File _patchinfo of Package patchinfo.40062
<patchinfo incident="40062">
<issue id="1139073" tracker="bnc">EMU: VUL-0: CVE-2019-11135: November 2019 CPU issue aka "TSX Asynchronous Abort (TAA)"</issue>
<issue id="1204142" tracker="bnc">Broadcom/ECD requests the attached patch be applied to SLES15SP5</issue>
<issue id="1219338" tracker="bnc">cgroup_freezer: cgroup_freezing: Check if not frozen</issue>
<issue id="1225707" tracker="bnc">VUL-0: CVE-2024-36028: kernel: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio()</issue>
<issue id="1230216" tracker="bnc">VUL-0: CVE-2024-44963: kernel: btrfs: do not BUG_ON() when freeing tree block after error</issue>
<issue id="1233300" tracker="bnc">[Build 39.5] Touchpad is not detected on AMD</issue>
<issue id="1235613" tracker="bnc">VUL-0: CVE-2024-56742: kernel: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()</issue>
<issue id="1235837" tracker="bnc">fstests xfs/273 fails</issue>
<issue id="1236333" tracker="bnc">VUL-0: CVE-2024-57947: kernel: netfilter: nf_set_pipapo: fix initial map fill</issue>
<issue id="1236897" tracker="bnc">blk: honor isolcpus configuration</issue>
<issue id="1238896" tracker="bnc">VUL-0: AMD: More transient execution attacks</issue>
<issue id="1239061" tracker="bnc">VUL-0: CVE-2025-21839: kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop</issue>
<issue id="1239470" tracker="bnc">VUL-0: CVE-2025-21854: kernel: sockmap, vsock: For connectible sockets allow only connected</issue>
<issue id="1240323" tracker="bnc">VUL-0: CVE-2025-21872: kernel: efi: Don't map the entire mokvar table to determine its size</issue>
<issue id="1240885" tracker="bnc">nvme instability on 15-SP7 kernels</issue>
<issue id="1240966" tracker="bnc">kernel crash in lpfc driver on sp7</issue>
<issue id="1241166" tracker="bnc">[TRACKERBUG] cpuset controller backports</issue>
<issue id="1241345" tracker="bnc">L3: tsc: Marking TSC unstable due to clocksource watchdog, again — ref:_00D1igLOd._500TrXoUjB:ref</issue>
<issue id="1241537" tracker="bnc">VUL-0: CVE-2025-22090: kernel: x86/mm/pat: fix VM_PAT handling when fork() fails in copy_page_range()</issue>
<issue id="1242086" tracker="bnc">Nvidia Grace: Backport i2c: tegra: check msg length in SMBUS block read</issue>
<issue id="1242414" tracker="bnc">VUL-0: CVE-2025-37798: kernel: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()</issue>
<issue id="1242837" tracker="bnc">VUL-0: CVE-2025-23163: kernel: net: vlan: don't propagate flags on open</issue>
<issue id="1242960" tracker="bnc">VUL-0: CVE-2025-37885: kernel: KVM: x86: Reset IRTE to host control if *new* route isn't postable</issue>
<issue id="1242965" tracker="bnc">VUL-0: CVE-2025-37864: kernel: net: dsa: clean up FDB, MDB, VLAN entries on unbind</issue>
<issue id="1242993" tracker="bnc">Update Broadcom Emulex lpfc driver for SLES15 SP7 to 14.4.0.9</issue>
<issue id="1243068" tracker="bnc">VUL-0: CVE-2025-37856: kernel: btrfs: harden block_group::bg_list against list_del() races</issue>
<issue id="1243100" tracker="bnc">SLES15SP7 : LPFC module unload triggers in watchdog: BUG: soft lockup - CPU#0 stuck for 23s! [NOOL/LPFC/everest/1060]</issue>
<issue id="1243479" tracker="bnc">VUL-0: CVE-2025-37920: kernel: xsk: Fix race condition in AF_XDP generic RX path</issue>
<issue id="1243669" tracker="bnc">VUL-0: CVE-2025-37984: kernel: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()</issue>
<issue id="1243806" tracker="bnc">s390/entry: Fix last breaking event handling in case of stack corruption</issue>
<issue id="1244309" tracker="bnc">Security vulnerability found in upstream kernel</issue>
<issue id="1244337" tracker="bnc">kernel-syms should not require kernel-rt-devel</issue>
<issue id="1244457" tracker="bnc">kernel: clocksource: wd-tsc-wd read-back delay of xxx ns, clock-skew test skipped! — ref:_00D1igLOd._500TrbDW87:ref</issue>
<issue id="1244735" tracker="bnc">VUL-0: CVE-2025-38074: kernel: vhost-scsi: protect vq->log_used with vq->mutex</issue>
<issue id="1244749" tracker="bnc">VUL-0: CVE-2025-38052: kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done</issue>
<issue id="1244750" tracker="bnc">VUL-0: CVE-2025-38051: kernel: smb: client: Fix use-after-free in cifs_fill_dirent</issue>
<issue id="1244792" tracker="bnc">VUL-0: CVE-2025-38034: kernel: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref</issue>
<issue id="1244801" tracker="bnc">VUL-0: CVE-2025-38035: kernel: nvmet-tcp: don't restore null sk_state_change</issue>
<issue id="1245151" tracker="bnc">VUL-0: CVE-2025-38058: kernel: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock</issue>
<issue id="1245201" tracker="bnc">VUL-0: CVE-2025-38064: kernel: virtio: break and reset virtio devices on device_shutdown()</issue>
<issue id="1245202" tracker="bnc">VUL-0: CVE-2025-38063: kernel: dm: fix unconditional IO throttle caused by REQ_PREFLUSH</issue>
<issue id="1245216" tracker="bnc">VUL-0: CVE-2025-38062: kernel: genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie</issue>
<issue id="1245260" tracker="bnc">Update Broadcom Emulex lpfc driver for SL-16.0 to 14.4.0.10</issue>
<issue id="1245431" tracker="bnc">HugeTLB - fix unshare pages</issue>
<issue id="1245440" tracker="bnc">VUL-0: CVE-2025-38061: kernel: net: pktgen: fix access outside of user given buffer in pktgen_thread_write()</issue>
<issue id="1245457" tracker="bnc">[PATCH v6 0/5] Allow dyn MSI-X vector allocation of MANA</issue>
<issue id="1245498" tracker="bnc">VUL-0: CVE-2025-38084: kernel: mm/hugetlb: unshare page tables during VMA split, not before</issue>
<issue id="1245499" tracker="bnc">VUL-0: CVE-2025-38085: kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race</issue>
<issue id="1245504" tracker="bnc">VUL-0: CVE-2025-38087: kernel: net/sched: fix use-after-free in taprio_dev_notifier</issue>
<issue id="1245506" tracker="bnc">VUL-0: CVE-2025-38088: kernel: powerpc/powernv/memtrace: fix out of bounds issue in memtrace mmap</issue>
<issue id="1245508" tracker="bnc">VUL-0: CVE-2025-38089: kernel: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error</issue>
<issue id="1245510" tracker="bnc">VUL-0: CVE-2025-38090: kernel: drivers/rapidio/rio_cm.c: prevent possible heap overwrite</issue>
<issue id="1245540" tracker="bnc">SLES 15 SP6 - kernel: Fix z17 elf platform recognition</issue>
<issue id="1245598" tracker="bnc">s390/pkey: Prevent overflow in size calculation for memdup_user()</issue>
<issue id="1245599" tracker="bnc">scsi: s390: zfcp: Ensure synchronous unit_add</issue>
<issue id="1245646" tracker="bnc">s390/pci: Do not try re-enabling load/store if device is disabled</issue>
<issue id="1245647" tracker="bnc">s390/pci: Fix stale function handles in error handling</issue>
<issue id="1245649" tracker="bnc">VUL-0: CVE-2025-38094: kernel: net: cadence: macb: Fix a possible deadlock in macb_halt_tx.</issue>
<issue id="1245650" tracker="bnc">VUL-0: CVE-2025-38100: kernel: x86/iopl: cure TIF_IO_BITMAP inconsistencies</issue>
<issue id="1245654" tracker="bnc">VUL-0: CVE-2025-38098: kernel: drm/amd/display: don't treat wb connector as physical in create_validate_stream_for_sink</issue>
<issue id="1245658" tracker="bnc">VUL-0: CVE-2025-38095: kernel: dma-buf: insert memory barrier before updating num_fences</issue>
<issue id="1245660" tracker="bnc">VUL-0: CVE-2025-38097: kernel: espintcp: remove encap socket caching to avoid reference leak</issue>
<issue id="1245665" tracker="bnc">VUL-0: CVE-2025-38110: kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access</issue>
<issue id="1245666" tracker="bnc">VUL-0: CVE-2025-38111: kernel: net/mdiobus: Fix potential out-of-bounds read/write access</issue>
<issue id="1245668" tracker="bnc">VUL-0: CVE-2025-38112: kernel: net: Fix TOCTOU issue in sk_is_readable()</issue>
<issue id="1245669" tracker="bnc">VUL-0: CVE-2025-38102: kernel: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify</issue>
<issue id="1245670" tracker="bnc">VUL-0: CVE-2025-38118: kernel: Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete</issue>
<issue id="1245671" tracker="bnc">VUL-0: CVE-2025-38099: kernel: Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken</issue>
<issue id="1245675" tracker="bnc">VUL-0: CVE-2025-38108: kernel: net_sched: red: fix a race in __red_change()</issue>
<issue id="1245676" tracker="bnc">VUL-0: CVE-2025-38107: kernel: net_sched: ets: fix a race in ets_qdisc_change()</issue>
<issue id="1245677" tracker="bnc">VUL-0: CVE-2025-38131: kernel: coresight: prevent deactivate active config while enabling the config</issue>
<issue id="1245679" tracker="bnc">VUL-0: CVE-2025-38132: kernel: coresight: holding cscfg_csdev_lock while removing cscfg from csdev</issue>
<issue id="1245682" tracker="bnc">VUL-0: CVE-2025-38105: kernel: ALSA: usb-audio: kill timer properly at removal</issue>
<issue id="1245683" tracker="bnc">VUL-0: CVE-2025-38113: kernel: ACPI: CPPC: fix NULL pointer dereference when nosmp is used</issue>
<issue id="1245684" tracker="bnc">VUL-0: CVE-2025-38109: kernel: net/mlx5: fix ECVF vports unload on shutdown flow</issue>
<issue id="1245688" tracker="bnc">VUL-0: CVE-2025-38123: kernel: net: wwan: t7xx: Fix napi rx poll issue</issue>
<issue id="1245689" tracker="bnc">VUL-0: CVE-2025-38115: kernel: net_sched: sch_sfq: fix a potential crash on gso_skb handling</issue>
<issue id="1245690" tracker="bnc">VUL-0: CVE-2025-38124: kernel: net: fix udp gso skb_segment after pull from frag_list</issue>
<issue id="1245691" tracker="bnc">VUL-0: CVE-2025-38136: kernel: usb: renesas_usbhs: Reorder clock handling and power management in probe</issue>
<issue id="1245695" tracker="bnc">VUL-0: CVE-2025-38117: kernel: Bluetooth: MGMT: protect mgmt_pending list with its own lock</issue>
<issue id="1245705" tracker="bnc">VUL-0: CVE-2025-38127: kernel: ice: fix Tx scheduler error handling in XDP callback</issue>
<issue id="1245708" tracker="bnc">VUL-0: CVE-2025-38126: kernel: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping</issue>
<issue id="1245711" tracker="bnc">VUL-0: CVE-2025-38120: kernel: netfilter: nf_set_pipapo_avx2: fix initial map fill</issue>
<issue id="1245713" tracker="bnc">VUL-0: CVE-2025-38142: kernel: hwmon: (asus-ec-sensors) check sensor index in read_string()</issue>
<issue id="1245714" tracker="bnc">VUL-0: CVE-2025-38143: kernel: backlight: pm8941: add NULL check in wled_configure()</issue>
<issue id="1245719" tracker="bnc">VUL-0: CVE-2025-38138: kernel: dmaengine: ti: add NULL check in udma_probe()</issue>
<issue id="1245723" tracker="bnc">VUL-0: CVE-2025-38129: kernel: page_pool: fix use-after-free in page_pool_recycle_in_ring</issue>
<issue id="1245729" tracker="bnc">[SUSE][Mana][Backport] net: mana: Backport the patch to GB200 sku for hardware pdp counters.</issue>
<issue id="1245730" tracker="bnc">[SUSE][Mana][Backport] net: mana: Add handler for hardware servicing events</issue>
<issue id="1245731" tracker="bnc">[MANA][Backport] net: mana: Set tx_packets to post gso processing packet count</issue>
<issue id="1245735" tracker="bnc">VUL-0: CVE-2025-38148: kernel: net: phy: mscc: Fix memory leak when using one step timestamping</issue>
<issue id="1245737" tracker="bnc">VUL-0: CVE-2025-38149: kernel: net: phy: clear phydev->devlink when the link is deleted</issue>
<issue id="1245744" tracker="bnc">VUL-0: CVE-2025-38153: kernel: net: usb: aqc111: fix error handling of usbnet read calls</issue>
<issue id="1245745" tracker="bnc">VUL-0: CVE-2025-38151: kernel: RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work</issue>
<issue id="1245746" tracker="bnc">VUL-0: CVE-2025-38122: kernel: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO</issue>
<issue id="1245747" tracker="bnc">VUL-0: CVE-2025-38157: kernel: wifi: ath9k_htc: Abort software beacon handling if disabled</issue>
<issue id="1245748" tracker="bnc">VUL-0: CVE-2025-38155: kernel: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()</issue>
<issue id="1245749" tracker="bnc">VUL-0: CVE-2025-38154: kernel: bpf, sockmap: Avoid using sk_socket after free when sending</issue>
<issue id="1245750" tracker="bnc">VUL-0: CVE-2025-38158: kernel: hisi_acc_vfio_pci: fix XQE dma address error</issue>
<issue id="1245751" tracker="bnc">VUL-0: CVE-2025-38159: kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds</issue>
<issue id="1245752" tracker="bnc">VUL-0: CVE-2025-38162: kernel: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation</issue>
<issue id="1245757" tracker="bnc">VUL-0: CVE-2025-38165: kernel: bpf, sockmap: Fix panic when calling skb_linearize</issue>
<issue id="1245758" tracker="bnc">VUL-0: CVE-2025-38166: kernel: bpf: fix ktls panic with sockmap</issue>
<issue id="1245765" tracker="bnc">VUL-0: CVE-2025-38145: kernel: soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()</issue>
<issue id="1245768" tracker="bnc">VUL-0: CVE-2025-38147: kernel: calipso: Don't call calipso functions for AF_INET sk.</issue>
<issue id="1245769" tracker="bnc">VUL-0: CVE-2025-38173: kernel: crypto: marvell/cesa - Handle zero-length skcipher requests</issue>
<issue id="1245777" tracker="bnc">VUL-0: CVE-2025-38161: kernel: RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction</issue>
<issue id="1245781" tracker="bnc">VUL-0: CVE-2025-38174: kernel: thunderbolt: Do not double dequeue a configuration request</issue>
<issue id="1245789" tracker="bnc">cgroup,freezer: fix incomplete freezing when attaching tasks</issue>
<issue id="1245937" tracker="bnc">VUL-0: CVE-2025-38182: kernel: ublk: santizize the arguments from userspace when adding a device</issue>
<issue id="1245945" tracker="bnc">VUL-0: CVE-2025-38193: kernel: net_sched: sch_sfq: reject invalid perturb period</issue>
<issue id="1245951" tracker="bnc">VUL-0: CVE-2025-38187: kernel: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push()</issue>
<issue id="1245952" tracker="bnc">VUL-0: CVE-2025-38198: kernel: fbcon: Make sure modelist not set on unregistered console</issue>
<issue id="1245954" tracker="bnc">VUL-0: CVE-2025-38192: kernel: net: clear the dst when changing skb protocol</issue>
<issue id="1245957" tracker="bnc">VUL-0: CVE-2025-38194: kernel: jffs2: check that raw node were preallocated before writing summary</issue>
<issue id="1245966" tracker="bnc">VUL-0: CVE-2025-38220: kernel: ext4: only dirty folios when data journaling regular files</issue>
<issue id="1245970" tracker="bnc">VUL-0: CVE-2025-38180: kernel: net: atm: fix /proc/net/atm/lec handling</issue>
<issue id="1245976" tracker="bnc">VUL-0: CVE-2025-38222: kernel: ext4: inline: fix len overflow in ext4_prepare_inline_data</issue>
<issue id="1245980" tracker="bnc">VUL-0: CVE-2025-38202: kernel: bpf: check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()</issue>
<issue id="1245983" tracker="bnc">VUL-0: CVE-2025-38204: kernel: jfs: fix array-index-out-of-bounds read in add_missing_indices</issue>
<issue id="1245986" tracker="bnc">VUL-0: CVE-2025-38177: kernel: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent</issue>
<issue id="1246000" tracker="bnc">VUL-0: CVE-2025-38181: kernel: calipso: fix null-ptr-deref in calipso_req_{set,del}attr()</issue>
<issue id="1246002" tracker="bnc">VUL-0: CVE-2025-38217: kernel: hwmon: (ftsteutates) Fix TOCTOU race in fts_read()</issue>
<issue id="1246006" tracker="bnc">VUL-0: CVE-2025-38183: kernel: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()</issue>
<issue id="1246008" tracker="bnc">VUL-0: CVE-2025-38211: kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction</issue>
<issue id="1246020" tracker="bnc">VUL-0: CVE-2025-38210: kernel: configfs-tsm-report: Fix NULL dereference of tsm_ops</issue>
<issue id="1246023" tracker="bnc">VUL-0: CVE-2025-38135: kernel: serial: Fix potential null-ptr-deref in mlb_usio_probe()</issue>
<issue id="1246029" tracker="bnc">VUL-0: CVE-2025-38212: kernel: ipc: fix to protect IPCS lookups using RCU</issue>
<issue id="1246031" tracker="bnc">VUL-0: CVE-2025-38227: kernel: media: vidtv: terminating the subsequent process of initialization failure</issue>
<issue id="1246037" tracker="bnc">VUL-0: CVE-2025-38213: kernel: vgacon: add check for vc_origin address range in vgacon_scroll()</issue>
<issue id="1246041" tracker="bnc">VUL-0: CVE-2025-38225: kernel: media: imx-jpeg: cleanup after an allocation error</issue>
<issue id="1246042" tracker="bnc">VUL-0: CVE-2025-38214: kernel: kernel: fbdev: fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var</issue>
<issue id="1246044" tracker="bnc">VUL-0: CVE-2025-38203: kernel: jfs: fix null-ptr-deref in jfs_ioc_trim</issue>
<issue id="1246045" tracker="bnc">VUL-0: CVE-2025-38200: kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw</issue>
<issue id="1246047" tracker="bnc">VUL-0: CVE-2025-38197: kernel: platform/x86: dell_rbu: fix list usage</issue>
<issue id="1246049" tracker="bnc">VUL-0: CVE-2025-38229: kernel: media: cxusb: no longer judge rbuf when the write fails</issue>
<issue id="1246050" tracker="bnc">VUL-0: CVE-2025-38226: kernel: media: vivid: change the siize of the composing</issue>
<issue id="1246055" tracker="bnc">VUL-0: CVE-2025-38231: kernel: nfsd: initialize ssc before laundromat_work to prevent NULL dereference</issue>
<issue id="1246073" tracker="bnc">VUL-0: CVE-2025-38206: kernel: exfat: fix double free in delayed_free</issue>
<issue id="1246093" tracker="bnc">VUL-0: CVE-2025-38236: kernel: af_unix: Don't leave consecutive consumed OOB skbs.</issue>
<issue id="1246098" tracker="bnc">VUL-0: CVE-2025-38188: kernel: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE</issue>
<issue id="1246109" tracker="bnc">VUL-0: CVE-2025-38215: kernel: kernel: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var</issue>
<issue id="1246122" tracker="bnc">SLES 16.0 dmesg show "Failed to find VA for GUID"</issue>
<issue id="1246125" tracker="bnc">SLES16: System crashed during driver parameter test(lpfc/Nool/Pll/Fuji)</issue>
<issue id="1246171" tracker="bnc">VUL-0: CVE-2025-38249: kernel: ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()</issue>
<issue id="1246173" tracker="bnc">VUL-0: CVE-2025-38248: kernel: bridge: mcast: Fix use-after-free during router port configuration</issue>
<issue id="1246178" tracker="bnc">VUL-0: CVE-2025-38239: kernel: scsi: megaraid_sas: Fix invalid node index</issue>
<issue id="1246182" tracker="bnc">VUL-0: CVE-2025-38250: kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()</issue>
<issue id="1246183" tracker="bnc">VUL-0: CVE-2025-38244: kernel: smb: client: fix potential deadlock when reconnecting channels</issue>
<issue id="1246186" tracker="bnc">VUL-0: CVE-2025-38257: kernel: s390/pkey: prevent overflow in size calculation for memdup_user()</issue>
<issue id="1246195" tracker="bnc">VUL-0: CVE-2025-38246: kernel: bnxt: properly flush XDP redirect lists</issue>
<issue id="1246203" tracker="bnc">MANA: The big tcp enablement patch</issue>
<issue id="1246212" tracker="bnc">[MANA][Backport] patch: net: mana: Add debug logs in MANA network driver</issue>
<issue id="1246220" tracker="bnc">VUL-0: CVE-2025-38259: kernel: ASoC: codecs: wcd9335: Fix missing free of regulator supplies</issue>
<issue id="1246236" tracker="bnc">VUL-0: CVE-2025-38275: kernel: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug</issue>
<issue id="1246240" tracker="bnc">VUL-0: CVE-2025-38304: kernel: Bluetooth: Fix NULL pointer deference on eir_get_service_data</issue>
<issue id="1246243" tracker="bnc">VUL-0: CVE-2025-38319: kernel: drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table</issue>
<issue id="1246246" tracker="bnc">VUL-0: CVE-2025-38277: kernel: mtd: nand: ecc-mxic: fix use of uninitialized variable ret</issue>
<issue id="1246249" tracker="bnc">VUL-0: CVE-2025-38328: kernel: jffs2: check jffs2_prealloc_raw_node_refs() result in few other places</issue>
<issue id="1246250" tracker="bnc">VUL-0: CVE-2025-38335: kernel: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT</issue>
<issue id="1246253" tracker="bnc">VUL-0: CVE-2025-38337: kernel: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()</issue>
<issue id="1246258" tracker="bnc">VUL-0: CVE-2025-38338: kernel: fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()</issue>
<issue id="1246262" tracker="bnc">VUL-0: CVE-2025-38348: kernel: wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()</issue>
<issue id="1246264" tracker="bnc">VUL-0: CVE-2025-38279: kernel: bpf: do not include stack ptr register in precision backtracking bookkeeping</issue>
<issue id="1246266" tracker="bnc">VUL-0: CVE-2025-38273: kernel: net: tipc: fix refcount warning in tipc_aead_encrypt</issue>
<issue id="1246268" tracker="bnc">VUL-0: CVE-2025-38272: kernel: net: dsa: b53: do not enable EEE on bcm63xx</issue>
<issue id="1246273" tracker="bnc">VUL-0: CVE-2025-38283: kernel: hisi_acc_vfio_pci: bugfix live migration function without VF device driver</issue>
<issue id="1246283" tracker="bnc">VUL-0: CVE-2025-38286: kernel: pinctrl: at91: Fix possible out-of-boundary access</issue>
<issue id="1246287" tracker="bnc">VUL-0: CVE-2025-38289: kernel: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk</issue>
<issue id="1246292" tracker="bnc">VUL-0: CVE-2025-38293: kernel: wifi: ath11k: fix node corruption in ar->arvifs list</issue>
<issue id="1246293" tracker="bnc">VUL-0: CVE-2025-38290: kernel: wifi: ath12k: fix node corruption in ar->arvifs list</issue>
<issue id="1246295" tracker="bnc">VUL-0: CVE-2025-38292: kernel: wifi: ath12k: fix invalid access to memory</issue>
<issue id="1246334" tracker="bnc">VUL-0: CVE-2025-38344: kernel: ACPICA: fix acpi parse and parseext cache leaks</issue>
<issue id="1246337" tracker="bnc">VUL-0: CVE-2025-38345: kernel: ACPICA: fix acpi operand cache leak in dswstate.c</issue>
<issue id="1246342" tracker="bnc">VUL-0: CVE-2025-38313: kernel: bus: fsl-mc: fix double-free on mc_dev</issue>
<issue id="1246349" tracker="bnc">VUL-0: CVE-2025-38300: kernel: crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()</issue>
<issue id="1246354" tracker="bnc">VUL-0: CVE-2025-38303: kernel: Bluetooth: eir: Fix possible crashes on eir_create_adv_data</issue>
<issue id="1246358" tracker="bnc">VUL-0: CVE-2025-38305: kernel: kernel: ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()</issue>
<issue id="1246361" tracker="bnc">VUL-0: CVE-2025-38310: kernel: seg6: fix validation of nexthop addresses</issue>
<issue id="1246364" tracker="bnc">VUL-0: CVE-2025-38307: kernel: ASoC: Intel: avs: Verify content returned by parse_int_array()</issue>
<issue id="1246370" tracker="bnc">VUL-0: CVE-2025-38336: kernel: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330</issue>
<issue id="1246375" tracker="bnc">VUL-0: CVE-2025-38332: kernel: scsi: lpfc: Use memcpy() for BIOS version</issue>
<issue id="1246384" tracker="bnc">VUL-0: CVE-2025-38334: kernel: x86/sgx: Prevent attempts to reclaim poisoned pages</issue>
<issue id="1246386" tracker="bnc">VUL-0: CVE-2025-38312: kernel: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()</issue>
<issue id="1246387" tracker="bnc">VUL-0: CVE-2025-38264: kernel: nvme-tcp: sanitize request list handling</issue>
<issue id="1246438" tracker="bnc">VUL-0: CVE-2025-38343: kernel: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA</issue>
<issue id="1246453" tracker="bnc">VUL-0: CVE-2025-38342: kernel: software node: Correct an OOB check in software_node_get_reference_args()</issue>
<issue id="1246473" tracker="bnc">VUL-0: CVE-2025-38323: kernel: net: atm: add lec_mutex</issue>
<issue id="1246490" tracker="bnc">VUL-0: CVE-2025-38326: kernel: aoe: clean device rq_list in aoedev_downdev()</issue>
<issue id="1246506" tracker="bnc">PTP breaks on kernel-azure-6.4.0-150600.8.43.1 with phc2sys.service failing to start</issue>
<issue id="1246547" tracker="bnc">perf: Fix sample vs do_exit()</issue>
<issue id="1246777" tracker="bnc">VUL-0: CVE-2025-38349: kernel: eventpoll: don't decrement ep refcount while still holding the ep mutex</issue>
<issue id="1246781" tracker="bnc">VUL-0: CVE-2025-38350: kernel: net/sched: Always pass notifications when child class becomes empty</issue>
<issue id="1246870" tracker="bnc">s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again</issue>
<issue id="1246879" tracker="bnc">[ppc64le] kernel-default-base has truncated vmlinux, breaking fips</issue>
<issue id="1246911" tracker="bnc">VUL-0: CVE-2025-38352: kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()</issue>
<issue id="1247018" tracker="bnc">VUL-0: CVE-2025-38363: kernel: drm/tegra: Fix a possible null pointer dereference</issue>
<issue id="1247023" tracker="bnc">VUL-0: CVE-2025-38365: kernel: btrfs: fix a race between renames and directory logging</issue>
<issue id="1247028" tracker="bnc">VUL-0: CVE-2025-38380: kernel: i2c/designware: Fix an initialization issue</issue>
<issue id="1247031" tracker="bnc">VUL-0: CVE-2025-38382: kernel: btrfs: fix iteration of extrefs during log replay</issue>
<issue id="1247033" tracker="bnc">VUL-0: CVE-2025-38373: kernel: IB/mlx5: Fix potential deadlock in MR deregistration</issue>
<issue id="1247035" tracker="bnc">VUL-0: CVE-2025-38384: kernel: mtd: spinand: fix memory leak of ECC engine conf</issue>
<issue id="1247061" tracker="bnc">VUL-0: CVE-2025-38354: kernel: drm/msm/gpu: Fix crash when throttling GPU immediately during boot</issue>
<issue id="1247089" tracker="bnc">VUL-0: CVE-2025-38362: kernel: drm/amd/display: Add null pointer check for get_first_active_display()</issue>
<issue id="1247091" tracker="bnc">VUL-0: CVE-2025-38364: kernel: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate()</issue>
<issue id="1247097" tracker="bnc">VUL-0: CVE-2025-38399: kernel: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()</issue>
<issue id="1247098" tracker="bnc">VUL-0: CVE-2025-38457: kernel: net/sched: Abort __tc_modify_qdisc if parent class does not exist</issue>
<issue id="1247101" tracker="bnc">VUL-0: CVE-2025-38455: kernel: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight</issue>
<issue id="1247103" tracker="bnc">VUL-0: CVE-2025-38461: kernel: vsock: Fix transport_* TOCTOU</issue>
<issue id="1247104" tracker="bnc">VUL-0: CVE-2025-38462: kernel: vsock: Fix transport_{g2h,h2g} TOCTOU</issue>
<issue id="1247113" tracker="bnc">VUL-0: CVE-2025-38463: kernel: tcp: Correct signedness in skb remaining space calculation</issue>
<issue id="1247118" tracker="bnc">VUL-0: CVE-2025-38465: kernel: netlink: Fix wraparounds of sk->sk_rmem_alloc.</issue>
<issue id="1247123" tracker="bnc">VUL-0: CVE-2025-38400: kernel: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.</issue>
<issue id="1247125" tracker="bnc">VUL-0: CVE-2025-38401: kernel: mtk-sd: Prevent memory corruption from DMA map failure</issue>
<issue id="1247128" tracker="bnc">VUL-0: CVE-2025-38410: kernel: drm/msm: Fix a fence leak in submit error path</issue>
<issue id="1247132" tracker="bnc">VUL-0: CVE-2025-38412: kernel: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks</issue>
<issue id="1247138" tracker="bnc">VUL-0: CVE-2025-38386: kernel: ACPICA: Refuse to evaluate a method if arguments are missing</issue>
<issue id="1247141" tracker="bnc">VUL-0: CVE-2025-38403: kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it</issue>
<issue id="1247143" tracker="bnc">VUL-0: CVE-2025-38460: kernel: atm: clip: Fix potential null-ptr-deref in to_atmarpd().</issue>
<issue id="1247145" tracker="bnc">VUL-0: CVE-2025-38414: kernel: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850</issue>
<issue id="1247146" tracker="bnc">VUL-0: CVE-2025-38467: kernel: drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling</issue>
<issue id="1247147" tracker="bnc">VUL-0: CVE-2025-38415: kernel: squashfs: check return result of sb_min_blocksize</issue>
<issue id="1247149" tracker="bnc">VUL-0: CVE-2025-38385: kernel: net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect</issue>
<issue id="1247150" tracker="bnc">VUL-0: CVE-2025-38428: kernel: Input: ims-pcu - check record size in ims_pcu_flash_firmware()</issue>
<issue id="1247151" tracker="bnc">VUL-0: CVE-2025-38416: kernel: NFC: nci: uart: set tty->disc_data only in success path</issue>
<issue id="1247153" tracker="bnc">VUL-0: CVE-2025-38389: kernel: drm/i915/gt: Fix timeline left held on VMA alloc error</issue>
<issue id="1247154" tracker="bnc">VUL-0: CVE-2025-38387: kernel: RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert</issue>
<issue id="1247156" tracker="bnc">VUL-0: CVE-2025-38396: kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass</issue>
<issue id="1247160" tracker="bnc">VUL-0: CVE-2025-38430: kernel: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request</issue>
<issue id="1247164" tracker="bnc">VUL-0: CVE-2025-38443: kernel: nbd: fix uaf in nbd_genl_connect() error path</issue>
<issue id="1247169" tracker="bnc">VUL-0: CVE-2025-38392: kernel: idpf: convert control queue mutex to a spinlock</issue>
<issue id="1247170" tracker="bnc">VUL-0: CVE-2025-38393: kernel: kernel: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN</issue>
<issue id="1247171" tracker="bnc">VUL-0: CVE-2025-38395: kernel: regulator: gpio: Fix the out-of-bounds access to drvdata:gpiods</issue>
<issue id="1247172" tracker="bnc">Kernel-syms.spec does not write release information in local build of RPM package</issue>
<issue id="1247174" tracker="bnc">VUL-0: CVE-2025-38377: kernel: rose: fix dangling neighbour pointers in rose_rt_device_down()</issue>
<issue id="1247176" tracker="bnc">VUL-0: CVE-2025-38376: kernel: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume</issue>
<issue id="1247177" tracker="bnc">VUL-0: CVE-2025-38375: kernel: virtio-net: ensure the received length does not exceed allocated size</issue>
<issue id="1247178" tracker="bnc">VUL-0: CVE-2025-38371: kernel: drm/v3d: disable interrupts before resetting the GPU</issue>
<issue id="1247181" tracker="bnc">VUL-0: CVE-2025-38391: kernel: usb: typec: altmodes/displayport: do not index invalid pin_assignments</issue>
<issue id="1247209" tracker="bnc">VUL-0: CVE-2025-38369: kernel: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using</issue>
<issue id="1247210" tracker="bnc">VUL-0: CVE-2025-38406: kernel: wifi: ath6kl: remove WARN on bad firmware input</issue>
<issue id="1247227" tracker="bnc">VUL-0: CVE-2025-38436: kernel: drm/scheduler: signal scheduled fence when kill job</issue>
<issue id="1247233" tracker="bnc">VUL-0: CVE-2025-38448: kernel: usb: gadget: u_serial: Fix race condition in TTY wakeup</issue>
<issue id="1247236" tracker="bnc">VUL-0: CVE-2025-38485: kernel: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush</issue>
<issue id="1247238" tracker="bnc">VUL-0: CVE-2025-38487: kernel: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled</issue>
<issue id="1247241" tracker="bnc">VUL-0: CVE-2025-38489: kernel: s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again</issue>
<issue id="1247251" tracker="bnc">VUL-0: CVE-2025-38425: kernel: i2c: tegra: check msg length in SMBUS block read</issue>
<issue id="1247252" tracker="bnc">VUL-0: CVE-2025-38426: kernel: drm/amdgpu: Add basic validation for RAS header</issue>
<issue id="1247253" tracker="bnc">VUL-0: CVE-2025-38429: kernel: bus: mhi: ep: Update read pointer only after buffer is written</issue>
<issue id="1247255" tracker="bnc">VUL-0: CVE-2025-38449: kernel: drm/gem: Acquire references on GEM handles for framebuffers</issue>
<issue id="1247271" tracker="bnc">VUL-0: CVE-2025-38404: kernel: usb: typec: displayport: Fix potential deadlock</issue>
<issue id="1247273" tracker="bnc">VUL-0: CVE-2025-38478: kernel: comedi: Fix initialization of data for instructions that write to subdevice</issue>
<issue id="1247274" tracker="bnc">VUL-0: CVE-2025-38480: kernel: comedi: Fix use of uninitialized data in insn_rw_emulate_bits()</issue>
<issue id="1247276" tracker="bnc">VUL-0: CVE-2025-38481: kernel: comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large</issue>
<issue id="1247277" tracker="bnc">VUL-0: CVE-2025-38482: kernel: comedi: das6402: Fix bit shift out of bounds</issue>
<issue id="1247278" tracker="bnc">VUL-0: CVE-2025-38483: kernel: comedi: das16m1: Fix bit shift out of bounds</issue>
<issue id="1247279" tracker="bnc">VUL-0: CVE-2025-38420: kernel: wifi: carl9170: do not ping device which has failed to load firmware</issue>
<issue id="1247284" tracker="bnc">VUL-0: CVE-2025-38496: kernel: dm-bufio: fix sched in atomic context</issue>
<issue id="1247285" tracker="bnc">VUL-0: CVE-2025-38409: kernel: drm/msm: Fix another leak in the submit error path</issue>
<issue id="1247288" tracker="bnc">VUL-0: CVE-2025-38470: kernel: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime</issue>
<issue id="1247289" tracker="bnc">VUL-0: CVE-2025-38473: kernel: Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()</issue>
<issue id="1247293" tracker="bnc">VUL-0: CVE-2025-38424: kernel: perf: Fix sample vs do_exit()</issue>
<issue id="1247311" tracker="bnc">VUL-0: CVE-2025-38474: kernel: usb: net: sierra: check for no status endpoint</issue>
<issue id="1247314" tracker="bnc">VUL-0: CVE-2025-38477: kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate</issue>
<issue id="1247317" tracker="bnc">VUL-0: CVE-2025-38476: kernel: rpl: Fix use-after-free in rpl_do_srh_inline().</issue>
<issue id="1247347" tracker="bnc">VUL-0: CVE-2025-38497: kernel: usb: gadget: configfs: Fix OOB read on empty string write</issue>
<issue id="1247348" tracker="bnc">VUL-0: CVE-2025-38495: kernel: HID: core: ensure the allocated report buffer can contain the reserved report ID</issue>
<issue id="1247349" tracker="bnc">VUL-0: CVE-2025-38494: kernel: HID: core: do not bypass hid_hw_raw_request</issue>
<issue id="1247374" tracker="bnc">VUL-0: CVE-2025-38498: kernel: do_change_type(): refuse to operate on unmounted/not ours mounts</issue>
<issue id="1247437" tracker="bnc">VUL-0: CVE-2025-38468: kernel: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree</issue>
<issue id="1247450" tracker="bnc">VUL-0: CVE-2025-38471: kernel: tls: always refresh the queue when reading sock</issue>
<issue id="2019-11135" tracker="cve" />
<issue id="2024-36028" tracker="cve" />
<issue id="2024-36348" tracker="cve" />
<issue id="2024-36349" tracker="cve" />
<issue id="2024-36350" tracker="cve" />
<issue id="2024-36357" tracker="cve" />
<issue id="2024-44963" tracker="cve" />
<issue id="2024-49861" tracker="cve" />
<issue id="2024-56742" tracker="cve" />
<issue id="2024-57947" tracker="cve" />
<issue id="2025-21839" tracker="cve" />
<issue id="2025-21854" tracker="cve" />
<issue id="2025-21872" tracker="cve" />
<issue id="2025-22090" tracker="cve" />
<issue id="2025-23163" tracker="cve" />
<issue id="2025-37798" tracker="cve" />
<issue id="2025-37856" tracker="cve" />
<issue id="2025-37864" tracker="cve" />
<issue id="2025-37885" tracker="cve" />
<issue id="2025-37920" tracker="cve" />
<issue id="2025-37984" tracker="cve" />
<issue id="2025-38034" tracker="cve" />
<issue id="2025-38035" tracker="cve" />
<issue id="2025-38051" tracker="cve" />
<issue id="2025-38052" tracker="cve" />
<issue id="2025-38058" tracker="cve" />
<issue id="2025-38061" tracker="cve" />
<issue id="2025-38062" tracker="cve" />
<issue id="2025-38063" tracker="cve" />
<issue id="2025-38064" tracker="cve" />
<issue id="2025-38074" tracker="cve" />
<issue id="2025-38084" tracker="cve" />
<issue id="2025-38085" tracker="cve" />
<issue id="2025-38087" tracker="cve" />
<issue id="2025-38088" tracker="cve" />
<issue id="2025-38089" tracker="cve" />
<issue id="2025-38090" tracker="cve" />
<issue id="2025-38094" tracker="cve" />
<issue id="2025-38095" tracker="cve" />
<issue id="2025-38097" tracker="cve" />
<issue id="2025-38098" tracker="cve" />
<issue id="2025-38099" tracker="cve" />
<issue id="2025-38100" tracker="cve" />
<issue id="2025-38102" tracker="cve" />
<issue id="2025-38105" tracker="cve" />
<issue id="2025-38107" tracker="cve" />
<issue id="2025-38108" tracker="cve" />
<issue id="2025-38109" tracker="cve" />
<issue id="2025-38110" tracker="cve" />
<issue id="2025-38111" tracker="cve" />
<issue id="2025-38112" tracker="cve" />
<issue id="2025-38113" tracker="cve" />
<issue id="2025-38115" tracker="cve" />
<issue id="2025-38117" tracker="cve" />
<issue id="2025-38118" tracker="cve" />
<issue id="2025-38120" tracker="cve" />
<issue id="2025-38122" tracker="cve" />
<issue id="2025-38123" tracker="cve" />
<issue id="2025-38124" tracker="cve" />
<issue id="2025-38126" tracker="cve" />
<issue id="2025-38127" tracker="cve" />
<issue id="2025-38129" tracker="cve" />
<issue id="2025-38131" tracker="cve" />
<issue id="2025-38132" tracker="cve" />
<issue id="2025-38135" tracker="cve" />
<issue id="2025-38136" tracker="cve" />
<issue id="2025-38138" tracker="cve" />
<issue id="2025-38142" tracker="cve" />
<issue id="2025-38143" tracker="cve" />
<issue id="2025-38145" tracker="cve" />
<issue id="2025-38147" tracker="cve" />
<issue id="2025-38148" tracker="cve" />
<issue id="2025-38149" tracker="cve" />
<issue id="2025-38151" tracker="cve" />
<issue id="2025-38153" tracker="cve" />
<issue id="2025-38154" tracker="cve" />
<issue id="2025-38155" tracker="cve" />
<issue id="2025-38157" tracker="cve" />
<issue id="2025-38158" tracker="cve" />
<issue id="2025-38159" tracker="cve" />
<issue id="2025-38161" tracker="cve" />
<issue id="2025-38162" tracker="cve" />
<issue id="2025-38165" tracker="cve" />
<issue id="2025-38166" tracker="cve" />
<issue id="2025-38173" tracker="cve" />
<issue id="2025-38174" tracker="cve" />
<issue id="2025-38177" tracker="cve" />
<issue id="2025-38180" tracker="cve" />
<issue id="2025-38181" tracker="cve" />
<issue id="2025-38182" tracker="cve" />
<issue id="2025-38183" tracker="cve" />
<issue id="2025-38187" tracker="cve" />
<issue id="2025-38188" tracker="cve" />
<issue id="2025-38192" tracker="cve" />
<issue id="2025-38193" tracker="cve" />
<issue id="2025-38194" tracker="cve" />
<issue id="2025-38197" tracker="cve" />
<issue id="2025-38198" tracker="cve" />
<issue id="2025-38200" tracker="cve" />
<issue id="2025-38202" tracker="cve" />
<issue id="2025-38203" tracker="cve" />
<issue id="2025-38204" tracker="cve" />
<issue id="2025-38206" tracker="cve" />
<issue id="2025-38210" tracker="cve" />
<issue id="2025-38211" tracker="cve" />
<issue id="2025-38212" tracker="cve" />
<issue id="2025-38213" tracker="cve" />
<issue id="2025-38214" tracker="cve" />
<issue id="2025-38215" tracker="cve" />
<issue id="2025-38217" tracker="cve" />
<issue id="2025-38220" tracker="cve" />
<issue id="2025-38222" tracker="cve" />
<issue id="2025-38225" tracker="cve" />
<issue id="2025-38226" tracker="cve" />
<issue id="2025-38227" tracker="cve" />
<issue id="2025-38229" tracker="cve" />
<issue id="2025-38231" tracker="cve" />
<issue id="2025-38236" tracker="cve" />
<issue id="2025-38239" tracker="cve" />
<issue id="2025-38244" tracker="cve" />
<issue id="2025-38246" tracker="cve" />
<issue id="2025-38248" tracker="cve" />
<issue id="2025-38249" tracker="cve" />
<issue id="2025-38250" tracker="cve" />
<issue id="2025-38257" tracker="cve" />
<issue id="2025-38259" tracker="cve" />
<issue id="2025-38264" tracker="cve" />
<issue id="2025-38272" tracker="cve" />
<issue id="2025-38273" tracker="cve" />
<issue id="2025-38275" tracker="cve" />
<issue id="2025-38277" tracker="cve" />
<issue id="2025-38279" tracker="cve" />
<issue id="2025-38283" tracker="cve" />
<issue id="2025-38286" tracker="cve" />
<issue id="2025-38289" tracker="cve" />
<issue id="2025-38290" tracker="cve" />
<issue id="2025-38292" tracker="cve" />
<issue id="2025-38293" tracker="cve" />
<issue id="2025-38300" tracker="cve" />
<issue id="2025-38303" tracker="cve" />
<issue id="2025-38304" tracker="cve" />
<issue id="2025-38305" tracker="cve" />
<issue id="2025-38307" tracker="cve" />
<issue id="2025-38310" tracker="cve" />
<issue id="2025-38312" tracker="cve" />
<issue id="2025-38313" tracker="cve" />
<issue id="2025-38319" tracker="cve" />
<issue id="2025-38323" tracker="cve" />
<issue id="2025-38326" tracker="cve" />
<issue id="2025-38328" tracker="cve" />
<issue id="2025-38332" tracker="cve" />
<issue id="2025-38334" tracker="cve" />
<issue id="2025-38335" tracker="cve" />
<issue id="2025-38336" tracker="cve" />
<issue id="2025-38337" tracker="cve" />
<issue id="2025-38338" tracker="cve" />
<issue id="2025-38342" tracker="cve" />
<issue id="2025-38343" tracker="cve" />
<issue id="2025-38344" tracker="cve" />
<issue id="2025-38345" tracker="cve" />
<issue id="2025-38348" tracker="cve" />
<issue id="2025-38349" tracker="cve" />
<issue id="2025-38350" tracker="cve" />
<issue id="2025-38352" tracker="cve" />
<issue id="2025-38354" tracker="cve" />
<issue id="2025-38362" tracker="cve" />
<issue id="2025-38363" tracker="cve" />
<issue id="2025-38364" tracker="cve" />
<issue id="2025-38365" tracker="cve" />
<issue id="2025-38369" tracker="cve" />
<issue id="2025-38371" tracker="cve" />
<issue id="2025-38373" tracker="cve" />
<issue id="2025-38375" tracker="cve" />
<issue id="2025-38376" tracker="cve" />
<issue id="2025-38377" tracker="cve" />
<issue id="2025-38380" tracker="cve" />
<issue id="2025-38382" tracker="cve" />
<issue id="2025-38384" tracker="cve" />
<issue id="2025-38385" tracker="cve" />
<issue id="2025-38386" tracker="cve" />
<issue id="2025-38387" tracker="cve" />
<issue id="2025-38389" tracker="cve" />
<issue id="2025-38391" tracker="cve" />
<issue id="2025-38392" tracker="cve" />
<issue id="2025-38393" tracker="cve" />
<issue id="2025-38395" tracker="cve" />
<issue id="2025-38396" tracker="cve" />
<issue id="2025-38399" tracker="cve" />
<issue id="2025-38400" tracker="cve" />
<issue id="2025-38401" tracker="cve" />
<issue id="2025-38403" tracker="cve" />
<issue id="2025-38404" tracker="cve" />
<issue id="2025-38406" tracker="cve" />
<issue id="2025-38409" tracker="cve" />
<issue id="2025-38410" tracker="cve" />
<issue id="2025-38412" tracker="cve" />
<issue id="2025-38414" tracker="cve" />
<issue id="2025-38415" tracker="cve" />
<issue id="2025-38416" tracker="cve" />
<issue id="2025-38420" tracker="cve" />
<issue id="2025-38424" tracker="cve" />
<issue id="2025-38425" tracker="cve" />
<issue id="2025-38426" tracker="cve" />
<issue id="2025-38428" tracker="cve" />
<issue id="2025-38429" tracker="cve" />
<issue id="2025-38430" tracker="cve" />
<issue id="2025-38436" tracker="cve" />
<issue id="2025-38443" tracker="cve" />
<issue id="2025-38448" tracker="cve" />
<issue id="2025-38449" tracker="cve" />
<issue id="2025-38455" tracker="cve" />
<issue id="2025-38457" tracker="cve" />
<issue id="2025-38460" tracker="cve" />
<issue id="2025-38461" tracker="cve" />
<issue id="2025-38462" tracker="cve" />
<issue id="2025-38463" tracker="cve" />
<issue id="2025-38465" tracker="cve" />
<issue id="2025-38467" tracker="cve" />
<issue id="2025-38468" tracker="cve" />
<issue id="2025-38470" tracker="cve" />
<issue id="2025-38471" tracker="cve" />
<issue id="2025-38473" tracker="cve" />
<issue id="2025-38474" tracker="cve" />
<issue id="2025-38476" tracker="cve" />
<issue id="2025-38477" tracker="cve" />
<issue id="2025-38478" tracker="cve" />
<issue id="2025-38480" tracker="cve" />
<issue id="2025-38481" tracker="cve" />
<issue id="2025-38482" tracker="cve" />
<issue id="2025-38483" tracker="cve" />
<issue id="2025-38485" tracker="cve" />
<issue id="2025-38487" tracker="cve" />
<issue id="2025-38489" tracker="cve" />
<issue id="2025-38494" tracker="cve" />
<issue id="2025-38495" tracker="cve" />
<issue id="2025-38496" tracker="cve" />
<issue id="2025-38497" tracker="cve" />
<issue id="2025-38498" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>olh</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-36028: mm/hugetlb: fix DEBUG_LOCKS_WARN_ON(1) when dissolve_free_hugetlb_folio() (bsc#1225707).
- CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357: x86/process: Move the buffer clearing before MONITOR (bsc#1238896).
- CVE-2024-44963: btrfs: do not BUG_ON() when freeing tree block after error (bsc#1230216).
- CVE-2024-49861: net: clear the dst when changing skb protocol (bsc#1245954).
- CVE-2024-56742: vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages() (bsc#1235613).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21872: efi/mokvar-table: Avoid repeated map/unmap of the same page (bsc#1240323).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-23163: net: vlan: do not propagate flags on open (bsc#1242837).
- CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
- CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-37920: kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (bsc#1243479).
- CVE-2025-37984: crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (bsc#1243669).
- CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
- CVE-2025-38035: nvmet-tcp: do not restore null sk_state_change (bsc#1244801).
- CVE-2025-38051: smb: client: Fix use-after-free in cifs_fill_dirent (bsc#1244750).
- CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
- CVE-2025-38061: net: pktgen: fix access outside of user given buffer in pktgen_thread_write() (bsc#1245440).
- CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
- CVE-2025-38063: dm: fix unconditional IO throttle caused by REQ_PREFLUSH (bsc#1245202).
- CVE-2025-38064: virtio: break and reset virtio devices on device_shutdown() (bsc#1245201).
- CVE-2025-38074: vhost-scsi: protect vq->log_used with vq->mutex (bsc#1244735).
- CVE-2025-38094: net: cadence: macb: Fix a possible deadlock in macb_halt_tx (bsc#1245649).
- CVE-2025-38097: kabi: restore encap_sk in struct xfrm_state (bsc#1245660).
- CVE-2025-38098: drm/amd/display: Do not treat wb connector as physical in (bsc#1245654).
- CVE-2025-38099: Bluetooth: btusb: Fix regression in the initialization of fake Bluetooth controllers (bsc#1245671).
- CVE-2025-38100: x86/iopl: Cure TIF_IO_BITMAP inconsistencies (bsc#1245650).
- CVE-2025-38105: ALSA: usb-audio: Kill timer properly at removal (bsc#1245682).
- CVE-2025-38115: net_sched: sch_sfq: fix a potential crash on gso_skb handling (bsc#1245689).
- CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
- CVE-2025-38126: net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (bsc#1245708).
- CVE-2025-38131: coresight: prevent deactivate active config while enabling the config (bsc#1245677).
- CVE-2025-38132: coresight: holding cscfg_csdev_lock while removing cscfg from csdev (bsc#1245679).
- CVE-2025-38147: calipso: unlock rcu before returning -EAFNOSUPPORT (bsc#1245768).
- CVE-2025-38158: hisi_acc_vfio_pci: fix XQE dma address error (bsc#1245750).
- CVE-2025-38162: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (bsc#1245752).
- CVE-2025-38166: bpf: fix ktls panic with sockmap (bsc#1245758).
- CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
- CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
- CVE-2025-38183: net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (bsc#1246006).
- CVE-2025-38187: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951).
- CVE-2025-38188: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (bsc#1246098).
- CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
- CVE-2025-38202: bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980).
- CVE-2025-38203: jfs: Fix null-ptr-deref in jfs_ioc_trim (bsc#1246044).
- CVE-2025-38204: jfs: fix array-index-out-of-bounds read in add_missing_indices (bsc#1245983).
- CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
- CVE-2025-38210: configfs-tsm-report: Fix NULL dereference of tsm_ops (bsc#1246020).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
- CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
- CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
- CVE-2025-38236: af_unix: Disable MSG_OOB for unprivileged users (bsc#1246093).
- CVE-2025-38239: scsi: megaraid_sas: Fix invalid node index (bsc#1246178).
- CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
- CVE-2025-38248: bridge: mcast: Fix use-after-free during router port configuration (bsc#1246173).
- CVE-2025-38250: kABI workaround for bluetooth hci_dev changes (bsc#1246182).
- CVE-2025-38264: llist: add interface to check if a node is on a list (bsc#1246387).
- CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
- CVE-2025-38279: selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264).
- CVE-2025-38283: hisi_acc_vfio_pci: bugfix live migration function without VF device driver (bsc#1246273).
- CVE-2025-38303: Bluetooth: eir: Fix possible crashes on eir_create_adv_data (bsc#1246354).
- CVE-2025-38310: seg6: Fix validation of nexthop addresses (bsc#1246361).
- CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
- CVE-2025-38334: x86/sgx: Prevent attempts to reclaim poisoned pages (bsc#1246384).
- CVE-2025-38335: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (bsc#1246250).
- CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
- CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
- CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38364: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (bsc#1247091).
- CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
- CVE-2025-38371: drm/v3d: Disable interrupts before resetting the GPU (bsc#1247178).
- CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1247177).
- CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
- CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
- CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
- CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (bsc#1247097).
- CVE-2025-38403: vsock/vmci: Clear the vmci transport packet properly when initializing it (bsc#1247141).
- CVE-2025-38414: wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (bsc#1247145).
- CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
- CVE-2025-38429: bus: mhi: ep: Update read pointer only after buffer is written (bsc#1247253).
- CVE-2025-38455: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (bsc#1247101).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38461: vsock: Fix transport_* TOCTOU (bsc#1247103).
- CVE-2025-38462: vsock: Fix transport_{g2h,h2g} TOCTOU (bsc#1247104).
- CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
- CVE-2025-38465: netlink: make sure we allow at least one dump skb (bsc#1247118).
- CVE-2025-38470: kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (bsc#1247288).
- CVE-2025-38471: tls: always refresh the queue when reading sock (bsc#1247450).
- CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
The following non-security bugs were fixed:
- Documentation: ACPI: Fix parent device references (git-fixes).
- Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes).
- Fix dma_unmap_sg() nents value (git-fixes)
- Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- Revert "ACPI: battery: negate current when discharging" (stable-fixes).
- Revert "cgroup_freezer: cgroup_freezing: Check if not frozen" (bsc#1219338).
- Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes).
- Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes).
- Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes).
- Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes).
- acpi: LPSS: Remove AudioDSP related ID (git-fixes).
- acpi: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122).
- acpi: processor: perflib: Fix initial _PPC limit application (git-fixes).
- acpica: Refuse to evaluate a method if arguments are missing (stable-fixes).
- af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes).
- af_unix: Add a prompt to CONFIG_AF_UNIX_OOB (bsc#1246093).
- alsa: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes).
- alsa: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes).
- alsa: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes).
- alsa: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes).
- alsa: hda/tegra: Add Tegra264 support (stable-fixes).
- alsa: hda: Add missing NVIDIA HDA codec IDs (stable-fixes).
- alsa: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes).
- alsa: hda: Ignore unsol events for cards being shut down (stable-fixes).
- alsa: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes).
- alsa: sb: Do not allow changing the DMA mode during operations (stable-fixes).
- alsa: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes).
- amd/amdkfd: fix a kfd_process ref leak (stable-fixes).
- aoe: clean device rq_list in aoedev_downdev() (git-fixes).
- apple-mfi-fastcharge: protect first device name (git-fixes).
- asoc: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes).
- asoc: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes).
- asoc: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes).
- asoc: amd: yc: update quirk data for HP Victus (stable-fixes).
- asoc: codec: wcd9335: Convert to GPIO descriptors (stable-fixes).
- asoc: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes).
- asoc: codecs: wcd9335: Handle nicer probe deferral and simplify with dev_err_probe() (stable-fixes).
- asoc: cs35l56: probe() should fail if the device ID is not recognized (git-fixes).
- asoc: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes).
- asoc: fsl_xcvr: get channel status data when PHY is not exists (git-fixes).
- asoc: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes).
- asoc: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes).
- ata: pata_cs5536: fix build on 32-bit UML (stable-fixes).
- audit,module: restore audit logging in load failure case (git-fixes).
- bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes).
- bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes).
- bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes).
- bluetooth: MGMT: Fix not generating command complete for MGMT_OP_DISCONNECT (git-fixes).
- bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes).
- bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes).
- bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes).
- bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes).
- bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes).
- bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes).
- bluetooth: hci_conn: Fix sending BT_HCI_CMD_LE_CREATE_CONN_CANCEL (git-fixes).
- bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes).
- bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes).
- bluetooth: hci_sync: Attempt to dequeue connection attempt (git-fixes).
- bluetooth: hci_sync: Fix UAF on create_le_conn_complete (git-fixes).
- bluetooth: hci_sync: Fix handling of HCI_OP_CREATE_CONN_CANCEL (git-fixes).
- bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes).
- bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes).
- bluetooth: hci_sync: revert some mesh modifications (git-fixes).
- bpf, sockmap: Fix sk_msg_reset_curr (git-fixes).
- bpf/lpm_trie: Inline longest_prefix_match for fastpath (git-fixes).
- bpf/selftests: Check errno when percpu map value size exceeds (git-fixes).
- bpf: Add a possibly-zero-sized read test (git-fixes).
- bpf: Avoid __hidden__ attribute in static object (git-fixes).
- bpf: Check percpu map value size first (git-fixes).
- bpf: Disable some `attribute ignored' warnings in GCC (git-fixes).
- bpf: Fix memory leak in bpf_core_apply (git-fixes).
- bpf: Fix potential integer overflow in resolve_btfids (git-fixes).
- bpf: Harden __bpf_kfunc tag against linker kfunc removal (git-fixes).
- bpf: Make the pointer returned by iter next method valid (git-fixes).
- bpf: Simplify checking size of helper accesses (git-fixes).
- bpf: fix order of args in call to bpf_map_kvcalloc (git-fixes).
- bpf: sockmap, updating the sg structure should also update curr (git-fixes).
- bpftool: Fix missing pids during link show (git-fixes).
- bpftool: Fix undefined behavior caused by shifting into the sign bit (git-fixes).
- bpftool: Mount bpffs on provided dir instead of parent dir (git-fixes).
- bpftool: Remove unnecessary source files from bootstrap version (git-fixes).
- bpftool: Un-const bpf_func_info to fix it for llvm 17 and newer (git-fixes).
- btrfs: do not ignore inode missing when replaying log tree (git-fixes).
- btrfs: do not silently ignore unexpected extent type when replaying log (git-fixes).
- btrfs: do not skip remaining extrefs if dir not found during log replay (git-fixes).
- btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068)
- btrfs: fix assertion when building free space tree (git-fixes).
- btrfs: fix inode lookup error handling during log replay (git-fixes).
- btrfs: fix invalid inode pointer dereferences during log replay (git-fixes).
- btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes).
- btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes).
- btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes).
- btrfs: fix ssd_spread overallocation (git-fixes).
- btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068)
- btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes).
- btrfs: rename err to ret in btrfs_rmdir() (git-fixes).
- btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes).
- btrfs: return a btrfs_inode from read_one_inode() (git-fixes).
- btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes).
- btrfs: update superblock's device bytes_used when dropping chunk (git-fixes).
- btrfs: use NOFS context when getting inodes during logging and log replay (git-fixes).
- btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes).
- bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes).
- bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes).
- can: dev: can_restart(): move debug message and stats after successful restart (stable-fixes).
- can: dev: can_restart(): reverse logic to remove need for goto (stable-fixes).
- can: kvaser_pciefd: Store device channel index (git-fixes).
- can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes).
- can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes).
- can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes).
- can: peak_usb: fix USB FD devices potential malfunction (git-fixes).
- cdc-acm: fix race between initial clearing halt and open (git-fixes).
- cgroup,freezer: fix incomplete freezing when attaching tasks (bsc#1245789).
- cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166).
- cifs: reconnect helper should set reconnect for the right channel (git-fixes).
- clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes).
- clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes).
- clk: sunxi-ng: v3s: Fix de clock definition (git-fixes).
- clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes).
- clocksource: Scale the watchdog read retries automatically (bsc#1241345 bsc#1244457).
- clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin (bsc#1241345 bsc#1244457).
- comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes).
- comedi: Fix initialization of data for instructions that write to subdevice (git-fixes).
- comedi: Fix some signed shift left operations (git-fixes).
- comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes).
- comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes).
- comedi: das16m1: Fix bit shift out of bounds (git-fixes).
- comedi: das6402: Fix bit shift out of bounds (git-fixes).
- comedi: pcl812: Fix bit shift out of bounds (git-fixes).
- compiler_types.h: Define __retain for __attribute__((__retain__)) (git-fixes).
- crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes).
- crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes).
- crypto: ccp - Fix locking on alloc failure handling (git-fixes).
- crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes).
- crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes).
- crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes).
- crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes).
- crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes).
- crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes).
- crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes).
- crypto: qat - fix state restore for banks with exceptions (git-fixes).
- crypto: qat - flush misc workqueue during device shutdown (git-fixes).
- crypto: qat - use unmanaged allocation for dc_data (git-fixes).
- crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes).
- dm-bufio: fix sched in atomic context (git-fixes).
- dm-flakey: error all IOs when num_features is absent (git-fixes).
- dm-flakey: make corrupting read bios work (git-fixes).
- dm-mirror: fix a tiny race condition (git-fixes).
- dm-raid: fix variable in journal device check (git-fixes).
- dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes).
- dm: do not change md if dm_table_set_restrictions() fails (git-fixes).
- dm: free table mempools if not used in __bind (git-fixes).
- dm: restrict dm device size to 2^63-512 bytes (git-fixes).
- dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes).
- dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes).
- dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes).
- dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes).
- dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes).
- dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes).
- dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes).
- dmaengine: xilinx_dma: Set dma_device directions (stable-fixes).
- docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes).
- drm/amd/display: Do not overwrite dce60_clk_mgr (git-fixes).
- drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes).
- drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes).
- drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes).
- drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes).
- drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes).
- drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes).
- drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes).
- drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes).
- drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes).
- drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes).
- drm/framebuffer: Acquire internal references on GEM handles (git-fixes).
- drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes).
- drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes).
- drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes).
- drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes).
- drm/i915/selftests: Change mock_request() to return error pointers (git-fixes).
- drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes).
- drm/msm: Fix a fence leak in submit error path (stable-fixes).
- drm/msm: Fix another leak in the submit error path (stable-fixes).
- drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes).
- drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes).
- drm/sched: Increment job count before swapping tail spsc queue (git-fixes).
- drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes).
- drm/scheduler: signal scheduled fence when kill job (stable-fixes).
- drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes).
- drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes).
- drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes).
- exfat: fdatasync flag should be same like generic_write_sync() (git-fixes).
- fbcon: Fix outdated registered_fb reference in comment (git-fixes).
- fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes).
- firewire: ohci: correct code comments about bus_reset tasklet (git-fixes).
- fs/jfs: consolidate sanity checking in dbMount (git-fixes).
- fs/orangefs: Allow 2 more characters in do_c_string() (git-fixes).
- gpio: mlxbf2: use platform_get_irq_optional() (git-fixes).
- gpio: pca953x: log an error when failing to get the reset GPIO (git-fixes).
- gpio: sim: include a missing header (git-fixes).
- gpio: vf610: add locking to gpio direction functions (git-fixes).
- gpio: virtio: Fix config space reading (git-fixes).
- gpiolib: Fix debug messaging in gpiod_find_and_request() (git-fixes).
- gpiolib: Handle no pin_ranges in gpiochip_generic_config() (git-fixes).
- gpiolib: acpi: Do not use GPIO chip fwnode in acpi_gpiochip_find() (bsc#1233300).
- gpiolib: acpi: Fix failed in acpi_gpiochip_find() by adding parent node match (bsc#1233300).
- gpiolib: cdev: Ignore reconfiguration without direction (git-fixes).
- gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes).
- hfs: make splice write available again (git-fixes).
- hfsplus: make splice write available again (git-fixes).
- hfsplus: remove mutex_lock check in hfsplus_free_extents (git-fixes).
- hid: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes).
- hid: core: do not bypass hid_hw_raw_request (stable-fixes).
- hid: core: ensure __hid_request reserves the report ID as the first byte (git-fixes).
- hid: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes).
- hid: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes).
- hid: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes).
- hv_netvsc: Use VF's tso_max_size value when data path is VF (bsc#1246203).
- hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes).
- hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes).
- hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes).
- hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes).
- i2c/designware: Fix an initialization issue (git-fixes).
- i2c: qup: jump out of the loop in case of timeout (git-fixes).
- i2c: stm32: fix the device used for the DMA map (git-fixes).
- i2c: tegra: Fix reset error handling with ACPI (git-fixes).
- i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes).
- i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes).
- ib/mlx5: Fix potential deadlock in MR deregistration (git-fixes)
- iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes).
- iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes).
- iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes).
- iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes).
- iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes).
- iio: adc: max1363: Reorder mode_list[] entries (stable-fixes).
- iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes).
- iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes).
- iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes).
- input: iqs7222 - explicitly define number of external channels (git-fixes).
- input: xpad - adjust error handling for disconnect (git-fixes).
- input: xpad - set correct controller type for Acer NGR200 (git-fixes).
- input: xpad - support Acer NGR 200 Controller (stable-fixes).
- iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes).
- iommu/amd: Set the pgsize_bitmap correctly (git-fixes).
- iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes).
- iommu/vt-d: Fix possible circular locking dependency (git-fixes).
- iommu/vt-d: Fix system hang on reboot -f (git-fixes).
- ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes).
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes).
- ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes).
- ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes).
- iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes).
- jfs: fix metapage reference count leak in dbAllocCtl (git-fixes).
- kABI workaround for struct drm_framebuffer changes (git-fixes).
- kABI: Fix the module::name type in audit_context (git-fixes).
- kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes).
- kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled Fixes: 485ae1da2b88 ("kernel-obs-qa: Use srchash for dependency as well")
- kernel-syms.spec: Drop old rpm release number hack (bsc#1247172).
- leds: multicolor: Fix intensity setting while SW blinking (stable-fixes).
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1236897).
- lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897).
- logitech C-270 even more broken (stable-fixes).
- maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes).
- md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes).
- media: gspca: Add bounds checking to firmware parser (git-fixes).
- media: hi556: correct the test pattern configuration (git-fixes).
- media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes).
- media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes).
- media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes).
- media: usbtv: Lock resolution while streaming (git-fixes).
- media: uvcvideo: Do not mark valid metadata as invalid (git-fixes).
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes).
- media: v4l2-ctrls: Do not reset handler's error in v4l2_ctrl_handler_free() (git-fixes).
- media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes).
- media: venus: Add a check for packet size after reading from shared memory (git-fixes).
- media: venus: hfi: explicitly release IRQ during teardown (git-fixes).
- media: venus: protect against spurious interrupts during probe (git-fixes).
- media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes).
- media: vivid: fix wrong pixel_array control size (git-fixes).
- memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes).
- mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes).
- misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes).
- mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes).
- mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes).
- mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes).
- mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes).
- module: Fix memory deallocation on error path in move_module() (git-fixes).
- module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes).
- module: Restore the moduleparam prefix length check (git-fixes).
- mtd: fix possible integer overflow in erase_xfer() (git-fixes).
- mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes).
- mtd: rawnand: atmel: set pmecc data setup time (git-fixes).
- mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes).
- mtd: rawnand: renesas: Add missing check after DMA map (git-fixes).
- mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes).
- mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes).
- mtd: spinand: fix memory leak of ECC engine conf (stable-fixes).
- mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes).
- mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes).
- mtk-sd: Prevent memory corruption from DMA map failure (git-fixes).
- mtk-sd: reset host->mrq on prepare_data() error (git-fixes).
- mwl8k: Add missing check after DMA map (git-fixes).
- nbd: fix uaf in nbd_genl_connect() error path (git-fixes).
- net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes).
- net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes).
- net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes).
- net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes).
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes).
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes).
- net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes).
- net: mana: Add debug logs in MANA network driver (bsc#1246212).
- net: mana: Add handler for hardware servicing events (bsc#1245730).
- net: mana: Allocate MSI-X vectors dynamically (bsc#1245457).
- net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457).
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (bsc#1246203).
- net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729).
- net: mana: Set tx_packets to post gso processing packet count (bsc#1245731).
- net: mana: explain irq_setup() algorithm (bsc#1245457).
- net: phy: Do not register LEDs for genphy (git-fixes).
- net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes).
- net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes).
- net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes).
- net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes).
- net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes).
- net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes).
- net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes).
- net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes).
- netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes).
- nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes).
- nfs: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes).
- nfs: Fix the setting of capabilities when automounting a new filesystem (git-fixes).
- nfs: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes).
- nfs: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes).
- nfsd: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes).
- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes).
- nfsv4.2: another fix for listxattr (git-fixes).
- nfsv4.2: fix listxattr to return selinux security label (git-fixes).
- nfsv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes).
- nfsv4: Always set NLINK even if the server does not support it (git-fixes).
- nfsv4: xattr handlers should check for absent nfs filehandles (git-fixes).
- nilfs2: reject invalid file types when reading inodes (git-fixes).
- nvme-pci: refresh visible attrs after being checked (git-fixes).
- nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes).
- nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes).
- nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes).
- nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes).
- nvmet-tcp: fix callback lock for TLS handshake (git-fixes).
- objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes).
- objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks (git-fixes).
- objtool: Fix _THIS_IP_ detection for cold functions (git-fixes).
- objtool: Fix error handling inconsistencies in check() (git-fixes).
- objtool: Ignore dangling jump table entries (git-fixes).
- objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes).
- objtool: Properly disable uaccess validation (git-fixes).
- objtool: Silence more KCOV warnings (git-fixes).
- objtool: Silence more KCOV warnings, part 2 (git-fixes).
- objtool: Stop UNRET validation on UD2 (git-fixes).
- pNFS/flexfiles: do not attempt pnfs on fatal DS errors (git-fixes).
- pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes).
- pci/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457).
- pci: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes).
- pci: endpoint: Fix configfs group list head handling (git-fixes).
- pci: endpoint: Fix configfs group removal on driver teardown (git-fixes).
- pci: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes).
- pci: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes).
- pci: hv: Allow dynamic MSI-X vector allocation (bsc#1245457).
- pci: rockchip-host: Fix "Unexpected Completion" log message (git-fixes).
- perf: Fix sample vs do_exit() (bsc#1246547).
- phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes).
- pinctrl: amd: Clear GPIO debounce for suspend (git-fixes).
- pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes).
- pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes).
- pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes).
- platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes).
- platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes).
- platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes).
- platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes).
- platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes).
- platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes).
- platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes).
- platform/x86: think-lmi: Create ksets consecutively (stable-fixes).
- platform/x86: think-lmi: Fix kobject cleanup (git-fixes).
- platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes).
- pm / devfreq: Check governor before using governor->name (git-fixes).
- power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes).
- power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes).
- powercap: call put_device() on an error path in powercap_register_control_type() (stable-fixes).
- powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes).
- powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes).
- powerpc/bpf: enforce full ordering for ATOMIC operations with BPF_FETCH (git-fixes).
- ptp: fix breakage after ptp_vclock_in_use() rework (bsc#1246506).
- pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes).
- pwm: mediatek: Ensure to disable clocks in error path (git-fixes).
- rdma/core: Rate limit GID cache warning messages (git-fixes)
- rdma/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes)
- rdma/hns: Drop GFP_NOWARN (git-fixes)
- rdma/hns: Fix -Wframe-larger-than issue (git-fixes)
- rdma/hns: Fix HW configurations not cleared in error flow (git-fixes)
- rdma/hns: Fix accessing uninitialized resources (git-fixes)
- rdma/hns: Fix double destruction of rsv_qp (git-fixes)
- rdma/hns: Get message length of ack_req from FW (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes)
- rdma/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- rdma/mlx5: Fix CC counters query for MPV (git-fixes)
- rdma/mlx5: Fix HW counters query for non-representor devices (git-fixes)
- rdma/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes)
- rdma/mlx5: Fix vport loopback for MPV device (git-fixes)
- rdma/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes)
- rdma/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes)
- rdma/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes)
- rdma/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes)
- rdma/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes)
- regmap: fix potential memory leak of regmap_bus (git-fixes).
- regulator: fan53555: add enable_time support and soft-start times (stable-fixes).
- regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes).
- regulator: pwm-regulator: Calculate the output voltage for disabled PWMs (stable-fixes).
- resource: fix false warning in __request_region() (git-fixes).
- restore UCSI_CONNECTOR_RESET_HARD definition (git-fixes).
- ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes).
- rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes).
- rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes).
- rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too.
- rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337)
- rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes).
- rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes).
- rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes).
- rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes).
- s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246870).
- s390/entry: Fix last breaking event handling in case of stack corruption (git-fixes bsc#1243806).
- s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245646).
- s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245647).
- s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245598).
- s390: Add z17 elf platform (LTC#214086 bsc#1245540).
- samples: mei: Fix building on musl libc (git-fixes).
- sched,freezer: Remove unnecessary warning in __thaw_task (bsc#1219338).
- sched: Add test_and_clear_wake_up_bit() and atomic_dec_and_wake_up() (git-fixes).
- scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes).
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142).
- scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125).
- scsi: megaraid_sas: Fix invalid node index (git-fixes).
- scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes).
- scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes).
- scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245599).
- selftests/bpf: Add CFLAGS per source file and runner (git-fixes).
- selftests/bpf: Add tests for iter next method returning valid pointer (git-fixes).
- selftests/bpf: Change functions definitions to support GCC (git-fixes).
- selftests/bpf: Fix a few tests for GCC related warnings (git-fixes).
- selftests/bpf: Fix pointer arithmetic in test_xdp_do_redirect (git-fixes).
- selftests/bpf: Fix prog numbers in test_sockmap (git-fixes).
- smb3: move server check earlier when setting channel sequence number (git-fixes).
- smb3: rename macro CIFS_SERVER_IS_CHAN to avoid confusion (git-fixes).
- smb3: send channel sequence number in SMB3 requests after reconnects (git-fixes).
- smb: client: fix parsing of device numbers (git-fixes).
- soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes).
- soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes).
- soc: aspeed: lpc-snoop: Do not disable channels that are not enabled (git-fixes).
- soc: qcom: QMI encoding/decoding for big endian (git-fixes).
- soc: qcom: fix endianness for QMI header (git-fixes).
- soc: qcom: pmic_glink: fix OF node leak (git-fixes).
- soundwire: amd: fix for clearing command status register (git-fixes).
- soundwire: stream: restore params when prepare ports fail (git-fixes).
- spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes).
- staging: axis-fifo: remove sysfs interface (git-fixes).
- staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes).
- staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes).
- struct cdns: move new member to the end (git-fixes).
- struct ucsi_operations: use padding for new operation (git-fixes).
- sunrpc: do not immediately retransmit on seqno miss (git-fixes).
- sunrpc: fix client side handling of tls alerts (git-fixes).
- sunrpc: fix handling of server side tls alerts (git-fixes).
- supported.conf: add missing entries for armv7hl
- supported.conf: move nvme-apple to optional again
- supported.conf: sort entries again
- tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes).
- thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes).
- thunderbolt: Fix copy+paste error in match_service_id() (git-fixes).
- thunderbolt: Fix wake on connect at runtime (git-fixes).
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes).
- tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes).
- types: Complement the aligned types with signed 64-bit one (stable-fixes).
- ucount: fix atomic_long_inc_below() argument type (git-fixes).
- ucsi-glink: adapt to kABI consistency (git-fixes).
- ucsi_ccg: Refine the UCSI Interrupt handling (git-fixes).
- ucsi_operations: add stubs for all operations (git-fixes).
- ucsi_ops: adapt update_connector to kABI consistency (git-fixes).
- usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes).
- usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes).
- usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes).
- usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes).
- usb: cdnsp: Fix issue with resuming from L1 (git-fixes).
- usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: cdnsp: do not disable slot for disabled slot (git-fixes).
- usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes).
- usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes).
- usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes).
- usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes).
- usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes).
- usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes).
- usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes).
- usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes).
- usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes).
- usb: hub: Do not try to recover devices lost during warm reset (git-fixes).
- usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes).
- usb: musb: fix gadget state on disconnect (git-fixes).
- usb: musb: omap2430: fix device leak at unbind (git-fixes).
- usb: net: sierra: check for no status endpoint (git-fixes).
- usb: potential integer overflow in usbg_make_tpg() (stable-fixes).
- usb: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes).
- usb: serial: option: add Foxconn T99W640 (stable-fixes).
- usb: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes).
- usb: typec: Update sysfs when setting ops (git-fixes).
- usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes).
- usb: typec: displayport: Fix potential deadlock (git-fixes).
- usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes).
- usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes).
- usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes).
- usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes).
- usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes).
- usb: typec: ucsi: Add DATA_RESET option of Connector Reset command (git-fixes).
- usb: typec: ucsi: Add qcm6490-pmic-glink as needing PDOS quirk (git-fixes).
- usb: typec: ucsi: Delay alternate mode discovery (git-fixes).
- usb: typec: ucsi: Fix busy loop on ASUS VivoBooks (git-fixes).
- usb: typec: ucsi: Fix the partner PD revision (git-fixes).
- usb: typec: ucsi: Get PD revision for partner (git-fixes).
- usb: typec: ucsi: Set orientation as none when connector is unplugged (git-fixes).
- usb: typec: ucsi: Update power_supply on power role change (git-fixes).
- usb: typec: ucsi: add callback for connector status updates (git-fixes).
- usb: typec: ucsi: add update_connector callback (git-fixes).
- usb: typec: ucsi: do not retrieve PDOs if not supported (git-fixes).
- usb: typec: ucsi: extract code to read PD caps (git-fixes).
- usb: typec: ucsi: fix UCSI on SM8550 & SM8650 Qualcomm devices (git-fixes).
- usb: typec: ucsi: glink: fix off-by-one in connector_status (git-fixes).
- usb: typec: ucsi: glink: increase max ports for x1e80100 (git-fixes).
- usb: typec: ucsi: glink: move GPIO reading into connector_status callback (git-fixes).
- usb: typec: ucsi: glink: use typec_set_orientation (git-fixes).
- usb: typec: ucsi: move ucsi_acknowledge() from ucsi_read_error() (git-fixes).
- usb: typec: ucsi: properly register partner's PD device (git-fixes).
- usb: typec: ucsi: support delaying GET_PDOS for device (git-fixes).
- usb: typec: ucsi_acpi: Add LG Gram quirk (git-fixes).
- usb: typec: ucsi_glink: drop NO_PARTNER_PDOS quirk for sm8550 / sm8650 (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk (git-fixes).
- usb: typec: ucsi_glink: enable the UCSI_DELAY_DEVICE_PDOS quirk on qcm6490 (git-fixes).
- usb: typec: ucsi_glink: rework quirks implementation (git-fixes).
- usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes).
- usb: xhci: quirk for data loss in ISOC transfers (stable-fixes).
- usb:cdnsp: remove TRB_FLUSH_ENDPOINT command (stable-fixes).
- virtgpu: do not reset on shutdown (git-fixes).
- vmci: Prevent the dispatching of uninitialized payloads (git-fixes).
- vt: add missing notification when switching back to text mode (stable-fixes).
- vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes).
- vt: keyboard: Do not process Unicode characters in K_OFF mode (git-fixes).
- watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes).
- wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes).
- wifi: ath11k: fix source ring-buffer corruption (git-fixes).
- wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption (git-fixes).
- wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes).
- wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes).
- wifi: ath12k: fix source ring-buffer corruption (git-fixes).
- wifi: ath6kl: remove WARN on bad firmware input (stable-fixes).
- wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes).
- wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes).
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes).
- wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes).
- wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes).
- wifi: mac80211: Add link iteration macro for link data (stable-fixes).
- wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes).
- wifi: mac80211: Do not call fq_flow_idx() for management frames (git-fixes).
- wifi: mac80211: Do not schedule stopped TXQs (git-fixes).
- wifi: mac80211: chan: chandef is non-NULL for reserved (stable-fixes).
- wifi: mac80211: drop invalid source address OCB frames (stable-fixes).
- wifi: mac80211: reject TDLS operations when station is not associated (git-fixes).
- wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes).
- wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes).
- wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes).
- wifi: plfxlc: Fix error handling in usb driver probe (git-fixes).
- wifi: prevent A-MSDU attacks in mesh networks (stable-fixes).
- wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes).
- wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes).
- wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes).
- x86/cpu/amd: Fix workaround for erratum 1054 (git-fixes).
- x86/mce/amd: Add default names for MCA banks and blocks (git-fixes).
- x86/mce/amd: Fix threshold limit reset (git-fixes).
- x86/mce: Do not remove sysfs if thresholding sysfs init fails (git-fixes).
- x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes).
- x86/tdx: Fix __noreturn build warning around __tdx_hypercall_failed() (git-fixes).
- x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes).
- x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes).
- x86: UV RTC: Add parameter to disable RTC clocksource (bsc#1241345).
- xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837).
- xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes).
- xfs: remove unused event xfs_alloc_near_error (git-fixes).
- xfs: remove unused event xfs_alloc_near_nominleft (git-fixes).
- xfs: remove unused event xfs_attr_node_removename (git-fixes).
- xfs: remove unused event xfs_ioctl_clone (git-fixes).
- xfs: remove unused event xfs_pagecache_inval (git-fixes).
- xfs: remove unused event xlog_iclog_want_sync (git-fixes).
- xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes).
- xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes).
- xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes).
- xfs: remove unused xfs_attr events (git-fixes).
- xfs: remove unused xfs_reflink_compare_extents events (git-fixes).
- xfs: remove usused xfs_end_io_direct events (git-fixes).
- xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes).
- xhci: dbc: Flush queued requests before stopping dbc (git-fixes).
- xhci: dbctty: disable ECHO flag by default (git-fixes).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
