Hash: SHA256

             AUSCERT External Security Bulletin Redistribution

                   Security update for the Linux Kernel
                               20 March 2023


        AusCERT Security Bulletin Summary

Product:           Linux Kernel
Publisher:         SUSE
Operating System:  SUSE
Resolution:        Patch/Upgrade
CVE Names:         CVE-2023-26545 CVE-2023-23559 CVE-2023-22995
                   CVE-2023-0597 CVE-2023-0461 CVE-2023-0045
                   CVE-2022-38096 CVE-2022-36280 

Original Bulletin: 

Comment: CVSS (Max):  7.8 CVE-2023-0461 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
         CVSS Source: SUSE
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

- --------------------------BEGIN INCLUDED TEXT--------------------

Security update for the Linux Kernel

Announcement ID:  SUSE-SU-2023:0796-1
     Rating:      important
                    o #1166486
                    o #1177529
                    o #1203331
                    o #1203332
                    o #1204993
                    o #1205544
                    o #1206224
                    o #1206232
                    o #1206459
                    o #1206640
                    o #1206876
                    o #1206877
                    o #1206878
                    o #1206880
                    o #1206881
                    o #1206882
                    o #1206883
                    o #1206884
                    o #1206885
                    o #1206886
                    o #1206889
                    o #1206894
                    o #1207051
                    o #1207270
                    o #1207328
                    o #1207588
                    o #1207589
                    o #1207590
                    o #1207591
                    o #1207592
                    o #1207593
                    o #1207594
                    o #1207603
                    o #1207605
                    o #1207606
                    o #1207607
                    o #1207608
                    o #1207609
                    o #1207610
                    o #1207613
                    o #1207615
                    o #1207617
                    o #1207618
                    o #1207619
                    o #1207620
                    o #1207621
   References:      o #1207623
                    o #1207624
                    o #1207625
                    o #1207626
                    o #1207628
                    o #1207630
                    o #1207631
                    o #1207632
                    o #1207634
                    o #1207635
                    o #1207636
                    o #1207638
                    o #1207639
                    o #1207641
                    o #1207642
                    o #1207643
                    o #1207644
                    o #1207645
                    o #1207646
                    o #1207647
                    o #1207648
                    o #1207651
                    o #1207653
                    o #1207770
                    o #1207773
                    o #1207845
                    o #1207875
                    o #1208149
                    o #1208153
                    o #1208183
                    o #1208212
                    o #1208290
                    o #1208420
                    o #1208428
                    o #1208429
                    o #1208449
                    o #1208534
                    o #1208541
                    o #1208570
                    o #1208607
                    o #1208628
                    o #1208700
                    o #1208741
                    o #1208759
                    o #1208784
                    o #1208787
                    o #1209188

                    o CVE-2022-36280
                    o CVE-2022-38096
                    o CVE-2023-0045
                    o CVE-2023-0461
Cross-References:   o CVE-2023-0597
                    o CVE-2023-22995
                    o CVE-2023-23559
                    o CVE-2023-26545

                    o CVE-2022-36280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2022-36280 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/
                    o CVE-2022-38096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2022-38096 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-0045 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/
                    o CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-0597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
  CVSS scores:        S:U/C:H/I:N/A:N
                    o CVE-2023-0597 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-22995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N
                    o CVE-2023-22995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-23559 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N
                    o CVE-2023-23559 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/
                    o CVE-2023-26545 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N
                    o CVE-2023-26545 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/

                    o Basesystem Module 15-SP4
                    o Development Tools Module 15-SP4
                    o Legacy Module 15-SP4
                    o openSUSE Leap 15.4
                    o openSUSE Leap Micro 5.3
                    o SUSE Linux Enterprise Desktop 15 SP4
                    o SUSE Linux Enterprise High Availability Extension 15 SP4
                    o SUSE Linux Enterprise High Performance Computing 15 SP4
    Affected        o SUSE Linux Enterprise Live Patching 15-SP4
    Products:       o SUSE Linux Enterprise Micro 5.3
                    o SUSE Linux Enterprise Micro 5.4
                    o SUSE Linux Enterprise Micro for Rancher 5.3
                    o SUSE Linux Enterprise Real Time 15 SP4
                    o SUSE Linux Enterprise Server 15 SP4
                    o SUSE Linux Enterprise Server for SAP Applications 15 SP4
                    o SUSE Linux Enterprise Workstation Extension 15 SP4
                    o SUSE Manager Proxy 4.3
                    o SUSE Manager Retail Branch Server 4.3
                    o SUSE Manager Server 4.3

An update that solves eight vulnerabilities and has 85 fixes can now be


The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
and bugfixes.

  o CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in
    vmwgfx driver (bsc#1203332).
  o CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#
  o CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
  o CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
  o CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm
  o CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree in
    drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).
  o CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer
    overflow (bsc#1207051).
  o CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation
    failure (bsc#1208700).

The following non-security bugs were fixed:

  o [infiniband] READ is "data destination", not source... (git-fixes)
  o [xen] fix "direction" argument of iov_iter_kvec() (git-fixes).
  o acpi/x86: Add support for LPS0 callback handler (git-fixes).
  o acpi: NFIT: fix a potential deadlock during NFIT teardown (git-fixes).
  o acpi: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008 (bsc#
  o acpi: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is unset (bsc#
  o acpi: battery: Fix missing NUL-termination with large strings (git-fixes).
  o acpi: x86: s2idle: Add a quirk for ASUS ROG Zephyrus G14 (bsc#1206224).
  o acpi: x86: s2idle: Add a quirk for ASUS TUF Gaming A17 FA707RE (bsc#
  o acpi: x86: s2idle: Add a quirk for ASUSTeK COMPUTER INC. ROG Flow X13 (bsc#
  o acpi: x86: s2idle: Add a quirk for Lenovo Slim 7 Pro 14ARH7 (bsc#1206224).
  o acpi: x86: s2idle: Add another ID to s2idle_dmi_table (bsc#1206224).
  o acpi: x86: s2idle: Add module parameter to prefer Microsoft GUID (bsc#
  o acpi: x86: s2idle: Fix a NULL pointer dereference (bsc#1206224).
  o acpi: x86: s2idle: Force AMD GUID/_REV 2 on HP Elitebook 865 (bsc#1206224).
  o acpi: x86: s2idle: If a new AMD _HID is missing assume Rembrandt (bsc#
  o acpi: x86: s2idle: Move _HID handling for AMD systems into structures (bsc#
  o acpi: x86: s2idle: Stop using AMD specific codepath for Rembrandt+ (bsc#
  o acpica: Drop port I/O validation for some regions (git-fixes).
  o acpica: nsrepair: handle cases without a return value correctly
  o alsa: emux: Avoid potential array out-of-bound in snd_emux_xg_control()
  o alsa: hda/ca0132: minor fix for allocation size (git-fixes).
  o alsa: hda/conexant: add a new hda codec SN6180 (git-fixes).
  o alsa: hda/realtek - fixed wrong gpio assigned (git-fixes).
  o alsa: hda/realtek: Add Positivo N14KP6-TG (git-fixes).
  o alsa: hda/realtek: Add quirk for ASUS UM3402 using CS35L41 (git-fixes).
  o alsa: hda/realtek: Enable mute/micmute LEDs on HP Elitebook, 645 G9
  o alsa: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360
  o alsa: hda/realtek: fix mute/micmute LEDs do not work for a HP platform
  o alsa: hda: Do not unset preset when cleaning up codec (git-fixes).
  o alsa: ice1712: Delete unreachable code in aureon_add_controls()
  o alsa: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
  o alsa: pci: lx6464es: fix a debug loop (git-fixes).
  o applicom: Fix PCI device refcount leak in applicom_init() (git-fixes).
  o arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
  o arm64: dts: imx8m: Align SoC unique ID node unit address (git-fixes).
  o arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
  o arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
  o arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive
  o arm64: dts: meson-g12-common: Make mmc host controller interrupts
    level-sensitive (git-fixes).
  o arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name (git-fixes).
  o arm64: dts: meson-gx: Fix Ethernet MAC address unit name (git-fixes).
  o arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
  o arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive
  o arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
  o arm64: dts: meson: remove CPU opps below 1GHz for G12A boards (git-fixes).
  o arm64: dts: mt8192: Fix CPU map for single-cluster SoC (git-fixes).
  o arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges (git-fixes).
  o arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
  o arm64: dts: qcom: ipq8074: fix Gen3 PCIe node (git-fixes).
  o arm64: dts: qcom: qcs404: use symbol names for PCIe resets (git-fixes).
  o arm64: dts: qcom: sc7180: correct SPMI bus address cells (git-fixes).
  o arm64: dts: qcom: sc7280: correct SPMI bus address cells (git-fixes).
  o arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
  o arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
  o arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
  o arm64: dts: rockchip: drop unused LED mode property from rk3328-roc-cc
  o arm64: dts: ti: k3-j7200: Fix wakeup pinmux range (git-fixes).
  o arm64: efi: Make efi_rt_lock a raw_spinlock (git-fixes).
  o arm: OMAP1: call platform_device_put() in error case in omap1_dm_timer_init
    () (git-fixes).
  o arm: OMAP2+: Fix memory leak in realtime_counter_init() (git-fixes).
  o arm: bcm2835_defconfig: Enable the framebuffer (git-fixes).
  o arm: dts: am5748: keep usb4_tm disabled (git-fixes)
  o arm: dts: exynos: correct HDMI phy compatible in Exynos4 (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Exynos4 (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Exynos4210 (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Exynos5250 (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Odroid HC1 (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Odroid XU (git-fixes).
  o arm: dts: exynos: correct TMU phandle in Odroid XU3 family (git-fixes).
  o arm: dts: exynos: correct wr-active property in Exynos3250 Rinato
  o arm: dts: imx7-colibri-eval-v3: correct can controller comment (git-fixes)
  o arm: dts: imx7s: correct iomuxc gpr mux controller cells (git-fixes).
  o arm: dts: qcom: msm8974: add required ranges to OCMEM (git-fixes)
  o arm: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
  o arm: dts: rockchip: add power-domains property to dp node on rk3288
  o arm: dts: spear320-hmi: correct STMPE GPIO compatible (git-fixes).
  o arm: dts: stm32: add missing usbh clock and fix clk order on (git-fixes)
  o arm: dts: stm32: use usbphyc ck_usbo_48m as USBH OHCI clock on (git-fixes)
  o arm: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference (git-fixes).
  o arm: imx: Call ida_simple_remove() for ida_simple_get (git-fixes).
  o arm: imx: rename DEBUG_IMX21_IMX27_UART to DEBUG_IMX27_UART (git-fixes)
  o arm: omap: remove debug-leds driver (git-fixes)
  o arm: remove some dead code (git-fixes)
  o arm: renumber bits related to _TIF_WORK_MASK (git-fixes)
  o arm: s3c: fix s3c64xx_set_timer_source prototype (git-fixes).
  o arm: shmobile: rcar-gen2: Add missing of_node_put() (git-fixes)
  o arm: zynq: Fix refcount leak in zynq_early_slcr_init (git-fixes).
  o asoc: Intel: boards: fix spelling in comments (git-fixes).
  o asoc: Intel: bytcht_es8316: Drop reference count of ACPI device after use
  o asoc: Intel: bytcht_es8316: move comment to the right place (git-fixes).
  o asoc: Intel: sof_cs42l42: always set dpcm_capture for amplifiers
  o asoc: Intel: sof_rt5682: always set dpcm_capture for amplifiers
  o asoc: adau7118: do not disable regulators on device unbind (git-fixes).
  o asoc: cs42l56: fix DT probe (git-fixes).
  o asoc: dt-bindings: meson: fix gx-card codec node regex (git-fixes).
  o asoc: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
  o asoc: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
  o asoc: mchp-spdifrx: fix controls which rely on rsr register (git-fixes).
  o asoc: rsnd: Remove unnecessary rsnd_dbg_dai_call() (git-fixes).
  o asoc: rsnd: fixup #endif position (git-fixes).
  o asoc: rt715-sdca: fix clock stop prepare timeout issue (git-fixes).
  o asoc: soc-compress.c: fixup private_data on snd_soc_new_compress()
  o asoc: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
  o asoc: tlv320adcx140: fix 'ti,gpio-config' DT property init (git-fixes).
  o asoc: topology: Return -ENOMEM on memory allocation failure (git-fixes).
  o auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
  o avoid deadlock for recursive I/O on dm-thin when used as swap (bsc#
  o backlight: backlight: Fix doc for backlight_device_get_by_name (git-fixes).
  o blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes).
  o blk-mq: fix possible memleak when register 'hctx' failed (git-fixes).
  o block, bfq: fix uaf for bfqq in bic_set_bfqq() (git-fixes).
  o block/bfq-iosched.c: use "false" rather than "BLK_RW_ASYNC" (git-fixes).
  o block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#
  o block: clear ->slave_dir when dropping the main slave_dir reference
  o block: do not allow splitting of a REQ_NOWAIT bio (git-fixes).
  o block: fix and cleanup bio_check_ro (git-fixes).
  o block: mq-deadline: Do not break sequential write streams to zoned HDDs
  o block: mq-deadline: Rename deadline_is_seq_writes() (git-fixes).
  o bluetooth: L2CAP: Fix potential user-after-free (git-fixes).
  o bluetooth: hci_qca: get wakeup status from serdev device handle
  o bpf: Fix a possible task gone issue with bpf_send_signal _thread helpers
  o bpf: Skip task with pid=1 in send_signal_common() (git-fixes).
  o can: j1939: do not wait 250 ms if the same addr was already claimed
  o ceph: flush cap releases when the session is flushed (bsc#1208428).
  o clk: Honor CLK_OPS_PARENT_ENABLE in clk_core_is_enabled() (git-fixes).
  o clk: imx: avoid memory leak (git-fixes).
  o clk: mxl: Add option to override gate clks (git-fixes).
  o clk: mxl: Fix a clk entry by adding relevant flags (git-fixes).
  o clk: mxl: Remove redundant spinlocks (git-fixes).
  o clk: mxl: Switch from direct readl/writel based IO to regmap based IO
  o clk: mxl: syscon_node_to_regmap() returns error pointers (git-fixes).
  o clk: qcom: gcc-qcs404: disable gpll[04]_out_aux parents (git-fixes).
  o clk: qcom: gcc-qcs404: fix names of the DSI clocks used as parents
  o clk: ralink: fix 'mt7621_gate_is_enabled()' function (git-fixes).
  o clk: renesas: cpg-mssr: Fix use after free if cpg_mssr_common_init() failed
  o clk: renesas: cpg-mssr: Remove superfluous check in resume code
  o comedi: use menuconfig for main Comedi menu (git-fixes).
  o crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
  o crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
  o crypto: crypto4xx - Call dma_unmap_page when done (git-fixes).
  o crypto: essiv - Handle EBUSY correctly (git-fixes).
  o crypto: qat - fix out-of-bounds read (git-fixes).
  o crypto: rsa-pkcs1pad - Use akcipher_request_complete (git-fixes).
  o crypto: seqiv - Handle EBUSY correctly (git-fixes).
  o crypto: x86/ghash - fix unaligned access in ghash_setkey() (git-fixes).
  o crypto: xts - Handle EBUSY correctly (git-fixes).
  o dmaengine: dw-axi-dmac: Do not dereference NULL structure (git-fixes).
  o dmaengine: dw-edma: Do not permit non-inc interleaved xfers (git-fixes).
  o dmaengine: dw-edma: Drop chancnt initialization (git-fixes).
  o dmaengine: dw-edma: Fix invalid interleaved xfers semantics (git-fixes).
  o dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
  o dmaengine: dw-edma: Fix readq_ch() return value truncation (git-fixes).
  o dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0 (git-fixes).
  o dmaengine: ptdma: check for null desc before calling pt_cmd_callback
  o docs: ftrace: fix a issue with duplicated subtitle number (git-fixes).
  o docs: gdbmacros: print newest record (git-fixes).
  o documentation: simplify and clarify DCO contribution example language
  o driver core: fix potential null-ptr-deref in device_add() (git-fixes).
  o driver core: fix resource leak in device_add() (git-fixes).
  o driver core: fw_devlink: Add DL_FLAG_CYCLE support to device links
  o drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
  o drivers: base: transport_class: fix possible memory leak (git-fixes).
  o drivers: base: transport_class: fix resource leak when transport_add_device
    () fails (git-fixes).
  o drm/amd/display: Fail atomic_check early on normalize_zpos error
  o drm/amd/display: Fix timing not changning when freesync video is enabled
  o drm/amd/display: Properly handle additional cases where DCN is not
    supported (git-fixes).
  o drm/amd/display: reduce else-if to else in dcn10_blank_pixel_data()
  o drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini
  o drm/amdgpu: fix enum odm_combine_mode mismatch (git-fixes).
  o drm/bridge: lt8912b: Add hot plug detection (git-fixes).
  o drm/bridge: lt9611: fix HPD reenablement (git-fixes).
  o drm/bridge: lt9611: fix clock calculation (git-fixes).
  o drm/bridge: lt9611: fix polarity programming (git-fixes).
  o drm/bridge: lt9611: fix programming of video modes (git-fixes).
  o drm/bridge: lt9611: fix sleep mode setup (git-fixes).
  o drm/bridge: lt9611: pass a pointer to the of node (git-fixes).
  o drm/bridge: megachips: Fix error handling in i2c_register_driver()
  o drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats (git-fixes).
  o drm/hyperv : Removing the restruction of VRAM allocation with PCI bar size
  o drm/hyperv: Fix an error handling path in hyperv_vmbus_probe() (git-fixes).
  o drm/i915/gen11: Moving WAs to icl_gt_workarounds_init() (git-fixes).
  o drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
  o drm/i915: Do not use BAR mappings for ring buffers with LLC (git-fixes).
  o drm/i915: Fix VBT DSI DVO port handling (git-fixes).
  o drm/i915: Initialize the obj flags for shmem objects (git-fixes).
  o drm/mediatek: Clean dangling pointer on bind error path (git-fixes).
  o drm/mediatek: Drop unbalanced obj unref (git-fixes).
  o drm/mediatek: Use NULL instead of 0 for NULL pointer (git-fixes).
  o drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
  o drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc (git-fixes).
  o drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness (git-fixes).
  o drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() (git-fixes).
  o drm/msm/dpu: Add check for cstate (git-fixes).
  o drm/msm/dpu: Add check for pstates (git-fixes).
  o drm/msm/dpu: Disallow unallocated resources to be returned (git-fixes).
  o drm/msm/dpu: drop stale comment from struct dpu_mdp_cfg doc (git-fixes).
  o drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update()
  o drm/msm/gem: Add check for kmalloc (git-fixes).
  o drm/msm/hdmi: Add missing check for alloc_ordered_workqueue (git-fixes).
  o drm/msm/mdp5: Add check for kzalloc (git-fixes).
  o drm/msm: clean event_thread->worker in case of an error (git-fixes).
  o drm/msm: use strscpy instead of strncpy (git-fixes).
  o drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED
  o drm/omapdrm: Remove unused struct csc_coef_rgb2yuv (git-fixes).
  o drm/vc4: hdmi: Correct interlaced timings again (git-fixes).
  o drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5 (git-fixes).
  o drm/vc4: hvs: Set AXI panic modes (git-fixes).
  o drm/vc4: vec: Use pm_runtime_resume_and_get() in vc4_vec_encoder_enable()
  o drm/virtio: exbuf->fence_fd unmodified on interrupted wait (git-fixes).
  o drm/vkms: Fix memory leak in vkms_init() (git-fixes).
  o drm/vkms: Fix null-ptr-deref in vkms_release() (git-fixes).
  o drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
  o drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC (git-fixes).
  o drm: tidss: Fix pixel format definition (git-fixes).
  o dt-bindings: arm: fsl: Fix bindings for APF28Dev board (git-fixes).
  o dt-bindings: hwlock: sun6i: Add missing #hwlock-cells (git-fixes).
  o dt-bindings: input: iqs626a: Redefine trackpad property types (git-fixes).
  o dt-bindings: msm: dsi-controller-main: Add vdd* descriptions back in
  o dt-bindings: net: snps,dwmac: Fix snps,reset-delays-us dependency
  o dt-bindings: power: supply: pm8941-coincell: Do not require charging
    properties (git-fixes).
  o dt-bindings: usb: amlogic,meson-g12a-usb-ctrl: make G12A usb3-phy0 optional
  o eeprom: idt_89hpesx: Fix error handling in idt_init() (git-fixes).
  o efi: Accept version 2 of memory attributes table (git-fixes).
  o exit: Add and use make_task_dead (bsc#1207328).
  o exit: Allow oops_limit to be disabled (bsc#1207328).
  o exit: Guarantee make_task_dead leaks the tsk when calling do_task_exit (bsc
  o exit: Move force_uaccess back into do_exit (bsc#1207328).
  o exit: Move oops specific logic from do_exit into make_task_dead (bsc#
  o exit: Put an upper limit on how often we can oops (bsc#1207328).
  o exit: Stop poorly open coding do_task_dead in make_task_dead (bsc#1207328).
  o exit: Use READ_ONCE() for all oops/warn limit reads (bsc#1207328).
  o ext4,f2fs: fix readahead of verity data (bsc#1207648).
  o ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode (bsc#1207619).
  o ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
  o ext4: add helper to check quota inums (bsc#1207618).
  o ext4: add inode table check in __ext4_get_inode_loc to aovid possible
    infinite loop (bsc#1207617).
  o ext4: add missing validation of fast-commit record lengths (bsc#1207626).
  o ext4: allocate extended attribute value in vmalloc area (bsc#1207635).
  o ext4: avoid crash when inline data creation follows DIO write (bsc#
  o ext4: avoid resizing to a partial cluster size (bsc#1206880).
  o ext4: avoid unaccounted block allocation when expanding inode (bsc#
  o ext4: continue to expand file system when the target size does not reach
  o ext4: correct cluster len and clusters changed accounting in
    ext4_mb_mark_bb (bsc#1207592).
  o ext4: correct max_inline_xattr_value_size computing (bsc#1206878).
  o ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).
  o ext4: disable fast-commit of encrypted dir operations (bsc#1207623).
  o ext4: do not allow journal inode to have encrypt flag (bsc#1207621).
  o ext4: do not increase iversion counter for ea_inodes (bsc#1207605).
  o ext4: do not run ext4lazyinit for read-only filesystems (bsc#1207603).
  o ext4: do not set up encryption key during jbd2 transaction (bsc#1207624).
  o ext4: drop ineligible txn start stop APIs (bsc#1207588).
  o ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
  o ext4: factor out ext4_fc_get_tl() (bsc#1207615).
  o ext4: fast commit may miss file actions (bsc#1207591).
  o ext4: fast commit may not fallback for ineligible commit (bsc#1207590).
  o ext4: fix BUG_ON() when directory entry has invalid rec_len (bsc#1206886).
  o ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 (bsc
  o ext4: fix bug_on in __es_tree_search caused by bad boot loader inode (bsc#
  o ext4: fix bug_on in start_this_handle during umount filesystem (bsc#
  o ext4: fix deadlock due to mbcache entry corruption (bsc#1207653).
  o ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
  o ext4: fix dir corruption when ext4_dx_add_entry() fails (bsc#1207608).
  o ext4: fix error code return to user-space in ext4_get_branch() (bsc#
  o ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit (bsc#1207593).
  o ext4: fix extent status tree race in writeback error recovery path (bsc#
  o ext4: fix inode leak in ext4_xattr_inode_create() on an error path (bsc#
  o ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (bsc#1206894).
  o ext4: fix leaking uninitialized memory in fast-commit journal (bsc#
  o ext4: fix miss release buffer head in ext4_fc_write_inode (bsc#1207609).
  o ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).
  o ext4: fix off-by-one errors in fast-commit block filling (bsc#1207628).
  o ext4: fix potential memory leak in ext4_fc_record_modified_inode() (bsc#
  o ext4: fix potential memory leak in ext4_fc_record_regions() (bsc#1207612).
  o ext4: fix potential out of bound read in ext4_fc_replay_scan() (bsc#
  o ext4: fix reserved cluster accounting in __es_remove_extent() (bsc#
  o ext4: fix unaligned memory access in ext4_fc_reserve_space() (bsc#1207627).
  o ext4: fix undefined behavior in bit shift for ext4_check_flag_values (bsc#
  o ext4: fix uninititialized value in 'ext4_evict_inode' (bsc#1206893).
  o ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).
  o ext4: fix use-after-free in ext4_orphan_cleanup (bsc#1207622).
  o ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).
  o ext4: fix warning in 'ext4_da_release_space' (bsc#1206887).
  o ext4: goto right label 'failed_mount3a' (bsc#1207610).
  o ext4: init quota for 'old.inode' in 'ext4_rename' (bsc#1207629).
  o ext4: initialize quota before expanding inode in setproject ioctl (bsc#
  o ext4: introduce EXT4_FC_TAG_BASE_LEN helper (bsc#1207614).
  o ext4: limit the number of retries after discarding preallocations blocks
  o ext4: make ext4_lazyinit_thread freezable (bsc#1206885).
  o ext4: place buffer head allocation before handle start (bsc#1207607).
  o ext4: silence the warning when evicting inode with dioread_nolock (bsc#
  o ext4: simplify updating of fast commit stats (bsc#1207589).
  o ext4: update 'state->fc_regions_size' after successful memory allocation
  o ext4: update s_overhead_clusters in the superblock during an on-line resize
  o fbdev: smscufx: fix error handling code in ufx_usb_probe (git-fixes).
  o firmware: coreboot: Remove GOOGLE_COREBOOT_TABLE_ACPI/OF Kconfig entries
  o firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
  o firmware: stratix10-svc: add missing gen_pool_destroy() in
    stratix10_svc_drv_probe() (git-fixes).
  o fix page corruption caused by racy check in __free_pages (bsc#1208149).
  o fs: ext4: initialize fsdata in pagecache_write() (bsc#1207632).
  o fscache_cookie_enabled: check cookie is valid before accessing it (bsc#
  o fuse: add inode/permission checks to fileattr_get/fileattr_set (bsc#
  o genirq: Provide new interfaces for affinity hints (bsc#1208153).
  o gpio: tegra186: remove unneeded loop in tegra186_gpio_init_route_mapping()
  o gpio: vf610: connect GPIO label to dev name (git-fixes).
  o gpu: host1x: Do not skip assigning syncpoints to channels (git-fixes).
  o gpu: ipu-v3: common: Add of_node_put() for reference returned by
    of_graph_get_port_by_id() (git-fixes).
  o hid: asus: use spinlock to protect concurrent accesses (git-fixes).
  o hid: asus: use spinlock to safely schedule workers (git-fixes).
  o hid: bigben: use spinlock to protect concurrent accesses (git-fixes).
  o hid: bigben: use spinlock to safely schedule workers (git-fixes).
  o hid: bigben_probe(): validate report count (git-fixes).
  o hid: bigben_worker() remove unneeded check on report_field (git-fixes).
  o hid: core: Fix deadloop in hid_apply_multiplier (git-fixes).
  o hid: elecom: add support for TrackBall 056E:011C (git-fixes).
  o hv: fix comment typo in vmbus_channel/low_latency (git-fixes).
  o hv_netvsc: Allocate memory in netvsc_dma_map() with GFP_ATOMIC (git-fixes).
  o hv_netvsc: Check status in SEND_RNDIS_PKT completion message (git-fixes).
  o hwmon: (ftsteutates) Fix scaling of measurements (git-fixes).
  o hwmon: (ltc2945) Handle error case in ltc2945_value_store (git-fixes).
  o hwmon: (mlxreg-fan) Return zero speed for broken fan (git-fixes).
  o i2c: designware-pci: Add new PCI IDs for AMD NAVI GPU (git-fixes).
  o i2c: designware: fix i2c_dw_clk_rate() return size to be u32 (git-fixes).
  o i2c: mxs: suppress probe-deferral error message (git-fixes).
  o i2c: rk3x: fix a bunch of kernel-doc warnings (git-fixes).
  o ib/hfi1: Restore allocated resources on failed copyout (git-fixes)
  o ib/ipoib: Fix legacy IPoIB due to wrong number of queues (git-fixes)
  o iio: light: tsl2563: Do not hardcode interrupt trigger type (git-fixes).
  o input: ads7846 - always set last command to PWRDOWN (git-fixes).
  o input: ads7846 - do not check penirq immediately for 7845 (git-fixes).
  o input: ads7846 - do not report pressure for ads7845 (git-fixes).
  o input: iqs269a - configure device with a single block write (git-fixes).
  o input: iqs269a - drop unused device node references (git-fixes).
  o input: iqs269a - increase interrupt handler return delay (git-fixes).
  o input: iqs626a - drop unused device node references (git-fixes).
  o iommu/hyper-v: Allow hyperv irq remapping without x2apic (git-fixes).
  o ipmi:ssif: Add a timer between request retries (bsc#1206459).
  o ipmi:ssif: Remove rtc_us_timer (bsc#1206459).
  o ipmi:ssif: resend_msg() cannot fail (bsc#1206459).
  o ipmi_ssif: Rename idle state and check (bsc#1206459).
  o irqchip/gic-v3: Refactor ISB + EOIR at ack time (git-fixes)
  o jbd2: Fix up kABI of ext4 fast commit interface (bsc#1207590).
  o jbd2: add miss release buffer head in fc_do_one_pass() (bsc#1207646).
  o jbd2: fix a potential race while discarding reserved buffers after an abort
  o jbd2: fix potential buffer head reference count leak (bsc#1207644).
  o jbd2: fix potential use-after-free in jbd2_fc_wait_bufs (bsc#1207645).
  o jbd2: wake up journal waiters in FIFO order, not LIFO (bsc#1207643).
  o kabi fix for: NFSv3: handle out-of-order write replies (bsc#1205544).
  o kasan: no need to unset panic_on_warn in end_report() (bsc#1207328).
  o leds: led-class: Add missing put_device() to led_put() (git-fixes).
  o leds: led-core: Fix refcount leak in of_led_get() (git-fixes).
  o lib/mpi: Fix buffer overrun when SG is too long (git-fixes).
  o lib/zlib: remove redundation assignement of avail_in dfltcc_gdht()
  o locking/rwsem: Allow slowpath writer to ignore handoff bit if not set by
    first waiter (bsc#1207270).
  o locking/rwsem: Always try to wake waiters in out_nolock path (bsc#1207270).
  o locking/rwsem: Conditionally wake waiters in reader/writer slowpaths (bsc#
  o locking/rwsem: Disable preemption in all down_read*() and up_read() code
    paths (bsc#1207270).
  o locking/rwsem: Disable preemption in all down_write*() and up_write() code
    paths (bsc#1207270).
  o locking/rwsem: Disable preemption while trying for rwsem lock (bsc#
  o locking/rwsem: Make handoff bit handling more consistent (bsc#1207270).
  o locking/rwsem: No need to check for handoff bit if wait queue empty (bsc#
  o locking/rwsem: Prevent non-first waiter from spinning in down_write()
    slowpath (bsc#1207270).
  o locking: Add missing __sched attributes (bsc#1207270).
  o mbcache: Avoid nesting of cache->c_list_lock under bit locks (bsc#1207647).
  o mbcache: Fixup kABI of mb_cache_entry (bsc#1207653).
  o md/bitmap: Fix bitmap chunk size overflow issues (git-fixes).
  o md/raid1: stop mdx_raid1 thread when raid1 array run failed (git-fixes).
  o md: fix a crash in mempool_free (git-fixes).
  o media: i2c: ov7670: 0 instead of -EINVAL was returned (git-fixes).
  o media: i2c: ov772x: Fix memleak in ov772x_probe() (git-fixes).
  o media: ipu3-cio2: Fix PM runtime usage_count in driver unbind (git-fixes).
  o media: max9286: Fix memleak in max9286_v4l2_register() (git-fixes).
  o media: ov2740: Fix memleak in ov2740_init_controls() (git-fixes).
  o media: ov5675: Fix memleak in ov5675_init_controls() (git-fixes).
  o media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() (git-fixes).
  o media: saa7134: Use video_unregister_device for radio_dev (git-fixes).
  o media: usb: siano: Fix use after free bugs caused by do_submit_urb
  o media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
  o media: v4l2-jpeg: ignore the unknown APP14 marker (git-fixes).
  o mfd: cs5535: Do not build on UML (git-fixes).
  o mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
  o misc/mei/hdcp: Use correct macros to initialize uuid_le (git-fixes).
  o misc: enclosure: Fix doc for enclosure_find() (git-fixes).
  o mmc: jz4740: Work around bug on JZ4760(B) (git-fixes).
  o mmc: mmc_spi: fix error handling in mmc_spi_probe() (git-fixes).
  o mmc: sdio: fix possible resource leaks in some error paths (git-fixes).
  o move upstreamed i915 and media fixes into sorted section
  o mtd: dataflash: remove duplicate SPI ID table (git-fixes).
  o mtd: rawnand: fsl_elbc: Propagate HW ECC settings to HW (git-fixes).
  o mtd: rawnand: sunxi: Clean up chips after failed init (git-fixes).
  o mtd: rawnand: sunxi: Fix the size of the last OOB region (git-fixes).
  o mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
  o mtd: spi-nor: core: fix implicit declaration warning (git-fixes).
  o mtd: spi-nor: sfdp: Fix index value for SCCR dwords (git-fixes).
  o mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
  o net/rose: Fix to not accept on connected socket (git-fixes).
  o net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path
  o net/x25: Fix to not accept on connected socket (git-fixes).
  o net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).
  o net: mana: Assign interrupts to CPUs based on NUMA nodes (bsc#1208153).
  o net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
  o net: mana: Fix accessing freed irq affinity_hint (bsc#1208153).
  o net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
  o net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY
  o nfc: fix memory leak of se_io context in nfc_genl_se_io (git-fixes).
  o nfcv3: handle out-of-order write replies (bsc#1205544).
  o nvdimm: disable namespace on error (bsc#1166486).
  o nvme-fabrics: show well known discovery name (bsc#1200054).
  o objtool: Add a missing comma to avoid string concatenation (bsc#1207328).
  o ocfs2: Fix data corruption after failed write (bsc#1208542).
  o ocfs2: clear dinode links count in case of error (bsc#1207650).
  o ocfs2: fix BUG when iput after ocfs2_mknod fails (bsc#1207649).
  o ocfs2: fix crash when mount with quota enabled (bsc#1207640).
  o ocfs2: fix memory leak in ocfs2_mount_volume() (bsc#1207652).
  o ocfs2: fix memory leak in ocfs2_stack_glue_init() (bsc#1207651).
  o ocfs2: ocfs2_mount_volume does cleanup job before return error (bsc#
  o ocfs2: quota_local: fix possible uninitialized-variable access in
    ocfs2_local_read_info() (bsc#1207768).
  o ocfs2: rewrite error handling of ocfs2_fill_super (bsc#1207771).
  o panic: Consolidate open-coded panic_on_warn checks (bsc#1207328).
  o panic: Introduce warn_limit (bsc#1207328).
  o panic: unset panic_on_warn inside panic() (bsc#1207328).
  o pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
  o pci/pm: Observe reset delay irrespective of bridge_d3 (git-fixes).
  o pci: Fix dropping valid root bus resources with .end = zero (git-fixes).
  o pci: hotplug: Allow marking devices as disconnected during bind/unbind
  o pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
  o phy: rockchip-typec: fix tcphy_get_mode error case (git-fixes).
  o pinctrl: aspeed: Fix confusing types in return value (git-fixes).
  o pinctrl: intel: Restore the pins that used to be in Direct IRQ mode
  o pinctrl: mediatek: Fix the drive register definition of some Pins
  o pinctrl: mediatek: Initialize variable *buf to zero (git-fixes).
  o pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
  o pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
  o pinctrl: single: fix potential NULL dereference (git-fixes).
  o pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
  o platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering (bsc#
  o platform/x86: amd-pmc: Correct usage of SMU version (git-fixes).
  o platform/x86: amd-pmc: Export Idlemask values based on the APU (git-fixes).
  o platform/x86: amd-pmc: Fix compilation when CONFIG_DEBUGFS is disabled
  o platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010 table
  o platform/x86: gigabyte-wmi: add support for B450M DS3H WIFI-CF (git-fixes).
  o platform/x86: touchscreen_dmi: Add Chuwi Vi8 (CWI501) DMI match
  o powercap: fix possible name leak in powercap_register_zone() (git-fixes).
  o powerpc/eeh: Set channel state after notifying the drivers (bsc#1208784 ltc
  o printf: fix errname.c list (git-fixes).
  o quota: Check next/prev free block number after reading from quota file (bsc
  o quota: Prevent memory allocation recursion while holding dq_lock (bsc#
  o rdma/irdma: Fix potential NULL-ptr-dereference (git-fixes)
  o rdma/usnic: use iommu_map_atomic() under spin_lock() (git-fixes)
  o remoteproc/mtk_scp: Move clk ops outside send_lock (git-fixes).
  o remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
  o revert "HID: logitech-hidpp: add a module parameter to keep firmware
    gestures" (git-fixes).
  o revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in
    set_protocol" (git-fixes).
  o revert "crypto: rsa-pkcs1pad - Replace GFP_ATOMIC with GFP_KERNEL in
    pkcs1pad_encrypt_sign_complete" (git-fixes).
  o revert "usb: dwc3: qcom: Keep power domain on to retain controller status"
  o rtc: allow rtc_read_alarm without read_alarm callback (git-fixes).
  o rtc: pm8xxx: fix set-alarm race (git-fixes).
  o rtc: sun6i: Always export the internal oscillator (git-fixes).
  o s390/dasd: Fix potential memleak in dasd_eckd_init() (git-fixes).
  o scsi: lpfc: Exit PRLI completion handling early if ndlp not in PRLI_ISSUE
    state (bsc#1208607).
  o scsi: lpfc: Fix space indentation in lpfc_xcvr_data_show() (bsc#1208607).
  o scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
  o scsi: lpfc: Introduce new attention types for lpfc_sli4_async_fc_evt()
    handler (bsc#1208607).
  o scsi: lpfc: Reinitialize internal VMID data structures after FLOGI
    completion (bsc#1208607).
  o scsi: lpfc: Remove duplicate ndlp kref decrement in lpfc_cleanup_rpis()
    (bsc#1208607 bsc#1208534).
  o scsi: lpfc: Remove redundant clean up code in disable_vport() (bsc#
  o scsi: lpfc: Replace outdated strncpy() with strscpy() (bsc#1208607).
  o scsi: lpfc: Resolve miscellaneous variable set but not used compiler
    warnings (bsc#1208607).
  o scsi: lpfc: Set max DMA segment size to HBA supported SGE length (bsc#
  o scsi: lpfc: Update lpfc version to (bsc#1208607).
  o scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).
  o scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).
  o scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).
  o scsi: qla2xxx: Fix erroneous link down (bsc#1208570).
  o scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).
  o scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#
  o scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).
  o scsi: qla2xxx: Fix printk() format string (bsc#1208570).
  o scsi: qla2xxx: Fix stalled login (bsc#1208570).
  o scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#
  o scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).
  o scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).
  o scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).
  o scsi: qla2xxx: Remove dead code (bsc#1208570).
  o scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).
  o scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).
  o scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).
  o scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called
  o scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).
  o scsi: qla2xxx: Update version to (bsc#1208570).
  o scsi: qla2xxx: Update version to (bsc#1208570).
  o scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#
  o scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).
  o scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#
  o scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).
  o scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).
  o sefltests: netdevsim: wait for devlink instance after netns removal
  o selftest/lkdtm: Skip stack-entropy test if lkdtm is not available
  o selftests/ftrace: Add check for ping command for trigger tests (bsc#1204993
  o selftests/ftrace: Convert tracer tests to use 'requires' to specify program
    dependency (bsc#1204993 ltc#200103).
  o selftests/powerpc: Account for offline cpus in perf-hwbreak test (bsc#
  o selftests/powerpc: Bump up rlimit for perf-hwbreak test (bsc#1206232).
  o selftests/powerpc: Move perror closer to its use (bsc#1206232).
  o selftests: forwarding: lib: quote the sysctl values (git-fixes).
  o selftests: net: udpgso_bench: Fix racing bug between the rx/tx programs
  o selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided
  o selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning
  o selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy
    benchmarking (git-fixes).
  o serial: fsl_lpuart: fix RS485 RTS polariy inverse issue (git-fixes).
  o serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
  o signal/vm86_32: Properly send SIGSEGV when the vm86 state cannot be saved
  o soundwire: cadence: Do not overflow the command FIFOs (git-fixes).
  o spi: bcm63xx-hsspi: Endianness fix for ARM based SoC (git-fixes).
  o spi: dw: Fix wrong FIFO level setting for long xfers (git-fixes).
  o spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
  o spi: tegra210-quad: Fix validate combined sequence (git-fixes).
  o staging: mt7621-dts: change palmbus address to lower case (git-fixes).
  o sysctl: add a new register_sysctl_init() interface (bsc#1207328).
  o thermal/drivers/hisi: Drop second sensor hi3660 (git-fixes).
  o thermal/drivers/tsens: Drop msm8976-specific defines (git-fixes).
  o thermal/drivers/tsens: Sort out msm8976 vs msm8956 data (git-fixes).
  o thermal/drivers/tsens: fix slope values for msm8939 (git-fixes).
  o thermal/drivers/tsens: limit num_sensors to 9 for msm8939 (git-fixes).
  o thermal: intel: BXT_PMIC: select REGMAP instead of depending on it
  o thermal: intel: powerclamp: Fix cur_state for multi package system
  o thermal: intel: quark_dts: fix error pointer dereference (git-fixes).
  o trace_events_hist: add check for return value of 'create_hist_field'
  o tracing: Fix poll() and select() do not work on per_cpu trace_pipe and
    trace_pipe_raw (git-fixes).
  o tracing: Make sure trace_printk() can output as soon as it can be used
  o tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
  o tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown
    () (git-fixes).
  o tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
  o tty: serial: qcom-geni-serial: stop operations in progress at shutdown
  o ubsan: no need to unset panic_on_warn in ubsan_epilogue() (bsc#1207328).
  o usb: core: Do not hold device lock while reading the "descriptors" sysfs
    file (git-fixes).
  o usb: core: add quirk for Alcor Link AK9563 smartcard reader (git-fixes).
  o usb: dwc3: core: Host wake up support from system suspend (git-fixes).
  o usb: dwc3: pci: add support for the Intel Meteor Lake-M (git-fixes).
  o usb: dwc3: qcom: Configure wakeup interrupts during suspend (git-fixes).
  o usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init
  o usb: dwc3: qcom: Keep power domain on to retain controller status
  o usb: dwc3: qcom: clean up icc init (git-fixes).
  o usb: dwc3: qcom: clean up suspend callbacks (git-fixes).
  o usb: dwc3: qcom: fix gadget-only builds (git-fixes).
  o usb: dwc3: qcom: fix peripheral and OTG suspend (git-fixes).
  o usb: dwc3: qcom: fix wakeup implementation (git-fixes).
  o usb: dwc3: qcom: only parse 'maximum-speed' once (git-fixes).
  o usb: dwc3: qcom: suppress unused-variable warning (git-fixes).
  o usb: early: xhci-dbc: Fix a potential out-of-bound memory access
  o usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
  o usb: gadget: u_serial: Add null pointer check in gserial_resume
  o usb: max-3421: Fix setting of I/O pins (git-fixes).
  o usb: musb: Add and use inline function musb_otg_state_string (git-fixes).
  o usb: musb: Add and use inline functions musb_{get,set}_state (git-fixes).
  o usb: musb: mediatek: do not unregister something that wasn't registered
  o usb: musb: remove schedule work called after flush (git-fixes).
  o usb: serial: option: add support for VW/Skoda "Carstick LTE" (git-fixes).
  o usb: typec: altmodes/displayport: Fix probe pin assign check (git-fixes).
  o vc_screen: do not clobber return value in vcs_read (git-fixes).
  o vc_screen: modify vcs_size() handling in vcs_read() (git-fixes).
  o vdpa_sim: not reset state in vdpasim_queue_ready (git-fixes).
  o vfs: Check the truncate maximum size in inode_newsize_ok() (bsc#1207642).
  o virt/sev-guest: Add a MODULE_ALIAS (bsc#1208449).
  o virt/sev-guest: Prevent IV reuse in the SNP guest driver (bsc#1208449).
  o virt/sev-guest: Remove unnecessary free in init_crypto() (bsc#1208449).
  o virt: sev-guest: Pass the appropriate argument type to iounmap() (bsc#
  o virt: sevguest: Change driver name to reflect generic SEV support (bsc#
  o virt: sevguest: Rename the sevguest dir and files to sev-guest (bsc#
  o vmci: check context->notify_page after call to get_user_pages_fast() to
    avoid GPF (git-fixes).
  o vmxnet3: move rss code block under eop descriptor (bsc#1208212).
  o watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-3210) Also
    enable module in aarch64 default configuration.
  o watchdog: Fix kmemleak in watchdog_cdev_register (git-fixes).
  o watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in
    error path (git-fixes).
  o watchdog: pcwd_usb: Fix attempting to access uninitialized memory
  o watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
  o wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup (git-fixes).
  o wifi: ath11k: allow system suspend to survive ath11k (git-fixes).
  o wifi: ath9k: Fix potential stack-out-of-bounds write in
    ath9k_wmi_rsp_callback() (git-fixes).
  o wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no
    callback function (git-fixes).
  o wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
  o wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() (git-fixes).
  o wifi: cfg80211: Fix extended KCK key length check in nl80211_set_rekey_data
    () (git-fixes).
  o wifi: cfg80211: Fix use after free for wext (git-fixes).
  o wifi: ipw2200: fix memory leak in ipw_wdev_init() (git-fixes).
  o wifi: ipw2x00: do not call dev_kfree_skb() under spin_lock_irqsave()
  o wifi: iwl3945: Add missing check for create_singlethread_workqueue
  o wifi: iwl4965: Add missing check for create_singlethread_workqueue()
  o wifi: iwlegacy: common: do not call dev_kfree_skb() under spin_lock_irqsave
    () (git-fixes).
  o wifi: libertas: cmdresp: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: libertas: fix memory leak in lbs_init_adapter() (git-fixes).
  o wifi: libertas: if_usb: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: libertas: main: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: libertas_tf: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: mac80211: make rate u32 in sta_set_rate_info_rx() (git-fixes).
  o wifi: mwifiex: Add missing compatible string for SD8787 (git-fixes).
  o wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
  o wifi: orinoco: check return value of hermes_write_wordrec() (git-fixes).
  o wifi: rsi: Fix memory leak in rsi_coex_attach() (git-fixes).
  o wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU (git-fixes).
  o wifi: rtl8xxxu: do not call dev_kfree_skb() under spin_lock_irqsave()
  o wifi: rtlwifi: Fix global-out-of-bounds bug in
    _rtl8812ae_phy_set_txpower_limit() (git-fixes).
  o wifi: rtlwifi: rtl8188ee: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: rtlwifi: rtl8723be: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: rtlwifi: rtl8821ae: do not call kfree_skb() under spin_lock_irqsave()
  o wifi: rtw89: Add missing check for alloc_workqueue (git-fixes).
  o wifi: wilc1000: fix potential memory leak in wilc_mac_xmit() (git-fixes).
  o wifi: wl3501_cs: do not call kfree_skb() under spin_lock_irqsave()
  o writeback: avoid use-after-free after removing device (bsc#1207638).
  o x86/MCE/AMD: Clear DFR errors found in THR handler (git-fixes).
  o x86/asm: Fix an assembler warning with current binutils (git-fixes).
  o x86/boot: Avoid using Intel mnemonics in AT&T syntax asm (git-fixes).
    constants (git-fixes).
  o x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
  o x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
  o x86/kvm: Remove unused virt to phys translation in kvm_guest_cpu_init()
  o x86/microcode/intel: Do not retry microcode reloading on the APs
  o x86/xen: Fix memory leak in xen_init_lock_cpu() (git-fixes).
  o x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (git-fixes).
  o x86: acpi: cstate: Optimize C3 entry on AMD CPUs (git-fixes).
  o xen-netfront: Fix NULL sring after live migration (git-fixes).
  o xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too (git-fixes).
  o xen/arm: Fix race in RB-tree based P2M accounting (git-fixes)
  o xen/netback: do some code cleanup (git-fixes).
  o xen/netback: fix build warning (git-fixes).
  o xen/netfront: destroy queues before real_num_tx_queues is zeroed
  o xen/platform-pci: add missing free_irq() in error path (git-fixes).
  o xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
  o xfs: estimate post-merge refcounts correctly (bsc#1208183).
  o xfs: hoist refcount record merge predicates (bsc#1208183).

Special Instructions and Notes:

  o Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o openSUSE Leap Micro 5.3
    zypper in -t patch openSUSE-Leap-Micro-5.3-2023-796=1
  o openSUSE Leap 15.4
    zypper in -t patch openSUSE-SLE-15.4-2023-796=1
  o SUSE Linux Enterprise Micro for Rancher 5.3
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-796=1
  o SUSE Linux Enterprise Micro 5.3
    zypper in -t patch SUSE-SLE-Micro-5.3-2023-796=1
  o Basesystem Module 15-SP4
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-796=1
  o Development Tools Module 15-SP4
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-796=1
  o Legacy Module 15-SP4
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-796=1
  o SUSE Linux Enterprise Live Patching 15-SP4
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-796=1
    Please note that this is the initial kernel livepatch without fixes itself,
    this package is later updated by separate standalone kernel livepatch
  o SUSE Linux Enterprise High Availability Extension 15 SP4
    zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-796=1
  o SUSE Linux Enterprise Workstation Extension 15 SP4
    zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-796=1

Package List:

  o openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
  o openSUSE Leap Micro 5.3 (aarch64 x86_64)
  o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
  o openSUSE Leap 15.4 (nosrc ppc64le x86_64)
  o openSUSE Leap 15.4 (ppc64le x86_64)
  o openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
  o openSUSE Leap 15.4 (noarch)
  o openSUSE Leap 15.4 (noarch nosrc)
  o openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
  o openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
  o openSUSE Leap 15.4 (nosrc s390x)
  o openSUSE Leap 15.4 (s390x)
  o openSUSE Leap 15.4 (aarch64)
  o openSUSE Leap 15.4 (nosrc)
  o openSUSE Leap 15.4 (aarch64 nosrc)
  o SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
  o SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
  o SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
  o SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
  o Basesystem Module 15-SP4 (aarch64 nosrc)
  o Basesystem Module 15-SP4 (aarch64)
  o Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
  o Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  o Basesystem Module 15-SP4 (noarch)
  o Basesystem Module 15-SP4 (nosrc s390x)
  o Basesystem Module 15-SP4 (s390x)
  o Development Tools Module 15-SP4 (noarch nosrc)
  o Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  o Development Tools Module 15-SP4 (noarch)
  o Legacy Module 15-SP4 (nosrc)
  o Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  o SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
  o SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
  o SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
    s390x x86_64)
  o SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
  o SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc)
  o SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)


  o https://www.suse.com/security/cve/CVE-2022-36280.html
  o https://www.suse.com/security/cve/CVE-2022-38096.html
  o https://www.suse.com/security/cve/CVE-2023-0045.html
  o https://www.suse.com/security/cve/CVE-2023-0461.html
  o https://www.suse.com/security/cve/CVE-2023-0597.html
  o https://www.suse.com/security/cve/CVE-2023-22995.html
  o https://www.suse.com/security/cve/CVE-2023-23559.html
  o https://www.suse.com/security/cve/CVE-2023-26545.html
  o https://bugzilla.suse.com/show_bug.cgiid=1166486
  o https://bugzilla.suse.com/show_bug.cgiid=1177529
  o https://bugzilla.suse.com/show_bug.cgiid=1203331
  o https://bugzilla.suse.com/show_bug.cgiid=1203332
  o https://bugzilla.suse.com/show_bug.cgiid=1204993
  o https://bugzilla.suse.com/show_bug.cgiid=1205544
  o https://bugzilla.suse.com/show_bug.cgiid=1206224
  o https://bugzilla.suse.com/show_bug.cgiid=1206232
  o https://bugzilla.suse.com/show_bug.cgiid=1206459
  o https://bugzilla.suse.com/show_bug.cgiid=1206640
  o https://bugzilla.suse.com/show_bug.cgiid=1206876
  o https://bugzilla.suse.com/show_bug.cgiid=1206877
  o https://bugzilla.suse.com/show_bug.cgiid=1206878
  o https://bugzilla.suse.com/show_bug.cgiid=1206880
  o https://bugzilla.suse.com/show_bug.cgiid=1206881
  o https://bugzilla.suse.com/show_bug.cgiid=1206882
  o https://bugzilla.suse.com/show_bug.cgiid=1206883
  o https://bugzilla.suse.com/show_bug.cgiid=1206884
  o https://bugzilla.suse.com/show_bug.cgiid=1206885
  o https://bugzilla.suse.com/show_bug.cgiid=1206886
  o https://bugzilla.suse.com/show_bug.cgiid=1206889
  o https://bugzilla.suse.com/show_bug.cgiid=1206894
  o https://bugzilla.suse.com/show_bug.cgiid=1207051
  o https://bugzilla.suse.com/show_bug.cgiid=1207270
  o https://bugzilla.suse.com/show_bug.cgiid=1207328
  o https://bugzilla.suse.com/show_bug.cgiid=1207588
  o https://bugzilla.suse.com/show_bug.cgiid=1207589
  o https://bugzilla.suse.com/show_bug.cgiid=1207590
  o https://bugzilla.suse.com/show_bug.cgiid=1207591
  o https://bugzilla.suse.com/show_bug.cgiid=1207592
  o https://bugzilla.suse.com/show_bug.cgiid=1207593
  o https://bugzilla.suse.com/show_bug.cgiid=1207594
  o https://bugzilla.suse.com/show_bug.cgiid=1207603
  o https://bugzilla.suse.com/show_bug.cgiid=1207605
  o https://bugzilla.suse.com/show_bug.cgiid=1207606
  o https://bugzilla.suse.com/show_bug.cgiid=1207607
  o https://bugzilla.suse.com/show_bug.cgiid=1207608
  o https://bugzilla.suse.com/show_bug.cgiid=1207609
  o https://bugzilla.suse.com/show_bug.cgiid=1207610
  o https://bugzilla.suse.com/show_bug.cgiid=1207613
  o https://bugzilla.suse.com/show_bug.cgiid=1207615
  o https://bugzilla.suse.com/show_bug.cgiid=1207617
  o https://bugzilla.suse.com/show_bug.cgiid=1207618
  o https://bugzilla.suse.com/show_bug.cgiid=1207619
  o https://bugzilla.suse.com/show_bug.cgiid=1207620
  o https://bugzilla.suse.com/show_bug.cgiid=1207621
  o https://bugzilla.suse.com/show_bug.cgiid=1207623
  o https://bugzilla.suse.com/show_bug.cgiid=1207624
  o https://bugzilla.suse.com/show_bug.cgiid=1207625
  o https://bugzilla.suse.com/show_bug.cgiid=1207626
  o https://bugzilla.suse.com/show_bug.cgiid=1207628
  o https://bugzilla.suse.com/show_bug.cgiid=1207630
  o https://bugzilla.suse.com/show_bug.cgiid=1207631
  o https://bugzilla.suse.com/show_bug.cgiid=1207632
  o https://bugzilla.suse.com/show_bug.cgiid=1207634
  o https://bugzilla.suse.com/show_bug.cgiid=1207635
  o https://bugzilla.suse.com/show_bug.cgiid=1207636
  o https://bugzilla.suse.com/show_bug.cgiid=1207638
  o https://bugzilla.suse.com/show_bug.cgiid=1207639
  o https://bugzilla.suse.com/show_bug.cgiid=1207641
  o https://bugzilla.suse.com/show_bug.cgiid=1207642
  o https://bugzilla.suse.com/show_bug.cgiid=1207643
  o https://bugzilla.suse.com/show_bug.cgiid=1207644
  o https://bugzilla.suse.com/show_bug.cgiid=1207645
  o https://bugzilla.suse.com/show_bug.cgiid=1207646
  o https://bugzilla.suse.com/show_bug.cgiid=1207647
  o https://bugzilla.suse.com/show_bug.cgiid=1207648
  o https://bugzilla.suse.com/show_bug.cgiid=1207651
  o https://bugzilla.suse.com/show_bug.cgiid=1207653
  o https://bugzilla.suse.com/show_bug.cgiid=1207770
  o https://bugzilla.suse.com/show_bug.cgiid=1207773
  o https://bugzilla.suse.com/show_bug.cgiid=1207845
  o https://bugzilla.suse.com/show_bug.cgiid=1207875
  o https://bugzilla.suse.com/show_bug.cgiid=1208149
  o https://bugzilla.suse.com/show_bug.cgiid=1208153
  o https://bugzilla.suse.com/show_bug.cgiid=1208183
  o https://bugzilla.suse.com/show_bug.cgiid=1208212
  o https://bugzilla.suse.com/show_bug.cgiid=1208290
  o https://bugzilla.suse.com/show_bug.cgiid=1208420
  o https://bugzilla.suse.com/show_bug.cgiid=1208428
  o https://bugzilla.suse.com/show_bug.cgiid=1208429
  o https://bugzilla.suse.com/show_bug.cgiid=1208449
  o https://bugzilla.suse.com/show_bug.cgiid=1208534
  o https://bugzilla.suse.com/show_bug.cgiid=1208541
  o https://bugzilla.suse.com/show_bug.cgiid=1208570
  o https://bugzilla.suse.com/show_bug.cgiid=1208607
  o https://bugzilla.suse.com/show_bug.cgiid=1208628
  o https://bugzilla.suse.com/show_bug.cgiid=1208700
  o https://bugzilla.suse.com/show_bug.cgiid=1208741
  o https://bugzilla.suse.com/show_bug.cgiid=1208759
  o https://bugzilla.suse.com/show_bug.cgiid=1208784
  o https://bugzilla.suse.com/show_bug.cgiid=1208787
  o https://bugzilla.suse.com/show_bug.cgiid=1209188

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:


Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: https://auscert.org.au/gpg-key/