: Fix missing rtnl locking when setting up pf switch (jsc#SLE-13701).
  • i40e: fix PTP on 5Gb links (jsc#SLE-13701).
  • iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
  • ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
  • ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
  • ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
  • ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
  • ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
  • ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
  • ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
  • ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
  • ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
  • ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
  • ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
  • ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
  • ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
  • ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
  • ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
  • ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
  • igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
  • igb: Fix an error handling path in 'igb_probe()' (git-fixes).
  • igb: Fix position of assignment to *ring (git-fixes).
  • igb: Fix use-after-free error during reset (git-fixes).
  • igc: Fix an error handling path in 'igc_probe()' (git-fixes).
  • igc: Fix use-after-free error during reset (git-fixes).
  • igc: change default return of igc_read_phy_reg() (git-fixes).
  • iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: accel: bma180: Use explicit member assignment (git-fixes).
  • iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
  • iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
  • iio: adis16400: do not return ints in irq handlers (git-fixes).
  • iio: adis_buffer: do not return ints in irq handlers (git-fixes).
  • iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() help